1 heat_template_version: 2015-10-15
4 OpenStack hypervisor node configured via Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
11 CeilometerComputeAgent:
12 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
16 - allowed_values: ['', Present]
17 CeilometerMeteringSecret:
18 description: Secret shared by the ceilometer services.
22 description: The password for the ceilometer service account.
25 CinderEnableNfsBackend:
27 description: Whether to enable or not the NFS backend for Cinder
29 CinderEnableRbdBackend:
31 description: Whether to enable or not the Rbd backend for Cinder
35 description: Set to True to enable debugging on all services.
40 Additional hiera configuration to inject into the cluster. Note
41 that NovaComputeExtraConfig takes precedence over ExtraConfig.
44 description: Flavor for the nova compute node
47 - custom_constraint: nova.flavor
50 default: '' # Has to be here because of the ignored empty value bug
53 default: overcloud-compute
55 - custom_constraint: glance.image
57 default: 'REBUILD_PRESERVE_EPHEMERAL'
58 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
61 description: Name of an existing Nova key pair to enable SSH access to the instances
65 - custom_constraint: nova.keypair
66 KeystoneAdminApiVirtualIP:
69 KeystonePublicApiVirtualIP:
72 NeutronBridgeMappings:
74 The OVS logical->physical bridge mappings to use. See the Neutron
75 documentation for details. Defaults to mapping br-ex - the external
76 bridge on hosts - to a physical name 'datacentre' which can be used
77 to create provider networks (and we use this for the default floating
78 network) - if changing this either use different post-install network
79 scripts or be sure to keep 'datacentre' as a mapping network name.
80 type: comma_delimited_list
81 default: "datacentre:br-ex"
82 NeutronEnableTunnelling:
88 Enable/disable the L2 population feature in the Neutron agents.
91 type: comma_delimited_list
94 If set, flat networks to configure in neutron plugins.
97 default: '' # Has to be here because of the ignored empty value bug
99 type: comma_delimited_list
100 description: The tenant network type for Neutron.
102 NeutronNetworkVLANRanges:
103 default: 'datacentre:1:1000'
105 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
106 Neutron documentation for permitted values. Defaults to permitting any
107 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
108 type: comma_delimited_list
110 description: The password for the neutron service account, used by neutron agents.
113 NeutronPhysicalBridge:
115 description: An OVS bridge to create for accessing external networks.
117 NeutronPublicInterface:
119 description: A port to add to the NeutronPhysicalBridge.
122 type: comma_delimited_list
124 The tunnel types for the Neutron tenant network.
126 NeutronTunnelIdRanges:
128 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
129 of GRE tunnel IDs that are available for tenant network allocation
130 default: ["1:1000", ]
131 type: comma_delimited_list
134 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
135 of VXLAN VNI IDs that are available for tenant network allocation
136 default: ["1:1000", ]
137 type: comma_delimited_list
138 NeutronPublicInterfaceRawDevice:
144 NeutronMetadataProxySharedSecret:
145 description: Shared secret to prevent spoofing
151 The core plugin for Neutron. The value should be the entrypoint to be loaded
152 from neutron.core_plugins namespace.
154 NeutronServicePlugins:
155 default: "router,qos"
157 Comma-separated list of service plugin entrypoints to be loaded from the
158 neutron.service_plugins namespace.
159 type: comma_delimited_list
161 default: "vxlan,vlan,flat,gre"
163 Comma-separated list of network type driver entrypoints to be loaded.
164 type: comma_delimited_list
165 NeutronMechanismDrivers:
166 default: 'openvswitch'
168 The mechanism drivers for the Neutron tenant network.
169 type: comma_delimited_list
170 NeutronAgentExtensions:
173 Comma-separated list of extensions enabled for the Neutron agents.
174 type: comma_delimited_list
175 # Not relevant for Computes, should be removed
176 NeutronAllowL3AgentFailover:
178 description: Allow automatic l3-agent failover
180 # Not relevant for Computes, should be removed
183 description: Whether to enable l3-agent HA
187 description: Agent mode for the neutron-l3-agent on the controller hosts
191 default: '' # Has to be here because of the ignored empty value bug
194 default: libvirt.LibvirtDriver
195 NovaComputeExtraConfig:
198 NovaCompute specific configuration to inject into the cluster. Same
199 structure as ExtraConfig.
201 NovaComputeLibvirtType:
204 NovaComputeLibvirtVifDriver:
206 description: Libvirt VIF driver configuration for the network
208 NovaEnableRbdBackend:
210 description: Whether to enable or not the Rbd backend for Nova
213 description: The password for the nova service account, used by nova-api.
218 default: '' # Has to be here because of the ignored empty value bug
221 description: Name of integration bridge used by Open vSwitch
223 NovaSecurityGroupAPI:
225 description: The full class name of the security API class
229 description: Comma-separated list of ntp servers
230 type: comma_delimited_list
233 default: '' # Has to be here because of the ignored empty value bug
236 description: The password for RabbitMQ
241 description: The username for RabbitMQ
246 Rabbit client subscriber parameter to specify
247 an SSL connection to the RabbitMQ host.
251 description: Set rabbit subscriber port, change this if using SSL
253 SnmpdReadonlyUserName:
254 default: ro_snmp_user
255 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
257 SnmpdReadonlyUserPassword:
258 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
261 EnablePackageInstall:
263 description: Set to true to enable package installation via Puppet
267 description: Mapping of service_name -> network name. Typically set
268 via parameter_defaults in the resource registry.
272 description: Mapping of service endpoint -> protocol. Typically set
273 via parameter_defaults in the resource registry.
277 description: The timezone to be set on compute nodes.
283 Setting to a previously unused value during stack-update will trigger
284 package update on all nodes
287 default: '' # Defaults to Heat created hostname
288 NetworkDeploymentActions:
289 type: comma_delimited_list
291 Heat action when to apply network configuration changes
293 SoftwareConfigTransport:
294 default: POLL_SERVER_CFN
296 How the server should receive the metadata required for software configuration.
299 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
304 The DNS domain used for the hosts. This should match the dhcp_domain
305 configured in the Undercloud neutron. Defaults to localdomain.
309 Extra properties or metadata passed to Nova for the created nodes in
310 the overcloud. It's accessible via the Nova metadata API.
314 description: Optional scheduler hints to pass to nova
320 type: OS::Nova::Server
325 get_param: ImageUpdatePolicy
326 flavor: {get_param: Flavor}
327 key_name: {get_param: KeyName}
330 user_data_format: SOFTWARE_CONFIG
331 user_data: {get_resource: UserData}
332 name: {get_param: Hostname}
333 software_config_transport: {get_param: SoftwareConfigTransport}
334 metadata: {get_param: ServerMetadata}
335 scheduler_hints: {get_param: SchedulerHints}
337 # Combine the NodeAdminUserData and NodeUserData mime archives
339 type: OS::Heat::MultipartMime
342 - config: {get_resource: NodeAdminUserData}
344 - config: {get_resource: NodeUserData}
347 # Creates the "heat-admin" user if configured via the environment
348 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
350 type: OS::TripleO::NodeAdminUserData
352 # For optional operator additional userdata
353 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
355 type: OS::TripleO::NodeUserData
358 type: OS::TripleO::Compute::Ports::ExternalPort
360 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
363 type: OS::TripleO::Compute::Ports::InternalApiPort
365 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
368 type: OS::TripleO::Compute::Ports::StoragePort
370 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
373 type: OS::TripleO::Compute::Ports::StorageMgmtPort
375 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
378 type: OS::TripleO::Compute::Ports::TenantPort
380 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
383 type: OS::TripleO::Compute::Ports::ManagementPort
385 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
388 type: OS::TripleO::Network::Ports::NetIpMap
390 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
391 ExternalIp: {get_attr: [ExternalPort, ip_address]}
392 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
393 StorageIp: {get_attr: [StoragePort, ip_address]}
394 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
395 TenantIp: {get_attr: [TenantPort, ip_address]}
396 ManagementIp: {get_attr: [ManagementPort, ip_address]}
399 type: OS::TripleO::Compute::Net::SoftwareConfig
401 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
402 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
403 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
404 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
405 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
406 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
407 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
410 type: OS::TripleO::SoftwareDeployment
412 name: NetworkDeployment
413 config: {get_resource: NetworkConfig}
414 server: {get_resource: NovaCompute}
415 actions: {get_param: NetworkDeploymentActions}
417 bridge_name: {get_param: NeutronPhysicalBridge}
418 interface_name: {get_param: NeutronPublicInterface}
421 type: OS::Heat::StructuredConfig
423 group: os-apply-config
428 - heat_config_%{::deploy_config_name}
429 - compute_extraconfig
432 - ceph_cluster # provided by CephClusterConfig
434 - all_nodes # provided by allNodesConfig
437 - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre
438 - nova_nuage_data # Optionally provided by ComputeExtraConfigPre
439 - midonet_data # Optionally provided by AllNodesExtraConfig
442 mapped_data: {get_param: NovaComputeExtraConfig}
444 mapped_data: {get_param: ExtraConfig}
446 raw_data: {get_file: hieradata/common.yaml}
448 raw_data: {get_file: hieradata/ceph.yaml}
450 raw_data: {get_file: hieradata/compute.yaml}
452 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
453 nova::debug: {get_input: debug}
454 nova::rabbit_userid: {get_input: rabbit_username}
455 nova::rabbit_password: {get_input: rabbit_password}
456 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
457 nova::rabbit_port: {get_input: rabbit_client_port}
458 nova_compute_driver: {get_input: nova_compute_driver}
459 nova::compute::libvirt::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
460 nova::compute::neutron::libvirt_vif_driver: {get_input: nova_compute_libvirt_vif_driver}
461 nova_api_host: {get_input: nova_api_host}
462 nova::compute::vncproxy_host: {get_input: nova_public_ip}
463 nova::compute::rbd::ephemeral_storage: {get_input: nova_enable_rbd_backend}
464 rbd_persistent_storage: {get_input: cinder_enable_rbd_backend}
465 nova_password: {get_input: nova_password}
466 nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address}
467 nova::network::neutron::neutron_ovs_bridge: {get_input: nova_ovs_bridge}
468 nova::network::neutron::security_group_api: {get_input: nova_security_group_api}
469 ceilometer::debug: {get_input: debug}
470 ceilometer::rabbit_userid: {get_input: rabbit_username}
471 ceilometer::rabbit_password: {get_input: rabbit_password}
472 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
473 ceilometer::rabbit_port: {get_input: rabbit_client_port}
474 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
475 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
476 ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url}
477 ceilometer_compute_agent: {get_input: ceilometer_compute_agent}
478 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
479 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
480 nova::glance_api_servers: {get_input: glance_api_servers}
481 neutron::debug: {get_input: debug}
482 neutron::rabbit_password: {get_input: rabbit_password}
483 neutron::rabbit_user: {get_input: rabbit_username}
484 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
485 neutron::rabbit_port: {get_input: rabbit_client_port}
486 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
487 neutron_host: {get_input: neutron_host}
488 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
490 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
491 neutron::agents::ml2::ovs:tunnel_types: {get_input: neutron_tunnel_types}
492 neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions}
493 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
494 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
495 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
496 neutron::agents::ml2::ovs::bridge_mappings: {get_input: neutron_bridge_mappings}
497 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
498 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
499 neutron_physical_bridge: {get_input: neutron_physical_bridge}
500 neutron_public_interface: {get_input: neutron_public_interface}
501 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
502 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
503 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
504 neutron_router_distributed: {get_input: neutron_router_distributed}
505 neutron_agent_mode: {get_input: neutron_agent_mode}
506 neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
507 neutron::core_plugin: {get_input: neutron_core_plugin}
508 neutron::service_plugins: {get_input: neutron_service_plugins}
509 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
510 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
511 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
512 keystone_public_api_virtual_ip: {get_input: keystone_vip}
513 admin_password: {get_input: admin_password}
514 ntp::servers: {get_input: ntp_servers}
515 timezone::timezone: {get_input: timezone}
516 tripleo::packages::enable_install: {get_input: enable_package_install}
517 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
519 NovaComputeDeployment:
520 type: OS::TripleO::SoftwareDeployment
521 depends_on: NetworkDeployment
523 name: NovaComputeDeployment
524 config: {get_resource: NovaComputeConfig}
525 server: {get_resource: NovaCompute}
527 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
528 debug: {get_param: Debug}
529 nova_compute_driver: {get_param: NovaComputeDriver}
530 nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
531 nova_compute_libvirt_vif_driver: {get_param: NovaComputeLibvirtVifDriver}
532 nova_public_ip: {get_param: NovaPublicIP}
533 nova_api_host: {get_param: NovaApiHost}
534 nova_password: {get_param: NovaPassword}
535 nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend}
536 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
537 nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]}
538 nova_ovs_bridge: {get_param: NovaOVSBridge}
539 nova_security_group_api: {get_param: NovaSecurityGroupAPI}
540 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
541 ceilometer_password: {get_param: CeilometerPassword}
542 ceilometer_compute_agent: {get_param: CeilometerComputeAgent}
543 ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri]}
544 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
545 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
546 glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
547 neutron_flat_networks:
551 NETWORKS: {get_param: NeutronFlatNetworks}
552 neutron_host: {get_param: NeutronHost}
553 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
554 neutron_tunnel_id_ranges:
558 RANGES: {get_param: NeutronTunnelIdRanges}
563 RANGES: {get_param: NeutronVniRanges}
564 neutron_tenant_network_types:
568 TYPES: {get_param: NeutronNetworkType}
569 neutron_tunnel_types:
573 TYPES: {get_param: NeutronTunnelTypes}
574 neutron_network_vlan_ranges:
578 RANGES: {get_param: NeutronNetworkVLANRanges}
579 neutron_bridge_mappings:
583 MAPPINGS: {get_param: NeutronBridgeMappings}
584 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
585 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
586 neutron_physical_bridge: {get_param: NeutronPhysicalBridge}
587 neutron_public_interface: {get_param: NeutronPublicInterface}
588 neutron_password: {get_param: NeutronPassword}
589 neutron_agent_mode: {get_param: NeutronAgentMode}
590 neutron_router_distributed: {get_param: NeutronDVR}
591 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
592 neutron_core_plugin: {get_param: NeutronCorePlugin}
593 neutron_service_plugins:
597 PLUGINS: {get_param: NeutronServicePlugins}
598 neutron_type_drivers:
602 DRIVERS: {get_param: NeutronTypeDrivers}
603 neutron_mechanism_drivers:
607 MECHANISMS: {get_param: NeutronMechanismDrivers}
608 neutron_agent_extensions:
610 template: AGENT_EXTENSIONS
612 AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
613 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
614 neutron_internal_url: {get_param: [EndpointMap, NeutronInternal, uri]}
615 neutron_admin_auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri]}
616 keystone_vip: {get_param: KeystonePublicApiVirtualIP}
617 admin_password: {get_param: AdminPassword}
618 rabbit_username: {get_param: RabbitUserName}
619 rabbit_password: {get_param: RabbitPassword}
620 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
621 rabbit_client_port: {get_param: RabbitClientPort}
622 ntp_servers: {get_param: NtpServer}
623 timezone: {get_param: TimeZone}
624 enable_package_install: {get_param: EnablePackageInstall}
625 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
627 # Resource for site-specific injection of root certificate
629 depends_on: NovaComputeDeployment
630 type: OS::TripleO::NodeTLSCAData
632 server: {get_resource: NovaCompute}
634 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
635 ComputeExtraConfigPre:
636 depends_on: NovaComputeDeployment
637 type: OS::TripleO::ComputeExtraConfigPre
639 server: {get_resource: NovaCompute}
641 # Hook for site-specific additional pre-deployment config,
642 # applying to all nodes, e.g node registration/unregistration
644 depends_on: [ComputeExtraConfigPre, NodeTLSCAData]
645 type: OS::TripleO::NodeExtraConfig
647 server: {get_resource: NovaCompute}
650 type: OS::TripleO::Tasks::PackageUpdate
653 type: OS::Heat::SoftwareDeployment
655 name: UpdateDeployment
656 config: {get_resource: UpdateConfig}
657 server: {get_resource: NovaCompute}
660 get_param: UpdateIdentifier
664 description: IP address of the server in the ctlplane network
665 value: {get_attr: [NovaCompute, networks, ctlplane, 0]}
667 description: IP address of the server in the external network
668 value: {get_attr: [ExternalPort, ip_address]}
669 internal_api_ip_address:
670 description: IP address of the server in the internal_api network
671 value: {get_attr: [InternalApiPort, ip_address]}
673 description: IP address of the server in the storage network
674 value: {get_attr: [StoragePort, ip_address]}
675 storage_mgmt_ip_address:
676 description: IP address of the server in the storage_mgmt network
677 value: {get_attr: [StorageMgmtPort, ip_address]}
679 description: IP address of the server in the tenant network
680 value: {get_attr: [TenantPort, ip_address]}
681 management_ip_address:
682 description: IP address of the server in the management network
683 value: {get_attr: [ManagementPort, ip_address]}
685 description: Hostname of the server
686 value: {get_attr: [NovaCompute, name]}
689 Server's IP address and hostname in the /etc/hosts format
692 template: "IP HOST.DOMAIN HOST"
694 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]}
695 DOMAIN: {get_param: CloudDomain}
696 HOST: {get_attr: [NovaCompute, name]}
697 nova_server_resource:
698 description: Heat resource handle for the Nova compute server
700 {get_resource: NovaCompute}
702 description: identifier which changes if the node configuration may need re-applying
706 - - {get_attr: [NovaComputeDeployment, deploy_stdout]}
707 - {get_attr: [NodeTLSCAData, deploy_stdout]}
708 - {get_attr: [ComputeExtraConfigPre, deploy_stdout]}
709 - {get_param: UpdateIdentifier}