1 heat_template_version: 2015-10-15
4 OpenStack hypervisor node configured via Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
11 CeilometerComputeAgent:
12 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
16 - allowed_values: ['', Present]
17 CeilometerMeteringSecret:
18 description: Secret shared by the ceilometer services.
22 description: The password for the ceilometer service account.
25 CinderEnableNfsBackend:
27 description: Whether to enable or not the NFS backend for Cinder
29 CinderEnableRbdBackend:
31 description: Whether to enable or not the Rbd backend for Cinder
35 description: Set to True to enable debugging on all services.
40 Additional hiera configuration to inject into the cluster. Note
41 that NovaComputeExtraConfig takes precedence over ExtraConfig.
44 description: Flavor for the nova compute node
47 - custom_constraint: nova.flavor
50 default: '' # Has to be here because of the ignored empty value bug
53 default: overcloud-compute
55 - custom_constraint: glance.image
57 default: 'REBUILD_PRESERVE_EPHEMERAL'
58 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
61 description: Name of an existing Nova key pair to enable SSH access to the instances
65 - custom_constraint: nova.keypair
66 KeystoneAdminApiVirtualIP:
69 KeystonePublicApiVirtualIP:
73 description: The password for the neutron service account, used by neutron agents.
76 NeutronPhysicalBridge:
78 description: An OVS bridge to create for accessing external networks.
80 NeutronPublicInterface:
82 description: A port to add to the NeutronPhysicalBridge.
89 default: '' # Has to be here because of the ignored empty value bug
92 default: libvirt.LibvirtDriver
93 NovaComputeExtraConfig:
96 NovaCompute specific configuration to inject into the cluster. Same
97 structure as ExtraConfig.
102 NovaComputeLibvirtType:
105 NovaComputeLibvirtVifDriver:
107 description: Libvirt VIF driver configuration for the network
109 NovaEnableRbdBackend:
111 description: Whether to enable or not the Rbd backend for Nova
115 description: Enable IPv6 features in Nova
118 description: The password for the nova service account, used by nova-api.
123 default: '' # Has to be here because of the ignored empty value bug
126 description: Name of integration bridge used by Open vSwitch
128 NovaSecurityGroupAPI:
130 description: The full class name of the security API class
134 default: '' # Has to be here because of the ignored empty value bug
136 description: The password for RabbitMQ
141 description: The username for RabbitMQ
146 Rabbit client subscriber parameter to specify
147 an SSL connection to the RabbitMQ host.
151 description: Set rabbit subscriber port, change this if using SSL
153 UpgradeLevelNovaCompute:
155 description: Nova Compute upgrade level
157 EnablePackageInstall:
159 description: Set to true to enable package installation via Puppet
163 description: Mapping of service_name -> network name. Typically set
164 via parameter_defaults in the resource registry.
168 description: Mapping of service endpoint -> protocol. Typically set
169 via parameter_defaults in the resource registry.
175 Setting to a previously unused value during stack-update will trigger
176 package update on all nodes
179 default: '' # Defaults to Heat created hostname
183 description: Optional mapping to override hostnames
184 NetworkDeploymentActions:
185 type: comma_delimited_list
187 Heat action when to apply network configuration changes
189 SoftwareConfigTransport:
190 default: POLL_SERVER_CFN
192 How the server should receive the metadata required for software configuration.
195 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
200 The DNS domain used for the hosts. This should match the dhcp_domain
201 configured in the Undercloud neutron. Defaults to localdomain.
205 Extra properties or metadata passed to Nova for the created nodes in
206 the overcloud. It's accessible via the Nova metadata API.
208 NovaComputeSchedulerHints:
210 description: Optional scheduler hints to pass to nova
212 ServiceConfigSettings:
216 type: comma_delimited_list
220 description: Command which will be run whenever configuration data changes
221 default: os-refresh-config --timeout 14400
226 type: OS::TripleO::Server
229 command: {get_param: ConfigCommand}
234 get_param: ImageUpdatePolicy
235 flavor: {get_param: Flavor}
236 key_name: {get_param: KeyName}
239 user_data_format: SOFTWARE_CONFIG
240 user_data: {get_resource: UserData}
243 template: {get_param: Hostname}
244 params: {get_param: HostnameMap}
245 software_config_transport: {get_param: SoftwareConfigTransport}
246 metadata: {get_param: ServerMetadata}
247 scheduler_hints: {get_param: NovaComputeSchedulerHints}
249 # Combine the NodeAdminUserData and NodeUserData mime archives
251 type: OS::Heat::MultipartMime
254 - config: {get_resource: NodeAdminUserData}
256 - config: {get_resource: NodeUserData}
259 # Creates the "heat-admin" user if configured via the environment
260 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
262 type: OS::TripleO::NodeAdminUserData
264 # For optional operator additional userdata
265 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
267 type: OS::TripleO::NodeUserData
270 type: OS::TripleO::Compute::Ports::ExternalPort
272 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
273 IPPool: {get_param: NovaComputeIPs}
274 NodeIndex: {get_param: NodeIndex}
277 type: OS::TripleO::Compute::Ports::InternalApiPort
279 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
280 IPPool: {get_param: NovaComputeIPs}
281 NodeIndex: {get_param: NodeIndex}
284 type: OS::TripleO::Compute::Ports::StoragePort
286 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
287 IPPool: {get_param: NovaComputeIPs}
288 NodeIndex: {get_param: NodeIndex}
291 type: OS::TripleO::Compute::Ports::StorageMgmtPort
293 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
294 IPPool: {get_param: NovaComputeIPs}
295 NodeIndex: {get_param: NodeIndex}
298 type: OS::TripleO::Compute::Ports::TenantPort
300 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
301 IPPool: {get_param: NovaComputeIPs}
302 NodeIndex: {get_param: NodeIndex}
305 type: OS::TripleO::Compute::Ports::ManagementPort
307 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
308 IPPool: {get_param: NovaComputeIPs}
309 NodeIndex: {get_param: NodeIndex}
312 type: OS::TripleO::Network::Ports::NetIpMap
314 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
315 ExternalIp: {get_attr: [ExternalPort, ip_address]}
316 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
317 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
318 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
319 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
320 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
321 StorageIp: {get_attr: [StoragePort, ip_address]}
322 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
323 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
324 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
325 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
326 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
327 TenantIp: {get_attr: [TenantPort, ip_address]}
328 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
329 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
330 ManagementIp: {get_attr: [ManagementPort, ip_address]}
331 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
332 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
335 type: OS::TripleO::Compute::Net::SoftwareConfig
337 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
338 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
339 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
340 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
341 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
342 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
343 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
346 type: OS::TripleO::SoftwareDeployment
348 name: NetworkDeployment
349 config: {get_resource: NetworkConfig}
350 server: {get_resource: NovaCompute}
351 actions: {get_param: NetworkDeploymentActions}
353 bridge_name: {get_param: NeutronPhysicalBridge}
354 interface_name: {get_param: NeutronPublicInterface}
357 type: OS::Heat::StructuredConfig
359 group: os-apply-config
364 - heat_config_%{::deploy_config_name}
365 - compute_extraconfig
370 - ceph_cluster # provided by CephClusterConfig
372 - all_nodes # provided by allNodesConfig
376 - neutron_bigswitch_data # Optionally provided by ComputeExtraConfigPre
377 - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre
378 - nova_nuage_data # Optionally provided by ComputeExtraConfigPre
379 - midonet_data # Optionally provided by AllNodesExtraConfig
380 - neutron_opencontrail_data # Optionally provided by ComputeExtraConfigPre
381 merge_behavior: deeper
385 service_names: {get_param: ServiceNames}
387 mapped_data: {get_param: ServiceConfigSettings}
389 mapped_data: {get_param: NovaComputeExtraConfig}
391 mapped_data: {get_param: ExtraConfig}
393 raw_data: {get_file: hieradata/common.yaml}
396 net_ip_map: {get_attr: [NetIpMap, net_ip_map]}
397 net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]}
398 net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]}
400 raw_data: {get_file: hieradata/ceph.yaml}
402 raw_data: {get_file: hieradata/compute.yaml}
404 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
405 nova::use_ipv6: {get_input: nova_ipv6}
406 nova::debug: {get_input: debug}
407 nova::rabbit_userid: {get_input: rabbit_username}
408 nova::rabbit_password: {get_input: rabbit_password}
409 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
410 nova::rabbit_port: {get_input: rabbit_client_port}
411 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
412 nova_compute_driver: {get_input: nova_compute_driver}
413 # TODO(emilien): move libvirt & migration parameters in libvirt profile
414 # used to deploy libvirt/kvm dependencies:
415 nova::compute::libvirt::services::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
416 # used to configured nova.conf:
417 nova::compute::libvirt::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
418 nova::compute::neutron::libvirt_vif_driver: {get_input: nova_compute_libvirt_vif_driver}
419 nova_api_host: {get_input: nova_api_host}
420 nova::compute::vncproxy_host: {get_input: nova_public_ip}
421 nova::compute::rbd::ephemeral_storage: {get_input: nova_enable_rbd_backend}
422 # TUNNELLED mode provides a security enhancement when using shared storage but is not
423 # supported when not using shared storage.
424 # See https://bugzilla.redhat.com/show_bug.cgi?id=1301986#c12
425 # In future versions of QEMU (2.6, mostly), Dan's native encryption
426 # work will obsolete the need to use TUNNELLED transport mode.
427 nova::migration::live_migration_tunnelled: {get_input: nova_enable_rbd_backend}
428 rbd_persistent_storage: {get_input: cinder_enable_rbd_backend}
429 nova_password: {get_input: nova_password}
430 nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address}
431 nova::vncproxy::common::vncproxy_protocol: {get_input: nova_vncproxy_protocol}
432 nova::vncproxy::common::vncproxy_host: {get_input: nova_vncproxy_host}
433 nova::vncproxy::common::vncproxy_port: {get_input: nova_vncproxy_port}
434 nova::network::neutron::neutron_ovs_bridge: {get_input: nova_ovs_bridge}
435 nova::network::neutron::security_group_api: {get_input: nova_security_group_api}
436 ceilometer::debug: {get_input: debug}
437 ceilometer::rabbit_userid: {get_input: rabbit_username}
438 ceilometer::rabbit_password: {get_input: rabbit_password}
439 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
440 ceilometer::rabbit_port: {get_input: rabbit_client_port}
441 ceilometer::telemetry_secret: {get_input: ceilometer_metering_secret}
442 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
443 ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url}
444 nova::glance_api_servers: {get_input: glance_api_servers}
445 neutron::debug: {get_input: debug}
446 neutron::rabbit_password: {get_input: rabbit_password}
447 neutron::rabbit_user: {get_input: rabbit_username}
448 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
449 neutron::rabbit_port: {get_input: rabbit_client_port}
450 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
452 nova::network::neutron::neutron_password: {get_input: neutron_password}
453 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
454 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
455 keystone_public_api_virtual_ip: {get_input: keystone_vip}
456 admin_password: {get_input: admin_password}
457 tripleo::packages::enable_install: {get_input: enable_package_install}
458 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
460 NovaComputeDeployment:
461 type: OS::TripleO::SoftwareDeployment
462 depends_on: NetworkDeployment
464 name: NovaComputeDeployment
465 config: {get_resource: NovaComputeConfig}
466 server: {get_resource: NovaCompute}
468 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
469 debug: {get_param: Debug}
470 nova_compute_driver: {get_param: NovaComputeDriver}
471 nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
472 nova_compute_libvirt_vif_driver: {get_param: NovaComputeLibvirtVifDriver}
473 nova_public_ip: {get_param: NovaPublicIP}
474 nova_api_host: {get_param: NovaApiHost}
475 nova_password: {get_param: NovaPassword}
476 nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend}
477 nova_ipv6: {get_param: NovaIPv6}
478 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
479 nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]}
480 nova_vncproxy_protocol: {get_param: [EndpointMap, NovaVNCProxyPublic, protocol]}
481 # Remove brackets that may come if the IP address is IPv6.
482 # For DNS names and IPv4, this will just get the NovaVNCProxyPublic value
485 template: {get_param: [EndpointMap, NovaVNCProxyPublic, host]}
489 nova_vncproxy_port: {get_param: [EndpointMap, NovaVNCProxyPublic, port]}
490 nova_ovs_bridge: {get_param: NovaOVSBridge}
491 nova_security_group_api: {get_param: NovaSecurityGroupAPI}
492 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
493 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
494 ceilometer_password: {get_param: CeilometerPassword}
495 ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
496 glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
497 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
498 neutron_password: {get_param: NeutronPassword}
499 neutron_internal_url: {get_param: [EndpointMap, NeutronInternal, uri]}
500 neutron_auth_url: {get_param: [EndpointMap, KeystoneV3Admin, uri]}
501 keystone_vip: {get_param: KeystonePublicApiVirtualIP}
502 admin_password: {get_param: AdminPassword}
503 rabbit_username: {get_param: RabbitUserName}
504 rabbit_password: {get_param: RabbitPassword}
505 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
506 rabbit_client_port: {get_param: RabbitClientPort}
507 enable_package_install: {get_param: EnablePackageInstall}
508 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
510 # Resource for site-specific injection of root certificate
512 depends_on: NovaComputeDeployment
513 type: OS::TripleO::NodeTLSCAData
515 server: {get_resource: NovaCompute}
517 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
518 ComputeExtraConfigPre:
519 depends_on: NovaComputeDeployment
520 type: OS::TripleO::ComputeExtraConfigPre
522 server: {get_resource: NovaCompute}
524 # Hook for site-specific additional pre-deployment config,
525 # applying to all nodes, e.g node registration/unregistration
527 depends_on: [ComputeExtraConfigPre, NodeTLSCAData]
528 type: OS::TripleO::NodeExtraConfig
530 server: {get_resource: NovaCompute}
533 type: OS::TripleO::Tasks::PackageUpdate
536 type: OS::Heat::SoftwareDeployment
538 name: UpdateDeployment
539 config: {get_resource: UpdateConfig}
540 server: {get_resource: NovaCompute}
543 get_param: UpdateIdentifier
547 description: IP address of the server in the ctlplane network
548 value: {get_attr: [NovaCompute, networks, ctlplane, 0]}
550 description: IP address of the server in the external network
551 value: {get_attr: [ExternalPort, ip_address]}
552 internal_api_ip_address:
553 description: IP address of the server in the internal_api network
554 value: {get_attr: [InternalApiPort, ip_address]}
556 description: IP address of the server in the storage network
557 value: {get_attr: [StoragePort, ip_address]}
558 storage_mgmt_ip_address:
559 description: IP address of the server in the storage_mgmt network
560 value: {get_attr: [StorageMgmtPort, ip_address]}
562 description: IP address of the server in the tenant network
563 value: {get_attr: [TenantPort, ip_address]}
564 management_ip_address:
565 description: IP address of the server in the management network
566 value: {get_attr: [ManagementPort, ip_address]}
568 description: Hostname of the server
569 value: {get_attr: [NovaCompute, name]}
572 Server's IP address and hostname in the /etc/hosts format
576 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
577 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
578 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
579 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
580 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
581 TENANTIP TENANTHOST.DOMAIN TENANTHOST
582 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
584 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]}
585 DOMAIN: {get_param: CloudDomain}
586 PRIMARYHOST: {get_attr: [NovaCompute, name]}
587 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
591 - - {get_attr: [NovaCompute, name]}
593 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
597 - - {get_attr: [NovaCompute, name]}
599 STORAGEIP: {get_attr: [StoragePort, ip_address]}
603 - - {get_attr: [NovaCompute, name]}
605 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
609 - - {get_attr: [NovaCompute, name]}
611 TENANTIP: {get_attr: [TenantPort, ip_address]}
615 - - {get_attr: [NovaCompute, name]}
617 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
621 - - {get_attr: [NovaCompute, name]}
623 nova_server_resource:
624 description: Heat resource handle for the Nova compute server
626 {get_resource: NovaCompute}