1 heat_template_version: 2015-10-15
4 OpenStack hypervisor node configured via Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
11 CeilometerComputeAgent:
12 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
16 - allowed_values: ['', Present]
17 CeilometerMeteringSecret:
18 description: Secret shared by the ceilometer services.
22 description: The password for the ceilometer service account.
25 CinderEnableNfsBackend:
27 description: Whether to enable or not the NFS backend for Cinder
29 CinderEnableRbdBackend:
31 description: Whether to enable or not the Rbd backend for Cinder
35 description: Set to True to enable debugging on all services.
40 Additional hiera configuration to inject into the cluster. Note
41 that NovaComputeExtraConfig takes precedence over ExtraConfig.
44 description: Flavor for the nova compute node
47 - custom_constraint: nova.flavor
50 default: '' # Has to be here because of the ignored empty value bug
53 default: overcloud-compute
55 - custom_constraint: glance.image
57 default: 'REBUILD_PRESERVE_EPHEMERAL'
58 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
61 description: Name of an existing Nova key pair to enable SSH access to the instances
65 - custom_constraint: nova.keypair
66 KeystoneAdminApiVirtualIP:
69 KeystonePublicApiVirtualIP:
73 description: The password for the neutron service account, used by neutron agents.
76 NeutronPhysicalBridge:
78 description: An OVS bridge to create for accessing external networks.
80 NeutronPublicInterface:
82 description: A port to add to the NeutronPhysicalBridge.
89 default: '' # Has to be here because of the ignored empty value bug
92 default: libvirt.LibvirtDriver
93 NovaComputeExtraConfig:
96 NovaCompute specific configuration to inject into the cluster. Same
97 structure as ExtraConfig.
102 NovaComputeLibvirtType:
105 NovaComputeLibvirtVifDriver:
107 description: Libvirt VIF driver configuration for the network
109 NovaEnableRbdBackend:
111 description: Whether to enable or not the Rbd backend for Nova
115 description: Enable IPv6 features in Nova
118 description: The password for the nova service account, used by nova-api.
123 default: '' # Has to be here because of the ignored empty value bug
126 description: Name of integration bridge used by Open vSwitch
128 NovaSecurityGroupAPI:
130 description: The full class name of the security API class
134 default: '' # Has to be here because of the ignored empty value bug
136 description: The password for RabbitMQ
141 description: The username for RabbitMQ
146 Rabbit client subscriber parameter to specify
147 an SSL connection to the RabbitMQ host.
151 description: Set rabbit subscriber port, change this if using SSL
153 UpgradeLevelNovaCompute:
155 description: Nova Compute upgrade level
157 EnablePackageInstall:
159 description: Set to true to enable package installation via Puppet
163 description: Mapping of service_name -> network name. Typically set
164 via parameter_defaults in the resource registry.
168 description: Mapping of service endpoint -> protocol. Typically set
169 via parameter_defaults in the resource registry.
175 Setting to a previously unused value during stack-update will trigger
176 package update on all nodes
179 default: '' # Defaults to Heat created hostname
183 description: Optional mapping to override hostnames
184 NetworkDeploymentActions:
185 type: comma_delimited_list
187 Heat action when to apply network configuration changes
189 SoftwareConfigTransport:
190 default: POLL_SERVER_CFN
192 How the server should receive the metadata required for software configuration.
195 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
200 The DNS domain used for the hosts. This should match the dhcp_domain
201 configured in the Undercloud neutron. Defaults to localdomain.
205 Extra properties or metadata passed to Nova for the created nodes in
206 the overcloud. It's accessible via the Nova metadata API.
210 description: Optional scheduler hints to pass to nova
212 ServiceConfigSettings:
217 description: Command which will be run whenever configuration data changes
218 default: os-refresh-config --timeout 14400
223 type: OS::TripleO::Server
226 command: {get_param: ConfigCommand}
231 get_param: ImageUpdatePolicy
232 flavor: {get_param: Flavor}
233 key_name: {get_param: KeyName}
236 user_data_format: SOFTWARE_CONFIG
237 user_data: {get_resource: UserData}
240 template: {get_param: Hostname}
241 params: {get_param: HostnameMap}
242 software_config_transport: {get_param: SoftwareConfigTransport}
243 metadata: {get_param: ServerMetadata}
244 scheduler_hints: {get_param: SchedulerHints}
246 # Combine the NodeAdminUserData and NodeUserData mime archives
248 type: OS::Heat::MultipartMime
251 - config: {get_resource: NodeAdminUserData}
253 - config: {get_resource: NodeUserData}
256 # Creates the "heat-admin" user if configured via the environment
257 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
259 type: OS::TripleO::NodeAdminUserData
261 # For optional operator additional userdata
262 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
264 type: OS::TripleO::NodeUserData
267 type: OS::TripleO::Compute::Ports::ExternalPort
269 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
270 IPPool: {get_param: NovaComputeIPs}
271 NodeIndex: {get_param: NodeIndex}
274 type: OS::TripleO::Compute::Ports::InternalApiPort
276 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
277 IPPool: {get_param: NovaComputeIPs}
278 NodeIndex: {get_param: NodeIndex}
281 type: OS::TripleO::Compute::Ports::StoragePort
283 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
284 IPPool: {get_param: NovaComputeIPs}
285 NodeIndex: {get_param: NodeIndex}
288 type: OS::TripleO::Compute::Ports::StorageMgmtPort
290 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
291 IPPool: {get_param: NovaComputeIPs}
292 NodeIndex: {get_param: NodeIndex}
295 type: OS::TripleO::Compute::Ports::TenantPort
297 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
298 IPPool: {get_param: NovaComputeIPs}
299 NodeIndex: {get_param: NodeIndex}
302 type: OS::TripleO::Compute::Ports::ManagementPort
304 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
305 IPPool: {get_param: NovaComputeIPs}
306 NodeIndex: {get_param: NodeIndex}
309 type: OS::TripleO::Network::Ports::NetIpMap
311 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
312 ExternalIp: {get_attr: [ExternalPort, ip_address]}
313 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
314 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
315 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
316 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
317 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
318 StorageIp: {get_attr: [StoragePort, ip_address]}
319 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
320 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
321 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
322 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
323 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
324 TenantIp: {get_attr: [TenantPort, ip_address]}
325 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
326 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
327 ManagementIp: {get_attr: [ManagementPort, ip_address]}
328 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
329 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
332 type: OS::TripleO::Compute::Net::SoftwareConfig
334 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
335 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
336 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
337 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
338 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
339 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
340 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
343 type: OS::TripleO::SoftwareDeployment
345 name: NetworkDeployment
346 config: {get_resource: NetworkConfig}
347 server: {get_resource: NovaCompute}
348 actions: {get_param: NetworkDeploymentActions}
350 bridge_name: {get_param: NeutronPhysicalBridge}
351 interface_name: {get_param: NeutronPublicInterface}
354 type: OS::Heat::StructuredConfig
356 group: os-apply-config
361 - heat_config_%{::deploy_config_name}
362 - compute_extraconfig
366 - ceph_cluster # provided by CephClusterConfig
368 - all_nodes # provided by allNodesConfig
372 - neutron_bigswitch_data # Optionally provided by ComputeExtraConfigPre
373 - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre
374 - nova_nuage_data # Optionally provided by ComputeExtraConfigPre
375 - midonet_data # Optionally provided by AllNodesExtraConfig
376 - neutron_opencontrail_data # Optionally provided by ComputeExtraConfigPre
377 merge_behavior: deeper
380 mapped_data: {get_param: ServiceConfigSettings}
382 mapped_data: {get_param: NovaComputeExtraConfig}
384 mapped_data: {get_param: ExtraConfig}
386 raw_data: {get_file: hieradata/common.yaml}
389 net_ip_map: {get_attr: [NetIpMap, net_ip_map]}
390 net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]}
391 net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]}
393 raw_data: {get_file: hieradata/ceph.yaml}
395 raw_data: {get_file: hieradata/compute.yaml}
397 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
398 nova::use_ipv6: {get_input: nova_ipv6}
399 nova::debug: {get_input: debug}
400 nova::rabbit_userid: {get_input: rabbit_username}
401 nova::rabbit_password: {get_input: rabbit_password}
402 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
403 nova::rabbit_port: {get_input: rabbit_client_port}
404 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
405 nova_compute_driver: {get_input: nova_compute_driver}
406 # TODO(emilien): move libvirt & migration parameters in libvirt profile
407 # used to deploy libvirt/kvm dependencies:
408 nova::compute::libvirt::services::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
409 # used to configured nova.conf:
410 nova::compute::libvirt::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
411 nova::compute::neutron::libvirt_vif_driver: {get_input: nova_compute_libvirt_vif_driver}
412 nova_api_host: {get_input: nova_api_host}
413 nova::compute::vncproxy_host: {get_input: nova_public_ip}
414 nova::compute::rbd::ephemeral_storage: {get_input: nova_enable_rbd_backend}
415 # TUNNELLED mode provides a security enhancement when using shared storage but is not
416 # supported when not using shared storage.
417 # See https://bugzilla.redhat.com/show_bug.cgi?id=1301986#c12
418 # In future versions of QEMU (2.6, mostly), Dan's native encryption
419 # work will obsolete the need to use TUNNELLED transport mode.
420 nova::migration::live_migration_tunnelled: {get_input: nova_enable_rbd_backend}
421 rbd_persistent_storage: {get_input: cinder_enable_rbd_backend}
422 nova_password: {get_input: nova_password}
423 nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address}
424 nova::vncproxy::common::vncproxy_protocol: {get_input: nova_vncproxy_protocol}
425 nova::vncproxy::common::vncproxy_host: {get_input: nova_vncproxy_host}
426 nova::vncproxy::common::vncproxy_port: {get_input: nova_vncproxy_port}
427 nova::network::neutron::neutron_ovs_bridge: {get_input: nova_ovs_bridge}
428 nova::network::neutron::security_group_api: {get_input: nova_security_group_api}
429 ceilometer::debug: {get_input: debug}
430 ceilometer::rabbit_userid: {get_input: rabbit_username}
431 ceilometer::rabbit_password: {get_input: rabbit_password}
432 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
433 ceilometer::rabbit_port: {get_input: rabbit_client_port}
434 ceilometer::telemetry_secret: {get_input: ceilometer_metering_secret}
435 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
436 ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url}
437 ceilometer_compute_agent: {get_input: ceilometer_compute_agent}
438 nova::glance_api_servers: {get_input: glance_api_servers}
439 neutron::debug: {get_input: debug}
440 neutron::rabbit_password: {get_input: rabbit_password}
441 neutron::rabbit_user: {get_input: rabbit_username}
442 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
443 neutron::rabbit_port: {get_input: rabbit_client_port}
444 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
446 nova::network::neutron::neutron_password: {get_input: neutron_password}
447 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
448 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
449 keystone_public_api_virtual_ip: {get_input: keystone_vip}
450 admin_password: {get_input: admin_password}
451 tripleo::packages::enable_install: {get_input: enable_package_install}
452 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
454 NovaComputeDeployment:
455 type: OS::TripleO::SoftwareDeployment
456 depends_on: NetworkDeployment
458 name: NovaComputeDeployment
459 config: {get_resource: NovaComputeConfig}
460 server: {get_resource: NovaCompute}
462 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
463 debug: {get_param: Debug}
464 nova_compute_driver: {get_param: NovaComputeDriver}
465 nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
466 nova_compute_libvirt_vif_driver: {get_param: NovaComputeLibvirtVifDriver}
467 nova_public_ip: {get_param: NovaPublicIP}
468 nova_api_host: {get_param: NovaApiHost}
469 nova_password: {get_param: NovaPassword}
470 nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend}
471 nova_ipv6: {get_param: NovaIPv6}
472 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
473 nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]}
474 nova_vncproxy_protocol: {get_param: [EndpointMap, NovaVNCProxyPublic, protocol]}
475 # Remove brackets that may come if the IP address is IPv6.
476 # For DNS names and IPv4, this will just get the NovaVNCProxyPublic value
479 template: {get_param: [EndpointMap, NovaVNCProxyPublic, host]}
483 nova_vncproxy_port: {get_param: [EndpointMap, NovaVNCProxyPublic, port]}
484 nova_ovs_bridge: {get_param: NovaOVSBridge}
485 nova_security_group_api: {get_param: NovaSecurityGroupAPI}
486 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
487 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
488 ceilometer_password: {get_param: CeilometerPassword}
489 ceilometer_compute_agent: {get_param: CeilometerComputeAgent}
490 ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri]}
491 glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
492 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
493 neutron_password: {get_param: NeutronPassword}
494 neutron_internal_url: {get_param: [EndpointMap, NeutronInternal, uri]}
495 neutron_auth_url: {get_param: [EndpointMap, KeystoneV3Admin, uri]}
496 keystone_vip: {get_param: KeystonePublicApiVirtualIP}
497 admin_password: {get_param: AdminPassword}
498 rabbit_username: {get_param: RabbitUserName}
499 rabbit_password: {get_param: RabbitPassword}
500 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
501 rabbit_client_port: {get_param: RabbitClientPort}
502 enable_package_install: {get_param: EnablePackageInstall}
503 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
505 # Resource for site-specific injection of root certificate
507 depends_on: NovaComputeDeployment
508 type: OS::TripleO::NodeTLSCAData
510 server: {get_resource: NovaCompute}
512 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
513 ComputeExtraConfigPre:
514 depends_on: NovaComputeDeployment
515 type: OS::TripleO::ComputeExtraConfigPre
517 server: {get_resource: NovaCompute}
519 # Hook for site-specific additional pre-deployment config,
520 # applying to all nodes, e.g node registration/unregistration
522 depends_on: [ComputeExtraConfigPre, NodeTLSCAData]
523 type: OS::TripleO::NodeExtraConfig
525 server: {get_resource: NovaCompute}
528 type: OS::TripleO::Tasks::PackageUpdate
531 type: OS::Heat::SoftwareDeployment
533 name: UpdateDeployment
534 config: {get_resource: UpdateConfig}
535 server: {get_resource: NovaCompute}
538 get_param: UpdateIdentifier
542 description: IP address of the server in the ctlplane network
543 value: {get_attr: [NovaCompute, networks, ctlplane, 0]}
545 description: IP address of the server in the external network
546 value: {get_attr: [ExternalPort, ip_address]}
547 internal_api_ip_address:
548 description: IP address of the server in the internal_api network
549 value: {get_attr: [InternalApiPort, ip_address]}
551 description: IP address of the server in the storage network
552 value: {get_attr: [StoragePort, ip_address]}
553 storage_mgmt_ip_address:
554 description: IP address of the server in the storage_mgmt network
555 value: {get_attr: [StorageMgmtPort, ip_address]}
557 description: IP address of the server in the tenant network
558 value: {get_attr: [TenantPort, ip_address]}
559 management_ip_address:
560 description: IP address of the server in the management network
561 value: {get_attr: [ManagementPort, ip_address]}
563 description: Hostname of the server
564 value: {get_attr: [NovaCompute, name]}
567 Server's IP address and hostname in the /etc/hosts format
571 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
572 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
573 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
574 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
575 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
576 TENANTIP TENANTHOST.DOMAIN TENANTHOST
577 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
579 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]}
580 DOMAIN: {get_param: CloudDomain}
581 PRIMARYHOST: {get_attr: [NovaCompute, name]}
582 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
586 - - {get_attr: [NovaCompute, name]}
588 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
592 - - {get_attr: [NovaCompute, name]}
594 STORAGEIP: {get_attr: [StoragePort, ip_address]}
598 - - {get_attr: [NovaCompute, name]}
600 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
604 - - {get_attr: [NovaCompute, name]}
606 TENANTIP: {get_attr: [TenantPort, ip_address]}
610 - - {get_attr: [NovaCompute, name]}
612 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
616 - - {get_attr: [NovaCompute, name]}
618 nova_server_resource:
619 description: Heat resource handle for the Nova compute server
621 {get_resource: NovaCompute}