1 heat_template_version: 2015-04-30
4 OpenStack hypervisor node configured via Puppet.
9 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
12 CeilometerComputeAgent:
13 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
17 - allowed_values: ['', Present]
18 CeilometerMeteringSecret:
20 description: Secret shared by the ceilometer services.
25 description: The password for the ceilometer service account.
28 CinderEnableNfsBackend:
30 description: Whether to enable or not the NFS backend for Cinder
32 CinderEnableRbdBackend:
34 description: Whether to enable or not the Rbd backend for Cinder
38 description: Set to True to enable debugging on all services.
43 Additional hiera configuration to inject into the cluster. Note
44 that NovaComputeExtraConfig takes precedence over ExtraConfig.
47 description: Flavor for the nova compute node
50 - custom_constraint: nova.flavor
53 default: '' # Has to be here because of the ignored empty value bug
56 default: overcloud-compute
58 - custom_constraint: glance.image
60 default: 'REBUILD_PRESERVE_EPHEMERAL'
61 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
64 description: Name of an existing EC2 KeyPair to enable SSH access to the instances
68 - custom_constraint: nova.keypair
69 KeystoneAdminApiVirtualIP:
72 KeystonePublicApiVirtualIP:
75 NeutronBridgeMappings:
77 The OVS logical->physical bridge mappings to use. See the Neutron
78 documentation for details. Defaults to mapping br-ex - the external
79 bridge on hosts - to a physical name 'datacentre' which can be used
80 to create provider networks (and we use this for the default floating
81 network) - if changing this either use different post-install network
82 scripts or be sure to keep 'datacentre' as a mapping network name.
84 default: "datacentre:br-ex"
85 NeutronEnableTunnelling:
91 Enable/disable the L2 population feature in the Neutron agents.
97 If set, flat networks to configure in neutron plugins.
100 default: '' # Has to be here because of the ignored empty value bug
103 description: The tenant network type for Neutron, either gre or vxlan.
105 NeutronNetworkVLANRanges:
106 default: 'datacentre'
108 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
109 Neutron documentation for permitted values. Defaults to permitting any
110 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
111 type: comma_delimited_list
114 description: The password for the neutron service account, used by neutron agents.
117 NeutronPhysicalBridge:
119 description: An OVS bridge to create for accessing external networks.
121 NeutronPublicInterface:
123 description: A port to add to the NeutronPhysicalBridge.
128 The tunnel types for the Neutron tenant network. To specify multiple
129 values, use a comma separated string, like so: 'gre,vxlan'
131 NeutronTunnelIdRanges:
133 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
134 of GRE tunnel IDs that are available for tenant network allocation
135 default: ["1:1000", ]
136 type: comma_delimited_list
139 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
140 of VXLAN VNI IDs that are available for tenant network allocation
141 default: ["1:1000", ]
142 type: comma_delimited_list
143 NeutronPublicInterfaceRawDevice:
149 NeutronMetadataProxySharedSecret:
151 description: Shared secret to prevent spoofing
157 The core plugin for Neutron. The value should be the entrypoint to be loaded
158 from neutron.core_plugins namespace.
160 NeutronServicePlugins:
163 Comma-separated list of service plugin entrypoints to be loaded from the
164 neutron.service_plugins namespace.
165 type: comma_delimited_list
167 default: "vxlan,vlan,flat,gre"
169 Comma-separated list of network type driver entrypoints to be loaded.
170 type: comma_delimited_list
171 NeutronMechanismDrivers:
172 default: 'openvswitch'
174 The mechanism drivers for the Neutron tenant network. To specify multiple
175 values, use a comma separated string, like so: 'openvswitch,l2_population'
177 # Not relevant for Computes, should be removed
178 NeutronAllowL3AgentFailover:
180 description: Allow automatic l3-agent failover
182 # Not relevant for Computes, should be removed
185 description: Whether to enable l3-agent HA
189 description: Agent mode for the neutron-l3-agent on the controller hosts
193 default: '' # Has to be here because of the ignored empty value bug
196 default: libvirt.LibvirtDriver
197 NovaComputeExtraConfig:
200 NovaCompute specific configuration to inject into the cluster. Same
201 structure as ExtraConfig.
203 NovaComputeLibvirtType:
206 NovaComputeLibvirtVifDriver:
208 description: Libvirt VIF driver configuration for the network
210 NovaEnableRbdBackend:
212 description: Whether to enable or not the Rbd backend for Nova
216 description: The password for the nova service account, used by nova-api.
221 default: '' # Has to be here because of the ignored empty value bug
224 description: Name of integration bridge used by Open vSwitch
226 NovaSecurityGroupAPI:
228 description: The full class name of the security API class
232 description: Comma-separated list of ntp servers
233 type: comma_delimited_list
236 default: '' # Has to be here because of the ignored empty value bug
239 description: The password for RabbitMQ
244 description: The username for RabbitMQ
249 Rabbit client subscriber parameter to specify
250 an SSL connection to the RabbitMQ host.
254 description: Set rabbit subscriber port, change this if using SSL
256 SnmpdReadonlyUserName:
257 default: ro_snmp_user
258 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
260 SnmpdReadonlyUserPassword:
262 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
265 EnablePackageInstall:
267 description: Set to true to enable package installation via Puppet
271 description: Mapping of service_name -> network name. Typically set
272 via parameter_defaults in the resource registry.
276 description: Mapping of service endpoint -> protocol. Typically set
277 via parameter_defaults in the resource registry.
283 Setting to a previously unused value during stack-update will trigger
284 package update on all nodes
287 default: '' # Defaults to Heat created hostname
288 NetworkDeploymentActions:
289 type: comma_delimited_list
291 Heat action when to apply network configuration changes
293 SoftwareConfigTransport:
294 default: POLL_SERVER_CFN
296 How the server should receive the metadata required for software configuration.
299 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
304 The DNS domain used for the hosts. This should match the dhcp_domain
305 configured in the Undercloud neutron. Defaults to localdomain.
310 Extra properties or metadata passed to Nova for the created nodes in
311 the overcloud. It's accessible via the Nova metadata API.
317 type: OS::Nova::Server
322 get_param: ImageUpdatePolicy
323 flavor: {get_param: Flavor}
324 key_name: {get_param: KeyName}
327 user_data_format: SOFTWARE_CONFIG
328 user_data: {get_resource: UserData}
329 name: {get_param: Hostname}
330 software_config_transport: {get_param: SoftwareConfigTransport}
331 metadata: {get_param: ServerMetadata}
333 # Combine the NodeAdminUserData and NodeUserData mime archives
335 type: OS::Heat::MultipartMime
338 - config: {get_resource: NodeAdminUserData}
340 - config: {get_resource: NodeUserData}
343 # Creates the "heat-admin" user if configured via the environment
344 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
346 type: OS::TripleO::NodeAdminUserData
348 # For optional operator additional userdata
349 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
351 type: OS::TripleO::NodeUserData
354 type: OS::TripleO::Compute::Ports::InternalApiPort
356 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
359 type: OS::TripleO::Compute::Ports::StoragePort
361 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
364 type: OS::TripleO::Compute::Ports::TenantPort
366 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
369 type: OS::TripleO::Network::Ports::NetIpMap
371 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
372 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
373 StorageIp: {get_attr: [StoragePort, ip_address]}
374 TenantIp: {get_attr: [TenantPort, ip_address]}
377 type: OS::TripleO::Compute::Net::SoftwareConfig
379 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
380 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
381 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
382 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
385 type: OS::TripleO::SoftwareDeployment
387 config: {get_resource: NetworkConfig}
388 server: {get_resource: NovaCompute}
389 actions: {get_param: NetworkDeploymentActions}
391 bridge_name: {get_param: NeutronPhysicalBridge}
392 interface_name: {get_param: NeutronPublicInterface}
395 type: OS::Heat::StructuredConfig
397 group: os-apply-config
402 - heat_config_%{::deploy_config_name}
403 - compute_extraconfig
406 - ceph_cluster # provided by CephClusterConfig
408 - all_nodes # provided by allNodesConfig
411 - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre
412 - nova_nuage_data # Optionally provided by ComputeExtraConfigPre
415 mapped_data: {get_param: NovaComputeExtraConfig}
417 mapped_data: {get_param: ExtraConfig}
419 raw_data: {get_file: hieradata/common.yaml}
421 raw_data: {get_file: hieradata/ceph.yaml}
423 raw_data: {get_file: hieradata/compute.yaml}
425 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
426 nova::debug: {get_input: debug}
427 nova::rabbit_userid: {get_input: rabbit_username}
428 nova::rabbit_password: {get_input: rabbit_password}
429 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
430 nova::rabbit_port: {get_input: rabbit_client_port}
431 nova_compute_driver: {get_input: nova_compute_driver}
432 nova::compute::libvirt::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
433 nova::compute::neutron::libvirt_vif_driver: {get_input: nova_compute_libvirt_vif_driver}
434 nova_api_host: {get_input: nova_api_host}
435 nova::compute::vncproxy_host: {get_input: nova_public_ip}
436 nova::compute::rbd::ephemeral_storage: {get_input: nova_enable_rbd_backend}
437 rbd_persistent_storage: {get_input: cinder_enable_rbd_backend}
438 nova_password: {get_input: nova_password}
439 nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address}
440 nova::network::neutron::neutron_ovs_bridge: {get_input: nova_ovs_bridge}
441 nova::network::neutron::security_group_api: {get_input: nova_security_group_api}
442 ceilometer::debug: {get_input: debug}
443 ceilometer::rabbit_userid: {get_input: rabbit_username}
444 ceilometer::rabbit_password: {get_input: rabbit_password}
445 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
446 ceilometer::rabbit_port: {get_input: rabbit_client_port}
447 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
448 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
449 ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url}
450 ceilometer_compute_agent: {get_input: ceilometer_compute_agent}
451 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
452 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
453 nova::glance_api_servers: {get_input: glance_api_servers}
454 neutron::debug: {get_input: debug}
455 neutron::rabbit_password: {get_input: rabbit_password}
456 neutron::rabbit_user: {get_input: rabbit_username}
457 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
458 neutron::rabbit_port: {get_input: rabbit_client_port}
459 neutron_flat_networks: {get_input: neutron_flat_networks}
460 neutron_host: {get_input: neutron_host}
461 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
463 neutron_tenant_network_type: {get_input: neutron_tenant_network_type}
464 neutron_tunnel_types: {get_input: neutron_tunnel_types}
465 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
466 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
467 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
468 neutron_bridge_mappings: {get_input: neutron_bridge_mappings}
469 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
470 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
471 neutron_physical_bridge: {get_input: neutron_physical_bridge}
472 neutron_public_interface: {get_input: neutron_public_interface}
473 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
474 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
475 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
476 neutron_router_distributed: {get_input: neutron_router_distributed}
477 neutron_agent_mode: {get_input: neutron_agent_mode}
478 neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
479 neutron::core_plugin: {get_input: neutron_core_plugin}
480 neutron::service_plugins: {get_input: neutron_service_plugins}
481 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
482 neutron_mechanism_drivers: {get_input: neutron_mechanism_drivers}
483 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
484 keystone_public_api_virtual_ip: {get_input: keystone_vip}
485 admin_password: {get_input: admin_password}
486 ntp::servers: {get_input: ntp_servers}
487 tripleo::packages::enable_install: {get_input: enable_package_install}
488 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
490 NovaComputeDeployment:
491 type: OS::TripleO::SoftwareDeployment
492 depends_on: NetworkDeployment
494 config: {get_resource: NovaComputeConfig}
495 server: {get_resource: NovaCompute}
497 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
498 debug: {get_param: Debug}
499 nova_compute_driver: {get_param: NovaComputeDriver}
500 nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
501 nova_compute_libvirt_vif_driver: {get_param: NovaComputeLibvirtVifDriver}
502 nova_public_ip: {get_param: NovaPublicIP}
503 nova_api_host: {get_param: NovaApiHost}
504 nova_password: {get_param: NovaPassword}
505 nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend}
506 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
507 nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]}
508 nova_ovs_bridge: {get_param: NovaOVSBridge}
509 nova_security_group_api: {get_param: NovaSecurityGroupAPI}
510 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
511 ceilometer_password: {get_param: CeilometerPassword}
512 ceilometer_compute_agent: {get_param: CeilometerComputeAgent}
513 ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri]}
514 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
515 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
516 glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
517 neutron_flat_networks: {get_param: NeutronFlatNetworks}
518 neutron_host: {get_param: NeutronHost}
519 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
520 neutron_tenant_network_type: {get_param: NeutronNetworkType}
521 neutron_tunnel_types: {get_param: NeutronTunnelTypes}
522 neutron_tunnel_id_ranges:
524 template: "['RANGES']"
529 - {get_param: NeutronTunnelIdRanges}
532 template: "['RANGES']"
537 - {get_param: NeutronVniRanges}
538 neutron_network_vlan_ranges:
540 template: "['RANGES']"
545 - {get_param: NeutronNetworkVLANRanges}
546 neutron_bridge_mappings: {get_param: NeutronBridgeMappings}
547 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
548 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
549 neutron_physical_bridge: {get_param: NeutronPhysicalBridge}
550 neutron_public_interface: {get_param: NeutronPublicInterface}
551 neutron_password: {get_param: NeutronPassword}
552 neutron_agent_mode: {get_param: NeutronAgentMode}
553 neutron_router_distributed: {get_param: NeutronDVR}
554 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
555 neutron_core_plugin: {get_param: NeutronCorePlugin}
556 neutron_service_plugins:
558 template: "['PLUGINS']"
563 - {get_param: NeutronServicePlugins}
564 neutron_type_drivers:
566 template: "['DRIVERS']"
571 - {get_param: NeutronTypeDrivers}
572 neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers}
573 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
574 neutron_internal_url: {get_param: [EndpointMap, NeutronInternal, uri]}
575 neutron_admin_auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri]}
576 keystone_vip: {get_param: KeystonePublicApiVirtualIP}
577 admin_password: {get_param: AdminPassword}
578 rabbit_username: {get_param: RabbitUserName}
579 rabbit_password: {get_param: RabbitPassword}
580 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
581 rabbit_client_port: {get_param: RabbitClientPort}
582 ntp_servers: {get_param: NtpServer}
583 enable_package_install: {get_param: EnablePackageInstall}
584 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
586 # Resource for site-specific injection of root certificate
588 depends_on: NovaComputeDeployment
589 type: OS::TripleO::NodeTLSCAData
591 server: {get_resource: NovaCompute}
593 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
594 ComputeExtraConfigPre:
595 depends_on: NovaComputeDeployment
596 type: OS::TripleO::ComputeExtraConfigPre
598 server: {get_resource: NovaCompute}
600 # Hook for site-specific additional pre-deployment config,
601 # applying to all nodes, e.g node registration/unregistration
603 depends_on: [ComputeExtraConfigPre, NodeTLSCAData]
604 type: OS::TripleO::NodeExtraConfig
606 server: {get_resource: NovaCompute}
609 type: OS::TripleO::Tasks::PackageUpdate
612 type: OS::Heat::SoftwareDeployment
614 config: {get_resource: UpdateConfig}
615 server: {get_resource: NovaCompute}
618 get_param: UpdateIdentifier
622 description: IP address of the server in the ctlplane network
623 value: {get_attr: [NovaCompute, networks, ctlplane, 0]}
624 internal_api_ip_address:
625 description: IP address of the server in the internal_api network
626 value: {get_attr: [InternalApiPort, ip_address]}
628 description: IP address of the server in the storage network
629 value: {get_attr: [StoragePort, ip_address]}
631 description: IP address of the server in the tenant network
632 value: {get_attr: [TenantPort, ip_address]}
634 description: Hostname of the server
635 value: {get_attr: [NovaCompute, name]}
638 Server's IP address and hostname in the /etc/hosts format
641 template: "IP HOST.DOMAIN HOST"
643 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]}
644 DOMAIN: {get_param: CloudDomain}
645 HOST: {get_attr: [NovaCompute, name]}
646 nova_server_resource:
647 description: Heat resource handle for the Nova compute server
649 {get_resource: NovaCompute}
651 description: identifier which changes if the node configuration may need re-applying
655 - - {get_attr: [NovaComputeDeployment, deploy_stdout]}
656 - {get_attr: [NodeTLSCAData, deploy_stdout]}
657 - {get_attr: [ComputeExtraConfigPre, deploy_stdout]}
658 - {get_param: UpdateIdentifier}