1 heat_template_version: 2015-10-15
4 OpenStack hypervisor node configured via Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
11 CeilometerComputeAgent:
12 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
16 - allowed_values: ['', Present]
17 CeilometerMeteringSecret:
18 description: Secret shared by the ceilometer services.
22 description: The password for the ceilometer service account.
25 CinderEnableNfsBackend:
27 description: Whether to enable or not the NFS backend for Cinder
29 CinderEnableRbdBackend:
31 description: Whether to enable or not the Rbd backend for Cinder
35 description: Set to True to enable debugging on all services.
40 Additional hiera configuration to inject into the cluster. Note
41 that NovaComputeExtraConfig takes precedence over ExtraConfig.
44 description: Flavor for the nova compute node
47 - custom_constraint: nova.flavor
50 default: '' # Has to be here because of the ignored empty value bug
53 default: overcloud-compute
55 - custom_constraint: glance.image
57 default: 'REBUILD_PRESERVE_EPHEMERAL'
58 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
61 description: Name of an existing Nova key pair to enable SSH access to the instances
65 - custom_constraint: nova.keypair
66 KeystoneAdminApiVirtualIP:
69 KeystonePublicApiVirtualIP:
72 NeutronBridgeMappings:
74 The OVS logical->physical bridge mappings to use. See the Neutron
75 documentation for details. Defaults to mapping br-ex - the external
76 bridge on hosts - to a physical name 'datacentre' which can be used
77 to create provider networks (and we use this for the default floating
78 network) - if changing this either use different post-install network
79 scripts or be sure to keep 'datacentre' as a mapping network name.
80 type: comma_delimited_list
81 default: "datacentre:br-ex"
82 NeutronEnableTunnelling:
88 Enable/disable the L2 population feature in the Neutron agents.
91 type: comma_delimited_list
94 If set, flat networks to configure in neutron plugins.
97 default: '' # Has to be here because of the ignored empty value bug
99 type: comma_delimited_list
100 description: The tenant network type for Neutron.
102 NeutronNetworkVLANRanges:
103 default: 'datacentre'
105 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
106 Neutron documentation for permitted values. Defaults to permitting any
107 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
108 type: comma_delimited_list
110 description: The password for the neutron service account, used by neutron agents.
113 NeutronPhysicalBridge:
115 description: An OVS bridge to create for accessing external networks.
117 NeutronPublicInterface:
119 description: A port to add to the NeutronPhysicalBridge.
122 type: comma_delimited_list
124 The tunnel types for the Neutron tenant network.
126 NeutronTunnelIdRanges:
128 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
129 of GRE tunnel IDs that are available for tenant network allocation
130 default: ["1:1000", ]
131 type: comma_delimited_list
134 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
135 of VXLAN VNI IDs that are available for tenant network allocation
136 default: ["1:1000", ]
137 type: comma_delimited_list
138 NeutronPublicInterfaceRawDevice:
144 NeutronMetadataProxySharedSecret:
145 description: Shared secret to prevent spoofing
151 The core plugin for Neutron. The value should be the entrypoint to be loaded
152 from neutron.core_plugins namespace.
154 NeutronServicePlugins:
157 Comma-separated list of service plugin entrypoints to be loaded from the
158 neutron.service_plugins namespace.
159 type: comma_delimited_list
161 default: "vxlan,vlan,flat,gre"
163 Comma-separated list of network type driver entrypoints to be loaded.
164 type: comma_delimited_list
165 NeutronMechanismDrivers:
166 default: 'openvswitch'
168 The mechanism drivers for the Neutron tenant network.
169 type: comma_delimited_list
170 # Not relevant for Computes, should be removed
171 NeutronAllowL3AgentFailover:
173 description: Allow automatic l3-agent failover
175 # Not relevant for Computes, should be removed
178 description: Whether to enable l3-agent HA
182 description: Agent mode for the neutron-l3-agent on the controller hosts
186 default: '' # Has to be here because of the ignored empty value bug
189 default: libvirt.LibvirtDriver
190 NovaComputeExtraConfig:
193 NovaCompute specific configuration to inject into the cluster. Same
194 structure as ExtraConfig.
196 NovaComputeLibvirtType:
199 NovaComputeLibvirtVifDriver:
201 description: Libvirt VIF driver configuration for the network
203 NovaEnableRbdBackend:
205 description: Whether to enable or not the Rbd backend for Nova
208 description: The password for the nova service account, used by nova-api.
213 default: '' # Has to be here because of the ignored empty value bug
216 description: Name of integration bridge used by Open vSwitch
218 NovaSecurityGroupAPI:
220 description: The full class name of the security API class
224 description: Comma-separated list of ntp servers
225 type: comma_delimited_list
228 default: '' # Has to be here because of the ignored empty value bug
231 description: The password for RabbitMQ
236 description: The username for RabbitMQ
241 Rabbit client subscriber parameter to specify
242 an SSL connection to the RabbitMQ host.
246 description: Set rabbit subscriber port, change this if using SSL
248 SnmpdReadonlyUserName:
249 default: ro_snmp_user
250 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
252 SnmpdReadonlyUserPassword:
253 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
256 EnablePackageInstall:
258 description: Set to true to enable package installation via Puppet
262 description: Mapping of service_name -> network name. Typically set
263 via parameter_defaults in the resource registry.
267 description: Mapping of service endpoint -> protocol. Typically set
268 via parameter_defaults in the resource registry.
274 Setting to a previously unused value during stack-update will trigger
275 package update on all nodes
278 default: '' # Defaults to Heat created hostname
279 NetworkDeploymentActions:
280 type: comma_delimited_list
282 Heat action when to apply network configuration changes
284 SoftwareConfigTransport:
285 default: POLL_SERVER_CFN
287 How the server should receive the metadata required for software configuration.
290 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
295 The DNS domain used for the hosts. This should match the dhcp_domain
296 configured in the Undercloud neutron. Defaults to localdomain.
300 Extra properties or metadata passed to Nova for the created nodes in
301 the overcloud. It's accessible via the Nova metadata API.
305 description: Optional scheduler hints to pass to nova
311 type: OS::Nova::Server
316 get_param: ImageUpdatePolicy
317 flavor: {get_param: Flavor}
318 key_name: {get_param: KeyName}
321 user_data_format: SOFTWARE_CONFIG
322 user_data: {get_resource: UserData}
323 name: {get_param: Hostname}
324 software_config_transport: {get_param: SoftwareConfigTransport}
325 metadata: {get_param: ServerMetadata}
326 scheduler_hints: {get_param: SchedulerHints}
328 # Combine the NodeAdminUserData and NodeUserData mime archives
330 type: OS::Heat::MultipartMime
333 - config: {get_resource: NodeAdminUserData}
335 - config: {get_resource: NodeUserData}
338 # Creates the "heat-admin" user if configured via the environment
339 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
341 type: OS::TripleO::NodeAdminUserData
343 # For optional operator additional userdata
344 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
346 type: OS::TripleO::NodeUserData
349 type: OS::TripleO::Compute::Ports::ExternalPort
351 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
354 type: OS::TripleO::Compute::Ports::InternalApiPort
356 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
359 type: OS::TripleO::Compute::Ports::StoragePort
361 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
364 type: OS::TripleO::Compute::Ports::StorageMgmtPort
366 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
369 type: OS::TripleO::Compute::Ports::TenantPort
371 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
374 type: OS::TripleO::Compute::Ports::ManagementPort
376 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
379 type: OS::TripleO::Network::Ports::NetIpMap
381 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
382 ExternalIp: {get_attr: [ExternalPort, ip_address]}
383 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
384 StorageIp: {get_attr: [StoragePort, ip_address]}
385 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
386 TenantIp: {get_attr: [TenantPort, ip_address]}
387 ManagementIp: {get_attr: [ManagementPort, ip_address]}
390 type: OS::TripleO::Compute::Net::SoftwareConfig
392 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
393 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
394 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
395 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
396 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
397 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
398 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
401 type: OS::TripleO::SoftwareDeployment
403 config: {get_resource: NetworkConfig}
404 server: {get_resource: NovaCompute}
405 actions: {get_param: NetworkDeploymentActions}
407 bridge_name: {get_param: NeutronPhysicalBridge}
408 interface_name: {get_param: NeutronPublicInterface}
411 type: OS::Heat::StructuredConfig
413 group: os-apply-config
418 - heat_config_%{::deploy_config_name}
419 - compute_extraconfig
422 - ceph_cluster # provided by CephClusterConfig
424 - all_nodes # provided by allNodesConfig
427 - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre
428 - nova_nuage_data # Optionally provided by ComputeExtraConfigPre
429 - midonet_data # Optionally provided by AllNodesExtraConfig
432 mapped_data: {get_param: NovaComputeExtraConfig}
434 mapped_data: {get_param: ExtraConfig}
436 raw_data: {get_file: hieradata/common.yaml}
438 raw_data: {get_file: hieradata/ceph.yaml}
440 raw_data: {get_file: hieradata/compute.yaml}
442 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
443 nova::debug: {get_input: debug}
444 nova::rabbit_userid: {get_input: rabbit_username}
445 nova::rabbit_password: {get_input: rabbit_password}
446 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
447 nova::rabbit_port: {get_input: rabbit_client_port}
448 nova_compute_driver: {get_input: nova_compute_driver}
449 nova::compute::libvirt::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
450 nova::compute::neutron::libvirt_vif_driver: {get_input: nova_compute_libvirt_vif_driver}
451 nova_api_host: {get_input: nova_api_host}
452 nova::compute::vncproxy_host: {get_input: nova_public_ip}
453 nova::compute::rbd::ephemeral_storage: {get_input: nova_enable_rbd_backend}
454 rbd_persistent_storage: {get_input: cinder_enable_rbd_backend}
455 nova_password: {get_input: nova_password}
456 nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address}
457 nova::network::neutron::neutron_ovs_bridge: {get_input: nova_ovs_bridge}
458 nova::network::neutron::security_group_api: {get_input: nova_security_group_api}
459 ceilometer::debug: {get_input: debug}
460 ceilometer::rabbit_userid: {get_input: rabbit_username}
461 ceilometer::rabbit_password: {get_input: rabbit_password}
462 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
463 ceilometer::rabbit_port: {get_input: rabbit_client_port}
464 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
465 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
466 ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url}
467 ceilometer_compute_agent: {get_input: ceilometer_compute_agent}
468 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
469 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
470 nova::glance_api_servers: {get_input: glance_api_servers}
471 neutron::debug: {get_input: debug}
472 neutron::rabbit_password: {get_input: rabbit_password}
473 neutron::rabbit_user: {get_input: rabbit_username}
474 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
475 neutron::rabbit_port: {get_input: rabbit_client_port}
476 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
477 neutron_host: {get_input: neutron_host}
478 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
480 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
481 neutron::agents::ml2::ovs:tunnel_types: {get_input: neutron_tunnel_types}
482 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
483 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
484 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
485 neutron::agents::ml2::ovs::bridge_mappings: {get_input: neutron_bridge_mappings}
486 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
487 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
488 neutron_physical_bridge: {get_input: neutron_physical_bridge}
489 neutron_public_interface: {get_input: neutron_public_interface}
490 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
491 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
492 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
493 neutron_router_distributed: {get_input: neutron_router_distributed}
494 neutron_agent_mode: {get_input: neutron_agent_mode}
495 neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
496 neutron::core_plugin: {get_input: neutron_core_plugin}
497 neutron::service_plugins: {get_input: neutron_service_plugins}
498 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
499 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
500 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
501 keystone_public_api_virtual_ip: {get_input: keystone_vip}
502 admin_password: {get_input: admin_password}
503 ntp::servers: {get_input: ntp_servers}
504 tripleo::packages::enable_install: {get_input: enable_package_install}
505 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
507 NovaComputeDeployment:
508 type: OS::TripleO::SoftwareDeployment
509 depends_on: NetworkDeployment
511 config: {get_resource: NovaComputeConfig}
512 server: {get_resource: NovaCompute}
514 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
515 debug: {get_param: Debug}
516 nova_compute_driver: {get_param: NovaComputeDriver}
517 nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
518 nova_compute_libvirt_vif_driver: {get_param: NovaComputeLibvirtVifDriver}
519 nova_public_ip: {get_param: NovaPublicIP}
520 nova_api_host: {get_param: NovaApiHost}
521 nova_password: {get_param: NovaPassword}
522 nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend}
523 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
524 nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]}
525 nova_ovs_bridge: {get_param: NovaOVSBridge}
526 nova_security_group_api: {get_param: NovaSecurityGroupAPI}
527 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
528 ceilometer_password: {get_param: CeilometerPassword}
529 ceilometer_compute_agent: {get_param: CeilometerComputeAgent}
530 ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri]}
531 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
532 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
533 glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
534 neutron_flat_networks:
538 NETWORKS: {get_param: NeutronFlatNetworks}
539 neutron_host: {get_param: NeutronHost}
540 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
541 neutron_tunnel_id_ranges:
545 RANGES: {get_param: NeutronTunnelIdRanges}
550 RANGES: {get_param: NeutronVniRanges}
551 neutron_tenant_network_types:
555 TYPES: {get_param: NeutronNetworkType}
556 neutron_tunnel_types:
560 TYPES: {get_param: NeutronTunnelTypes}
561 neutron_network_vlan_ranges:
565 RANGES: {get_param: NeutronNetworkVLANRanges}
566 neutron_bridge_mappings:
570 MAPPINGS: {get_param: NeutronBridgeMappings}
571 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
572 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
573 neutron_physical_bridge: {get_param: NeutronPhysicalBridge}
574 neutron_public_interface: {get_param: NeutronPublicInterface}
575 neutron_password: {get_param: NeutronPassword}
576 neutron_agent_mode: {get_param: NeutronAgentMode}
577 neutron_router_distributed: {get_param: NeutronDVR}
578 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
579 neutron_core_plugin: {get_param: NeutronCorePlugin}
580 neutron_service_plugins:
584 PLUGINS: {get_param: NeutronServicePlugins}
585 neutron_type_drivers:
589 DRIVERS: {get_param: NeutronTypeDrivers}
590 neutron_mechanism_drivers:
594 MECHANISMS: {get_param: NeutronMechanismDrivers}
595 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
596 neutron_internal_url: {get_param: [EndpointMap, NeutronInternal, uri]}
597 neutron_admin_auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri]}
598 keystone_vip: {get_param: KeystonePublicApiVirtualIP}
599 admin_password: {get_param: AdminPassword}
600 rabbit_username: {get_param: RabbitUserName}
601 rabbit_password: {get_param: RabbitPassword}
602 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
603 rabbit_client_port: {get_param: RabbitClientPort}
604 ntp_servers: {get_param: NtpServer}
605 enable_package_install: {get_param: EnablePackageInstall}
606 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
608 # Resource for site-specific injection of root certificate
610 depends_on: NovaComputeDeployment
611 type: OS::TripleO::NodeTLSCAData
613 server: {get_resource: NovaCompute}
615 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
616 ComputeExtraConfigPre:
617 depends_on: NovaComputeDeployment
618 type: OS::TripleO::ComputeExtraConfigPre
620 server: {get_resource: NovaCompute}
622 # Hook for site-specific additional pre-deployment config,
623 # applying to all nodes, e.g node registration/unregistration
625 depends_on: [ComputeExtraConfigPre, NodeTLSCAData]
626 type: OS::TripleO::NodeExtraConfig
628 server: {get_resource: NovaCompute}
631 type: OS::TripleO::Tasks::PackageUpdate
634 type: OS::Heat::SoftwareDeployment
636 config: {get_resource: UpdateConfig}
637 server: {get_resource: NovaCompute}
640 get_param: UpdateIdentifier
644 description: IP address of the server in the ctlplane network
645 value: {get_attr: [NovaCompute, networks, ctlplane, 0]}
647 description: IP address of the server in the external network
648 value: {get_attr: [ExternalPort, ip_address]}
649 internal_api_ip_address:
650 description: IP address of the server in the internal_api network
651 value: {get_attr: [InternalApiPort, ip_address]}
653 description: IP address of the server in the storage network
654 value: {get_attr: [StoragePort, ip_address]}
655 storage_mgmt_ip_address:
656 description: IP address of the server in the storage_mgmt network
657 value: {get_attr: [StorageMgmtPort, ip_address]}
659 description: IP address of the server in the tenant network
660 value: {get_attr: [TenantPort, ip_address]}
661 management_ip_address:
662 description: IP address of the server in the management network
663 value: {get_attr: [ManagementPort, ip_address]}
665 description: Hostname of the server
666 value: {get_attr: [NovaCompute, name]}
669 Server's IP address and hostname in the /etc/hosts format
672 template: "IP HOST.DOMAIN HOST"
674 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]}
675 DOMAIN: {get_param: CloudDomain}
676 HOST: {get_attr: [NovaCompute, name]}
677 nova_server_resource:
678 description: Heat resource handle for the Nova compute server
680 {get_resource: NovaCompute}
682 description: identifier which changes if the node configuration may need re-applying
686 - - {get_attr: [NovaComputeDeployment, deploy_stdout]}
687 - {get_attr: [NodeTLSCAData, deploy_stdout]}
688 - {get_attr: [ComputeExtraConfigPre, deploy_stdout]}
689 - {get_param: UpdateIdentifier}