1 heat_template_version: 2015-10-15
4 OpenStack hypervisor node configured via Puppet.
9 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
12 CeilometerComputeAgent:
13 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
17 - allowed_values: ['', Present]
18 CeilometerMeteringSecret:
20 description: Secret shared by the ceilometer services.
25 description: The password for the ceilometer service account.
28 CinderEnableNfsBackend:
30 description: Whether to enable or not the NFS backend for Cinder
32 CinderEnableRbdBackend:
34 description: Whether to enable or not the Rbd backend for Cinder
38 description: Set to True to enable debugging on all services.
43 Additional hiera configuration to inject into the cluster. Note
44 that NovaComputeExtraConfig takes precedence over ExtraConfig.
47 description: Flavor for the nova compute node
50 - custom_constraint: nova.flavor
53 default: '' # Has to be here because of the ignored empty value bug
56 default: overcloud-compute
58 - custom_constraint: glance.image
60 default: 'REBUILD_PRESERVE_EPHEMERAL'
61 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
64 description: Name of an existing Nova key pair to enable SSH access to the instances
68 - custom_constraint: nova.keypair
69 KeystoneAdminApiVirtualIP:
72 KeystonePublicApiVirtualIP:
75 NeutronBridgeMappings:
77 The OVS logical->physical bridge mappings to use. See the Neutron
78 documentation for details. Defaults to mapping br-ex - the external
79 bridge on hosts - to a physical name 'datacentre' which can be used
80 to create provider networks (and we use this for the default floating
81 network) - if changing this either use different post-install network
82 scripts or be sure to keep 'datacentre' as a mapping network name.
83 type: comma_delimited_list
84 default: "datacentre:br-ex"
85 NeutronEnableTunnelling:
91 Enable/disable the L2 population feature in the Neutron agents.
94 type: comma_delimited_list
97 If set, flat networks to configure in neutron plugins.
100 default: '' # Has to be here because of the ignored empty value bug
102 type: comma_delimited_list
103 description: The tenant network type for Neutron.
105 NeutronNetworkVLANRanges:
106 default: 'datacentre'
108 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
109 Neutron documentation for permitted values. Defaults to permitting any
110 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
111 type: comma_delimited_list
114 description: The password for the neutron service account, used by neutron agents.
117 NeutronPhysicalBridge:
119 description: An OVS bridge to create for accessing external networks.
121 NeutronPublicInterface:
123 description: A port to add to the NeutronPhysicalBridge.
126 type: comma_delimited_list
128 The tunnel types for the Neutron tenant network.
130 NeutronTunnelIdRanges:
132 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
133 of GRE tunnel IDs that are available for tenant network allocation
134 default: ["1:1000", ]
135 type: comma_delimited_list
138 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
139 of VXLAN VNI IDs that are available for tenant network allocation
140 default: ["1:1000", ]
141 type: comma_delimited_list
142 NeutronPublicInterfaceRawDevice:
148 NeutronMetadataProxySharedSecret:
150 description: Shared secret to prevent spoofing
156 The core plugin for Neutron. The value should be the entrypoint to be loaded
157 from neutron.core_plugins namespace.
159 NeutronServicePlugins:
162 Comma-separated list of service plugin entrypoints to be loaded from the
163 neutron.service_plugins namespace.
164 type: comma_delimited_list
166 default: "vxlan,vlan,flat,gre"
168 Comma-separated list of network type driver entrypoints to be loaded.
169 type: comma_delimited_list
170 NeutronMechanismDrivers:
171 default: 'openvswitch'
173 The mechanism drivers for the Neutron tenant network.
174 type: comma_delimited_list
175 # Not relevant for Computes, should be removed
176 NeutronAllowL3AgentFailover:
178 description: Allow automatic l3-agent failover
180 # Not relevant for Computes, should be removed
183 description: Whether to enable l3-agent HA
187 description: Agent mode for the neutron-l3-agent on the controller hosts
191 default: '' # Has to be here because of the ignored empty value bug
194 default: libvirt.LibvirtDriver
195 NovaComputeExtraConfig:
198 NovaCompute specific configuration to inject into the cluster. Same
199 structure as ExtraConfig.
201 NovaComputeLibvirtType:
204 NovaComputeLibvirtVifDriver:
206 description: Libvirt VIF driver configuration for the network
208 NovaEnableRbdBackend:
210 description: Whether to enable or not the Rbd backend for Nova
214 description: The password for the nova service account, used by nova-api.
219 default: '' # Has to be here because of the ignored empty value bug
222 description: Name of integration bridge used by Open vSwitch
224 NovaSecurityGroupAPI:
226 description: The full class name of the security API class
230 description: Comma-separated list of ntp servers
231 type: comma_delimited_list
234 default: '' # Has to be here because of the ignored empty value bug
237 description: The password for RabbitMQ
242 description: The username for RabbitMQ
247 Rabbit client subscriber parameter to specify
248 an SSL connection to the RabbitMQ host.
252 description: Set rabbit subscriber port, change this if using SSL
254 SnmpdReadonlyUserName:
255 default: ro_snmp_user
256 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
258 SnmpdReadonlyUserPassword:
260 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
263 EnablePackageInstall:
265 description: Set to true to enable package installation via Puppet
269 description: Mapping of service_name -> network name. Typically set
270 via parameter_defaults in the resource registry.
274 description: Mapping of service endpoint -> protocol. Typically set
275 via parameter_defaults in the resource registry.
281 Setting to a previously unused value during stack-update will trigger
282 package update on all nodes
285 default: '' # Defaults to Heat created hostname
286 NetworkDeploymentActions:
287 type: comma_delimited_list
289 Heat action when to apply network configuration changes
291 SoftwareConfigTransport:
292 default: POLL_SERVER_CFN
294 How the server should receive the metadata required for software configuration.
297 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
302 The DNS domain used for the hosts. This should match the dhcp_domain
303 configured in the Undercloud neutron. Defaults to localdomain.
307 Extra properties or metadata passed to Nova for the created nodes in
308 the overcloud. It's accessible via the Nova metadata API.
312 description: Optional scheduler hints to pass to nova
318 type: OS::Nova::Server
323 get_param: ImageUpdatePolicy
324 flavor: {get_param: Flavor}
325 key_name: {get_param: KeyName}
328 user_data_format: SOFTWARE_CONFIG
329 user_data: {get_resource: UserData}
330 name: {get_param: Hostname}
331 software_config_transport: {get_param: SoftwareConfigTransport}
332 metadata: {get_param: ServerMetadata}
333 scheduler_hints: {get_param: SchedulerHints}
335 # Combine the NodeAdminUserData and NodeUserData mime archives
337 type: OS::Heat::MultipartMime
340 - config: {get_resource: NodeAdminUserData}
342 - config: {get_resource: NodeUserData}
345 # Creates the "heat-admin" user if configured via the environment
346 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
348 type: OS::TripleO::NodeAdminUserData
350 # For optional operator additional userdata
351 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
353 type: OS::TripleO::NodeUserData
356 type: OS::TripleO::Compute::Ports::InternalApiPort
358 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
361 type: OS::TripleO::Compute::Ports::StoragePort
363 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
366 type: OS::TripleO::Compute::Ports::TenantPort
368 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
371 type: OS::TripleO::Network::Ports::NetIpMap
373 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
374 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
375 StorageIp: {get_attr: [StoragePort, ip_address]}
376 TenantIp: {get_attr: [TenantPort, ip_address]}
379 type: OS::TripleO::Compute::Net::SoftwareConfig
381 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
382 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
383 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
384 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
387 type: OS::TripleO::SoftwareDeployment
389 config: {get_resource: NetworkConfig}
390 server: {get_resource: NovaCompute}
391 actions: {get_param: NetworkDeploymentActions}
393 bridge_name: {get_param: NeutronPhysicalBridge}
394 interface_name: {get_param: NeutronPublicInterface}
397 type: OS::Heat::StructuredConfig
399 group: os-apply-config
404 - heat_config_%{::deploy_config_name}
405 - compute_extraconfig
408 - ceph_cluster # provided by CephClusterConfig
410 - all_nodes # provided by allNodesConfig
413 - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre
414 - nova_nuage_data # Optionally provided by ComputeExtraConfigPre
417 mapped_data: {get_param: NovaComputeExtraConfig}
419 mapped_data: {get_param: ExtraConfig}
421 raw_data: {get_file: hieradata/common.yaml}
423 raw_data: {get_file: hieradata/ceph.yaml}
425 raw_data: {get_file: hieradata/compute.yaml}
427 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
428 nova::debug: {get_input: debug}
429 nova::rabbit_userid: {get_input: rabbit_username}
430 nova::rabbit_password: {get_input: rabbit_password}
431 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
432 nova::rabbit_port: {get_input: rabbit_client_port}
433 nova_compute_driver: {get_input: nova_compute_driver}
434 nova::compute::libvirt::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
435 nova::compute::neutron::libvirt_vif_driver: {get_input: nova_compute_libvirt_vif_driver}
436 nova_api_host: {get_input: nova_api_host}
437 nova::compute::vncproxy_host: {get_input: nova_public_ip}
438 nova::compute::rbd::ephemeral_storage: {get_input: nova_enable_rbd_backend}
439 rbd_persistent_storage: {get_input: cinder_enable_rbd_backend}
440 nova_password: {get_input: nova_password}
441 nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address}
442 nova::network::neutron::neutron_ovs_bridge: {get_input: nova_ovs_bridge}
443 nova::network::neutron::security_group_api: {get_input: nova_security_group_api}
444 ceilometer::debug: {get_input: debug}
445 ceilometer::rabbit_userid: {get_input: rabbit_username}
446 ceilometer::rabbit_password: {get_input: rabbit_password}
447 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
448 ceilometer::rabbit_port: {get_input: rabbit_client_port}
449 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
450 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
451 ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url}
452 ceilometer_compute_agent: {get_input: ceilometer_compute_agent}
453 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
454 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
455 nova::glance_api_servers: {get_input: glance_api_servers}
456 neutron::debug: {get_input: debug}
457 neutron::rabbit_password: {get_input: rabbit_password}
458 neutron::rabbit_user: {get_input: rabbit_username}
459 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
460 neutron::rabbit_port: {get_input: rabbit_client_port}
461 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
462 neutron_host: {get_input: neutron_host}
463 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
465 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
466 neutron::agents::ml2::ovs:tunnel_types: {get_input: neutron_tunnel_types}
467 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
468 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
469 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
470 neutron::agents::ml2::ovs::bridge_mappings: {get_input: neutron_bridge_mappings}
471 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
472 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
473 neutron_physical_bridge: {get_input: neutron_physical_bridge}
474 neutron_public_interface: {get_input: neutron_public_interface}
475 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
476 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
477 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
478 neutron_router_distributed: {get_input: neutron_router_distributed}
479 neutron_agent_mode: {get_input: neutron_agent_mode}
480 neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
481 neutron::core_plugin: {get_input: neutron_core_plugin}
482 neutron::service_plugins: {get_input: neutron_service_plugins}
483 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
484 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
485 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
486 keystone_public_api_virtual_ip: {get_input: keystone_vip}
487 admin_password: {get_input: admin_password}
488 ntp::servers: {get_input: ntp_servers}
489 tripleo::packages::enable_install: {get_input: enable_package_install}
490 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
492 NovaComputeDeployment:
493 type: OS::TripleO::SoftwareDeployment
494 depends_on: NetworkDeployment
496 config: {get_resource: NovaComputeConfig}
497 server: {get_resource: NovaCompute}
499 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
500 debug: {get_param: Debug}
501 nova_compute_driver: {get_param: NovaComputeDriver}
502 nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
503 nova_compute_libvirt_vif_driver: {get_param: NovaComputeLibvirtVifDriver}
504 nova_public_ip: {get_param: NovaPublicIP}
505 nova_api_host: {get_param: NovaApiHost}
506 nova_password: {get_param: NovaPassword}
507 nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend}
508 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
509 nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]}
510 nova_ovs_bridge: {get_param: NovaOVSBridge}
511 nova_security_group_api: {get_param: NovaSecurityGroupAPI}
512 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
513 ceilometer_password: {get_param: CeilometerPassword}
514 ceilometer_compute_agent: {get_param: CeilometerComputeAgent}
515 ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri]}
516 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
517 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
518 glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
519 neutron_flat_networks:
523 NETWORKS: {get_param: NeutronFlatNetworks}
524 neutron_host: {get_param: NeutronHost}
525 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
526 neutron_tunnel_id_ranges:
530 RANGES: {get_param: NeutronTunnelIdRanges}
535 RANGES: {get_param: NeutronVniRanges}
536 neutron_tenant_network_types:
540 TYPES: {get_param: NeutronNetworkType}
541 neutron_tunnel_types:
545 TYPES: {get_param: NeutronTunnelTypes}
546 neutron_network_vlan_ranges:
550 RANGES: {get_param: NeutronNetworkVLANRanges}
551 neutron_bridge_mappings:
555 MAPPINGS: {get_param: NeutronBridgeMappings}
556 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
557 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
558 neutron_physical_bridge: {get_param: NeutronPhysicalBridge}
559 neutron_public_interface: {get_param: NeutronPublicInterface}
560 neutron_password: {get_param: NeutronPassword}
561 neutron_agent_mode: {get_param: NeutronAgentMode}
562 neutron_router_distributed: {get_param: NeutronDVR}
563 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
564 neutron_core_plugin: {get_param: NeutronCorePlugin}
565 neutron_service_plugins:
569 PLUGINS: {get_param: NeutronServicePlugins}
570 neutron_type_drivers:
574 DRIVERS: {get_param: NeutronTypeDrivers}
575 neutron_mechanism_drivers:
579 MECHANISMS: {get_param: NeutronMechanismDrivers}
580 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
581 neutron_internal_url: {get_param: [EndpointMap, NeutronInternal, uri]}
582 neutron_admin_auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri]}
583 keystone_vip: {get_param: KeystonePublicApiVirtualIP}
584 admin_password: {get_param: AdminPassword}
585 rabbit_username: {get_param: RabbitUserName}
586 rabbit_password: {get_param: RabbitPassword}
587 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
588 rabbit_client_port: {get_param: RabbitClientPort}
589 ntp_servers: {get_param: NtpServer}
590 enable_package_install: {get_param: EnablePackageInstall}
591 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
593 # Resource for site-specific injection of root certificate
595 depends_on: NovaComputeDeployment
596 type: OS::TripleO::NodeTLSCAData
598 server: {get_resource: NovaCompute}
600 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
601 ComputeExtraConfigPre:
602 depends_on: NovaComputeDeployment
603 type: OS::TripleO::ComputeExtraConfigPre
605 server: {get_resource: NovaCompute}
607 # Hook for site-specific additional pre-deployment config,
608 # applying to all nodes, e.g node registration/unregistration
610 depends_on: [ComputeExtraConfigPre, NodeTLSCAData]
611 type: OS::TripleO::NodeExtraConfig
613 server: {get_resource: NovaCompute}
616 type: OS::TripleO::Tasks::PackageUpdate
619 type: OS::Heat::SoftwareDeployment
621 config: {get_resource: UpdateConfig}
622 server: {get_resource: NovaCompute}
625 get_param: UpdateIdentifier
629 description: IP address of the server in the ctlplane network
630 value: {get_attr: [NovaCompute, networks, ctlplane, 0]}
631 internal_api_ip_address:
632 description: IP address of the server in the internal_api network
633 value: {get_attr: [InternalApiPort, ip_address]}
635 description: IP address of the server in the storage network
636 value: {get_attr: [StoragePort, ip_address]}
638 description: IP address of the server in the tenant network
639 value: {get_attr: [TenantPort, ip_address]}
641 description: Hostname of the server
642 value: {get_attr: [NovaCompute, name]}
645 Server's IP address and hostname in the /etc/hosts format
648 template: "IP HOST.DOMAIN HOST"
650 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]}
651 DOMAIN: {get_param: CloudDomain}
652 HOST: {get_attr: [NovaCompute, name]}
653 nova_server_resource:
654 description: Heat resource handle for the Nova compute server
656 {get_resource: NovaCompute}
658 description: identifier which changes if the node configuration may need re-applying
662 - - {get_attr: [NovaComputeDeployment, deploy_stdout]}
663 - {get_attr: [NodeTLSCAData, deploy_stdout]}
664 - {get_attr: [ComputeExtraConfigPre, deploy_stdout]}
665 - {get_param: UpdateIdentifier}