1 heat_template_version: 2016-10-14
4 OpenStack hypervisor node configured via Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
11 CeilometerComputeAgent:
12 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
16 - allowed_values: ['', Present]
17 CeilometerMeteringSecret:
18 description: Secret shared by the ceilometer services.
22 description: The password for the ceilometer service account.
25 CinderEnableNfsBackend:
27 description: Whether to enable or not the NFS backend for Cinder
29 CinderEnableRbdBackend:
31 description: Whether to enable or not the Rbd backend for Cinder
35 description: Set to True to enable debugging on all services.
40 Additional hiera configuration to inject into the cluster. Note
41 that NovaComputeExtraConfig takes precedence over ExtraConfig.
43 OvercloudComputeFlavor:
44 description: Flavor for the nova compute node
48 - custom_constraint: nova.flavor
51 default: '' # Has to be here because of the ignored empty value bug
54 default: overcloud-full
56 - custom_constraint: glance.image
58 default: 'REBUILD_PRESERVE_EPHEMERAL'
59 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
62 description: Name of an existing Nova key pair to enable SSH access to the instances
66 - custom_constraint: nova.keypair
67 KeystoneAdminApiVirtualIP:
70 KeystonePublicApiVirtualIP:
74 description: The password for the neutron service account, used by neutron agents.
77 NeutronPhysicalBridge:
79 description: An OVS bridge to create for accessing external networks.
81 NeutronPublicInterface:
83 description: A port to add to the NeutronPhysicalBridge.
90 default: '' # Has to be here because of the ignored empty value bug
93 default: libvirt.LibvirtDriver
94 NovaComputeExtraConfig:
97 NovaCompute specific configuration to inject into the cluster. Same
98 structure as ExtraConfig.
103 NovaComputeLibvirtType:
106 NovaComputeLibvirtVifDriver:
108 description: Libvirt VIF driver configuration for the network
110 NovaEnableRbdBackend:
112 description: Whether to enable or not the Rbd backend for Nova
116 description: Enable IPv6 features in Nova
119 description: The password for the nova service account, used by nova-api.
124 default: '' # Has to be here because of the ignored empty value bug
127 description: Name of integration bridge used by Open vSwitch
129 NovaSecurityGroupAPI:
131 description: The full class name of the security API class
135 default: '' # Has to be here because of the ignored empty value bug
137 description: The password for RabbitMQ
142 description: The username for RabbitMQ
147 Rabbit client subscriber parameter to specify
148 an SSL connection to the RabbitMQ host.
152 description: Set rabbit subscriber port, change this if using SSL
154 UpgradeLevelNovaCompute:
156 description: Nova Compute upgrade level
158 EnablePackageInstall:
160 description: Set to true to enable package installation via Puppet
164 description: Mapping of service_name -> network name. Typically set
165 via parameter_defaults in the resource registry.
169 description: Mapping of service endpoint -> protocol. Typically set
170 via parameter_defaults in the resource registry.
176 Setting to a previously unused value during stack-update will trigger
177 package update on all nodes
180 default: '' # Defaults to Heat created hostname
184 description: Optional mapping to override hostnames
185 NetworkDeploymentActions:
186 type: comma_delimited_list
188 Heat action when to apply network configuration changes
190 SoftwareConfigTransport:
191 default: POLL_SERVER_CFN
193 How the server should receive the metadata required for software configuration.
196 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
200 The DNS domain used for the hosts. This should match the dhcp_domain
201 configured in the Undercloud neutron. Defaults to localdomain.
205 Extra properties or metadata passed to Nova for the created nodes in
206 the overcloud. It's accessible via the Nova metadata API.
208 NovaComputeSchedulerHints:
210 description: Optional scheduler hints to pass to nova
212 ServiceConfigSettings:
216 type: comma_delimited_list
220 description: Command which will be run whenever configuration data changes
221 default: os-refresh-config --timeout 14400
226 type: OS::TripleO::Server
229 command: {get_param: ConfigCommand}
231 image: {get_param: NovaImage}
233 get_param: ImageUpdatePolicy
234 flavor: {get_param: OvercloudComputeFlavor}
235 key_name: {get_param: KeyName}
238 user_data_format: SOFTWARE_CONFIG
239 user_data: {get_resource: UserData}
242 template: {get_param: Hostname}
243 params: {get_param: HostnameMap}
244 software_config_transport: {get_param: SoftwareConfigTransport}
245 metadata: {get_param: ServerMetadata}
246 scheduler_hints: {get_param: NovaComputeSchedulerHints}
248 # Combine the NodeAdminUserData and NodeUserData mime archives
250 type: OS::Heat::MultipartMime
253 - config: {get_resource: NodeAdminUserData}
255 - config: {get_resource: NodeUserData}
258 # Creates the "heat-admin" user if configured via the environment
259 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
261 type: OS::TripleO::NodeAdminUserData
263 # For optional operator additional userdata
264 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
266 type: OS::TripleO::NodeUserData
269 type: OS::TripleO::Compute::Ports::ExternalPort
271 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
272 IPPool: {get_param: NovaComputeIPs}
273 NodeIndex: {get_param: NodeIndex}
276 type: OS::TripleO::Compute::Ports::InternalApiPort
278 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
279 IPPool: {get_param: NovaComputeIPs}
280 NodeIndex: {get_param: NodeIndex}
283 type: OS::TripleO::Compute::Ports::StoragePort
285 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
286 IPPool: {get_param: NovaComputeIPs}
287 NodeIndex: {get_param: NodeIndex}
290 type: OS::TripleO::Compute::Ports::StorageMgmtPort
292 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
293 IPPool: {get_param: NovaComputeIPs}
294 NodeIndex: {get_param: NodeIndex}
297 type: OS::TripleO::Compute::Ports::TenantPort
299 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
300 IPPool: {get_param: NovaComputeIPs}
301 NodeIndex: {get_param: NodeIndex}
304 type: OS::TripleO::Compute::Ports::ManagementPort
306 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
307 IPPool: {get_param: NovaComputeIPs}
308 NodeIndex: {get_param: NodeIndex}
311 type: OS::TripleO::Network::Ports::NetIpMap
313 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
314 ExternalIp: {get_attr: [ExternalPort, ip_address]}
315 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
316 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
317 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
318 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
319 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
320 StorageIp: {get_attr: [StoragePort, ip_address]}
321 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
322 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
323 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
324 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
325 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
326 TenantIp: {get_attr: [TenantPort, ip_address]}
327 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
328 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
329 ManagementIp: {get_attr: [ManagementPort, ip_address]}
330 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
331 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
334 type: OS::TripleO::Compute::Net::SoftwareConfig
336 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
337 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
338 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
339 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
340 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
341 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
342 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
345 type: OS::TripleO::SoftwareDeployment
347 name: NetworkDeployment
348 config: {get_resource: NetworkConfig}
349 server: {get_resource: NovaCompute}
350 actions: {get_param: NetworkDeploymentActions}
352 bridge_name: {get_param: NeutronPhysicalBridge}
353 interface_name: {get_param: NeutronPublicInterface}
356 type: OS::Heat::StructuredConfig
358 group: os-apply-config
363 - heat_config_%{::deploy_config_name}
364 - compute_extraconfig
369 - ceph_cluster # provided by CephClusterConfig
370 - all_nodes # provided by allNodesConfig
372 - neutron_bigswitch_data # Optionally provided by ComputeExtraConfigPre
373 - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre
374 - nova_nuage_data # Optionally provided by ComputeExtraConfigPre
375 - midonet_data # Optionally provided by AllNodesExtraConfig
376 - neutron_opencontrail_data # Optionally provided by ComputeExtraConfigPre
377 merge_behavior: deeper
381 service_names: {get_param: ServiceNames}
385 - {get_param: ServiceConfigSettings}
386 - values: {get_attr: [NetIpMap, net_ip_map]}
388 mapped_data: {get_param: NovaComputeExtraConfig}
390 mapped_data: {get_param: ExtraConfig}
393 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
394 nova::use_ipv6: {get_input: nova_ipv6}
395 nova::debug: {get_input: debug}
396 nova::rabbit_userid: {get_input: rabbit_username}
397 nova::rabbit_password: {get_input: rabbit_password}
398 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
399 nova::rabbit_port: {get_input: rabbit_client_port}
400 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
401 nova_compute_driver: {get_input: nova_compute_driver}
402 # TODO(emilien): move libvirt & migration parameters in libvirt profile
403 # used to deploy libvirt/kvm dependencies:
404 nova::compute::libvirt::services::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
405 # used to configured nova.conf:
406 nova::compute::libvirt::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
407 nova::compute::neutron::libvirt_vif_driver: {get_input: nova_compute_libvirt_vif_driver}
408 nova_api_host: {get_input: nova_api_host}
409 nova::compute::vncproxy_host: {get_input: nova_public_ip}
410 nova::compute::rbd::ephemeral_storage: {get_input: nova_enable_rbd_backend}
411 # TUNNELLED mode provides a security enhancement when using shared storage but is not
412 # supported when not using shared storage.
413 # See https://bugzilla.redhat.com/show_bug.cgi?id=1301986#c12
414 # In future versions of QEMU (2.6, mostly), Dan's native encryption
415 # work will obsolete the need to use TUNNELLED transport mode.
416 nova::migration::live_migration_tunnelled: {get_input: nova_enable_rbd_backend}
417 rbd_persistent_storage: {get_input: cinder_enable_rbd_backend}
418 nova_password: {get_input: nova_password}
419 nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address}
420 nova::vncproxy::common::vncproxy_protocol: {get_input: nova_vncproxy_protocol}
421 nova::vncproxy::common::vncproxy_host: {get_input: nova_vncproxy_host}
422 nova::vncproxy::common::vncproxy_port: {get_input: nova_vncproxy_port}
423 nova::network::neutron::neutron_ovs_bridge: {get_input: nova_ovs_bridge}
424 nova::network::neutron::security_group_api: {get_input: nova_security_group_api}
425 ceilometer::debug: {get_input: debug}
426 ceilometer::rabbit_userid: {get_input: rabbit_username}
427 ceilometer::rabbit_password: {get_input: rabbit_password}
428 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
429 ceilometer::rabbit_port: {get_input: rabbit_client_port}
430 ceilometer::telemetry_secret: {get_input: ceilometer_metering_secret}
431 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
432 ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url}
433 nova::glance_api_servers: {get_input: glance_api_servers}
434 neutron::debug: {get_input: debug}
435 neutron::rabbit_password: {get_input: rabbit_password}
436 neutron::rabbit_user: {get_input: rabbit_username}
437 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
438 neutron::rabbit_port: {get_input: rabbit_client_port}
439 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
441 nova::network::neutron::neutron_password: {get_input: neutron_password}
442 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
443 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
444 keystone_public_api_virtual_ip: {get_input: keystone_vip}
445 admin_password: {get_input: admin_password}
446 tripleo::packages::enable_install: {get_input: enable_package_install}
447 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
449 NovaComputeDeployment:
450 type: OS::TripleO::SoftwareDeployment
451 depends_on: NetworkDeployment
453 name: NovaComputeDeployment
454 config: {get_resource: NovaComputeConfig}
455 server: {get_resource: NovaCompute}
457 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
458 debug: {get_param: Debug}
459 nova_compute_driver: {get_param: NovaComputeDriver}
460 nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
461 nova_compute_libvirt_vif_driver: {get_param: NovaComputeLibvirtVifDriver}
462 nova_public_ip: {get_param: NovaPublicIP}
463 nova_api_host: {get_param: NovaApiHost}
464 nova_password: {get_param: NovaPassword}
465 nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend}
466 nova_ipv6: {get_param: NovaIPv6}
467 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
468 nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]}
469 nova_vncproxy_protocol: {get_param: [EndpointMap, NovaVNCProxyPublic, protocol]}
470 # Remove brackets that may come if the IP address is IPv6.
471 # For DNS names and IPv4, this will just get the NovaVNCProxyPublic value
474 template: {get_param: [EndpointMap, NovaVNCProxyPublic, host]}
478 nova_vncproxy_port: {get_param: [EndpointMap, NovaVNCProxyPublic, port]}
479 nova_ovs_bridge: {get_param: NovaOVSBridge}
480 nova_security_group_api: {get_param: NovaSecurityGroupAPI}
481 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
482 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
483 ceilometer_password: {get_param: CeilometerPassword}
484 ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
485 glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
486 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
487 neutron_password: {get_param: NeutronPassword}
488 neutron_internal_url: {get_param: [EndpointMap, NeutronInternal, uri]}
489 neutron_auth_url: {get_param: [EndpointMap, KeystoneV3Admin, uri]}
490 keystone_vip: {get_param: KeystonePublicApiVirtualIP}
491 admin_password: {get_param: AdminPassword}
492 rabbit_username: {get_param: RabbitUserName}
493 rabbit_password: {get_param: RabbitPassword}
494 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
495 rabbit_client_port: {get_param: RabbitClientPort}
496 enable_package_install: {get_param: EnablePackageInstall}
497 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
499 # Resource for site-specific injection of root certificate
501 depends_on: NovaComputeDeployment
502 type: OS::TripleO::NodeTLSCAData
504 server: {get_resource: NovaCompute}
506 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
507 ComputeExtraConfigPre:
508 depends_on: NovaComputeDeployment
509 type: OS::TripleO::ComputeExtraConfigPre
511 server: {get_resource: NovaCompute}
513 # Hook for site-specific additional pre-deployment config,
514 # applying to all nodes, e.g node registration/unregistration
516 depends_on: [ComputeExtraConfigPre, NodeTLSCAData]
517 type: OS::TripleO::NodeExtraConfig
519 server: {get_resource: NovaCompute}
522 type: OS::TripleO::Tasks::PackageUpdate
525 type: OS::Heat::SoftwareDeployment
527 name: UpdateDeployment
528 config: {get_resource: UpdateConfig}
529 server: {get_resource: NovaCompute}
532 get_param: UpdateIdentifier
536 description: IP address of the server in the ctlplane network
537 value: {get_attr: [NovaCompute, networks, ctlplane, 0]}
539 description: IP address of the server in the external network
540 value: {get_attr: [ExternalPort, ip_address]}
541 internal_api_ip_address:
542 description: IP address of the server in the internal_api network
543 value: {get_attr: [InternalApiPort, ip_address]}
545 description: IP address of the server in the storage network
546 value: {get_attr: [StoragePort, ip_address]}
547 storage_mgmt_ip_address:
548 description: IP address of the server in the storage_mgmt network
549 value: {get_attr: [StorageMgmtPort, ip_address]}
551 description: IP address of the server in the tenant network
552 value: {get_attr: [TenantPort, ip_address]}
553 management_ip_address:
554 description: IP address of the server in the management network
555 value: {get_attr: [ManagementPort, ip_address]}
557 description: Hostname of the server
558 value: {get_attr: [NovaCompute, name]}
561 Server's IP address and hostname in the /etc/hosts format
565 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
566 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
567 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
568 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
569 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
570 TENANTIP TENANTHOST.DOMAIN TENANTHOST
571 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
573 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]}
574 DOMAIN: {get_param: CloudDomain}
575 PRIMARYHOST: {get_attr: [NovaCompute, name]}
576 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
580 - - {get_attr: [NovaCompute, name]}
582 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
586 - - {get_attr: [NovaCompute, name]}
588 STORAGEIP: {get_attr: [StoragePort, ip_address]}
592 - - {get_attr: [NovaCompute, name]}
594 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
598 - - {get_attr: [NovaCompute, name]}
600 TENANTIP: {get_attr: [TenantPort, ip_address]}
604 - - {get_attr: [NovaCompute, name]}
606 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
610 - - {get_attr: [NovaCompute, name]}
612 nova_server_resource:
613 description: Heat resource handle for the Nova compute server
615 {get_resource: NovaCompute}