1 heat_template_version: 2015-10-15
4 OpenStack hypervisor node configured via Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
11 CeilometerComputeAgent:
12 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
16 - allowed_values: ['', Present]
17 CeilometerMeteringSecret:
18 description: Secret shared by the ceilometer services.
22 description: The password for the ceilometer service account.
25 CinderEnableNfsBackend:
27 description: Whether to enable or not the NFS backend for Cinder
29 CinderEnableRbdBackend:
31 description: Whether to enable or not the Rbd backend for Cinder
35 description: Set to True to enable debugging on all services.
40 Additional hiera configuration to inject into the cluster. Note
41 that NovaComputeExtraConfig takes precedence over ExtraConfig.
44 description: Flavor for the nova compute node
47 - custom_constraint: nova.flavor
50 default: '' # Has to be here because of the ignored empty value bug
53 default: overcloud-compute
55 - custom_constraint: glance.image
57 default: 'REBUILD_PRESERVE_EPHEMERAL'
58 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
61 description: Name of an existing Nova key pair to enable SSH access to the instances
65 - custom_constraint: nova.keypair
66 KeystoneAdminApiVirtualIP:
69 KeystonePublicApiVirtualIP:
72 NeutronBridgeMappings:
74 The OVS logical->physical bridge mappings to use. See the Neutron
75 documentation for details. Defaults to mapping br-ex - the external
76 bridge on hosts - to a physical name 'datacentre' which can be used
77 to create provider networks (and we use this for the default floating
78 network) - if changing this either use different post-install network
79 scripts or be sure to keep 'datacentre' as a mapping network name.
80 type: comma_delimited_list
81 default: "datacentre:br-ex"
82 NeutronEnableTunnelling:
88 Enable/disable the L2 population feature in the Neutron agents.
91 type: comma_delimited_list
94 If set, flat networks to configure in neutron plugins.
97 default: '' # Has to be here because of the ignored empty value bug
99 type: comma_delimited_list
100 description: The tenant network type for Neutron.
102 NeutronNetworkVLANRanges:
103 default: 'datacentre'
105 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
106 Neutron documentation for permitted values. Defaults to permitting any
107 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
108 type: comma_delimited_list
110 description: The password for the neutron service account, used by neutron agents.
113 NeutronPhysicalBridge:
115 description: An OVS bridge to create for accessing external networks.
117 NeutronPublicInterface:
119 description: A port to add to the NeutronPhysicalBridge.
122 type: comma_delimited_list
124 The tunnel types for the Neutron tenant network.
126 NeutronTunnelIdRanges:
128 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
129 of GRE tunnel IDs that are available for tenant network allocation
130 default: ["1:1000", ]
131 type: comma_delimited_list
134 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
135 of VXLAN VNI IDs that are available for tenant network allocation
136 default: ["1:1000", ]
137 type: comma_delimited_list
138 NeutronPublicInterfaceRawDevice:
144 NeutronMetadataProxySharedSecret:
145 description: Shared secret to prevent spoofing
151 The core plugin for Neutron. The value should be the entrypoint to be loaded
152 from neutron.core_plugins namespace.
154 NeutronServicePlugins:
157 Comma-separated list of service plugin entrypoints to be loaded from the
158 neutron.service_plugins namespace.
159 type: comma_delimited_list
161 default: "vxlan,vlan,flat,gre"
163 Comma-separated list of network type driver entrypoints to be loaded.
164 type: comma_delimited_list
165 NeutronMechanismDrivers:
166 default: 'openvswitch'
168 The mechanism drivers for the Neutron tenant network.
169 type: comma_delimited_list
170 # Not relevant for Computes, should be removed
171 NeutronAllowL3AgentFailover:
173 description: Allow automatic l3-agent failover
175 # Not relevant for Computes, should be removed
178 description: Whether to enable l3-agent HA
182 description: Agent mode for the neutron-l3-agent on the controller hosts
186 default: '' # Has to be here because of the ignored empty value bug
189 default: libvirt.LibvirtDriver
190 NovaComputeExtraConfig:
193 NovaCompute specific configuration to inject into the cluster. Same
194 structure as ExtraConfig.
196 NovaComputeLibvirtType:
199 NovaComputeLibvirtVifDriver:
201 description: Libvirt VIF driver configuration for the network
203 NovaEnableRbdBackend:
205 description: Whether to enable or not the Rbd backend for Nova
208 description: The password for the nova service account, used by nova-api.
213 default: '' # Has to be here because of the ignored empty value bug
216 description: Name of integration bridge used by Open vSwitch
218 NovaSecurityGroupAPI:
220 description: The full class name of the security API class
224 description: Comma-separated list of ntp servers
225 type: comma_delimited_list
228 default: '' # Has to be here because of the ignored empty value bug
231 description: The password for RabbitMQ
236 description: The username for RabbitMQ
241 Rabbit client subscriber parameter to specify
242 an SSL connection to the RabbitMQ host.
246 description: Set rabbit subscriber port, change this if using SSL
248 SnmpdReadonlyUserName:
249 default: ro_snmp_user
250 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
252 SnmpdReadonlyUserPassword:
253 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
256 EnablePackageInstall:
258 description: Set to true to enable package installation via Puppet
262 description: Mapping of service_name -> network name. Typically set
263 via parameter_defaults in the resource registry.
267 description: Mapping of service endpoint -> protocol. Typically set
268 via parameter_defaults in the resource registry.
274 Setting to a previously unused value during stack-update will trigger
275 package update on all nodes
278 default: '' # Defaults to Heat created hostname
279 NetworkDeploymentActions:
280 type: comma_delimited_list
282 Heat action when to apply network configuration changes
284 SoftwareConfigTransport:
285 default: POLL_SERVER_CFN
287 How the server should receive the metadata required for software configuration.
290 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
295 The DNS domain used for the hosts. This should match the dhcp_domain
296 configured in the Undercloud neutron. Defaults to localdomain.
300 Extra properties or metadata passed to Nova for the created nodes in
301 the overcloud. It's accessible via the Nova metadata API.
305 description: Optional scheduler hints to pass to nova
311 type: OS::Nova::Server
316 get_param: ImageUpdatePolicy
317 flavor: {get_param: Flavor}
318 key_name: {get_param: KeyName}
321 user_data_format: SOFTWARE_CONFIG
322 user_data: {get_resource: UserData}
323 name: {get_param: Hostname}
324 software_config_transport: {get_param: SoftwareConfigTransport}
325 metadata: {get_param: ServerMetadata}
326 scheduler_hints: {get_param: SchedulerHints}
328 # Combine the NodeAdminUserData and NodeUserData mime archives
330 type: OS::Heat::MultipartMime
333 - config: {get_resource: NodeAdminUserData}
335 - config: {get_resource: NodeUserData}
338 # Creates the "heat-admin" user if configured via the environment
339 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
341 type: OS::TripleO::NodeAdminUserData
343 # For optional operator additional userdata
344 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
346 type: OS::TripleO::NodeUserData
349 type: OS::TripleO::Compute::Ports::InternalApiPort
351 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
354 type: OS::TripleO::Compute::Ports::StoragePort
356 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
359 type: OS::TripleO::Compute::Ports::TenantPort
361 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
364 type: OS::TripleO::Network::Ports::NetIpMap
366 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
367 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
368 StorageIp: {get_attr: [StoragePort, ip_address]}
369 TenantIp: {get_attr: [TenantPort, ip_address]}
372 type: OS::TripleO::Compute::Net::SoftwareConfig
374 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
375 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
376 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
377 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
380 type: OS::TripleO::SoftwareDeployment
382 config: {get_resource: NetworkConfig}
383 server: {get_resource: NovaCompute}
384 actions: {get_param: NetworkDeploymentActions}
386 bridge_name: {get_param: NeutronPhysicalBridge}
387 interface_name: {get_param: NeutronPublicInterface}
390 type: OS::Heat::StructuredConfig
392 group: os-apply-config
397 - heat_config_%{::deploy_config_name}
398 - compute_extraconfig
401 - ceph_cluster # provided by CephClusterConfig
403 - all_nodes # provided by allNodesConfig
406 - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre
407 - nova_nuage_data # Optionally provided by ComputeExtraConfigPre
408 - midonet_data # Optionally provided by AllNodesExtraConfig
411 mapped_data: {get_param: NovaComputeExtraConfig}
413 mapped_data: {get_param: ExtraConfig}
415 raw_data: {get_file: hieradata/common.yaml}
417 raw_data: {get_file: hieradata/ceph.yaml}
419 raw_data: {get_file: hieradata/compute.yaml}
421 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
422 nova::debug: {get_input: debug}
423 nova::rabbit_userid: {get_input: rabbit_username}
424 nova::rabbit_password: {get_input: rabbit_password}
425 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
426 nova::rabbit_port: {get_input: rabbit_client_port}
427 nova_compute_driver: {get_input: nova_compute_driver}
428 nova::compute::libvirt::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
429 nova::compute::neutron::libvirt_vif_driver: {get_input: nova_compute_libvirt_vif_driver}
430 nova_api_host: {get_input: nova_api_host}
431 nova::compute::vncproxy_host: {get_input: nova_public_ip}
432 nova::compute::rbd::ephemeral_storage: {get_input: nova_enable_rbd_backend}
433 rbd_persistent_storage: {get_input: cinder_enable_rbd_backend}
434 nova_password: {get_input: nova_password}
435 nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address}
436 nova::network::neutron::neutron_ovs_bridge: {get_input: nova_ovs_bridge}
437 nova::network::neutron::security_group_api: {get_input: nova_security_group_api}
438 ceilometer::debug: {get_input: debug}
439 ceilometer::rabbit_userid: {get_input: rabbit_username}
440 ceilometer::rabbit_password: {get_input: rabbit_password}
441 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
442 ceilometer::rabbit_port: {get_input: rabbit_client_port}
443 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
444 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
445 ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url}
446 ceilometer_compute_agent: {get_input: ceilometer_compute_agent}
447 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
448 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
449 nova::glance_api_servers: {get_input: glance_api_servers}
450 neutron::debug: {get_input: debug}
451 neutron::rabbit_password: {get_input: rabbit_password}
452 neutron::rabbit_user: {get_input: rabbit_username}
453 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
454 neutron::rabbit_port: {get_input: rabbit_client_port}
455 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
456 neutron_host: {get_input: neutron_host}
457 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
459 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
460 neutron::agents::ml2::ovs:tunnel_types: {get_input: neutron_tunnel_types}
461 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
462 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
463 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
464 neutron::agents::ml2::ovs::bridge_mappings: {get_input: neutron_bridge_mappings}
465 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
466 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
467 neutron_physical_bridge: {get_input: neutron_physical_bridge}
468 neutron_public_interface: {get_input: neutron_public_interface}
469 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
470 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
471 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
472 neutron_router_distributed: {get_input: neutron_router_distributed}
473 neutron_agent_mode: {get_input: neutron_agent_mode}
474 neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
475 neutron::core_plugin: {get_input: neutron_core_plugin}
476 neutron::service_plugins: {get_input: neutron_service_plugins}
477 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
478 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
479 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
480 keystone_public_api_virtual_ip: {get_input: keystone_vip}
481 admin_password: {get_input: admin_password}
482 ntp::servers: {get_input: ntp_servers}
483 tripleo::packages::enable_install: {get_input: enable_package_install}
484 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
486 NovaComputeDeployment:
487 type: OS::TripleO::SoftwareDeployment
488 depends_on: NetworkDeployment
490 config: {get_resource: NovaComputeConfig}
491 server: {get_resource: NovaCompute}
493 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
494 debug: {get_param: Debug}
495 nova_compute_driver: {get_param: NovaComputeDriver}
496 nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
497 nova_compute_libvirt_vif_driver: {get_param: NovaComputeLibvirtVifDriver}
498 nova_public_ip: {get_param: NovaPublicIP}
499 nova_api_host: {get_param: NovaApiHost}
500 nova_password: {get_param: NovaPassword}
501 nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend}
502 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
503 nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]}
504 nova_ovs_bridge: {get_param: NovaOVSBridge}
505 nova_security_group_api: {get_param: NovaSecurityGroupAPI}
506 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
507 ceilometer_password: {get_param: CeilometerPassword}
508 ceilometer_compute_agent: {get_param: CeilometerComputeAgent}
509 ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri]}
510 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
511 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
512 glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
513 neutron_flat_networks:
517 NETWORKS: {get_param: NeutronFlatNetworks}
518 neutron_host: {get_param: NeutronHost}
519 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
520 neutron_tunnel_id_ranges:
524 RANGES: {get_param: NeutronTunnelIdRanges}
529 RANGES: {get_param: NeutronVniRanges}
530 neutron_tenant_network_types:
534 TYPES: {get_param: NeutronNetworkType}
535 neutron_tunnel_types:
539 TYPES: {get_param: NeutronTunnelTypes}
540 neutron_network_vlan_ranges:
544 RANGES: {get_param: NeutronNetworkVLANRanges}
545 neutron_bridge_mappings:
549 MAPPINGS: {get_param: NeutronBridgeMappings}
550 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
551 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
552 neutron_physical_bridge: {get_param: NeutronPhysicalBridge}
553 neutron_public_interface: {get_param: NeutronPublicInterface}
554 neutron_password: {get_param: NeutronPassword}
555 neutron_agent_mode: {get_param: NeutronAgentMode}
556 neutron_router_distributed: {get_param: NeutronDVR}
557 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
558 neutron_core_plugin: {get_param: NeutronCorePlugin}
559 neutron_service_plugins:
563 PLUGINS: {get_param: NeutronServicePlugins}
564 neutron_type_drivers:
568 DRIVERS: {get_param: NeutronTypeDrivers}
569 neutron_mechanism_drivers:
573 MECHANISMS: {get_param: NeutronMechanismDrivers}
574 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
575 neutron_internal_url: {get_param: [EndpointMap, NeutronInternal, uri]}
576 neutron_admin_auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri]}
577 keystone_vip: {get_param: KeystonePublicApiVirtualIP}
578 admin_password: {get_param: AdminPassword}
579 rabbit_username: {get_param: RabbitUserName}
580 rabbit_password: {get_param: RabbitPassword}
581 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
582 rabbit_client_port: {get_param: RabbitClientPort}
583 ntp_servers: {get_param: NtpServer}
584 enable_package_install: {get_param: EnablePackageInstall}
585 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
587 # Resource for site-specific injection of root certificate
589 depends_on: NovaComputeDeployment
590 type: OS::TripleO::NodeTLSCAData
592 server: {get_resource: NovaCompute}
594 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
595 ComputeExtraConfigPre:
596 depends_on: NovaComputeDeployment
597 type: OS::TripleO::ComputeExtraConfigPre
599 server: {get_resource: NovaCompute}
601 # Hook for site-specific additional pre-deployment config,
602 # applying to all nodes, e.g node registration/unregistration
604 depends_on: [ComputeExtraConfigPre, NodeTLSCAData]
605 type: OS::TripleO::NodeExtraConfig
607 server: {get_resource: NovaCompute}
610 type: OS::TripleO::Tasks::PackageUpdate
613 type: OS::Heat::SoftwareDeployment
615 config: {get_resource: UpdateConfig}
616 server: {get_resource: NovaCompute}
619 get_param: UpdateIdentifier
623 description: IP address of the server in the ctlplane network
624 value: {get_attr: [NovaCompute, networks, ctlplane, 0]}
625 internal_api_ip_address:
626 description: IP address of the server in the internal_api network
627 value: {get_attr: [InternalApiPort, ip_address]}
629 description: IP address of the server in the storage network
630 value: {get_attr: [StoragePort, ip_address]}
632 description: IP address of the server in the tenant network
633 value: {get_attr: [TenantPort, ip_address]}
635 description: Hostname of the server
636 value: {get_attr: [NovaCompute, name]}
639 Server's IP address and hostname in the /etc/hosts format
642 template: "IP HOST.DOMAIN HOST"
644 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]}
645 DOMAIN: {get_param: CloudDomain}
646 HOST: {get_attr: [NovaCompute, name]}
647 nova_server_resource:
648 description: Heat resource handle for the Nova compute server
650 {get_resource: NovaCompute}
652 description: identifier which changes if the node configuration may need re-applying
656 - - {get_attr: [NovaComputeDeployment, deploy_stdout]}
657 - {get_attr: [NodeTLSCAData, deploy_stdout]}
658 - {get_attr: [ComputeExtraConfigPre, deploy_stdout]}
659 - {get_param: UpdateIdentifier}