1 heat_template_version: 2015-10-15
4 OpenStack hypervisor node configured via Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
11 CeilometerComputeAgent:
12 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
16 - allowed_values: ['', Present]
17 CeilometerMeteringSecret:
18 description: Secret shared by the ceilometer services.
22 description: The password for the ceilometer service account.
25 CinderEnableNfsBackend:
27 description: Whether to enable or not the NFS backend for Cinder
29 CinderEnableRbdBackend:
31 description: Whether to enable or not the Rbd backend for Cinder
35 description: Set to True to enable debugging on all services.
40 Additional hiera configuration to inject into the cluster. Note
41 that NovaComputeExtraConfig takes precedence over ExtraConfig.
44 description: Flavor for the nova compute node
47 - custom_constraint: nova.flavor
50 default: '' # Has to be here because of the ignored empty value bug
53 default: overcloud-compute
55 - custom_constraint: glance.image
57 default: 'REBUILD_PRESERVE_EPHEMERAL'
58 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
61 description: Name of an existing Nova key pair to enable SSH access to the instances
65 - custom_constraint: nova.keypair
66 KeystoneAdminApiVirtualIP:
69 KeystonePublicApiVirtualIP:
72 NeutronBridgeMappings:
74 The OVS logical->physical bridge mappings to use. See the Neutron
75 documentation for details. Defaults to mapping br-ex - the external
76 bridge on hosts - to a physical name 'datacentre' which can be used
77 to create provider networks (and we use this for the default floating
78 network) - if changing this either use different post-install network
79 scripts or be sure to keep 'datacentre' as a mapping network name.
80 type: comma_delimited_list
81 default: "datacentre:br-ex"
82 NeutronEnableTunnelling:
88 Enable/disable the L2 population feature in the Neutron agents.
91 type: comma_delimited_list
94 If set, flat networks to configure in neutron plugins.
97 default: '' # Has to be here because of the ignored empty value bug
99 type: comma_delimited_list
100 description: The tenant network type for Neutron.
102 NeutronNetworkVLANRanges:
103 default: 'datacentre'
105 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
106 Neutron documentation for permitted values. Defaults to permitting any
107 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
108 type: comma_delimited_list
110 description: The password for the neutron service account, used by neutron agents.
113 NeutronPhysicalBridge:
115 description: An OVS bridge to create for accessing external networks.
117 NeutronPublicInterface:
119 description: A port to add to the NeutronPhysicalBridge.
122 type: comma_delimited_list
124 The tunnel types for the Neutron tenant network.
126 NeutronTunnelIdRanges:
128 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
129 of GRE tunnel IDs that are available for tenant network allocation
130 default: ["1:1000", ]
131 type: comma_delimited_list
134 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
135 of VXLAN VNI IDs that are available for tenant network allocation
136 default: ["1:1000", ]
137 type: comma_delimited_list
138 NeutronPublicInterfaceRawDevice:
144 NeutronMetadataProxySharedSecret:
145 description: Shared secret to prevent spoofing
151 The core plugin for Neutron. The value should be the entrypoint to be loaded
152 from neutron.core_plugins namespace.
154 NeutronServicePlugins:
157 Comma-separated list of service plugin entrypoints to be loaded from the
158 neutron.service_plugins namespace.
159 type: comma_delimited_list
161 default: "vxlan,vlan,flat,gre"
163 Comma-separated list of network type driver entrypoints to be loaded.
164 type: comma_delimited_list
165 NeutronMechanismDrivers:
166 default: 'openvswitch'
168 The mechanism drivers for the Neutron tenant network.
169 type: comma_delimited_list
170 # Not relevant for Computes, should be removed
171 NeutronAllowL3AgentFailover:
173 description: Allow automatic l3-agent failover
175 # Not relevant for Computes, should be removed
178 description: Whether to enable l3-agent HA
182 description: Agent mode for the neutron-l3-agent on the controller hosts
186 default: '' # Has to be here because of the ignored empty value bug
189 default: libvirt.LibvirtDriver
190 NovaComputeExtraConfig:
193 NovaCompute specific configuration to inject into the cluster. Same
194 structure as ExtraConfig.
196 NovaComputeLibvirtType:
199 NovaComputeLibvirtVifDriver:
201 description: Libvirt VIF driver configuration for the network
203 NovaEnableRbdBackend:
205 description: Whether to enable or not the Rbd backend for Nova
208 description: The password for the nova service account, used by nova-api.
213 default: '' # Has to be here because of the ignored empty value bug
216 description: Name of integration bridge used by Open vSwitch
218 NovaSecurityGroupAPI:
220 description: The full class name of the security API class
224 description: Comma-separated list of ntp servers
225 type: comma_delimited_list
228 default: '' # Has to be here because of the ignored empty value bug
231 description: The password for RabbitMQ
236 description: The username for RabbitMQ
241 Rabbit client subscriber parameter to specify
242 an SSL connection to the RabbitMQ host.
246 description: Set rabbit subscriber port, change this if using SSL
248 SnmpdReadonlyUserName:
249 default: ro_snmp_user
250 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
252 SnmpdReadonlyUserPassword:
253 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
256 EnablePackageInstall:
258 description: Set to true to enable package installation via Puppet
262 description: Mapping of service_name -> network name. Typically set
263 via parameter_defaults in the resource registry.
267 description: Mapping of service endpoint -> protocol. Typically set
268 via parameter_defaults in the resource registry.
272 description: The timezone to be set on compute nodes.
278 Setting to a previously unused value during stack-update will trigger
279 package update on all nodes
282 default: '' # Defaults to Heat created hostname
283 NetworkDeploymentActions:
284 type: comma_delimited_list
286 Heat action when to apply network configuration changes
288 SoftwareConfigTransport:
289 default: POLL_SERVER_CFN
291 How the server should receive the metadata required for software configuration.
294 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
299 The DNS domain used for the hosts. This should match the dhcp_domain
300 configured in the Undercloud neutron. Defaults to localdomain.
304 Extra properties or metadata passed to Nova for the created nodes in
305 the overcloud. It's accessible via the Nova metadata API.
309 description: Optional scheduler hints to pass to nova
315 type: OS::Nova::Server
320 get_param: ImageUpdatePolicy
321 flavor: {get_param: Flavor}
322 key_name: {get_param: KeyName}
325 user_data_format: SOFTWARE_CONFIG
326 user_data: {get_resource: UserData}
327 name: {get_param: Hostname}
328 software_config_transport: {get_param: SoftwareConfigTransport}
329 metadata: {get_param: ServerMetadata}
330 scheduler_hints: {get_param: SchedulerHints}
332 # Combine the NodeAdminUserData and NodeUserData mime archives
334 type: OS::Heat::MultipartMime
337 - config: {get_resource: NodeAdminUserData}
339 - config: {get_resource: NodeUserData}
342 # Creates the "heat-admin" user if configured via the environment
343 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
345 type: OS::TripleO::NodeAdminUserData
347 # For optional operator additional userdata
348 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
350 type: OS::TripleO::NodeUserData
353 type: OS::TripleO::Compute::Ports::ExternalPort
355 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
358 type: OS::TripleO::Compute::Ports::InternalApiPort
360 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
363 type: OS::TripleO::Compute::Ports::StoragePort
365 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
368 type: OS::TripleO::Compute::Ports::StorageMgmtPort
370 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
373 type: OS::TripleO::Compute::Ports::TenantPort
375 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
378 type: OS::TripleO::Compute::Ports::ManagementPort
380 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
383 type: OS::TripleO::Network::Ports::NetIpMap
385 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
386 ExternalIp: {get_attr: [ExternalPort, ip_address]}
387 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
388 StorageIp: {get_attr: [StoragePort, ip_address]}
389 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
390 TenantIp: {get_attr: [TenantPort, ip_address]}
391 ManagementIp: {get_attr: [ManagementPort, ip_address]}
394 type: OS::TripleO::Compute::Net::SoftwareConfig
396 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
397 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
398 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
399 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
400 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
401 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
402 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
405 type: OS::TripleO::SoftwareDeployment
407 config: {get_resource: NetworkConfig}
408 server: {get_resource: NovaCompute}
409 actions: {get_param: NetworkDeploymentActions}
411 bridge_name: {get_param: NeutronPhysicalBridge}
412 interface_name: {get_param: NeutronPublicInterface}
415 type: OS::Heat::StructuredConfig
417 group: os-apply-config
422 - heat_config_%{::deploy_config_name}
423 - compute_extraconfig
426 - ceph_cluster # provided by CephClusterConfig
428 - all_nodes # provided by allNodesConfig
431 - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre
432 - nova_nuage_data # Optionally provided by ComputeExtraConfigPre
433 - midonet_data # Optionally provided by AllNodesExtraConfig
436 mapped_data: {get_param: NovaComputeExtraConfig}
438 mapped_data: {get_param: ExtraConfig}
440 raw_data: {get_file: hieradata/common.yaml}
442 raw_data: {get_file: hieradata/ceph.yaml}
444 raw_data: {get_file: hieradata/compute.yaml}
446 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
447 nova::debug: {get_input: debug}
448 nova::rabbit_userid: {get_input: rabbit_username}
449 nova::rabbit_password: {get_input: rabbit_password}
450 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
451 nova::rabbit_port: {get_input: rabbit_client_port}
452 nova_compute_driver: {get_input: nova_compute_driver}
453 nova::compute::libvirt::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
454 nova::compute::neutron::libvirt_vif_driver: {get_input: nova_compute_libvirt_vif_driver}
455 nova_api_host: {get_input: nova_api_host}
456 nova::compute::vncproxy_host: {get_input: nova_public_ip}
457 nova::compute::rbd::ephemeral_storage: {get_input: nova_enable_rbd_backend}
458 rbd_persistent_storage: {get_input: cinder_enable_rbd_backend}
459 nova_password: {get_input: nova_password}
460 nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address}
461 nova::network::neutron::neutron_ovs_bridge: {get_input: nova_ovs_bridge}
462 nova::network::neutron::security_group_api: {get_input: nova_security_group_api}
463 ceilometer::debug: {get_input: debug}
464 ceilometer::rabbit_userid: {get_input: rabbit_username}
465 ceilometer::rabbit_password: {get_input: rabbit_password}
466 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
467 ceilometer::rabbit_port: {get_input: rabbit_client_port}
468 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
469 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
470 ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url}
471 ceilometer_compute_agent: {get_input: ceilometer_compute_agent}
472 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
473 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
474 nova::glance_api_servers: {get_input: glance_api_servers}
475 neutron::debug: {get_input: debug}
476 neutron::rabbit_password: {get_input: rabbit_password}
477 neutron::rabbit_user: {get_input: rabbit_username}
478 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
479 neutron::rabbit_port: {get_input: rabbit_client_port}
480 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
481 neutron_host: {get_input: neutron_host}
482 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
484 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
485 neutron::agents::ml2::ovs:tunnel_types: {get_input: neutron_tunnel_types}
486 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
487 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
488 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
489 neutron::agents::ml2::ovs::bridge_mappings: {get_input: neutron_bridge_mappings}
490 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
491 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
492 neutron_physical_bridge: {get_input: neutron_physical_bridge}
493 neutron_public_interface: {get_input: neutron_public_interface}
494 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
495 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
496 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
497 neutron_router_distributed: {get_input: neutron_router_distributed}
498 neutron_agent_mode: {get_input: neutron_agent_mode}
499 neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
500 neutron::core_plugin: {get_input: neutron_core_plugin}
501 neutron::service_plugins: {get_input: neutron_service_plugins}
502 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
503 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
504 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
505 keystone_public_api_virtual_ip: {get_input: keystone_vip}
506 admin_password: {get_input: admin_password}
507 ntp::servers: {get_input: ntp_servers}
508 timezone::timezone: {get_input: timezone}
509 tripleo::packages::enable_install: {get_input: enable_package_install}
510 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
512 NovaComputeDeployment:
513 type: OS::TripleO::SoftwareDeployment
514 depends_on: NetworkDeployment
516 config: {get_resource: NovaComputeConfig}
517 server: {get_resource: NovaCompute}
519 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
520 debug: {get_param: Debug}
521 nova_compute_driver: {get_param: NovaComputeDriver}
522 nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
523 nova_compute_libvirt_vif_driver: {get_param: NovaComputeLibvirtVifDriver}
524 nova_public_ip: {get_param: NovaPublicIP}
525 nova_api_host: {get_param: NovaApiHost}
526 nova_password: {get_param: NovaPassword}
527 nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend}
528 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
529 nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]}
530 nova_ovs_bridge: {get_param: NovaOVSBridge}
531 nova_security_group_api: {get_param: NovaSecurityGroupAPI}
532 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
533 ceilometer_password: {get_param: CeilometerPassword}
534 ceilometer_compute_agent: {get_param: CeilometerComputeAgent}
535 ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri]}
536 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
537 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
538 glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
539 neutron_flat_networks:
543 NETWORKS: {get_param: NeutronFlatNetworks}
544 neutron_host: {get_param: NeutronHost}
545 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
546 neutron_tunnel_id_ranges:
550 RANGES: {get_param: NeutronTunnelIdRanges}
555 RANGES: {get_param: NeutronVniRanges}
556 neutron_tenant_network_types:
560 TYPES: {get_param: NeutronNetworkType}
561 neutron_tunnel_types:
565 TYPES: {get_param: NeutronTunnelTypes}
566 neutron_network_vlan_ranges:
570 RANGES: {get_param: NeutronNetworkVLANRanges}
571 neutron_bridge_mappings:
575 MAPPINGS: {get_param: NeutronBridgeMappings}
576 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
577 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
578 neutron_physical_bridge: {get_param: NeutronPhysicalBridge}
579 neutron_public_interface: {get_param: NeutronPublicInterface}
580 neutron_password: {get_param: NeutronPassword}
581 neutron_agent_mode: {get_param: NeutronAgentMode}
582 neutron_router_distributed: {get_param: NeutronDVR}
583 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
584 neutron_core_plugin: {get_param: NeutronCorePlugin}
585 neutron_service_plugins:
589 PLUGINS: {get_param: NeutronServicePlugins}
590 neutron_type_drivers:
594 DRIVERS: {get_param: NeutronTypeDrivers}
595 neutron_mechanism_drivers:
599 MECHANISMS: {get_param: NeutronMechanismDrivers}
600 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
601 neutron_internal_url: {get_param: [EndpointMap, NeutronInternal, uri]}
602 neutron_admin_auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri]}
603 keystone_vip: {get_param: KeystonePublicApiVirtualIP}
604 admin_password: {get_param: AdminPassword}
605 rabbit_username: {get_param: RabbitUserName}
606 rabbit_password: {get_param: RabbitPassword}
607 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
608 rabbit_client_port: {get_param: RabbitClientPort}
609 ntp_servers: {get_param: NtpServer}
610 timezone: {get_param: TimeZone}
611 enable_package_install: {get_param: EnablePackageInstall}
612 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
614 # Resource for site-specific injection of root certificate
616 depends_on: NovaComputeDeployment
617 type: OS::TripleO::NodeTLSCAData
619 server: {get_resource: NovaCompute}
621 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
622 ComputeExtraConfigPre:
623 depends_on: NovaComputeDeployment
624 type: OS::TripleO::ComputeExtraConfigPre
626 server: {get_resource: NovaCompute}
628 # Hook for site-specific additional pre-deployment config,
629 # applying to all nodes, e.g node registration/unregistration
631 depends_on: [ComputeExtraConfigPre, NodeTLSCAData]
632 type: OS::TripleO::NodeExtraConfig
634 server: {get_resource: NovaCompute}
637 type: OS::TripleO::Tasks::PackageUpdate
640 type: OS::Heat::SoftwareDeployment
642 config: {get_resource: UpdateConfig}
643 server: {get_resource: NovaCompute}
646 get_param: UpdateIdentifier
650 description: IP address of the server in the ctlplane network
651 value: {get_attr: [NovaCompute, networks, ctlplane, 0]}
653 description: IP address of the server in the external network
654 value: {get_attr: [ExternalPort, ip_address]}
655 internal_api_ip_address:
656 description: IP address of the server in the internal_api network
657 value: {get_attr: [InternalApiPort, ip_address]}
659 description: IP address of the server in the storage network
660 value: {get_attr: [StoragePort, ip_address]}
661 storage_mgmt_ip_address:
662 description: IP address of the server in the storage_mgmt network
663 value: {get_attr: [StorageMgmtPort, ip_address]}
665 description: IP address of the server in the tenant network
666 value: {get_attr: [TenantPort, ip_address]}
667 management_ip_address:
668 description: IP address of the server in the management network
669 value: {get_attr: [ManagementPort, ip_address]}
671 description: Hostname of the server
672 value: {get_attr: [NovaCompute, name]}
675 Server's IP address and hostname in the /etc/hosts format
678 template: "IP HOST.DOMAIN HOST"
680 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]}
681 DOMAIN: {get_param: CloudDomain}
682 HOST: {get_attr: [NovaCompute, name]}
683 nova_server_resource:
684 description: Heat resource handle for the Nova compute server
686 {get_resource: NovaCompute}
688 description: identifier which changes if the node configuration may need re-applying
692 - - {get_attr: [NovaComputeDeployment, deploy_stdout]}
693 - {get_attr: [NodeTLSCAData, deploy_stdout]}
694 - {get_attr: [ComputeExtraConfigPre, deploy_stdout]}
695 - {get_param: UpdateIdentifier}