1 heat_template_version: 2015-10-15
4 OpenStack hypervisor node configured via Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
11 CeilometerComputeAgent:
12 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
16 - allowed_values: ['', Present]
17 CeilometerMeteringSecret:
18 description: Secret shared by the ceilometer services.
22 description: The password for the ceilometer service account.
25 CinderEnableNfsBackend:
27 description: Whether to enable or not the NFS backend for Cinder
29 CinderEnableRbdBackend:
31 description: Whether to enable or not the Rbd backend for Cinder
35 description: Set to True to enable debugging on all services.
40 Additional hiera configuration to inject into the cluster. Note
41 that NovaComputeExtraConfig takes precedence over ExtraConfig.
44 description: Flavor for the nova compute node
47 - custom_constraint: nova.flavor
50 default: '' # Has to be here because of the ignored empty value bug
53 default: overcloud-compute
55 - custom_constraint: glance.image
57 default: 'REBUILD_PRESERVE_EPHEMERAL'
58 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
61 description: Name of an existing Nova key pair to enable SSH access to the instances
65 - custom_constraint: nova.keypair
66 KeystoneAdminApiVirtualIP:
69 KeystonePublicApiVirtualIP:
72 NeutronBridgeMappings:
74 The OVS logical->physical bridge mappings to use. See the Neutron
75 documentation for details. Defaults to mapping br-ex - the external
76 bridge on hosts - to a physical name 'datacentre' which can be used
77 to create provider networks (and we use this for the default floating
78 network) - if changing this either use different post-install network
79 scripts or be sure to keep 'datacentre' as a mapping network name.
80 type: comma_delimited_list
81 default: "datacentre:br-ex"
82 NeutronEnableTunnelling:
88 Enable/disable the L2 population feature in the Neutron agents.
91 type: comma_delimited_list
94 If set, flat networks to configure in neutron plugins.
97 default: '' # Has to be here because of the ignored empty value bug
99 type: comma_delimited_list
100 description: The tenant network type for Neutron.
102 NeutronNetworkVLANRanges:
103 default: 'datacentre:1:1000'
105 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
106 Neutron documentation for permitted values. Defaults to permitting any
107 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
108 type: comma_delimited_list
110 description: The password for the neutron service account, used by neutron agents.
113 NeutronPhysicalBridge:
115 description: An OVS bridge to create for accessing external networks.
117 NeutronPublicInterface:
119 description: A port to add to the NeutronPhysicalBridge.
123 The default MTU for tenant networks. For VXLAN/GRE tunneling, this should
124 be at least 50 bytes smaller than the MTU on the physical network. This
125 value will be used to set the MTU on the virtual Ethernet device.
126 This number is related to the value of NeutronDnsmasqOptions, since that
127 will determine the MTU that is assigned to the VM host through DHCP.
131 type: comma_delimited_list
133 The tunnel types for the Neutron tenant network.
135 NeutronTunnelIdRanges:
137 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
138 of GRE tunnel IDs that are available for tenant network allocation
139 default: ["1:4094", ]
140 type: comma_delimited_list
143 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
144 of VXLAN VNI IDs that are available for tenant network allocation
145 default: ["1:4094", ]
146 type: comma_delimited_list
147 NeutronPublicInterfaceRawDevice:
153 NeutronMetadataProxySharedSecret:
154 description: Shared secret to prevent spoofing
160 The core plugin for Neutron. The value should be the entrypoint to be loaded
161 from neutron.core_plugins namespace.
163 NeutronServicePlugins:
164 default: "router,qos"
166 Comma-separated list of service plugin entrypoints to be loaded from the
167 neutron.service_plugins namespace.
168 type: comma_delimited_list
170 default: "vxlan,vlan,flat,gre"
172 Comma-separated list of network type driver entrypoints to be loaded.
173 type: comma_delimited_list
174 NeutronMechanismDrivers:
175 default: 'openvswitch'
177 The mechanism drivers for the Neutron tenant network.
178 type: comma_delimited_list
179 NeutronAgentExtensions:
182 Comma-separated list of extensions enabled for the Neutron agents.
183 type: comma_delimited_list
184 # Not relevant for Computes, should be removed
185 NeutronAllowL3AgentFailover:
187 description: Allow automatic l3-agent failover
189 # Not relevant for Computes, should be removed
192 description: Whether to enable l3-agent HA
196 description: Agent mode for the neutron-l3-agent on the controller hosts
200 default: '' # Has to be here because of the ignored empty value bug
203 default: libvirt.LibvirtDriver
204 NovaComputeExtraConfig:
207 NovaCompute specific configuration to inject into the cluster. Same
208 structure as ExtraConfig.
210 NovaComputeLibvirtType:
213 NovaComputeLibvirtVifDriver:
215 description: Libvirt VIF driver configuration for the network
217 NovaEnableRbdBackend:
219 description: Whether to enable or not the Rbd backend for Nova
222 description: The password for the nova service account, used by nova-api.
227 default: '' # Has to be here because of the ignored empty value bug
230 description: Name of integration bridge used by Open vSwitch
232 NovaSecurityGroupAPI:
234 description: The full class name of the security API class
238 description: Comma-separated list of ntp servers
239 type: comma_delimited_list
242 default: '' # Has to be here because of the ignored empty value bug
245 description: The password for RabbitMQ
250 description: The username for RabbitMQ
255 Rabbit client subscriber parameter to specify
256 an SSL connection to the RabbitMQ host.
260 description: Set rabbit subscriber port, change this if using SSL
262 SnmpdReadonlyUserName:
263 default: ro_snmp_user
264 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
266 SnmpdReadonlyUserPassword:
267 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
270 EnablePackageInstall:
272 description: Set to true to enable package installation via Puppet
276 description: Mapping of service_name -> network name. Typically set
277 via parameter_defaults in the resource registry.
281 description: Mapping of service endpoint -> protocol. Typically set
282 via parameter_defaults in the resource registry.
286 description: The timezone to be set on compute nodes.
292 Setting to a previously unused value during stack-update will trigger
293 package update on all nodes
296 default: '' # Defaults to Heat created hostname
297 NetworkDeploymentActions:
298 type: comma_delimited_list
300 Heat action when to apply network configuration changes
302 SoftwareConfigTransport:
303 default: POLL_SERVER_CFN
305 How the server should receive the metadata required for software configuration.
308 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
313 The DNS domain used for the hosts. This should match the dhcp_domain
314 configured in the Undercloud neutron. Defaults to localdomain.
318 Extra properties or metadata passed to Nova for the created nodes in
319 the overcloud. It's accessible via the Nova metadata API.
323 description: Optional scheduler hints to pass to nova
329 type: OS::Nova::Server
334 get_param: ImageUpdatePolicy
335 flavor: {get_param: Flavor}
336 key_name: {get_param: KeyName}
339 user_data_format: SOFTWARE_CONFIG
340 user_data: {get_resource: UserData}
341 name: {get_param: Hostname}
342 software_config_transport: {get_param: SoftwareConfigTransport}
343 metadata: {get_param: ServerMetadata}
344 scheduler_hints: {get_param: SchedulerHints}
346 # Combine the NodeAdminUserData and NodeUserData mime archives
348 type: OS::Heat::MultipartMime
351 - config: {get_resource: NodeAdminUserData}
353 - config: {get_resource: NodeUserData}
356 # Creates the "heat-admin" user if configured via the environment
357 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
359 type: OS::TripleO::NodeAdminUserData
361 # For optional operator additional userdata
362 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
364 type: OS::TripleO::NodeUserData
367 type: OS::TripleO::Compute::Ports::ExternalPort
369 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
372 type: OS::TripleO::Compute::Ports::InternalApiPort
374 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
377 type: OS::TripleO::Compute::Ports::StoragePort
379 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
382 type: OS::TripleO::Compute::Ports::StorageMgmtPort
384 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
387 type: OS::TripleO::Compute::Ports::TenantPort
389 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
392 type: OS::TripleO::Compute::Ports::ManagementPort
394 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
397 type: OS::TripleO::Network::Ports::NetIpMap
399 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
400 ExternalIp: {get_attr: [ExternalPort, ip_address]}
401 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
402 StorageIp: {get_attr: [StoragePort, ip_address]}
403 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
404 TenantIp: {get_attr: [TenantPort, ip_address]}
405 ManagementIp: {get_attr: [ManagementPort, ip_address]}
408 type: OS::TripleO::Compute::Net::SoftwareConfig
410 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
411 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
412 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
413 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
414 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
415 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
416 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
419 type: OS::TripleO::SoftwareDeployment
421 name: NetworkDeployment
422 config: {get_resource: NetworkConfig}
423 server: {get_resource: NovaCompute}
424 actions: {get_param: NetworkDeploymentActions}
426 bridge_name: {get_param: NeutronPhysicalBridge}
427 interface_name: {get_param: NeutronPublicInterface}
430 type: OS::Heat::StructuredConfig
432 group: os-apply-config
437 - heat_config_%{::deploy_config_name}
438 - compute_extraconfig
441 - ceph_cluster # provided by CephClusterConfig
443 - all_nodes # provided by allNodesConfig
446 - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre
447 - nova_nuage_data # Optionally provided by ComputeExtraConfigPre
448 - midonet_data # Optionally provided by AllNodesExtraConfig
451 mapped_data: {get_param: NovaComputeExtraConfig}
453 mapped_data: {get_param: ExtraConfig}
455 raw_data: {get_file: hieradata/common.yaml}
457 raw_data: {get_file: hieradata/ceph.yaml}
459 raw_data: {get_file: hieradata/compute.yaml}
461 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
462 nova::debug: {get_input: debug}
463 nova::rabbit_userid: {get_input: rabbit_username}
464 nova::rabbit_password: {get_input: rabbit_password}
465 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
466 nova::rabbit_port: {get_input: rabbit_client_port}
467 nova_compute_driver: {get_input: nova_compute_driver}
468 nova::compute::libvirt::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
469 nova::compute::neutron::libvirt_vif_driver: {get_input: nova_compute_libvirt_vif_driver}
470 nova_api_host: {get_input: nova_api_host}
471 nova::compute::vncproxy_host: {get_input: nova_public_ip}
472 nova::compute::rbd::ephemeral_storage: {get_input: nova_enable_rbd_backend}
473 rbd_persistent_storage: {get_input: cinder_enable_rbd_backend}
474 nova_password: {get_input: nova_password}
475 nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu}
476 nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address}
477 nova::network::neutron::neutron_ovs_bridge: {get_input: nova_ovs_bridge}
478 nova::network::neutron::security_group_api: {get_input: nova_security_group_api}
479 ceilometer::debug: {get_input: debug}
480 ceilometer::rabbit_userid: {get_input: rabbit_username}
481 ceilometer::rabbit_password: {get_input: rabbit_password}
482 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
483 ceilometer::rabbit_port: {get_input: rabbit_client_port}
484 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
485 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
486 ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url}
487 ceilometer_compute_agent: {get_input: ceilometer_compute_agent}
488 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
489 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
490 nova::glance_api_servers: {get_input: glance_api_servers}
491 neutron::debug: {get_input: debug}
492 neutron::rabbit_password: {get_input: rabbit_password}
493 neutron::rabbit_user: {get_input: rabbit_username}
494 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
495 neutron::rabbit_port: {get_input: rabbit_client_port}
496 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
497 neutron_host: {get_input: neutron_host}
498 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
500 neutron::network_device_mtu: {get_input: neutron_tenant_mtu}
501 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
502 neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types}
503 neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions}
504 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
505 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
506 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
507 neutron::agents::ml2::ovs::bridge_mappings: {get_input: neutron_bridge_mappings}
508 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
509 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
510 neutron_physical_bridge: {get_input: neutron_physical_bridge}
511 neutron_public_interface: {get_input: neutron_public_interface}
512 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
513 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
514 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
515 neutron_router_distributed: {get_input: neutron_router_distributed}
516 neutron_agent_mode: {get_input: neutron_agent_mode}
517 neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
518 neutron::core_plugin: {get_input: neutron_core_plugin}
519 neutron::service_plugins: {get_input: neutron_service_plugins}
520 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
521 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
522 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
523 keystone_public_api_virtual_ip: {get_input: keystone_vip}
524 admin_password: {get_input: admin_password}
525 ntp::servers: {get_input: ntp_servers}
526 timezone::timezone: {get_input: timezone}
527 tripleo::packages::enable_install: {get_input: enable_package_install}
528 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
530 NovaComputeDeployment:
531 type: OS::TripleO::SoftwareDeployment
532 depends_on: NetworkDeployment
534 name: NovaComputeDeployment
535 config: {get_resource: NovaComputeConfig}
536 server: {get_resource: NovaCompute}
538 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
539 debug: {get_param: Debug}
540 nova_compute_driver: {get_param: NovaComputeDriver}
541 nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
542 nova_compute_libvirt_vif_driver: {get_param: NovaComputeLibvirtVifDriver}
543 nova_public_ip: {get_param: NovaPublicIP}
544 nova_api_host: {get_param: NovaApiHost}
545 nova_password: {get_param: NovaPassword}
546 nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend}
547 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
548 nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]}
549 nova_ovs_bridge: {get_param: NovaOVSBridge}
550 nova_security_group_api: {get_param: NovaSecurityGroupAPI}
551 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
552 ceilometer_password: {get_param: CeilometerPassword}
553 ceilometer_compute_agent: {get_param: CeilometerComputeAgent}
554 ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri]}
555 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
556 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
557 glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
558 neutron_flat_networks:
562 NETWORKS: {get_param: NeutronFlatNetworks}
563 neutron_host: {get_param: NeutronHost}
564 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
565 neutron_tunnel_id_ranges:
569 RANGES: {get_param: NeutronTunnelIdRanges}
574 RANGES: {get_param: NeutronVniRanges}
575 neutron_tenant_network_types:
579 TYPES: {get_param: NeutronNetworkType}
580 neutron_tunnel_types:
584 TYPES: {get_param: NeutronTunnelTypes}
585 neutron_network_vlan_ranges:
589 RANGES: {get_param: NeutronNetworkVLANRanges}
590 neutron_bridge_mappings:
594 MAPPINGS: {get_param: NeutronBridgeMappings}
595 neutron_tenant_mtu: {get_param: NeutronTenantMtu}
596 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
597 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
598 neutron_physical_bridge: {get_param: NeutronPhysicalBridge}
599 neutron_public_interface: {get_param: NeutronPublicInterface}
600 neutron_password: {get_param: NeutronPassword}
601 neutron_agent_mode: {get_param: NeutronAgentMode}
602 neutron_router_distributed: {get_param: NeutronDVR}
603 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
604 neutron_core_plugin: {get_param: NeutronCorePlugin}
605 neutron_service_plugins:
609 PLUGINS: {get_param: NeutronServicePlugins}
610 neutron_type_drivers:
614 DRIVERS: {get_param: NeutronTypeDrivers}
615 neutron_mechanism_drivers:
619 MECHANISMS: {get_param: NeutronMechanismDrivers}
620 neutron_agent_extensions:
622 template: AGENT_EXTENSIONS
624 AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
625 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
626 neutron_internal_url: {get_param: [EndpointMap, NeutronInternal, uri]}
627 neutron_admin_auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri]}
628 keystone_vip: {get_param: KeystonePublicApiVirtualIP}
629 admin_password: {get_param: AdminPassword}
630 rabbit_username: {get_param: RabbitUserName}
631 rabbit_password: {get_param: RabbitPassword}
632 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
633 rabbit_client_port: {get_param: RabbitClientPort}
634 ntp_servers: {get_param: NtpServer}
635 timezone: {get_param: TimeZone}
636 enable_package_install: {get_param: EnablePackageInstall}
637 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
639 # Resource for site-specific injection of root certificate
641 depends_on: NovaComputeDeployment
642 type: OS::TripleO::NodeTLSCAData
644 server: {get_resource: NovaCompute}
646 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
647 ComputeExtraConfigPre:
648 depends_on: NovaComputeDeployment
649 type: OS::TripleO::ComputeExtraConfigPre
651 server: {get_resource: NovaCompute}
653 # Hook for site-specific additional pre-deployment config,
654 # applying to all nodes, e.g node registration/unregistration
656 depends_on: [ComputeExtraConfigPre, NodeTLSCAData]
657 type: OS::TripleO::NodeExtraConfig
659 server: {get_resource: NovaCompute}
662 type: OS::TripleO::Tasks::PackageUpdate
665 type: OS::Heat::SoftwareDeployment
667 name: UpdateDeployment
668 config: {get_resource: UpdateConfig}
669 server: {get_resource: NovaCompute}
672 get_param: UpdateIdentifier
676 description: IP address of the server in the ctlplane network
677 value: {get_attr: [NovaCompute, networks, ctlplane, 0]}
679 description: IP address of the server in the external network
680 value: {get_attr: [ExternalPort, ip_address]}
681 internal_api_ip_address:
682 description: IP address of the server in the internal_api network
683 value: {get_attr: [InternalApiPort, ip_address]}
685 description: IP address of the server in the storage network
686 value: {get_attr: [StoragePort, ip_address]}
687 storage_mgmt_ip_address:
688 description: IP address of the server in the storage_mgmt network
689 value: {get_attr: [StorageMgmtPort, ip_address]}
691 description: IP address of the server in the tenant network
692 value: {get_attr: [TenantPort, ip_address]}
693 management_ip_address:
694 description: IP address of the server in the management network
695 value: {get_attr: [ManagementPort, ip_address]}
697 description: Hostname of the server
698 value: {get_attr: [NovaCompute, name]}
701 Server's IP address and hostname in the /etc/hosts format
704 template: "IP HOST.DOMAIN HOST"
706 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]}
707 DOMAIN: {get_param: CloudDomain}
708 HOST: {get_attr: [NovaCompute, name]}
709 nova_server_resource:
710 description: Heat resource handle for the Nova compute server
712 {get_resource: NovaCompute}
714 description: identifier which changes if the node configuration may need re-applying
718 - - {get_attr: [NovaComputeDeployment, deploy_stdout]}
719 - {get_attr: [NodeTLSCAData, deploy_stdout]}
720 - {get_attr: [ComputeExtraConfigPre, deploy_stdout]}
721 - {get_param: UpdateIdentifier}
Code Review / apex-tripleo-heat-templates.git / blob