1 heat_template_version: 2015-10-15
4 OpenStack hypervisor node configured via Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
11 CeilometerComputeAgent:
12 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
16 - allowed_values: ['', Present]
17 CeilometerMeteringSecret:
18 description: Secret shared by the ceilometer services.
22 description: The password for the ceilometer service account.
25 CinderEnableNfsBackend:
27 description: Whether to enable or not the NFS backend for Cinder
29 CinderEnableRbdBackend:
31 description: Whether to enable or not the Rbd backend for Cinder
35 description: Set to True to enable debugging on all services.
40 Additional hiera configuration to inject into the cluster. Note
41 that NovaComputeExtraConfig takes precedence over ExtraConfig.
44 description: Flavor for the nova compute node
47 - custom_constraint: nova.flavor
50 default: '' # Has to be here because of the ignored empty value bug
53 default: overcloud-compute
55 - custom_constraint: glance.image
57 default: 'REBUILD_PRESERVE_EPHEMERAL'
58 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
61 description: Name of an existing Nova key pair to enable SSH access to the instances
65 - custom_constraint: nova.keypair
66 KeystoneAdminApiVirtualIP:
69 KeystonePublicApiVirtualIP:
72 NeutronBridgeMappings:
74 The OVS logical->physical bridge mappings to use. See the Neutron
75 documentation for details. Defaults to mapping br-ex - the external
76 bridge on hosts - to a physical name 'datacentre' which can be used
77 to create provider networks (and we use this for the default floating
78 network) - if changing this either use different post-install network
79 scripts or be sure to keep 'datacentre' as a mapping network name.
80 type: comma_delimited_list
81 default: "datacentre:br-ex"
82 NeutronEnableTunnelling:
88 Enable/disable the L2 population feature in the Neutron agents.
91 type: comma_delimited_list
94 If set, flat networks to configure in neutron plugins.
97 default: '' # Has to be here because of the ignored empty value bug
99 type: comma_delimited_list
100 description: The tenant network type for Neutron.
102 NeutronNetworkVLANRanges:
103 default: 'datacentre:1:1000'
105 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
106 Neutron documentation for permitted values. Defaults to permitting any
107 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
108 type: comma_delimited_list
110 description: The password for the neutron service account, used by neutron agents.
113 NeutronPhysicalBridge:
115 description: An OVS bridge to create for accessing external networks.
117 NeutronPublicInterface:
119 description: A port to add to the NeutronPhysicalBridge.
123 The default MTU for tenant networks. For VXLAN/GRE tunneling, this should
124 be at least 50 bytes smaller than the MTU on the physical network. This
125 value will be used to set the MTU on the virtual Ethernet device.
126 This number is related to the value of NeutronDnsmasqOptions, since that
127 will determine the MTU that is assigned to the VM host through DHCP.
131 type: comma_delimited_list
133 The tunnel types for the Neutron tenant network.
135 NeutronTunnelIdRanges:
137 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
138 of GRE tunnel IDs that are available for tenant network allocation
139 default: ["1:4094", ]
140 type: comma_delimited_list
143 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
144 of VXLAN VNI IDs that are available for tenant network allocation
145 default: ["1:4094", ]
146 type: comma_delimited_list
147 NeutronPublicInterfaceRawDevice:
153 NeutronMetadataProxySharedSecret:
154 description: Shared secret to prevent spoofing
160 The core plugin for Neutron. The value should be the entrypoint to be loaded
161 from neutron.core_plugins namespace.
163 NeutronServicePlugins:
164 default: "router,qos"
166 Comma-separated list of service plugin entrypoints to be loaded from the
167 neutron.service_plugins namespace.
168 type: comma_delimited_list
170 default: "vxlan,vlan,flat,gre"
172 Comma-separated list of network type driver entrypoints to be loaded.
173 type: comma_delimited_list
174 NeutronMechanismDrivers:
175 default: 'openvswitch'
177 The mechanism drivers for the Neutron tenant network.
178 type: comma_delimited_list
179 NeutronAgentExtensions:
182 Comma-separated list of extensions enabled for the Neutron agents.
183 type: comma_delimited_list
184 # Not relevant for Computes, should be removed
185 NeutronAllowL3AgentFailover:
187 description: Allow automatic l3-agent failover
189 # Not relevant for Computes, should be removed
192 description: Whether to enable l3-agent HA
196 description: Agent mode for the neutron-l3-agent on the controller hosts
200 default: '' # Has to be here because of the ignored empty value bug
203 default: libvirt.LibvirtDriver
204 NovaComputeExtraConfig:
207 NovaCompute specific configuration to inject into the cluster. Same
208 structure as ExtraConfig.
210 NovaComputeLibvirtType:
213 NovaComputeLibvirtVifDriver:
215 description: Libvirt VIF driver configuration for the network
217 NovaEnableRbdBackend:
219 description: Whether to enable or not the Rbd backend for Nova
222 description: The password for the nova service account, used by nova-api.
227 default: '' # Has to be here because of the ignored empty value bug
230 description: Name of integration bridge used by Open vSwitch
232 NovaSecurityGroupAPI:
234 description: The full class name of the security API class
238 description: Comma-separated list of ntp servers
239 type: comma_delimited_list
242 default: '' # Has to be here because of the ignored empty value bug
245 description: The password for RabbitMQ
250 description: The username for RabbitMQ
255 Rabbit client subscriber parameter to specify
256 an SSL connection to the RabbitMQ host.
260 description: Set rabbit subscriber port, change this if using SSL
262 SnmpdReadonlyUserName:
263 default: ro_snmp_user
264 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
266 SnmpdReadonlyUserPassword:
267 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
270 EnablePackageInstall:
272 description: Set to true to enable package installation via Puppet
276 description: Mapping of service_name -> network name. Typically set
277 via parameter_defaults in the resource registry.
281 description: Mapping of service endpoint -> protocol. Typically set
282 via parameter_defaults in the resource registry.
286 description: The timezone to be set on compute nodes.
292 Setting to a previously unused value during stack-update will trigger
293 package update on all nodes
296 default: '' # Defaults to Heat created hostname
297 NetworkDeploymentActions:
298 type: comma_delimited_list
300 Heat action when to apply network configuration changes
302 SoftwareConfigTransport:
303 default: POLL_SERVER_CFN
305 How the server should receive the metadata required for software configuration.
308 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
313 The DNS domain used for the hosts. This should match the dhcp_domain
314 configured in the Undercloud neutron. Defaults to localdomain.
318 Extra properties or metadata passed to Nova for the created nodes in
319 the overcloud. It's accessible via the Nova metadata API.
323 description: Optional scheduler hints to pass to nova
329 type: OS::Nova::Server
334 get_param: ImageUpdatePolicy
335 flavor: {get_param: Flavor}
336 key_name: {get_param: KeyName}
339 user_data_format: SOFTWARE_CONFIG
340 user_data: {get_resource: UserData}
341 name: {get_param: Hostname}
342 software_config_transport: {get_param: SoftwareConfigTransport}
343 metadata: {get_param: ServerMetadata}
344 scheduler_hints: {get_param: SchedulerHints}
346 # Combine the NodeAdminUserData and NodeUserData mime archives
348 type: OS::Heat::MultipartMime
351 - config: {get_resource: NodeAdminUserData}
353 - config: {get_resource: NodeUserData}
356 # Creates the "heat-admin" user if configured via the environment
357 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
359 type: OS::TripleO::NodeAdminUserData
361 # For optional operator additional userdata
362 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
364 type: OS::TripleO::NodeUserData
367 type: OS::TripleO::Compute::Ports::ExternalPort
369 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
372 type: OS::TripleO::Compute::Ports::InternalApiPort
374 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
377 type: OS::TripleO::Compute::Ports::StoragePort
379 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
382 type: OS::TripleO::Compute::Ports::StorageMgmtPort
384 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
387 type: OS::TripleO::Compute::Ports::TenantPort
389 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
392 type: OS::TripleO::Compute::Ports::ManagementPort
394 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
397 type: OS::TripleO::Network::Ports::NetIpMap
399 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
400 ExternalIp: {get_attr: [ExternalPort, ip_address]}
401 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
402 StorageIp: {get_attr: [StoragePort, ip_address]}
403 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
404 TenantIp: {get_attr: [TenantPort, ip_address]}
405 ManagementIp: {get_attr: [ManagementPort, ip_address]}
408 type: OS::TripleO::Compute::Net::SoftwareConfig
410 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
411 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
412 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
413 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
414 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
415 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
416 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
419 type: OS::TripleO::SoftwareDeployment
421 name: NetworkDeployment
422 config: {get_resource: NetworkConfig}
423 server: {get_resource: NovaCompute}
424 actions: {get_param: NetworkDeploymentActions}
426 bridge_name: {get_param: NeutronPhysicalBridge}
427 interface_name: {get_param: NeutronPublicInterface}
430 type: OS::Heat::StructuredConfig
432 group: os-apply-config
437 - heat_config_%{::deploy_config_name}
438 - compute_extraconfig
441 - ceph_cluster # provided by CephClusterConfig
443 - all_nodes # provided by allNodesConfig
446 - neutron_bigswitch_data # Optionally provided by ComputeExtraConfigPre
447 - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre
448 - nova_nuage_data # Optionally provided by ComputeExtraConfigPre
449 - midonet_data # Optionally provided by AllNodesExtraConfig
452 mapped_data: {get_param: NovaComputeExtraConfig}
454 mapped_data: {get_param: ExtraConfig}
456 raw_data: {get_file: hieradata/common.yaml}
458 raw_data: {get_file: hieradata/ceph.yaml}
460 raw_data: {get_file: hieradata/compute.yaml}
462 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
463 nova::debug: {get_input: debug}
464 nova::rabbit_userid: {get_input: rabbit_username}
465 nova::rabbit_password: {get_input: rabbit_password}
466 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
467 nova::rabbit_port: {get_input: rabbit_client_port}
468 nova_compute_driver: {get_input: nova_compute_driver}
469 nova::compute::libvirt::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
470 nova::compute::neutron::libvirt_vif_driver: {get_input: nova_compute_libvirt_vif_driver}
471 nova_api_host: {get_input: nova_api_host}
472 nova::compute::vncproxy_host: {get_input: nova_public_ip}
473 nova::compute::rbd::ephemeral_storage: {get_input: nova_enable_rbd_backend}
474 rbd_persistent_storage: {get_input: cinder_enable_rbd_backend}
475 nova_password: {get_input: nova_password}
476 nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu}
477 nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address}
478 nova::network::neutron::neutron_ovs_bridge: {get_input: nova_ovs_bridge}
479 nova::network::neutron::security_group_api: {get_input: nova_security_group_api}
480 ceilometer::debug: {get_input: debug}
481 ceilometer::rabbit_userid: {get_input: rabbit_username}
482 ceilometer::rabbit_password: {get_input: rabbit_password}
483 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
484 ceilometer::rabbit_port: {get_input: rabbit_client_port}
485 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
486 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
487 ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url}
488 ceilometer_compute_agent: {get_input: ceilometer_compute_agent}
489 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
490 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
491 nova::glance_api_servers: {get_input: glance_api_servers}
492 neutron::debug: {get_input: debug}
493 neutron::rabbit_password: {get_input: rabbit_password}
494 neutron::rabbit_user: {get_input: rabbit_username}
495 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
496 neutron::rabbit_port: {get_input: rabbit_client_port}
497 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
498 neutron_host: {get_input: neutron_host}
499 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
501 neutron::network_device_mtu: {get_input: neutron_tenant_mtu}
502 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
503 neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types}
504 neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions}
505 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
506 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
507 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
508 neutron::agents::ml2::ovs::bridge_mappings: {get_input: neutron_bridge_mappings}
509 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
510 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
511 neutron_physical_bridge: {get_input: neutron_physical_bridge}
512 neutron_public_interface: {get_input: neutron_public_interface}
513 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
514 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
515 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
516 neutron_router_distributed: {get_input: neutron_router_distributed}
517 neutron_agent_mode: {get_input: neutron_agent_mode}
518 neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
519 neutron::core_plugin: {get_input: neutron_core_plugin}
520 neutron::service_plugins: {get_input: neutron_service_plugins}
521 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
522 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
523 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
524 keystone_public_api_virtual_ip: {get_input: keystone_vip}
525 admin_password: {get_input: admin_password}
526 ntp::servers: {get_input: ntp_servers}
527 timezone::timezone: {get_input: timezone}
528 tripleo::packages::enable_install: {get_input: enable_package_install}
529 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
531 NovaComputeDeployment:
532 type: OS::TripleO::SoftwareDeployment
533 depends_on: NetworkDeployment
535 name: NovaComputeDeployment
536 config: {get_resource: NovaComputeConfig}
537 server: {get_resource: NovaCompute}
539 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
540 debug: {get_param: Debug}
541 nova_compute_driver: {get_param: NovaComputeDriver}
542 nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
543 nova_compute_libvirt_vif_driver: {get_param: NovaComputeLibvirtVifDriver}
544 nova_public_ip: {get_param: NovaPublicIP}
545 nova_api_host: {get_param: NovaApiHost}
546 nova_password: {get_param: NovaPassword}
547 nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend}
548 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
549 nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]}
550 nova_ovs_bridge: {get_param: NovaOVSBridge}
551 nova_security_group_api: {get_param: NovaSecurityGroupAPI}
552 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
553 ceilometer_password: {get_param: CeilometerPassword}
554 ceilometer_compute_agent: {get_param: CeilometerComputeAgent}
555 ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri]}
556 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
557 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
558 glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
559 neutron_flat_networks:
563 NETWORKS: {get_param: NeutronFlatNetworks}
564 neutron_host: {get_param: NeutronHost}
565 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
566 neutron_tunnel_id_ranges:
570 RANGES: {get_param: NeutronTunnelIdRanges}
575 RANGES: {get_param: NeutronVniRanges}
576 neutron_tenant_network_types:
580 TYPES: {get_param: NeutronNetworkType}
581 neutron_tunnel_types:
585 TYPES: {get_param: NeutronTunnelTypes}
586 neutron_network_vlan_ranges:
590 RANGES: {get_param: NeutronNetworkVLANRanges}
591 neutron_bridge_mappings:
595 MAPPINGS: {get_param: NeutronBridgeMappings}
596 neutron_tenant_mtu: {get_param: NeutronTenantMtu}
597 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
598 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
599 neutron_physical_bridge: {get_param: NeutronPhysicalBridge}
600 neutron_public_interface: {get_param: NeutronPublicInterface}
601 neutron_password: {get_param: NeutronPassword}
602 neutron_agent_mode: {get_param: NeutronAgentMode}
603 neutron_router_distributed: {get_param: NeutronDVR}
604 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
605 neutron_core_plugin: {get_param: NeutronCorePlugin}
606 neutron_service_plugins:
610 PLUGINS: {get_param: NeutronServicePlugins}
611 neutron_type_drivers:
615 DRIVERS: {get_param: NeutronTypeDrivers}
616 neutron_mechanism_drivers:
620 MECHANISMS: {get_param: NeutronMechanismDrivers}
621 neutron_agent_extensions:
623 template: AGENT_EXTENSIONS
625 AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
626 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
627 neutron_internal_url: {get_param: [EndpointMap, NeutronInternal, uri]}
628 neutron_admin_auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri]}
629 keystone_vip: {get_param: KeystonePublicApiVirtualIP}
630 admin_password: {get_param: AdminPassword}
631 rabbit_username: {get_param: RabbitUserName}
632 rabbit_password: {get_param: RabbitPassword}
633 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
634 rabbit_client_port: {get_param: RabbitClientPort}
635 ntp_servers: {get_param: NtpServer}
636 timezone: {get_param: TimeZone}
637 enable_package_install: {get_param: EnablePackageInstall}
638 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
640 # Resource for site-specific injection of root certificate
642 depends_on: NovaComputeDeployment
643 type: OS::TripleO::NodeTLSCAData
645 server: {get_resource: NovaCompute}
647 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
648 ComputeExtraConfigPre:
649 depends_on: NovaComputeDeployment
650 type: OS::TripleO::ComputeExtraConfigPre
652 server: {get_resource: NovaCompute}
654 # Hook for site-specific additional pre-deployment config,
655 # applying to all nodes, e.g node registration/unregistration
657 depends_on: [ComputeExtraConfigPre, NodeTLSCAData]
658 type: OS::TripleO::NodeExtraConfig
660 server: {get_resource: NovaCompute}
663 type: OS::TripleO::Tasks::PackageUpdate
666 type: OS::Heat::SoftwareDeployment
668 name: UpdateDeployment
669 config: {get_resource: UpdateConfig}
670 server: {get_resource: NovaCompute}
673 get_param: UpdateIdentifier
677 description: IP address of the server in the ctlplane network
678 value: {get_attr: [NovaCompute, networks, ctlplane, 0]}
680 description: IP address of the server in the external network
681 value: {get_attr: [ExternalPort, ip_address]}
682 internal_api_ip_address:
683 description: IP address of the server in the internal_api network
684 value: {get_attr: [InternalApiPort, ip_address]}
686 description: IP address of the server in the storage network
687 value: {get_attr: [StoragePort, ip_address]}
688 storage_mgmt_ip_address:
689 description: IP address of the server in the storage_mgmt network
690 value: {get_attr: [StorageMgmtPort, ip_address]}
692 description: IP address of the server in the tenant network
693 value: {get_attr: [TenantPort, ip_address]}
694 management_ip_address:
695 description: IP address of the server in the management network
696 value: {get_attr: [ManagementPort, ip_address]}
698 description: Hostname of the server
699 value: {get_attr: [NovaCompute, name]}
702 Server's IP address and hostname in the /etc/hosts format
705 template: "IP HOST.DOMAIN HOST"
707 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]}
708 DOMAIN: {get_param: CloudDomain}
709 HOST: {get_attr: [NovaCompute, name]}
710 nova_server_resource:
711 description: Heat resource handle for the Nova compute server
713 {get_resource: NovaCompute}
715 description: identifier which changes if the node configuration may need re-applying
719 - - {get_attr: [NovaComputeDeployment, deploy_stdout]}
720 - {get_attr: [NodeTLSCAData, deploy_stdout]}
721 - {get_attr: [ComputeExtraConfigPre, deploy_stdout]}
722 - {get_param: UpdateIdentifier}