1 heat_template_version: 2015-10-15
4 OpenStack hypervisor node configured via Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
11 CeilometerComputeAgent:
12 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
16 - allowed_values: ['', Present]
17 CeilometerMeteringSecret:
18 description: Secret shared by the ceilometer services.
22 description: The password for the ceilometer service account.
25 CinderEnableNfsBackend:
27 description: Whether to enable or not the NFS backend for Cinder
29 CinderEnableRbdBackend:
31 description: Whether to enable or not the Rbd backend for Cinder
35 description: Set to True to enable debugging on all services.
40 Additional hiera configuration to inject into the cluster. Note
41 that NovaComputeExtraConfig takes precedence over ExtraConfig.
43 OvercloudComputeFlavor:
44 description: Flavor for the nova compute node
48 - custom_constraint: nova.flavor
51 default: '' # Has to be here because of the ignored empty value bug
54 default: overcloud-full
56 - custom_constraint: glance.image
58 default: 'REBUILD_PRESERVE_EPHEMERAL'
59 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
62 description: Name of an existing Nova key pair to enable SSH access to the instances
66 - custom_constraint: nova.keypair
67 KeystoneAdminApiVirtualIP:
70 KeystonePublicApiVirtualIP:
74 description: The password for the neutron service account, used by neutron agents.
77 NeutronPhysicalBridge:
79 description: An OVS bridge to create for accessing external networks.
81 NeutronPublicInterface:
83 description: A port to add to the NeutronPhysicalBridge.
90 default: '' # Has to be here because of the ignored empty value bug
93 default: libvirt.LibvirtDriver
94 NovaComputeExtraConfig:
97 NovaCompute specific configuration to inject into the cluster. Same
98 structure as ExtraConfig.
103 NovaComputeLibvirtType:
106 NovaComputeLibvirtVifDriver:
108 description: Libvirt VIF driver configuration for the network
110 NovaEnableRbdBackend:
112 description: Whether to enable or not the Rbd backend for Nova
116 description: Enable IPv6 features in Nova
119 description: The password for the nova service account, used by nova-api.
124 default: '' # Has to be here because of the ignored empty value bug
127 description: Name of integration bridge used by Open vSwitch
129 NovaSecurityGroupAPI:
131 description: The full class name of the security API class
135 default: '' # Has to be here because of the ignored empty value bug
137 description: The password for RabbitMQ
142 description: The username for RabbitMQ
147 Rabbit client subscriber parameter to specify
148 an SSL connection to the RabbitMQ host.
152 description: Set rabbit subscriber port, change this if using SSL
154 UpgradeLevelNovaCompute:
156 description: Nova Compute upgrade level
158 EnablePackageInstall:
160 description: Set to true to enable package installation via Puppet
164 description: Mapping of service_name -> network name. Typically set
165 via parameter_defaults in the resource registry.
169 description: Mapping of service endpoint -> protocol. Typically set
170 via parameter_defaults in the resource registry.
176 Setting to a previously unused value during stack-update will trigger
177 package update on all nodes
180 default: '' # Defaults to Heat created hostname
184 description: Optional mapping to override hostnames
185 NetworkDeploymentActions:
186 type: comma_delimited_list
188 Heat action when to apply network configuration changes
190 SoftwareConfigTransport:
191 default: POLL_SERVER_CFN
193 How the server should receive the metadata required for software configuration.
196 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
201 The DNS domain used for the hosts. This should match the dhcp_domain
202 configured in the Undercloud neutron. Defaults to localdomain.
206 Extra properties or metadata passed to Nova for the created nodes in
207 the overcloud. It's accessible via the Nova metadata API.
209 NovaComputeSchedulerHints:
211 description: Optional scheduler hints to pass to nova
213 ServiceConfigSettings:
217 type: comma_delimited_list
221 description: Command which will be run whenever configuration data changes
222 default: os-refresh-config --timeout 14400
227 type: OS::TripleO::Server
230 command: {get_param: ConfigCommand}
232 image: {get_param: NovaImage}
234 get_param: ImageUpdatePolicy
235 flavor: {get_param: OvercloudComputeFlavor}
236 key_name: {get_param: KeyName}
239 user_data_format: SOFTWARE_CONFIG
240 user_data: {get_resource: UserData}
243 template: {get_param: Hostname}
244 params: {get_param: HostnameMap}
245 software_config_transport: {get_param: SoftwareConfigTransport}
246 metadata: {get_param: ServerMetadata}
247 scheduler_hints: {get_param: NovaComputeSchedulerHints}
249 # Combine the NodeAdminUserData and NodeUserData mime archives
251 type: OS::Heat::MultipartMime
254 - config: {get_resource: NodeAdminUserData}
256 - config: {get_resource: NodeUserData}
259 # Creates the "heat-admin" user if configured via the environment
260 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
262 type: OS::TripleO::NodeAdminUserData
264 # For optional operator additional userdata
265 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
267 type: OS::TripleO::NodeUserData
270 type: OS::TripleO::Compute::Ports::ExternalPort
272 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
273 IPPool: {get_param: NovaComputeIPs}
274 NodeIndex: {get_param: NodeIndex}
277 type: OS::TripleO::Compute::Ports::InternalApiPort
279 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
280 IPPool: {get_param: NovaComputeIPs}
281 NodeIndex: {get_param: NodeIndex}
284 type: OS::TripleO::Compute::Ports::StoragePort
286 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
287 IPPool: {get_param: NovaComputeIPs}
288 NodeIndex: {get_param: NodeIndex}
291 type: OS::TripleO::Compute::Ports::StorageMgmtPort
293 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
294 IPPool: {get_param: NovaComputeIPs}
295 NodeIndex: {get_param: NodeIndex}
298 type: OS::TripleO::Compute::Ports::TenantPort
300 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
301 IPPool: {get_param: NovaComputeIPs}
302 NodeIndex: {get_param: NodeIndex}
305 type: OS::TripleO::Compute::Ports::ManagementPort
307 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
308 IPPool: {get_param: NovaComputeIPs}
309 NodeIndex: {get_param: NodeIndex}
312 type: OS::TripleO::Network::Ports::NetIpMap
314 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
315 ExternalIp: {get_attr: [ExternalPort, ip_address]}
316 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
317 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
318 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
319 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
320 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
321 StorageIp: {get_attr: [StoragePort, ip_address]}
322 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
323 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
324 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
325 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
326 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
327 TenantIp: {get_attr: [TenantPort, ip_address]}
328 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
329 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
330 ManagementIp: {get_attr: [ManagementPort, ip_address]}
331 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
332 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
335 type: OS::TripleO::Compute::Net::SoftwareConfig
337 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
338 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
339 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
340 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
341 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
342 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
343 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
346 type: OS::TripleO::SoftwareDeployment
348 name: NetworkDeployment
349 config: {get_resource: NetworkConfig}
350 server: {get_resource: NovaCompute}
351 actions: {get_param: NetworkDeploymentActions}
353 bridge_name: {get_param: NeutronPhysicalBridge}
354 interface_name: {get_param: NeutronPublicInterface}
357 type: OS::Heat::StructuredConfig
359 group: os-apply-config
364 - heat_config_%{::deploy_config_name}
365 - compute_extraconfig
370 - ceph_cluster # provided by CephClusterConfig
372 - all_nodes # provided by allNodesConfig
375 - neutron_bigswitch_data # Optionally provided by ComputeExtraConfigPre
376 - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre
377 - nova_nuage_data # Optionally provided by ComputeExtraConfigPre
378 - midonet_data # Optionally provided by AllNodesExtraConfig
379 - neutron_opencontrail_data # Optionally provided by ComputeExtraConfigPre
380 merge_behavior: deeper
384 service_names: {get_param: ServiceNames}
386 mapped_data: {get_param: ServiceConfigSettings}
388 mapped_data: {get_param: NovaComputeExtraConfig}
390 mapped_data: {get_param: ExtraConfig}
393 net_ip_map: {get_attr: [NetIpMap, net_ip_map]}
394 net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]}
395 net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]}
397 raw_data: {get_file: hieradata/ceph.yaml}
399 raw_data: {get_file: hieradata/compute.yaml}
401 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
402 nova::use_ipv6: {get_input: nova_ipv6}
403 nova::debug: {get_input: debug}
404 nova::rabbit_userid: {get_input: rabbit_username}
405 nova::rabbit_password: {get_input: rabbit_password}
406 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
407 nova::rabbit_port: {get_input: rabbit_client_port}
408 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
409 nova_compute_driver: {get_input: nova_compute_driver}
410 # TODO(emilien): move libvirt & migration parameters in libvirt profile
411 # used to deploy libvirt/kvm dependencies:
412 nova::compute::libvirt::services::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
413 # used to configured nova.conf:
414 nova::compute::libvirt::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
415 nova::compute::neutron::libvirt_vif_driver: {get_input: nova_compute_libvirt_vif_driver}
416 nova_api_host: {get_input: nova_api_host}
417 nova::compute::vncproxy_host: {get_input: nova_public_ip}
418 nova::compute::rbd::ephemeral_storage: {get_input: nova_enable_rbd_backend}
419 # TUNNELLED mode provides a security enhancement when using shared storage but is not
420 # supported when not using shared storage.
421 # See https://bugzilla.redhat.com/show_bug.cgi?id=1301986#c12
422 # In future versions of QEMU (2.6, mostly), Dan's native encryption
423 # work will obsolete the need to use TUNNELLED transport mode.
424 nova::migration::live_migration_tunnelled: {get_input: nova_enable_rbd_backend}
425 rbd_persistent_storage: {get_input: cinder_enable_rbd_backend}
426 nova_password: {get_input: nova_password}
427 nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address}
428 nova::vncproxy::common::vncproxy_protocol: {get_input: nova_vncproxy_protocol}
429 nova::vncproxy::common::vncproxy_host: {get_input: nova_vncproxy_host}
430 nova::vncproxy::common::vncproxy_port: {get_input: nova_vncproxy_port}
431 nova::network::neutron::neutron_ovs_bridge: {get_input: nova_ovs_bridge}
432 nova::network::neutron::security_group_api: {get_input: nova_security_group_api}
433 ceilometer::debug: {get_input: debug}
434 ceilometer::rabbit_userid: {get_input: rabbit_username}
435 ceilometer::rabbit_password: {get_input: rabbit_password}
436 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
437 ceilometer::rabbit_port: {get_input: rabbit_client_port}
438 ceilometer::telemetry_secret: {get_input: ceilometer_metering_secret}
439 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
440 ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url}
441 nova::glance_api_servers: {get_input: glance_api_servers}
442 neutron::debug: {get_input: debug}
443 neutron::rabbit_password: {get_input: rabbit_password}
444 neutron::rabbit_user: {get_input: rabbit_username}
445 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
446 neutron::rabbit_port: {get_input: rabbit_client_port}
447 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
449 nova::network::neutron::neutron_password: {get_input: neutron_password}
450 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
451 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
452 keystone_public_api_virtual_ip: {get_input: keystone_vip}
453 admin_password: {get_input: admin_password}
454 tripleo::packages::enable_install: {get_input: enable_package_install}
455 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
457 NovaComputeDeployment:
458 type: OS::TripleO::SoftwareDeployment
459 depends_on: NetworkDeployment
461 name: NovaComputeDeployment
462 config: {get_resource: NovaComputeConfig}
463 server: {get_resource: NovaCompute}
465 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
466 debug: {get_param: Debug}
467 nova_compute_driver: {get_param: NovaComputeDriver}
468 nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
469 nova_compute_libvirt_vif_driver: {get_param: NovaComputeLibvirtVifDriver}
470 nova_public_ip: {get_param: NovaPublicIP}
471 nova_api_host: {get_param: NovaApiHost}
472 nova_password: {get_param: NovaPassword}
473 nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend}
474 nova_ipv6: {get_param: NovaIPv6}
475 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
476 nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]}
477 nova_vncproxy_protocol: {get_param: [EndpointMap, NovaVNCProxyPublic, protocol]}
478 # Remove brackets that may come if the IP address is IPv6.
479 # For DNS names and IPv4, this will just get the NovaVNCProxyPublic value
482 template: {get_param: [EndpointMap, NovaVNCProxyPublic, host]}
486 nova_vncproxy_port: {get_param: [EndpointMap, NovaVNCProxyPublic, port]}
487 nova_ovs_bridge: {get_param: NovaOVSBridge}
488 nova_security_group_api: {get_param: NovaSecurityGroupAPI}
489 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
490 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
491 ceilometer_password: {get_param: CeilometerPassword}
492 ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
493 glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
494 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
495 neutron_password: {get_param: NeutronPassword}
496 neutron_internal_url: {get_param: [EndpointMap, NeutronInternal, uri]}
497 neutron_auth_url: {get_param: [EndpointMap, KeystoneV3Admin, uri]}
498 keystone_vip: {get_param: KeystonePublicApiVirtualIP}
499 admin_password: {get_param: AdminPassword}
500 rabbit_username: {get_param: RabbitUserName}
501 rabbit_password: {get_param: RabbitPassword}
502 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
503 rabbit_client_port: {get_param: RabbitClientPort}
504 enable_package_install: {get_param: EnablePackageInstall}
505 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
507 # Resource for site-specific injection of root certificate
509 depends_on: NovaComputeDeployment
510 type: OS::TripleO::NodeTLSCAData
512 server: {get_resource: NovaCompute}
514 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
515 ComputeExtraConfigPre:
516 depends_on: NovaComputeDeployment
517 type: OS::TripleO::ComputeExtraConfigPre
519 server: {get_resource: NovaCompute}
521 # Hook for site-specific additional pre-deployment config,
522 # applying to all nodes, e.g node registration/unregistration
524 depends_on: [ComputeExtraConfigPre, NodeTLSCAData]
525 type: OS::TripleO::NodeExtraConfig
527 server: {get_resource: NovaCompute}
530 type: OS::TripleO::Tasks::PackageUpdate
533 type: OS::Heat::SoftwareDeployment
535 name: UpdateDeployment
536 config: {get_resource: UpdateConfig}
537 server: {get_resource: NovaCompute}
540 get_param: UpdateIdentifier
544 description: IP address of the server in the ctlplane network
545 value: {get_attr: [NovaCompute, networks, ctlplane, 0]}
547 description: IP address of the server in the external network
548 value: {get_attr: [ExternalPort, ip_address]}
549 internal_api_ip_address:
550 description: IP address of the server in the internal_api network
551 value: {get_attr: [InternalApiPort, ip_address]}
553 description: IP address of the server in the storage network
554 value: {get_attr: [StoragePort, ip_address]}
555 storage_mgmt_ip_address:
556 description: IP address of the server in the storage_mgmt network
557 value: {get_attr: [StorageMgmtPort, ip_address]}
559 description: IP address of the server in the tenant network
560 value: {get_attr: [TenantPort, ip_address]}
561 management_ip_address:
562 description: IP address of the server in the management network
563 value: {get_attr: [ManagementPort, ip_address]}
565 description: Hostname of the server
566 value: {get_attr: [NovaCompute, name]}
569 Server's IP address and hostname in the /etc/hosts format
573 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
574 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
575 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
576 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
577 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
578 TENANTIP TENANTHOST.DOMAIN TENANTHOST
579 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
581 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]}
582 DOMAIN: {get_param: CloudDomain}
583 PRIMARYHOST: {get_attr: [NovaCompute, name]}
584 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
588 - - {get_attr: [NovaCompute, name]}
590 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
594 - - {get_attr: [NovaCompute, name]}
596 STORAGEIP: {get_attr: [StoragePort, ip_address]}
600 - - {get_attr: [NovaCompute, name]}
602 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
606 - - {get_attr: [NovaCompute, name]}
608 TENANTIP: {get_attr: [TenantPort, ip_address]}
612 - - {get_attr: [NovaCompute, name]}
614 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
618 - - {get_attr: [NovaCompute, name]}
620 nova_server_resource:
621 description: Heat resource handle for the Nova compute server
623 {get_resource: NovaCompute}