1 heat_template_version: 2015-10-15
4 OpenStack hypervisor node configured via Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
11 CeilometerComputeAgent:
12 description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
16 - allowed_values: ['', Present]
17 CeilometerMeteringSecret:
18 description: Secret shared by the ceilometer services.
22 description: The password for the ceilometer service account.
25 CinderEnableNfsBackend:
27 description: Whether to enable or not the NFS backend for Cinder
29 CinderEnableRbdBackend:
31 description: Whether to enable or not the Rbd backend for Cinder
35 description: Set to True to enable debugging on all services.
40 Additional hiera configuration to inject into the cluster. Note
41 that NovaComputeExtraConfig takes precedence over ExtraConfig.
44 description: Flavor for the nova compute node
47 - custom_constraint: nova.flavor
50 default: '' # Has to be here because of the ignored empty value bug
53 default: overcloud-full
55 - custom_constraint: glance.image
57 default: 'REBUILD_PRESERVE_EPHEMERAL'
58 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
61 description: Name of an existing Nova key pair to enable SSH access to the instances
65 - custom_constraint: nova.keypair
66 KeystoneAdminApiVirtualIP:
69 KeystonePublicApiVirtualIP:
73 description: The password for the neutron service account, used by neutron agents.
76 NeutronPhysicalBridge:
78 description: An OVS bridge to create for accessing external networks.
80 NeutronPublicInterface:
82 description: A port to add to the NeutronPhysicalBridge.
89 default: '' # Has to be here because of the ignored empty value bug
92 default: libvirt.LibvirtDriver
93 NovaComputeExtraConfig:
96 NovaCompute specific configuration to inject into the cluster. Same
97 structure as ExtraConfig.
102 NovaComputeLibvirtType:
105 NovaComputeLibvirtVifDriver:
107 description: Libvirt VIF driver configuration for the network
109 NovaEnableRbdBackend:
111 description: Whether to enable or not the Rbd backend for Nova
115 description: Enable IPv6 features in Nova
118 description: The password for the nova service account, used by nova-api.
123 default: '' # Has to be here because of the ignored empty value bug
126 description: Name of integration bridge used by Open vSwitch
128 NovaSecurityGroupAPI:
130 description: The full class name of the security API class
134 default: '' # Has to be here because of the ignored empty value bug
136 description: The password for RabbitMQ
141 description: The username for RabbitMQ
146 Rabbit client subscriber parameter to specify
147 an SSL connection to the RabbitMQ host.
151 description: Set rabbit subscriber port, change this if using SSL
153 UpgradeLevelNovaCompute:
155 description: Nova Compute upgrade level
157 EnablePackageInstall:
159 description: Set to true to enable package installation via Puppet
163 description: Mapping of service_name -> network name. Typically set
164 via parameter_defaults in the resource registry.
168 description: Mapping of service endpoint -> protocol. Typically set
169 via parameter_defaults in the resource registry.
175 Setting to a previously unused value during stack-update will trigger
176 package update on all nodes
179 default: '' # Defaults to Heat created hostname
183 description: Optional mapping to override hostnames
184 NetworkDeploymentActions:
185 type: comma_delimited_list
187 Heat action when to apply network configuration changes
189 SoftwareConfigTransport:
190 default: POLL_SERVER_CFN
192 How the server should receive the metadata required for software configuration.
195 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
200 The DNS domain used for the hosts. This should match the dhcp_domain
201 configured in the Undercloud neutron. Defaults to localdomain.
205 Extra properties or metadata passed to Nova for the created nodes in
206 the overcloud. It's accessible via the Nova metadata API.
208 NovaComputeSchedulerHints:
210 description: Optional scheduler hints to pass to nova
212 ServiceConfigSettings:
216 type: comma_delimited_list
220 description: Command which will be run whenever configuration data changes
221 default: os-refresh-config --timeout 14400
226 type: OS::TripleO::Server
229 command: {get_param: ConfigCommand}
231 image: {get_param: NovaImage}
233 get_param: ImageUpdatePolicy
234 flavor: {get_param: Flavor}
235 key_name: {get_param: KeyName}
238 user_data_format: SOFTWARE_CONFIG
239 user_data: {get_resource: UserData}
242 template: {get_param: Hostname}
243 params: {get_param: HostnameMap}
244 software_config_transport: {get_param: SoftwareConfigTransport}
245 metadata: {get_param: ServerMetadata}
246 scheduler_hints: {get_param: NovaComputeSchedulerHints}
248 # Combine the NodeAdminUserData and NodeUserData mime archives
250 type: OS::Heat::MultipartMime
253 - config: {get_resource: NodeAdminUserData}
255 - config: {get_resource: NodeUserData}
258 # Creates the "heat-admin" user if configured via the environment
259 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
261 type: OS::TripleO::NodeAdminUserData
263 # For optional operator additional userdata
264 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
266 type: OS::TripleO::NodeUserData
269 type: OS::TripleO::Compute::Ports::ExternalPort
271 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
272 IPPool: {get_param: NovaComputeIPs}
273 NodeIndex: {get_param: NodeIndex}
276 type: OS::TripleO::Compute::Ports::InternalApiPort
278 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
279 IPPool: {get_param: NovaComputeIPs}
280 NodeIndex: {get_param: NodeIndex}
283 type: OS::TripleO::Compute::Ports::StoragePort
285 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
286 IPPool: {get_param: NovaComputeIPs}
287 NodeIndex: {get_param: NodeIndex}
290 type: OS::TripleO::Compute::Ports::StorageMgmtPort
292 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
293 IPPool: {get_param: NovaComputeIPs}
294 NodeIndex: {get_param: NodeIndex}
297 type: OS::TripleO::Compute::Ports::TenantPort
299 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
300 IPPool: {get_param: NovaComputeIPs}
301 NodeIndex: {get_param: NodeIndex}
304 type: OS::TripleO::Compute::Ports::ManagementPort
306 ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
307 IPPool: {get_param: NovaComputeIPs}
308 NodeIndex: {get_param: NodeIndex}
311 type: OS::TripleO::Network::Ports::NetIpMap
313 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
314 ExternalIp: {get_attr: [ExternalPort, ip_address]}
315 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
316 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
317 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
318 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
319 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
320 StorageIp: {get_attr: [StoragePort, ip_address]}
321 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
322 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
323 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
324 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
325 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
326 TenantIp: {get_attr: [TenantPort, ip_address]}
327 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
328 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
329 ManagementIp: {get_attr: [ManagementPort, ip_address]}
330 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
331 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
334 type: OS::TripleO::Compute::Net::SoftwareConfig
336 ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
337 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
338 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
339 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
340 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
341 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
342 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
345 type: OS::TripleO::SoftwareDeployment
347 name: NetworkDeployment
348 config: {get_resource: NetworkConfig}
349 server: {get_resource: NovaCompute}
350 actions: {get_param: NetworkDeploymentActions}
352 bridge_name: {get_param: NeutronPhysicalBridge}
353 interface_name: {get_param: NeutronPublicInterface}
356 type: OS::Heat::StructuredConfig
358 group: os-apply-config
363 - heat_config_%{::deploy_config_name}
364 - compute_extraconfig
369 - ceph_cluster # provided by CephClusterConfig
371 - all_nodes # provided by allNodesConfig
374 - neutron_bigswitch_data # Optionally provided by ComputeExtraConfigPre
375 - cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre
376 - nova_nuage_data # Optionally provided by ComputeExtraConfigPre
377 - midonet_data # Optionally provided by AllNodesExtraConfig
378 - neutron_opencontrail_data # Optionally provided by ComputeExtraConfigPre
379 merge_behavior: deeper
383 service_names: {get_param: ServiceNames}
385 mapped_data: {get_param: ServiceConfigSettings}
387 mapped_data: {get_param: NovaComputeExtraConfig}
389 mapped_data: {get_param: ExtraConfig}
392 net_ip_map: {get_attr: [NetIpMap, net_ip_map]}
393 net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]}
394 net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]}
396 raw_data: {get_file: hieradata/ceph.yaml}
398 raw_data: {get_file: hieradata/compute.yaml}
400 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
401 nova::use_ipv6: {get_input: nova_ipv6}
402 nova::debug: {get_input: debug}
403 nova::rabbit_userid: {get_input: rabbit_username}
404 nova::rabbit_password: {get_input: rabbit_password}
405 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
406 nova::rabbit_port: {get_input: rabbit_client_port}
407 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
408 nova_compute_driver: {get_input: nova_compute_driver}
409 # TODO(emilien): move libvirt & migration parameters in libvirt profile
410 # used to deploy libvirt/kvm dependencies:
411 nova::compute::libvirt::services::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
412 # used to configured nova.conf:
413 nova::compute::libvirt::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
414 nova::compute::neutron::libvirt_vif_driver: {get_input: nova_compute_libvirt_vif_driver}
415 nova_api_host: {get_input: nova_api_host}
416 nova::compute::vncproxy_host: {get_input: nova_public_ip}
417 nova::compute::rbd::ephemeral_storage: {get_input: nova_enable_rbd_backend}
418 # TUNNELLED mode provides a security enhancement when using shared storage but is not
419 # supported when not using shared storage.
420 # See https://bugzilla.redhat.com/show_bug.cgi?id=1301986#c12
421 # In future versions of QEMU (2.6, mostly), Dan's native encryption
422 # work will obsolete the need to use TUNNELLED transport mode.
423 nova::migration::live_migration_tunnelled: {get_input: nova_enable_rbd_backend}
424 rbd_persistent_storage: {get_input: cinder_enable_rbd_backend}
425 nova_password: {get_input: nova_password}
426 nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address}
427 nova::vncproxy::common::vncproxy_protocol: {get_input: nova_vncproxy_protocol}
428 nova::vncproxy::common::vncproxy_host: {get_input: nova_vncproxy_host}
429 nova::vncproxy::common::vncproxy_port: {get_input: nova_vncproxy_port}
430 nova::network::neutron::neutron_ovs_bridge: {get_input: nova_ovs_bridge}
431 nova::network::neutron::security_group_api: {get_input: nova_security_group_api}
432 ceilometer::debug: {get_input: debug}
433 ceilometer::rabbit_userid: {get_input: rabbit_username}
434 ceilometer::rabbit_password: {get_input: rabbit_password}
435 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
436 ceilometer::rabbit_port: {get_input: rabbit_client_port}
437 ceilometer::telemetry_secret: {get_input: ceilometer_metering_secret}
438 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
439 ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url}
440 nova::glance_api_servers: {get_input: glance_api_servers}
441 neutron::debug: {get_input: debug}
442 neutron::rabbit_password: {get_input: rabbit_password}
443 neutron::rabbit_user: {get_input: rabbit_username}
444 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
445 neutron::rabbit_port: {get_input: rabbit_client_port}
446 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
448 nova::network::neutron::neutron_password: {get_input: neutron_password}
449 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
450 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
451 keystone_public_api_virtual_ip: {get_input: keystone_vip}
452 admin_password: {get_input: admin_password}
453 tripleo::packages::enable_install: {get_input: enable_package_install}
454 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
456 NovaComputeDeployment:
457 type: OS::TripleO::SoftwareDeployment
458 depends_on: NetworkDeployment
460 name: NovaComputeDeployment
461 config: {get_resource: NovaComputeConfig}
462 server: {get_resource: NovaCompute}
464 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
465 debug: {get_param: Debug}
466 nova_compute_driver: {get_param: NovaComputeDriver}
467 nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
468 nova_compute_libvirt_vif_driver: {get_param: NovaComputeLibvirtVifDriver}
469 nova_public_ip: {get_param: NovaPublicIP}
470 nova_api_host: {get_param: NovaApiHost}
471 nova_password: {get_param: NovaPassword}
472 nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend}
473 nova_ipv6: {get_param: NovaIPv6}
474 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
475 nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]}
476 nova_vncproxy_protocol: {get_param: [EndpointMap, NovaVNCProxyPublic, protocol]}
477 # Remove brackets that may come if the IP address is IPv6.
478 # For DNS names and IPv4, this will just get the NovaVNCProxyPublic value
481 template: {get_param: [EndpointMap, NovaVNCProxyPublic, host]}
485 nova_vncproxy_port: {get_param: [EndpointMap, NovaVNCProxyPublic, port]}
486 nova_ovs_bridge: {get_param: NovaOVSBridge}
487 nova_security_group_api: {get_param: NovaSecurityGroupAPI}
488 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
489 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
490 ceilometer_password: {get_param: CeilometerPassword}
491 ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
492 glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
493 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
494 neutron_password: {get_param: NeutronPassword}
495 neutron_internal_url: {get_param: [EndpointMap, NeutronInternal, uri]}
496 neutron_auth_url: {get_param: [EndpointMap, KeystoneV3Admin, uri]}
497 keystone_vip: {get_param: KeystonePublicApiVirtualIP}
498 admin_password: {get_param: AdminPassword}
499 rabbit_username: {get_param: RabbitUserName}
500 rabbit_password: {get_param: RabbitPassword}
501 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
502 rabbit_client_port: {get_param: RabbitClientPort}
503 enable_package_install: {get_param: EnablePackageInstall}
504 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
506 # Resource for site-specific injection of root certificate
508 depends_on: NovaComputeDeployment
509 type: OS::TripleO::NodeTLSCAData
511 server: {get_resource: NovaCompute}
513 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
514 ComputeExtraConfigPre:
515 depends_on: NovaComputeDeployment
516 type: OS::TripleO::ComputeExtraConfigPre
518 server: {get_resource: NovaCompute}
520 # Hook for site-specific additional pre-deployment config,
521 # applying to all nodes, e.g node registration/unregistration
523 depends_on: [ComputeExtraConfigPre, NodeTLSCAData]
524 type: OS::TripleO::NodeExtraConfig
526 server: {get_resource: NovaCompute}
529 type: OS::TripleO::Tasks::PackageUpdate
532 type: OS::Heat::SoftwareDeployment
534 name: UpdateDeployment
535 config: {get_resource: UpdateConfig}
536 server: {get_resource: NovaCompute}
539 get_param: UpdateIdentifier
543 description: IP address of the server in the ctlplane network
544 value: {get_attr: [NovaCompute, networks, ctlplane, 0]}
546 description: IP address of the server in the external network
547 value: {get_attr: [ExternalPort, ip_address]}
548 internal_api_ip_address:
549 description: IP address of the server in the internal_api network
550 value: {get_attr: [InternalApiPort, ip_address]}
552 description: IP address of the server in the storage network
553 value: {get_attr: [StoragePort, ip_address]}
554 storage_mgmt_ip_address:
555 description: IP address of the server in the storage_mgmt network
556 value: {get_attr: [StorageMgmtPort, ip_address]}
558 description: IP address of the server in the tenant network
559 value: {get_attr: [TenantPort, ip_address]}
560 management_ip_address:
561 description: IP address of the server in the management network
562 value: {get_attr: [ManagementPort, ip_address]}
564 description: Hostname of the server
565 value: {get_attr: [NovaCompute, name]}
568 Server's IP address and hostname in the /etc/hosts format
572 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
573 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
574 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
575 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
576 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
577 TENANTIP TENANTHOST.DOMAIN TENANTHOST
578 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
580 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ComputeHostnameResolveNetwork]}]}
581 DOMAIN: {get_param: CloudDomain}
582 PRIMARYHOST: {get_attr: [NovaCompute, name]}
583 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
587 - - {get_attr: [NovaCompute, name]}
589 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
593 - - {get_attr: [NovaCompute, name]}
595 STORAGEIP: {get_attr: [StoragePort, ip_address]}
599 - - {get_attr: [NovaCompute, name]}
601 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
605 - - {get_attr: [NovaCompute, name]}
607 TENANTIP: {get_attr: [TenantPort, ip_address]}
611 - - {get_attr: [NovaCompute, name]}
613 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
617 - - {get_attr: [NovaCompute, name]}
619 nova_server_resource:
620 description: Heat resource handle for the Nova compute server
622 {get_resource: NovaCompute}