1 heat_template_version: 2015-04-30
4 OpenStack controller node configured by Puppet.
9 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
14 description: The keystone auth secret and db password.
19 description: The ceilometer backend type.
21 CeilometerMeteringSecret:
23 description: Secret shared by the ceilometer services.
28 description: The password for the ceilometer service and db account.
31 CinderEnableIscsiBackend:
33 description: Whether to enable or not the Iscsi backend for Cinder
35 CinderEnableRbdBackend:
37 description: Whether to enable or not the Rbd backend for Cinder
41 description: The iSCSI helper to use with cinder.
43 CinderLVMLoopDeviceSize:
45 description: The size of the loopback file used by the cinder LVM driver.
49 description: The password for the cinder service and db account, used by cinder-api.
54 description: Contains parameters to configure Cinder backends. Typically
55 set via parameter_defaults in the resource registry.
59 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
61 ControllerExtraConfig:
64 Controller specific configuration to inject into the cluster. Same
65 structure as ExtraConfig.
67 ControlVirtualInterface:
69 description: Interface where virtual ip will be assigned.
73 description: Set to True to enable debugging on all services.
77 description: Whether to enable fencing in Pacemaker or not.
81 description: Whether to use Galera instead of regular MariaDB.
85 description: Whether to deploy Ceph Storage (OSD) on the Controller
89 description: Whether to enable Swift Storage on the Controller
94 Additional configuration to inject into the cluster. The JSON should have
95 the following structure:
98 [{"section": "SECTIONNAME",
100 [{"option": "OPTIONNAME",
111 [{"section": "default",
113 [{"option": "compute_manager",
114 "value": "ironic.nova.compute.manager.ClusterComputeManager"
120 [{"option": "driver",
121 "value": "nova.cells.rpc_driver.CellsRPCDriver"
132 Pacemaker fencing configuration. The JSON should have
133 the following structure:
137 "agent": "AGENT_NAME",
138 "host_mac": "HOST_MAC_ADDRESS",
139 "params": {"PARAM_NAME": "PARAM_VALUE"}
147 "agent": "fence_xvm",
148 "host_mac": "52:54:00:aa:bb:cc",
150 "multicast_address": "225.0.0.12",
151 "port": "baremetal_0",
153 "manage_key_file": true,
154 "key_file": "/etc/fence_xvm.key",
155 "key_file_password": "abcdef"
162 description: Flavor for control nodes to request when deploying.
165 - custom_constraint: nova.flavor
166 GlanceNotifierStrategy:
167 description: Strategy to use for Glance notification queue
171 description: The filepath of the file to use for logging messages from Glance.
176 description: The password for the glance service and db account, used by the glance services.
181 description: Glance port.
185 description: Protocol to use when connecting to glance, set to https for SSL.
189 description: The short name of the Glance backend to use. Should be one
190 of swift, rbd, or file
193 - allowed_values: ['swift', 'file', 'rbd']
196 description: The password for the Heat service and db account, used by the Heat services.
199 HeatStackDomainAdminPassword:
200 description: Password for heat_domain_admin user.
204 HeatAuthEncryptionKey:
205 description: Auth encryption key for heat-engine
208 description: Secret key for Django
212 default: overcloud-control
214 - custom_constraint: glance.image
216 default: 'REBUILD_PRESERVE_EPHEMERAL'
217 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
221 description: Name of an existing EC2 KeyPair to enable SSH access to the instances
224 - custom_constraint: nova.keypair
225 KeystoneCACertificate:
227 description: Keystone self-signed certificate authority certificate.
229 KeystoneSigningCertificate:
231 description: Keystone certificate for verifying token validity.
235 description: Keystone key for signing tokens.
238 KeystoneSSLCertificate:
240 description: Keystone certificate for verifying token validity.
242 KeystoneSSLCertificateKey:
244 description: Keystone key for signing tokens.
247 MysqlClusterUniquePart:
248 description: A unique identifier of the MySQL cluster the controller is in.
250 default: 'unset' # Has to be here because of the ignored empty value bug
251 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
253 # - length: {min: 4, max: 10}
254 MysqlInnodbBufferPoolSize:
256 Specifies the size of the buffer pool in megabytes. Setting to
257 zero should be interpreted as "no value" and will defer to the
264 default: '' # Has to be here because of the ignored empty value bug
265 NeutronExternalNetworkBridge:
266 description: Name of bridge used for external network traffic.
269 NeutronBridgeMappings:
271 The OVS logical->physical bridge mappings to use. See the Neutron
272 documentation for details. Defaults to mapping br-ex - the external
273 bridge on hosts - to a physical name 'datacentre' which can be used
274 to create provider networks (and we use this for the default floating
275 network) - if changing this either use different post-install network
276 scripts or be sure to keep 'datacentre' as a mapping network name.
278 default: "datacentre:br-ex"
279 NeutronDnsmasqOptions:
280 default: 'dhcp-option-force=26,1400'
281 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
285 description: Agent mode for the neutron-l3-agent on the controller hosts
289 description: Whether to enable l3-agent HA
293 description: Whether to configure Neutron Distributed Virtual Routers
295 NeutronMetadataProxySharedSecret:
297 description: Shared secret to prevent spoofing
299 NeutronMechanismDrivers:
300 default: 'openvswitch'
302 The mechanism drivers for the Neutron tenant network. To specify multiple
303 values, use a comma separated string, like so: 'openvswitch,l2_population'
305 NeutronAllowL3AgentFailover:
307 description: Allow automatic l3-agent failover
309 NeutronEnableTunnelling:
314 default: 'datacentre'
315 description: If set, flat networks to configure in neutron plugins.
318 description: Whether to enable l3-agent HA
322 description: The tenant network type for Neutron, either gre or vxlan.
324 NeutronNetworkVLANRanges:
325 default: 'datacentre'
327 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
328 Neutron documentation for permitted values. Defaults to permitting any
329 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
330 type: comma_delimited_list
333 description: The password for the neutron service and db account, used by neutron agents.
336 NeutronPublicInterface:
338 description: What interface to bridge onto br-ex for network nodes.
340 NeutronPublicInterfaceTag:
343 VLAN tag for creating a public VLAN. The tag will be used to
344 create an access port on the exterior bridge for each control plane node,
345 and that port will be given the IP address returned by neutron from the
346 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
347 overcloud.yaml to include the deployment of VLAN ports to the control
350 NeutronPublicInterfaceDefaultRoute:
352 description: A custom default route for the NeutronPublicInterface.
354 NeutronPublicInterfaceIP:
356 description: A custom IP address to put onto the NeutronPublicInterface.
358 NeutronPublicInterfaceRawDevice:
360 description: If set, the public interface is a vlan with this device as the raw device.
365 The tunnel types for the Neutron tenant network. To specify multiple
366 values, use a comma separated string, like so: 'gre,vxlan'
370 description: The password for the nova service and db account, used by nova-api.
378 description: The password for the 'pcsd' user.
379 PublicVirtualInterface:
382 Specifies the interface where the public-facing virtual ip will be assigned.
383 This should be int_public when a VLAN is being used.
385 PublicVirtualIP: # DEPRECATED: use per service settings instead
387 default: '' # Has to be here because of the ignored empty value bug
390 default: '' # Has to be here because of the ignored empty value bug
394 description: The password for RabbitMQ
399 description: The username for RabbitMQ
404 Rabbit client subscriber parameter to specify
405 an SSL connection to the RabbitMQ host.
409 description: Set rabbit subscriber port, change this if using SSL
413 default: '' # Has to be here because of the ignored empty value bug
414 SnmpdReadonlyUserName:
415 default: ro_snmp_user
416 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
418 SnmpdReadonlyUserPassword:
420 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
425 description: If set, the contents of an SSL certificate authority file.
429 description: If set, the contents of an SSL certificate .crt file for encrypting SSL endpoints.
434 description: If set, the contents of an SSL certificate .key file for encrypting SSL endpoints.
439 description: A random string to be used as a salt when hashing to determine mappings
445 description: Value of mount_check in Swift account/container/object -server.conf
450 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
453 description: Partition Power to use when building Swift rings
457 description: The password for the swift service account, used by the swift proxy
464 description: How many replicas to use in the swift rings.
465 VirtualIP: # DEPRECATED: use per service settings instead
467 default: '' # Has to be here because of the ignored empty value bug
477 KeystonePublicApiVirtualIP:
483 EnablePackageInstall:
485 description: Set to true to enable package installation via Puppet
489 description: Mapping of service_name -> network name. Typically set
490 via parameter_defaults in the resource registry.
496 Setting to a previously unused value during stack-update will trigger
497 package update on all nodes
500 default: '' # Defaults to Heat created hostname
505 type: OS::Nova::Server
507 image: {get_param: Image}
508 image_update_policy: {get_param: ImageUpdatePolicy}
509 flavor: {get_param: Flavor}
510 key_name: {get_param: KeyName}
513 user_data_format: SOFTWARE_CONFIG
514 user_data: {get_resource: NodeUserData}
515 name: {get_param: Hostname}
518 type: OS::TripleO::NodeUserData
521 type: OS::TripleO::Controller::Ports::ExternalPort
523 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
526 type: OS::TripleO::Controller::Ports::InternalApiPort
528 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
531 type: OS::TripleO::Controller::Ports::StoragePort
533 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
536 type: OS::TripleO::Controller::Ports::StorageMgmtPort
538 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
541 type: OS::TripleO::Controller::Ports::TenantPort
543 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
546 type: OS::TripleO::Network::Ports::NetIpMap
548 ExternalIp: {get_attr: [ExternalPort, ip_address]}
549 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
550 StorageIp: {get_attr: [StoragePort, ip_address]}
551 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
552 TenantIp: {get_attr: [TenantPort, ip_address]}
555 type: OS::TripleO::Network::Ports::NetIpMap
557 ExternalIp: {get_attr: [ExternalPort, ip_subnet]}
558 InternalApiIp: {get_attr: [InternalApiPort, ip_subnet]}
559 StorageIp: {get_attr: [StoragePort, ip_subnet]}
560 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_subnet]}
561 TenantIp: {get_attr: [TenantPort, ip_subnet]}
564 type: OS::TripleO::Controller::Net::SoftwareConfig
566 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
567 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
568 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
569 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
570 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
573 type: OS::TripleO::SoftwareDeployment
575 config: {get_resource: NetworkConfig}
576 server: {get_resource: Controller}
579 interface_name: {get_param: NeutronPublicInterface}
581 ControllerDeployment:
582 type: OS::TripleO::SoftwareDeployment
583 depends_on: NetworkDeployment
585 config: {get_resource: ControllerConfig}
586 server: {get_resource: Controller}
588 bootstack_nodeid: {get_attr: [Controller, name]}
589 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
590 heat.watch_server_url:
594 - {get_param: HeatApiVirtualIP}
596 heat.metadata_server_url:
600 - {get_param: HeatApiVirtualIP}
602 heat.waitcondition_server_url:
606 - {get_param: HeatApiVirtualIP}
607 - ':8000/v1/waitcondition'
608 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
609 horizon_secret: {get_param: HorizonSecret}
610 admin_password: {get_param: AdminPassword}
611 admin_token: {get_param: AdminToken}
612 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
613 debug: {get_param: Debug}
614 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
615 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
616 cinder_password: {get_param: CinderPassword}
617 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
618 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
619 cinder_backend_config: {get_param: CinderBackendConfig}
623 - - 'mysql://cinder:'
624 - {get_param: CinderPassword}
626 - {get_param: MysqlVirtualIP}
628 glance_port: {get_param: GlancePort}
629 glance_password: {get_param: GlancePassword}
630 glance_backend: {get_param: GlanceBackend}
631 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
632 glance_log_file: {get_param: GlanceLogFile}
636 - - 'mysql://glance:'
637 - {get_param: GlancePassword}
639 - {get_param: MysqlVirtualIP}
641 heat_password: {get_param: HeatPassword}
642 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
647 - {get_param: HeatPassword}
649 - {get_param: MysqlVirtualIP}
651 keystone_auth_address: {list_join: ['', ['http://', {get_param: KeystonePublicApiVirtualIP} , ':5000/v2.0']]}
652 keystone_ca_certificate: {get_param: KeystoneCACertificate}
653 keystone_signing_key: {get_param: KeystoneSigningKey}
654 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
655 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
656 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
660 - - 'mysql://keystone:'
661 - {get_param: AdminToken}
663 - {get_param: MysqlVirtualIP}
665 keystone_identity_uri:
669 - {get_param: KeystonePublicApiVirtualIP}
675 - {get_param: KeystonePublicApiVirtualIP}
677 enable_fencing: {get_param: EnableFencing}
678 enable_galera: {get_param: EnableGalera}
679 enable_ceph_storage: {get_param: EnableCephStorage}
680 enable_swift_storage: {get_param: EnableSwiftStorage}
681 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
682 mysql_root_password: {get_param: MysqlRootPassword}
685 template: tripleo-CLUSTER
687 CLUSTER: {get_param: MysqlClusterUniquePart}
688 neutron_flat_networks: {get_param: NeutronFlatNetworks}
689 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
690 neutron_agent_mode: {get_param: NeutronAgentMode}
691 neutron_router_distributed: {get_param: NeutronDVR}
692 neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers}
693 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
694 neutron_l3_ha: {get_param: NeutronL3HA}
695 neutron_network_vlan_ranges:
697 template: "['RANGES']"
702 - {get_param: NeutronNetworkVLANRanges}
703 neutron_bridge_mappings: {get_param: NeutronBridgeMappings}
704 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
705 neutron_public_interface: {get_param: NeutronPublicInterface}
706 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
707 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
708 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
709 neutron_tenant_network_type: {get_param: NeutronNetworkType}
710 neutron_tunnel_types: {get_param: NeutronTunnelTypes}
711 neutron_password: {get_param: NeutronPassword}
712 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
716 - - 'mysql://neutron:'
717 - {get_param: NeutronPassword}
719 - {get_param: MysqlVirtualIP}
720 - '/ovs_neutron?charset=utf8'
725 - {get_param: NeutronApiVirtualIP}
727 neutron_admin_auth_url:
731 - {get_param: KeystonePublicApiVirtualIP}
733 ceilometer_backend: {get_param: CeilometerBackend}
734 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
735 ceilometer_password: {get_param: CeilometerPassword}
736 ceilometer_coordination_url:
740 - {get_param: RedisVirtualIP}
745 - - 'mysql://ceilometer:unset@'
746 - {get_param: MysqlVirtualIP}
748 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
749 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
750 nova_password: {get_param: NovaPassword}
755 - {get_param: NovaPassword}
757 - {get_param: MysqlVirtualIP}
759 fencing_config: {get_param: FencingConfig}
760 pcsd_password: {get_param: PcsdPassword}
761 rabbit_username: {get_param: RabbitUserName}
762 rabbit_password: {get_param: RabbitPassword}
763 rabbit_cookie: {get_param: RabbitCookie}
764 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
765 rabbit_client_port: {get_param: RabbitClientPort}
768 template: '["server"]'
770 server: {get_param: NtpServer}
771 control_virtual_interface: {get_param: ControlVirtualInterface}
772 public_virtual_interface: {get_param: PublicVirtualInterface}
773 swift_hash_suffix: {get_param: SwiftHashSuffix}
774 swift_password: {get_param: SwiftPassword}
775 swift_part_power: {get_param: SwiftPartPower}
776 swift_replicas: {get_param: SwiftReplicas}
777 swift_min_part_hours: {get_param: SwiftMinPartHours}
778 swift_mount_check: {get_param: SwiftMountCheck}
779 enable_package_install: {get_param: EnablePackageInstall}
780 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
781 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
782 cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
783 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
784 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
785 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
789 - - {get_param: GlanceProtocol}
791 - {get_param: GlanceApiVirtualIP}
793 - {get_param: GlancePort}
794 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
795 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
796 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
797 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
798 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
799 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
800 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
801 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
802 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
803 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
804 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
805 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
806 redis_vip: {get_param: RedisVirtualIP}
807 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
808 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
809 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
810 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
811 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
813 # Map heat metadata into hiera datafiles
815 type: OS::Heat::StructuredConfig
817 group: os-apply-config
821 - heat_config_%{::deploy_config_name}
824 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
825 - ceph_cluster # provided by CephClusterConfig
827 - bootstrap_node # provided by BootstrapNodeConfig
828 - all_nodes # provided by allNodesConfig
829 - vip_data # provided by vip-config
832 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
835 raw_data: {get_file: hieradata/common.yaml}
837 raw_data: {get_file: hieradata/ceph.yaml}
839 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
840 ceph::profile::params::public_network: {get_input: ceph_public_network}
841 ceph::mon::public_addr: {get_input: ceph_public_ip}
843 raw_data: {get_file: hieradata/object.yaml}
845 raw_data: {get_file: hieradata/controller.yaml}
846 mapped_data: # data supplied directly to this deployment configuration, etc
847 bootstack_nodeid: {get_input: bootstack_nodeid}
850 enable_fencing: {get_input: enable_fencing}
851 hacluster_pwd: {get_input: pcsd_password}
852 tripleo::fencing::config: {get_input: fencing_config}
855 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
856 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
857 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
858 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
859 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
860 swift::proxy::authtoken::admin_password: {get_input: swift_password}
861 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
862 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
863 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
864 swift_mount_check: {get_input: swift_mount_check}
866 # NOTE(dprince): build_ring support is currently not wired in.
867 # See: https://review.openstack.org/#/c/109225/
868 tripleo::ringbuilder::build_ring: True
871 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
872 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
873 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
874 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
875 cinder::database_connection: {get_input: cinder_dsn}
876 cinder::api::keystone_password: {get_input: cinder_password}
877 cinder::api::auth_uri: {get_input: keystone_auth_uri}
878 cinder::api::identity_uri: {get_input: keystone_identity_uri}
879 cinder::api::bind_host: {get_input: cinder_api_network}
880 cinder::rabbit_userid: {get_input: rabbit_username}
881 cinder::rabbit_password: {get_input: rabbit_password}
882 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
883 cinder::rabbit_port: {get_input: rabbit_client_port}
884 cinder::debug: {get_input: debug}
885 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
886 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
887 cinder_backend_config: {get_input: CinderBackendConfig}
890 glance::api::bind_port: {get_input: glance_port}
891 glance::api::bind_host: {get_input: glance_api_network}
892 glance::api::auth_uri: {get_input: keystone_auth_uri}
893 glance::api::identity_uri: {get_input: keystone_identity_uri}
894 glance::api::registry_host: {get_input: glance_registry_network}
895 glance::api::keystone_password: {get_input: glance_password}
896 glance::api::debug: {get_input: debug}
897 glance_notifier_strategy: {get_input: glance_notifier_strategy}
898 glance_log_file: {get_input: glance_log_file}
899 glance_log_file: {get_input: glance_log_file}
900 glance::api::database_connection: {get_input: glance_dsn}
901 glance::registry::keystone_password: {get_input: glance_password}
902 glance::registry::database_connection: {get_input: glance_dsn}
903 glance::registry::bind_host: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
904 glance::registry::auth_uri: {get_input: keystone_auth_uri}
905 glance::registry::identity_uri: {get_input: keystone_identity_uri}
906 glance::registry::debug: {get_input: debug}
907 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_address}
908 glance::backend::swift::swift_store_user: service:glance
909 glance::backend::swift::swift_store_key: {get_input: glance_password}
910 glance_backend: {get_input: glance_backend}
913 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
914 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
915 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
916 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
917 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
918 heat::rabbit_userid: {get_input: rabbit_username}
919 heat::rabbit_password: {get_input: rabbit_password}
920 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
921 heat::rabbit_port: {get_input: rabbit_client_port}
922 heat::auth_uri: {get_input: keystone_auth_uri}
923 heat::identity_uri: {get_input: keystone_identity_uri}
924 heat::keystone_password: {get_input: heat_password}
925 heat::api::bind_host: {get_input: heat_api_network}
926 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
927 heat::api_cfn::bind_host: {get_input: heat_api_network}
928 heat::database_connection: {get_input: heat_dsn}
929 heat::instance_user: heat-admin
930 heat::debug: {get_input: debug}
933 keystone::admin_token: {get_input: admin_token}
934 keystone_ca_certificate: {get_input: keystone_ca_certificate}
935 keystone_signing_key: {get_input: keystone_signing_key}
936 keystone_signing_certificate: {get_input: keystone_signing_certificate}
937 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
938 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
939 keystone::database_connection: {get_input: keystone_dsn}
940 keystone::public_bind_host: {get_input: keystone_public_api_network}
941 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
942 keystone::debug: {get_input: debug}
944 mongodb::server::bind_ip: {get_input: mongo_db_network}
946 admin_password: {get_input: admin_password}
947 enable_galera: {get_input: enable_galera}
948 enable_ceph_storage: {get_input: enable_ceph_storage}
949 enable_swift_storage: {get_input: enable_swift_storage}
950 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
951 mysql::server::root_password: {get_input: mysql_root_password}
952 mysql_cluster_name: {get_input: mysql_cluster_name}
953 mysql_bind_host: {get_input: mysql_network}
956 neutron::bind_host: {get_input: neutron_api_network}
957 neutron::rabbit_password: {get_input: rabbit_password}
958 neutron::rabbit_user: {get_input: rabbit_user}
959 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
960 neutron::rabbit_port: {get_input: rabbit_client_port}
961 neutron::debug: {get_input: debug}
962 neutron::server::auth_uri: {get_input: keystone_auth_uri}
963 neutron::server::identity_uri: {get_input: keystone_identity_uri}
964 neutron::server::database_connection: {get_input: neutron_dsn}
965 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
966 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
967 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
968 neutron_flat_networks: {get_input: neutron_flat_networks}
969 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
970 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
971 neutron_agent_mode: {get_input: neutron_agent_mode}
972 neutron_router_distributed: {get_input: neutron_router_distributed}
973 neutron_mechanism_drivers: {get_input: neutron_mechanism_drivers}
974 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
975 neutron::server::l3_ha: {get_input: neutron_l3_ha}
976 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
977 neutron_bridge_mappings: {get_input: neutron_bridge_mappings}
978 neutron_public_interface: {get_input: neutron_public_interface}
979 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
980 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
981 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
982 neutron_tenant_network_type: {get_input: neutron_tenant_network_type}
983 neutron_tunnel_types: {get_input: neutron_tunnel_types}
984 neutron::server::auth_password: {get_input: neutron_password}
985 neutron::agents::metadata::auth_password: {get_input: neutron_password}
986 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
987 neutron_dsn: {get_input: neutron_dsn}
988 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
991 ceilometer_backend: {get_input: ceilometer_backend}
992 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
993 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
994 ceilometer::rabbit_userid: {get_input: rabbit_username}
995 ceilometer::rabbit_password: {get_input: rabbit_password}
996 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
997 ceilometer::rabbit_port: {get_input: rabbit_client_port}
998 ceilometer::debug: {get_input: debug}
999 ceilometer::api::host: {get_input: ceilometer_api_network}
1000 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1001 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1002 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1003 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1004 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_address}
1005 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1006 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1007 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1010 nova::rabbit_userid: {get_input: rabbit_username}
1011 nova::rabbit_password: {get_input: rabbit_password}
1012 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1013 nova::rabbit_port: {get_input: rabbit_client_port}
1014 nova::debug: {get_input: debug}
1015 nova::api::auth_uri: {get_input: keystone_auth_uri}
1016 nova::api::identity_uri: {get_input: keystone_identity_uri}
1017 nova::api::api_bind_address: {get_input: nova_api_network}
1018 nova::api::metadata_listen: {get_input: nova_metadata_network}
1019 nova::api::admin_password: {get_input: nova_password}
1020 nova::database_connection: {get_input: nova_dsn}
1021 nova::glance_api_servers: {get_input: glance_api_servers}
1022 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1023 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
1024 nova::network::neutron::neutron_url: {get_input: neutron_url}
1025 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
1026 nova::vncproxy::host: {get_input: nova_api_network}
1029 apache::ip: {get_input: horizon_network}
1030 horizon::django_debug: {get_input: debug}
1031 horizon::secret_key: {get_input: horizon_secret}
1032 horizon::bind_address: {get_input: horizon_network}
1033 horizon::keystone_url: {get_input: keystone_auth_uri}
1036 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1037 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1039 redis::bind: {get_input: redis_network}
1040 redis_vip: {get_input: redis_vip}
1042 memcached::listen_ip: {get_input: memcached_network}
1043 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1044 ntp::servers: {get_input: ntp_servers}
1045 control_virtual_interface: {get_input: control_virtual_interface}
1046 public_virtual_interface: {get_input: public_virtual_interface}
1047 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1048 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1049 enable_package_install: {get_input: enable_package_install}
1051 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1052 ControllerExtraConfigPre:
1053 depends_on: ControllerDeployment
1054 type: OS::TripleO::ControllerExtraConfigPre
1056 server: {get_resource: Controller}
1059 type: OS::TripleO::Tasks::PackageUpdate
1062 type: OS::Heat::SoftwareDeployment
1064 config: {get_resource: UpdateConfig}
1065 server: {get_resource: Controller}
1068 get_param: UpdateIdentifier
1072 description: IP address of the server in the ctlplane network
1073 value: {get_attr: [Controller, networks, ctlplane, 0]}
1074 external_ip_address:
1075 description: IP address of the server in the external network
1076 value: {get_attr: [ExternalPort, ip_address]}
1077 internal_api_ip_address:
1078 description: IP address of the server in the internal_api network
1079 value: {get_attr: [InternalApiPort, ip_address]}
1081 description: IP address of the server in the storage network
1082 value: {get_attr: [StoragePort, ip_address]}
1083 storage_mgmt_ip_address:
1084 description: IP address of the server in the storage_mgmt network
1085 value: {get_attr: [StorageMgmtPort, ip_address]}
1087 description: IP address of the server in the tenant network
1088 value: {get_attr: [TenantPort, ip_address]}
1090 description: Hostname of the server
1091 value: {get_attr: [Controller, name]}
1094 Node object in the format {ip: ..., name: ...} format that the corosync
1097 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1098 name: {get_attr: [Controller, name]}
1101 Server's IP address and hostname in the /etc/hosts format
1104 template: IP HOST.localdomain HOST CLOUDNAME
1106 IP: {get_attr: [Controller, networks, ctlplane, 0]}
1107 HOST: {get_attr: [Controller, name]}
1108 CLOUDNAME: {get_param: CloudName}
1109 nova_server_resource:
1110 description: Heat resource handle for the Nova compute server
1112 {get_resource: Controller}
1114 description: Swift device formatted for swift-ring-builder
1117 template: 'r1z1-IP:%PORT%/d1'
1119 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1120 swift_proxy_memcache:
1121 description: Swift proxy-memcache value
1124 template: "IP:11211"
1126 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1128 description: identifier which changes if the controller configuration may need re-applying
1132 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1133 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}