1 heat_template_version: 2015-04-30
4 OpenStack controller node configured by Puppet.
9 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
14 description: The keystone auth secret and db password.
19 description: The ceilometer backend type.
21 CeilometerMeteringSecret:
23 description: Secret shared by the ceilometer services.
28 description: The password for the ceilometer service and db account.
31 CinderEnableIscsiBackend:
33 description: Whether to enable or not the Iscsi backend for Cinder
35 CinderEnableRbdBackend:
37 description: Whether to enable or not the Rbd backend for Cinder
41 description: The iSCSI helper to use with cinder.
43 CinderLVMLoopDeviceSize:
45 description: The size of the loopback file used by the cinder LVM driver.
49 description: The password for the cinder service and db account, used by cinder-api.
54 description: Contains parameters to configure Cinder backends. Typically
55 set via parameter_defaults in the resource registry.
59 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
61 ControllerExtraConfig:
64 Controller specific configuration to inject into the cluster. Same
65 structure as ExtraConfig.
67 ControlVirtualInterface:
69 description: Interface where virtual ip will be assigned.
73 description: Set to True to enable debugging on all services.
77 description: Whether to enable fencing in Pacemaker or not.
81 description: Whether to use Galera instead of regular MariaDB.
85 description: Whether to deploy Ceph Storage (OSD) on the Controller
89 description: Whether to enable Swift Storage on the Controller
94 Additional configuration to inject into the cluster. The JSON should have
95 the following structure:
98 [{"section": "SECTIONNAME",
100 [{"option": "OPTIONNAME",
111 [{"section": "default",
113 [{"option": "compute_manager",
114 "value": "ironic.nova.compute.manager.ClusterComputeManager"
120 [{"option": "driver",
121 "value": "nova.cells.rpc_driver.CellsRPCDriver"
132 Pacemaker fencing configuration. The JSON should have
133 the following structure:
137 "agent": "AGENT_NAME",
138 "host_mac": "HOST_MAC_ADDRESS",
139 "params": {"PARAM_NAME": "PARAM_VALUE"}
147 "agent": "fence_xvm",
148 "host_mac": "52:54:00:aa:bb:cc",
150 "multicast_address": "225.0.0.12",
151 "port": "baremetal_0",
153 "manage_key_file": true,
154 "key_file": "/etc/fence_xvm.key",
155 "key_file_password": "abcdef"
162 description: Flavor for control nodes to request when deploying.
165 - custom_constraint: nova.flavor
166 GlanceNotifierStrategy:
167 description: Strategy to use for Glance notification queue
171 description: The filepath of the file to use for logging messages from Glance.
176 description: The password for the glance service and db account, used by the glance services.
181 description: Glance port.
185 description: Protocol to use when connecting to glance, set to https for SSL.
189 description: The short name of the Glance backend to use. Should be one
190 of swift, rbd, or file
193 - allowed_values: ['swift', 'file', 'rbd']
196 description: The password for the Heat service and db account, used by the Heat services.
199 HeatStackDomainAdminPassword:
200 description: Password for heat_domain_admin user.
204 HeatAuthEncryptionKey:
205 description: Auth encryption key for heat-engine
208 description: Secret key for Django
212 default: overcloud-control
214 - custom_constraint: glance.image
216 default: 'REBUILD_PRESERVE_EPHEMERAL'
217 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
221 description: Name of an existing EC2 KeyPair to enable SSH access to the instances
224 - custom_constraint: nova.keypair
225 KeystoneCACertificate:
227 description: Keystone self-signed certificate authority certificate.
229 KeystoneSigningCertificate:
231 description: Keystone certificate for verifying token validity.
235 description: Keystone key for signing tokens.
238 KeystoneSSLCertificate:
240 description: Keystone certificate for verifying token validity.
242 KeystoneSSLCertificateKey:
244 description: Keystone key for signing tokens.
247 MysqlClusterUniquePart:
248 description: A unique identifier of the MySQL cluster the controller is in.
250 default: 'unset' # Has to be here because of the ignored empty value bug
251 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
253 # - length: {min: 4, max: 10}
254 MysqlInnodbBufferPoolSize:
256 Specifies the size of the buffer pool in megabytes. Setting to
257 zero should be interpreted as "no value" and will defer to the
264 default: '' # Has to be here because of the ignored empty value bug
265 NeutronExternalNetworkBridge:
266 description: Name of bridge used for external network traffic.
269 NeutronBridgeMappings:
271 The OVS logical->physical bridge mappings to use. See the Neutron
272 documentation for details. Defaults to mapping br-ex - the external
273 bridge on hosts - to a physical name 'datacentre' which can be used
274 to create provider networks (and we use this for the default floating
275 network) - if changing this either use different post-install network
276 scripts or be sure to keep 'datacentre' as a mapping network name.
278 default: "datacentre:br-ex"
279 NeutronDnsmasqOptions:
280 default: 'dhcp-option-force=26,1400'
281 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
285 description: Agent mode for the neutron-l3-agent on the controller hosts
289 description: Whether to enable l3-agent HA
291 NeutronDhcpAgentsPerNetwork:
294 description: The number of neutron dhcp agents to schedule per network
297 description: Whether to configure Neutron Distributed Virtual Routers
299 NeutronMetadataProxySharedSecret:
301 description: Shared secret to prevent spoofing
303 NeutronMechanismDrivers:
304 default: 'openvswitch'
306 The mechanism drivers for the Neutron tenant network. To specify multiple
307 values, use a comma separated string, like so: 'openvswitch,l2_population'
309 NeutronAllowL3AgentFailover:
311 description: Allow automatic l3-agent failover
313 NeutronEnableTunnelling:
318 default: 'datacentre'
319 description: If set, flat networks to configure in neutron plugins.
322 description: Whether to enable l3-agent HA
326 description: The tenant network type for Neutron, either gre or vxlan.
328 NeutronNetworkVLANRanges:
329 default: 'datacentre'
331 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
332 Neutron documentation for permitted values. Defaults to permitting any
333 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
334 type: comma_delimited_list
337 description: The password for the neutron service and db account, used by neutron agents.
340 NeutronPublicInterface:
342 description: What interface to bridge onto br-ex for network nodes.
344 NeutronPublicInterfaceTag:
347 VLAN tag for creating a public VLAN. The tag will be used to
348 create an access port on the exterior bridge for each control plane node,
349 and that port will be given the IP address returned by neutron from the
350 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
351 overcloud.yaml to include the deployment of VLAN ports to the control
354 NeutronPublicInterfaceDefaultRoute:
356 description: A custom default route for the NeutronPublicInterface.
358 NeutronPublicInterfaceIP:
360 description: A custom IP address to put onto the NeutronPublicInterface.
362 NeutronPublicInterfaceRawDevice:
364 description: If set, the public interface is a vlan with this device as the raw device.
369 The tunnel types for the Neutron tenant network. To specify multiple
370 values, use a comma separated string, like so: 'gre,vxlan'
374 description: The password for the nova service and db account, used by nova-api.
382 description: The password for the 'pcsd' user.
383 PublicVirtualInterface:
386 Specifies the interface where the public-facing virtual ip will be assigned.
387 This should be int_public when a VLAN is being used.
389 PublicVirtualIP: # DEPRECATED: use per service settings instead
391 default: '' # Has to be here because of the ignored empty value bug
394 default: '' # Has to be here because of the ignored empty value bug
398 description: The password for RabbitMQ
403 description: The username for RabbitMQ
408 Rabbit client subscriber parameter to specify
409 an SSL connection to the RabbitMQ host.
413 description: Set rabbit subscriber port, change this if using SSL
417 default: '' # Has to be here because of the ignored empty value bug
418 SnmpdReadonlyUserName:
419 default: ro_snmp_user
420 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
422 SnmpdReadonlyUserPassword:
424 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
429 description: If set, the contents of an SSL certificate authority file.
433 description: If set, the contents of an SSL certificate .crt file for encrypting SSL endpoints.
438 description: If set, the contents of an SSL certificate .key file for encrypting SSL endpoints.
443 description: A random string to be used as a salt when hashing to determine mappings
449 description: Value of mount_check in Swift account/container/object -server.conf
454 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
457 description: Partition Power to use when building Swift rings
461 description: The password for the swift service account, used by the swift proxy
468 description: How many replicas to use in the swift rings.
469 VirtualIP: # DEPRECATED: use per service settings instead
471 default: '' # Has to be here because of the ignored empty value bug
481 KeystonePublicApiVirtualIP:
487 EnablePackageInstall:
489 description: Set to true to enable package installation via Puppet
493 description: Mapping of service_name -> network name. Typically set
494 via parameter_defaults in the resource registry.
500 Setting to a previously unused value during stack-update will trigger
501 package update on all nodes
504 default: '' # Defaults to Heat created hostname
509 type: OS::Nova::Server
511 image: {get_param: Image}
512 image_update_policy: {get_param: ImageUpdatePolicy}
513 flavor: {get_param: Flavor}
514 key_name: {get_param: KeyName}
517 user_data_format: SOFTWARE_CONFIG
518 user_data: {get_resource: NodeUserData}
519 name: {get_param: Hostname}
522 type: OS::TripleO::NodeUserData
525 type: OS::TripleO::Controller::Ports::ExternalPort
527 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
530 type: OS::TripleO::Controller::Ports::InternalApiPort
532 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
535 type: OS::TripleO::Controller::Ports::StoragePort
537 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
540 type: OS::TripleO::Controller::Ports::StorageMgmtPort
542 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
545 type: OS::TripleO::Controller::Ports::TenantPort
547 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
550 type: OS::TripleO::Network::Ports::NetIpMap
552 ExternalIp: {get_attr: [ExternalPort, ip_address]}
553 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
554 StorageIp: {get_attr: [StoragePort, ip_address]}
555 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
556 TenantIp: {get_attr: [TenantPort, ip_address]}
559 type: OS::TripleO::Network::Ports::NetIpMap
561 ExternalIp: {get_attr: [ExternalPort, ip_subnet]}
562 InternalApiIp: {get_attr: [InternalApiPort, ip_subnet]}
563 StorageIp: {get_attr: [StoragePort, ip_subnet]}
564 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_subnet]}
565 TenantIp: {get_attr: [TenantPort, ip_subnet]}
568 type: OS::TripleO::Controller::Net::SoftwareConfig
570 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
571 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
572 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
573 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
574 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
577 type: OS::TripleO::SoftwareDeployment
579 config: {get_resource: NetworkConfig}
580 server: {get_resource: Controller}
583 interface_name: {get_param: NeutronPublicInterface}
585 ControllerDeployment:
586 type: OS::TripleO::SoftwareDeployment
587 depends_on: NetworkDeployment
589 config: {get_resource: ControllerConfig}
590 server: {get_resource: Controller}
592 bootstack_nodeid: {get_attr: [Controller, name]}
593 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
594 heat.watch_server_url:
598 - {get_param: HeatApiVirtualIP}
600 heat.metadata_server_url:
604 - {get_param: HeatApiVirtualIP}
606 heat.waitcondition_server_url:
610 - {get_param: HeatApiVirtualIP}
611 - ':8000/v1/waitcondition'
612 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
613 horizon_secret: {get_param: HorizonSecret}
614 admin_password: {get_param: AdminPassword}
615 admin_token: {get_param: AdminToken}
616 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
617 debug: {get_param: Debug}
618 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
619 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
620 cinder_password: {get_param: CinderPassword}
621 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
622 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
623 cinder_backend_config: {get_param: CinderBackendConfig}
627 - - 'mysql://cinder:'
628 - {get_param: CinderPassword}
630 - {get_param: MysqlVirtualIP}
632 glance_port: {get_param: GlancePort}
633 glance_password: {get_param: GlancePassword}
634 glance_backend: {get_param: GlanceBackend}
635 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
636 glance_log_file: {get_param: GlanceLogFile}
640 - - 'mysql://glance:'
641 - {get_param: GlancePassword}
643 - {get_param: MysqlVirtualIP}
645 heat_password: {get_param: HeatPassword}
646 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
651 - {get_param: HeatPassword}
653 - {get_param: MysqlVirtualIP}
655 keystone_auth_address: {list_join: ['', ['http://', {get_param: KeystonePublicApiVirtualIP} , ':5000/v2.0']]}
656 keystone_ca_certificate: {get_param: KeystoneCACertificate}
657 keystone_signing_key: {get_param: KeystoneSigningKey}
658 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
659 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
660 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
664 - - 'mysql://keystone:'
665 - {get_param: AdminToken}
667 - {get_param: MysqlVirtualIP}
669 keystone_identity_uri:
673 - {get_param: KeystonePublicApiVirtualIP}
679 - {get_param: KeystonePublicApiVirtualIP}
681 enable_fencing: {get_param: EnableFencing}
682 enable_galera: {get_param: EnableGalera}
683 enable_ceph_storage: {get_param: EnableCephStorage}
684 enable_swift_storage: {get_param: EnableSwiftStorage}
685 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
686 mysql_root_password: {get_param: MysqlRootPassword}
689 template: tripleo-CLUSTER
691 CLUSTER: {get_param: MysqlClusterUniquePart}
692 neutron_flat_networks: {get_param: NeutronFlatNetworks}
693 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
694 neutron_agent_mode: {get_param: NeutronAgentMode}
695 neutron_router_distributed: {get_param: NeutronDVR}
696 neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers}
697 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
698 neutron_l3_ha: {get_param: NeutronL3HA}
699 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
700 neutron_network_vlan_ranges:
702 template: "['RANGES']"
707 - {get_param: NeutronNetworkVLANRanges}
708 neutron_bridge_mappings: {get_param: NeutronBridgeMappings}
709 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
710 neutron_public_interface: {get_param: NeutronPublicInterface}
711 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
712 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
713 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
714 neutron_tenant_network_type: {get_param: NeutronNetworkType}
715 neutron_tunnel_types: {get_param: NeutronTunnelTypes}
716 neutron_password: {get_param: NeutronPassword}
717 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
721 - - 'mysql://neutron:'
722 - {get_param: NeutronPassword}
724 - {get_param: MysqlVirtualIP}
725 - '/ovs_neutron?charset=utf8'
730 - {get_param: NeutronApiVirtualIP}
732 neutron_admin_auth_url:
736 - {get_param: KeystonePublicApiVirtualIP}
738 ceilometer_backend: {get_param: CeilometerBackend}
739 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
740 ceilometer_password: {get_param: CeilometerPassword}
741 ceilometer_coordination_url:
745 - {get_param: RedisVirtualIP}
750 - - 'mysql://ceilometer:unset@'
751 - {get_param: MysqlVirtualIP}
753 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
754 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
755 nova_password: {get_param: NovaPassword}
760 - {get_param: NovaPassword}
762 - {get_param: MysqlVirtualIP}
764 fencing_config: {get_param: FencingConfig}
765 pcsd_password: {get_param: PcsdPassword}
766 rabbit_username: {get_param: RabbitUserName}
767 rabbit_password: {get_param: RabbitPassword}
768 rabbit_cookie: {get_param: RabbitCookie}
769 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
770 rabbit_client_port: {get_param: RabbitClientPort}
773 template: '["server"]'
775 server: {get_param: NtpServer}
776 control_virtual_interface: {get_param: ControlVirtualInterface}
777 public_virtual_interface: {get_param: PublicVirtualInterface}
778 swift_hash_suffix: {get_param: SwiftHashSuffix}
779 swift_password: {get_param: SwiftPassword}
780 swift_part_power: {get_param: SwiftPartPower}
781 swift_replicas: {get_param: SwiftReplicas}
782 swift_min_part_hours: {get_param: SwiftMinPartHours}
783 swift_mount_check: {get_param: SwiftMountCheck}
784 enable_package_install: {get_param: EnablePackageInstall}
785 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
786 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
787 cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
788 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
789 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
790 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
794 - - {get_param: GlanceProtocol}
796 - {get_param: GlanceApiVirtualIP}
798 - {get_param: GlancePort}
799 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
800 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
801 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
802 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
803 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
804 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
805 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
806 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
807 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
808 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
809 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
810 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
811 redis_vip: {get_param: RedisVirtualIP}
812 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
813 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
814 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
815 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
816 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
818 # Map heat metadata into hiera datafiles
820 type: OS::Heat::StructuredConfig
822 group: os-apply-config
826 - heat_config_%{::deploy_config_name}
829 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
830 - ceph_cluster # provided by CephClusterConfig
832 - bootstrap_node # provided by BootstrapNodeConfig
833 - all_nodes # provided by allNodesConfig
834 - vip_data # provided by vip-config
837 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
840 raw_data: {get_file: hieradata/common.yaml}
842 raw_data: {get_file: hieradata/ceph.yaml}
844 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
845 ceph::profile::params::public_network: {get_input: ceph_public_network}
846 ceph::mon::public_addr: {get_input: ceph_public_ip}
848 raw_data: {get_file: hieradata/object.yaml}
850 raw_data: {get_file: hieradata/controller.yaml}
851 mapped_data: # data supplied directly to this deployment configuration, etc
852 bootstack_nodeid: {get_input: bootstack_nodeid}
855 enable_fencing: {get_input: enable_fencing}
856 hacluster_pwd: {get_input: pcsd_password}
857 tripleo::fencing::config: {get_input: fencing_config}
860 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
861 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
862 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
863 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
864 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
865 swift::proxy::authtoken::admin_password: {get_input: swift_password}
866 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
867 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
868 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
869 swift_mount_check: {get_input: swift_mount_check}
871 # NOTE(dprince): build_ring support is currently not wired in.
872 # See: https://review.openstack.org/#/c/109225/
873 tripleo::ringbuilder::build_ring: True
876 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
877 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
878 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
879 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
880 cinder::database_connection: {get_input: cinder_dsn}
881 cinder::api::keystone_password: {get_input: cinder_password}
882 cinder::api::auth_uri: {get_input: keystone_auth_uri}
883 cinder::api::identity_uri: {get_input: keystone_identity_uri}
884 cinder::api::bind_host: {get_input: cinder_api_network}
885 cinder::rabbit_userid: {get_input: rabbit_username}
886 cinder::rabbit_password: {get_input: rabbit_password}
887 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
888 cinder::rabbit_port: {get_input: rabbit_client_port}
889 cinder::debug: {get_input: debug}
890 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
891 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
892 cinder_backend_config: {get_input: CinderBackendConfig}
895 glance::api::bind_port: {get_input: glance_port}
896 glance::api::bind_host: {get_input: glance_api_network}
897 glance::api::auth_uri: {get_input: keystone_auth_uri}
898 glance::api::identity_uri: {get_input: keystone_identity_uri}
899 glance::api::registry_host: {get_input: glance_registry_network}
900 glance::api::keystone_password: {get_input: glance_password}
901 glance::api::debug: {get_input: debug}
902 glance_notifier_strategy: {get_input: glance_notifier_strategy}
903 glance_log_file: {get_input: glance_log_file}
904 glance_log_file: {get_input: glance_log_file}
905 glance::api::database_connection: {get_input: glance_dsn}
906 glance::registry::keystone_password: {get_input: glance_password}
907 glance::registry::database_connection: {get_input: glance_dsn}
908 glance::registry::bind_host: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
909 glance::registry::auth_uri: {get_input: keystone_auth_uri}
910 glance::registry::identity_uri: {get_input: keystone_identity_uri}
911 glance::registry::debug: {get_input: debug}
912 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_address}
913 glance::backend::swift::swift_store_user: service:glance
914 glance::backend::swift::swift_store_key: {get_input: glance_password}
915 glance_backend: {get_input: glance_backend}
918 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
919 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
920 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
921 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
922 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
923 heat::rabbit_userid: {get_input: rabbit_username}
924 heat::rabbit_password: {get_input: rabbit_password}
925 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
926 heat::rabbit_port: {get_input: rabbit_client_port}
927 heat::auth_uri: {get_input: keystone_auth_uri}
928 heat::identity_uri: {get_input: keystone_identity_uri}
929 heat::keystone_password: {get_input: heat_password}
930 heat::api::bind_host: {get_input: heat_api_network}
931 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
932 heat::api_cfn::bind_host: {get_input: heat_api_network}
933 heat::database_connection: {get_input: heat_dsn}
934 heat::instance_user: heat-admin
935 heat::debug: {get_input: debug}
938 keystone::admin_token: {get_input: admin_token}
939 keystone_ca_certificate: {get_input: keystone_ca_certificate}
940 keystone_signing_key: {get_input: keystone_signing_key}
941 keystone_signing_certificate: {get_input: keystone_signing_certificate}
942 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
943 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
944 keystone::database_connection: {get_input: keystone_dsn}
945 keystone::public_bind_host: {get_input: keystone_public_api_network}
946 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
947 keystone::debug: {get_input: debug}
949 mongodb::server::bind_ip: {get_input: mongo_db_network}
951 admin_password: {get_input: admin_password}
952 enable_galera: {get_input: enable_galera}
953 enable_ceph_storage: {get_input: enable_ceph_storage}
954 enable_swift_storage: {get_input: enable_swift_storage}
955 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
956 mysql::server::root_password: {get_input: mysql_root_password}
957 mysql_cluster_name: {get_input: mysql_cluster_name}
958 mysql_bind_host: {get_input: mysql_network}
961 neutron::bind_host: {get_input: neutron_api_network}
962 neutron::rabbit_password: {get_input: rabbit_password}
963 neutron::rabbit_user: {get_input: rabbit_user}
964 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
965 neutron::rabbit_port: {get_input: rabbit_client_port}
966 neutron::debug: {get_input: debug}
967 neutron::server::auth_uri: {get_input: keystone_auth_uri}
968 neutron::server::identity_uri: {get_input: keystone_identity_uri}
969 neutron::server::database_connection: {get_input: neutron_dsn}
970 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
971 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
972 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
973 neutron_flat_networks: {get_input: neutron_flat_networks}
974 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
975 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
976 neutron_agent_mode: {get_input: neutron_agent_mode}
977 neutron_router_distributed: {get_input: neutron_router_distributed}
978 neutron_mechanism_drivers: {get_input: neutron_mechanism_drivers}
979 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
980 neutron::server::l3_ha: {get_input: neutron_l3_ha}
981 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
982 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
983 neutron_bridge_mappings: {get_input: neutron_bridge_mappings}
984 neutron_public_interface: {get_input: neutron_public_interface}
985 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
986 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
987 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
988 neutron_tenant_network_type: {get_input: neutron_tenant_network_type}
989 neutron_tunnel_types: {get_input: neutron_tunnel_types}
990 neutron::server::auth_password: {get_input: neutron_password}
991 neutron::agents::metadata::auth_password: {get_input: neutron_password}
992 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
993 neutron_dsn: {get_input: neutron_dsn}
994 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
997 ceilometer_backend: {get_input: ceilometer_backend}
998 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
999 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1000 ceilometer::rabbit_userid: {get_input: rabbit_username}
1001 ceilometer::rabbit_password: {get_input: rabbit_password}
1002 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1003 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1004 ceilometer::debug: {get_input: debug}
1005 ceilometer::api::host: {get_input: ceilometer_api_network}
1006 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1007 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1008 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1009 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1010 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_address}
1011 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1012 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1013 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1016 nova::rabbit_userid: {get_input: rabbit_username}
1017 nova::rabbit_password: {get_input: rabbit_password}
1018 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1019 nova::rabbit_port: {get_input: rabbit_client_port}
1020 nova::debug: {get_input: debug}
1021 nova::api::auth_uri: {get_input: keystone_auth_uri}
1022 nova::api::identity_uri: {get_input: keystone_identity_uri}
1023 nova::api::api_bind_address: {get_input: nova_api_network}
1024 nova::api::metadata_listen: {get_input: nova_metadata_network}
1025 nova::api::admin_password: {get_input: nova_password}
1026 nova::database_connection: {get_input: nova_dsn}
1027 nova::glance_api_servers: {get_input: glance_api_servers}
1028 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1029 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
1030 nova::network::neutron::neutron_url: {get_input: neutron_url}
1031 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
1032 nova::vncproxy::host: {get_input: nova_api_network}
1035 apache::ip: {get_input: horizon_network}
1036 horizon::django_debug: {get_input: debug}
1037 horizon::secret_key: {get_input: horizon_secret}
1038 horizon::bind_address: {get_input: horizon_network}
1039 horizon::keystone_url: {get_input: keystone_auth_uri}
1042 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1043 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1045 redis::bind: {get_input: redis_network}
1046 redis_vip: {get_input: redis_vip}
1048 memcached::listen_ip: {get_input: memcached_network}
1049 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1050 ntp::servers: {get_input: ntp_servers}
1051 control_virtual_interface: {get_input: control_virtual_interface}
1052 public_virtual_interface: {get_input: public_virtual_interface}
1053 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1054 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1055 enable_package_install: {get_input: enable_package_install}
1057 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1058 ControllerExtraConfigPre:
1059 depends_on: ControllerDeployment
1060 type: OS::TripleO::ControllerExtraConfigPre
1062 server: {get_resource: Controller}
1065 type: OS::TripleO::Tasks::PackageUpdate
1068 type: OS::Heat::SoftwareDeployment
1070 config: {get_resource: UpdateConfig}
1071 server: {get_resource: Controller}
1074 get_param: UpdateIdentifier
1078 description: IP address of the server in the ctlplane network
1079 value: {get_attr: [Controller, networks, ctlplane, 0]}
1080 external_ip_address:
1081 description: IP address of the server in the external network
1082 value: {get_attr: [ExternalPort, ip_address]}
1083 internal_api_ip_address:
1084 description: IP address of the server in the internal_api network
1085 value: {get_attr: [InternalApiPort, ip_address]}
1087 description: IP address of the server in the storage network
1088 value: {get_attr: [StoragePort, ip_address]}
1089 storage_mgmt_ip_address:
1090 description: IP address of the server in the storage_mgmt network
1091 value: {get_attr: [StorageMgmtPort, ip_address]}
1093 description: IP address of the server in the tenant network
1094 value: {get_attr: [TenantPort, ip_address]}
1096 description: Hostname of the server
1097 value: {get_attr: [Controller, name]}
1100 Node object in the format {ip: ..., name: ...} format that the corosync
1103 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1104 name: {get_attr: [Controller, name]}
1107 Server's IP address and hostname in the /etc/hosts format
1110 template: IP HOST.localdomain HOST CLOUDNAME
1112 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1113 HOST: {get_attr: [Controller, name]}
1114 CLOUDNAME: {get_param: CloudName}
1115 nova_server_resource:
1116 description: Heat resource handle for the Nova compute server
1118 {get_resource: Controller}
1120 description: Swift device formatted for swift-ring-builder
1123 template: 'r1z1-IP:%PORT%/d1'
1125 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1126 swift_proxy_memcache:
1127 description: Swift proxy-memcache value
1130 template: "IP:11211"
1132 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1134 description: identifier which changes if the controller configuration may need re-applying
1138 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1139 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}