1 heat_template_version: 2015-04-30
4 OpenStack controller node configured by Puppet.
9 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
14 description: The keystone auth secret and db password.
19 description: The ceilometer backend type.
21 CeilometerMeteringSecret:
23 description: Secret shared by the ceilometer services.
28 description: The password for the ceilometer service and db account.
31 CinderEnableIscsiBackend:
33 description: Whether to enable or not the Iscsi backend for Cinder
35 CinderEnableRbdBackend:
37 description: Whether to enable or not the Rbd backend for Cinder
41 description: The iSCSI helper to use with cinder.
43 CinderLVMLoopDeviceSize:
45 description: The size of the loopback file used by the cinder LVM driver.
49 description: The password for the cinder service and db account, used by cinder-api.
54 description: Contains parameters to configure Cinder backends. Typically
55 set via parameter_defaults in the resource registry.
59 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
61 ControllerExtraConfig:
64 Controller specific configuration to inject into the cluster. Same
65 structure as ExtraConfig.
67 ControlVirtualInterface:
69 description: Interface where virtual ip will be assigned.
73 description: Set to True to enable debugging on all services.
77 description: Whether to enable fencing in Pacemaker or not.
81 description: Whether to use Galera instead of regular MariaDB.
85 description: Whether to deploy Ceph Storage (OSD) on the Controller
89 description: Whether to enable Swift Storage on the Controller
94 Additional configuration to inject into the cluster. The JSON should have
95 the following structure:
98 [{"section": "SECTIONNAME",
100 [{"option": "OPTIONNAME",
111 [{"section": "default",
113 [{"option": "compute_manager",
114 "value": "ironic.nova.compute.manager.ClusterComputeManager"
120 [{"option": "driver",
121 "value": "nova.cells.rpc_driver.CellsRPCDriver"
132 Pacemaker fencing configuration. The JSON should have
133 the following structure:
137 "agent": "AGENT_NAME",
138 "host_mac": "HOST_MAC_ADDRESS",
139 "params": {"PARAM_NAME": "PARAM_VALUE"}
147 "agent": "fence_xvm",
148 "host_mac": "52:54:00:aa:bb:cc",
150 "multicast_address": "225.0.0.12",
151 "port": "baremetal_0",
153 "manage_key_file": true,
154 "key_file": "/etc/fence_xvm.key",
155 "key_file_password": "abcdef"
162 description: Flavor for control nodes to request when deploying.
165 - custom_constraint: nova.flavor
166 GlanceNotifierStrategy:
167 description: Strategy to use for Glance notification queue
171 description: The filepath of the file to use for logging messages from Glance.
176 description: The password for the glance service and db account, used by the glance services.
181 description: Glance port.
185 description: Protocol to use when connecting to glance, set to https for SSL.
189 description: The short name of the Glance backend to use. Should be one
190 of swift, rbd, or file
193 - allowed_values: ['swift', 'file', 'rbd']
196 description: The password for the Heat service and db account, used by the Heat services.
199 HeatStackDomainAdminPassword:
200 description: Password for heat_domain_admin user.
204 HeatAuthEncryptionKey:
205 description: Auth encryption key for heat-engine
208 description: Secret key for Django
212 default: overcloud-control
214 - custom_constraint: glance.image
216 default: 'REBUILD_PRESERVE_EPHEMERAL'
217 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
221 description: Name of an existing EC2 KeyPair to enable SSH access to the instances
224 - custom_constraint: nova.keypair
225 KeystoneCACertificate:
227 description: Keystone self-signed certificate authority certificate.
229 KeystoneSigningCertificate:
231 description: Keystone certificate for verifying token validity.
235 description: Keystone key for signing tokens.
238 KeystoneSSLCertificate:
240 description: Keystone certificate for verifying token validity.
242 KeystoneSSLCertificateKey:
244 description: Keystone key for signing tokens.
247 MysqlClusterUniquePart:
248 description: A unique identifier of the MySQL cluster the controller is in.
250 default: 'unset' # Has to be here because of the ignored empty value bug
251 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
253 # - length: {min: 4, max: 10}
254 MysqlInnodbBufferPoolSize:
256 Specifies the size of the buffer pool in megabytes. Setting to
257 zero should be interpreted as "no value" and will defer to the
264 default: '' # Has to be here because of the ignored empty value bug
265 NeutronBridgeMappings:
267 The OVS logical->physical bridge mappings to use. See the Neutron
268 documentation for details. Defaults to mapping br-ex - the external
269 bridge on hosts - to a physical name 'datacentre' which can be used
270 to create provider networks (and we use this for the default floating
271 network) - if changing this either use different post-install network
272 scripts or be sure to keep 'datacentre' as a mapping network name.
274 default: "datacentre:br-ex"
275 NeutronDnsmasqOptions:
276 default: 'dhcp-option-force=26,1400'
277 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
281 description: Agent mode for the neutron-l3-agent on the controller hosts
285 description: Whether to enable l3-agent HA
289 description: Whether to configure Neutron Distributed Virtual Routers
291 NeutronMetadataProxySharedSecret:
293 description: Shared secret to prevent spoofing
295 NeutronMechanismDrivers:
296 default: 'openvswitch'
298 The mechanism drivers for the Neutron tenant network. To specify multiple
299 values, use a comma separated string, like so: 'openvswitch,l2_population'
301 NeutronAllowL3AgentFailover:
303 description: Allow automatic l3-agent failover
305 NeutronEnableTunnelling:
310 default: 'datacentre'
311 description: If set, flat networks to configure in neutron plugins.
314 description: Whether to enable l3-agent HA
318 description: The tenant network type for Neutron, either gre or vxlan.
320 NeutronNetworkVLANRanges:
321 default: 'datacentre'
323 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
324 Neutron documentation for permitted values. Defaults to permitting any
325 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
326 type: comma_delimited_list
329 description: The password for the neutron service and db account, used by neutron agents.
332 NeutronPublicInterface:
334 description: What interface to bridge onto br-ex for network nodes.
336 NeutronPublicInterfaceTag:
339 VLAN tag for creating a public VLAN. The tag will be used to
340 create an access port on the exterior bridge for each control plane node,
341 and that port will be given the IP address returned by neutron from the
342 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
343 overcloud.yaml to include the deployment of VLAN ports to the control
346 NeutronPublicInterfaceDefaultRoute:
348 description: A custom default route for the NeutronPublicInterface.
350 NeutronPublicInterfaceIP:
352 description: A custom IP address to put onto the NeutronPublicInterface.
354 NeutronPublicInterfaceRawDevice:
356 description: If set, the public interface is a vlan with this device as the raw device.
361 The tunnel types for the Neutron tenant network. To specify multiple
362 values, use a comma separated string, like so: 'gre,vxlan'
366 description: The password for the nova service and db account, used by nova-api.
374 description: The password for the 'pcsd' user.
375 PublicVirtualInterface:
378 Specifies the interface where the public-facing virtual ip will be assigned.
379 This should be int_public when a VLAN is being used.
381 PublicVirtualIP: # DEPRECATED: use per service settings instead
383 default: '' # Has to be here because of the ignored empty value bug
386 default: '' # Has to be here because of the ignored empty value bug
390 description: The password for RabbitMQ
395 description: The username for RabbitMQ
400 Rabbit client subscriber parameter to specify
401 an SSL connection to the RabbitMQ host.
405 description: Set rabbit subscriber port, change this if using SSL
409 default: '' # Has to be here because of the ignored empty value bug
410 SnmpdReadonlyUserName:
411 default: ro_snmp_user
412 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
414 SnmpdReadonlyUserPassword:
416 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
421 description: If set, the contents of an SSL certificate authority file.
425 description: If set, the contents of an SSL certificate .crt file for encrypting SSL endpoints.
430 description: If set, the contents of an SSL certificate .key file for encrypting SSL endpoints.
435 description: A random string to be used as a salt when hashing to determine mappings
441 description: Value of mount_check in Swift account/container/object -server.conf
446 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
449 description: Partition Power to use when building Swift rings
453 description: The password for the swift service account, used by the swift proxy
460 description: How many replicas to use in the swift rings.
461 VirtualIP: # DEPRECATED: use per service settings instead
463 default: '' # Has to be here because of the ignored empty value bug
473 KeystonePublicApiVirtualIP:
479 EnablePackageInstall:
481 description: Set to true to enable package installation via Puppet
485 description: Mapping of service_name -> network name. Typically set
486 via parameter_defaults in the resource registry.
492 Setting to a previously unused value during stack-update will trigger
493 package update on all nodes
496 default: '' # Defaults to Heat created hostname
501 type: OS::Nova::Server
503 image: {get_param: Image}
504 image_update_policy: {get_param: ImageUpdatePolicy}
505 flavor: {get_param: Flavor}
506 key_name: {get_param: KeyName}
509 user_data_format: SOFTWARE_CONFIG
510 user_data: {get_resource: NodeUserData}
511 name: {get_param: Hostname}
514 type: OS::TripleO::NodeUserData
517 type: OS::TripleO::Controller::Ports::ExternalPort
519 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
522 type: OS::TripleO::Controller::Ports::InternalApiPort
524 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
527 type: OS::TripleO::Controller::Ports::StoragePort
529 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
532 type: OS::TripleO::Controller::Ports::StorageMgmtPort
534 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
537 type: OS::TripleO::Controller::Ports::TenantPort
539 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
542 type: OS::TripleO::Network::Ports::NetIpMap
544 ExternalIp: {get_attr: [ExternalPort, ip_address]}
545 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
546 StorageIp: {get_attr: [StoragePort, ip_address]}
547 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
548 TenantIp: {get_attr: [TenantPort, ip_address]}
551 type: OS::TripleO::Network::Ports::NetIpMap
553 ExternalIp: {get_attr: [ExternalPort, ip_subnet]}
554 InternalApiIp: {get_attr: [InternalApiPort, ip_subnet]}
555 StorageIp: {get_attr: [StoragePort, ip_subnet]}
556 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_subnet]}
557 TenantIp: {get_attr: [TenantPort, ip_subnet]}
560 type: OS::TripleO::Controller::Net::SoftwareConfig
562 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
563 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
564 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
565 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
566 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
569 type: OS::TripleO::SoftwareDeployment
571 config: {get_resource: NetworkConfig}
572 server: {get_resource: Controller}
575 interface_name: {get_param: NeutronPublicInterface}
577 ControllerDeployment:
578 type: OS::TripleO::SoftwareDeployment
579 depends_on: NetworkDeployment
581 config: {get_resource: ControllerConfig}
582 server: {get_resource: Controller}
584 bootstack_nodeid: {get_attr: [Controller, name]}
585 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
586 heat.watch_server_url:
590 - {get_param: HeatApiVirtualIP}
592 heat.metadata_server_url:
596 - {get_param: HeatApiVirtualIP}
598 heat.waitcondition_server_url:
602 - {get_param: HeatApiVirtualIP}
603 - ':8000/v1/waitcondition'
604 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
605 horizon_secret: {get_param: HorizonSecret}
606 admin_password: {get_param: AdminPassword}
607 admin_token: {get_param: AdminToken}
608 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
609 debug: {get_param: Debug}
610 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
611 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
612 cinder_password: {get_param: CinderPassword}
613 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
614 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
615 cinder_backend_config: {get_param: CinderBackendConfig}
619 - - 'mysql://cinder:'
620 - {get_param: CinderPassword}
622 - {get_param: MysqlVirtualIP}
624 glance_port: {get_param: GlancePort}
625 glance_password: {get_param: GlancePassword}
626 glance_backend: {get_param: GlanceBackend}
627 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
628 glance_log_file: {get_param: GlanceLogFile}
632 - - 'mysql://glance:'
633 - {get_param: GlancePassword}
635 - {get_param: MysqlVirtualIP}
637 heat_password: {get_param: HeatPassword}
638 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
643 - {get_param: HeatPassword}
645 - {get_param: MysqlVirtualIP}
647 keystone_auth_address: {list_join: ['', ['http://', {get_param: KeystonePublicApiVirtualIP} , ':5000/v2.0']]}
648 keystone_ca_certificate: {get_param: KeystoneCACertificate}
649 keystone_signing_key: {get_param: KeystoneSigningKey}
650 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
651 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
652 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
656 - - 'mysql://keystone:'
657 - {get_param: AdminToken}
659 - {get_param: MysqlVirtualIP}
661 keystone_identity_uri:
665 - {get_param: KeystonePublicApiVirtualIP}
671 - {get_param: KeystonePublicApiVirtualIP}
673 enable_fencing: {get_param: EnableFencing}
674 enable_galera: {get_param: EnableGalera}
675 enable_ceph_storage: {get_param: EnableCephStorage}
676 enable_swift_storage: {get_param: EnableSwiftStorage}
677 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
678 mysql_root_password: {get_param: MysqlRootPassword}
681 template: tripleo-CLUSTER
683 CLUSTER: {get_param: MysqlClusterUniquePart}
684 neutron_flat_networks: {get_param: NeutronFlatNetworks}
685 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
686 neutron_agent_mode: {get_param: NeutronAgentMode}
687 neutron_router_distributed: {get_param: NeutronDVR}
688 neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers}
689 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
690 neutron_l3_ha: {get_param: NeutronL3HA}
691 neutron_network_vlan_ranges:
693 template: "['RANGES']"
698 - {get_param: NeutronNetworkVLANRanges}
699 neutron_bridge_mappings: {get_param: NeutronBridgeMappings}
700 neutron_public_interface: {get_param: NeutronPublicInterface}
701 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
702 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
703 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
704 neutron_tenant_network_type: {get_param: NeutronNetworkType}
705 neutron_tunnel_types: {get_param: NeutronTunnelTypes}
706 neutron_password: {get_param: NeutronPassword}
707 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
711 - - 'mysql://neutron:'
712 - {get_param: NeutronPassword}
714 - {get_param: MysqlVirtualIP}
715 - '/ovs_neutron?charset=utf8'
720 - {get_param: NeutronApiVirtualIP}
722 neutron_admin_auth_url:
726 - {get_param: KeystonePublicApiVirtualIP}
728 ceilometer_backend: {get_param: CeilometerBackend}
729 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
730 ceilometer_password: {get_param: CeilometerPassword}
731 ceilometer_coordination_url:
735 - {get_param: RedisVirtualIP}
740 - - 'mysql://ceilometer:unset@'
741 - {get_param: MysqlVirtualIP}
743 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
744 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
745 nova_password: {get_param: NovaPassword}
750 - {get_param: NovaPassword}
752 - {get_param: MysqlVirtualIP}
754 fencing_config: {get_param: FencingConfig}
755 pcsd_password: {get_param: PcsdPassword}
756 rabbit_username: {get_param: RabbitUserName}
757 rabbit_password: {get_param: RabbitPassword}
758 rabbit_cookie: {get_param: RabbitCookie}
759 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
760 rabbit_client_port: {get_param: RabbitClientPort}
763 template: '["server"]'
765 server: {get_param: NtpServer}
766 control_virtual_interface: {get_param: ControlVirtualInterface}
767 public_virtual_interface: {get_param: PublicVirtualInterface}
768 swift_hash_suffix: {get_param: SwiftHashSuffix}
769 swift_password: {get_param: SwiftPassword}
770 swift_part_power: {get_param: SwiftPartPower}
771 swift_replicas: {get_param: SwiftReplicas}
772 swift_min_part_hours: {get_param: SwiftMinPartHours}
773 swift_mount_check: {get_param: SwiftMountCheck}
774 enable_package_install: {get_param: EnablePackageInstall}
775 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
776 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
777 cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
778 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
779 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
780 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
784 - - {get_param: GlanceProtocol}
786 - {get_param: GlanceApiVirtualIP}
788 - {get_param: GlancePort}
789 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
790 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
791 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
792 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
793 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
794 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
795 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
796 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
797 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
798 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
799 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
800 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
801 redis_vip: {get_param: RedisVirtualIP}
802 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
803 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
804 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
805 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
806 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
808 # Map heat metadata into hiera datafiles
810 type: OS::Heat::StructuredConfig
812 group: os-apply-config
816 - heat_config_%{::deploy_config_name}
819 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
820 - ceph_cluster # provided by CephClusterConfig
822 - bootstrap_node # provided by BootstrapNodeConfig
823 - all_nodes # provided by allNodesConfig
824 - vip_data # provided by vip-config
827 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
830 raw_data: {get_file: hieradata/common.yaml}
832 raw_data: {get_file: hieradata/ceph.yaml}
834 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
835 ceph::profile::params::public_network: {get_input: ceph_public_network}
836 ceph::mon::public_addr: {get_input: ceph_public_ip}
838 raw_data: {get_file: hieradata/object.yaml}
840 raw_data: {get_file: hieradata/controller.yaml}
841 mapped_data: # data supplied directly to this deployment configuration, etc
842 bootstack_nodeid: {get_input: bootstack_nodeid}
845 enable_fencing: {get_input: enable_fencing}
846 hacluster_pwd: {get_input: pcsd_password}
847 tripleo::fencing::config: {get_input: fencing_config}
850 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
851 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
852 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
853 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
854 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
855 swift::proxy::authtoken::admin_password: {get_input: swift_password}
856 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
857 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
858 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
859 swift_mount_check: {get_input: swift_mount_check}
861 # NOTE(dprince): build_ring support is currently not wired in.
862 # See: https://review.openstack.org/#/c/109225/
863 tripleo::ringbuilder::build_ring: True
866 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
867 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
868 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
869 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
870 cinder::database_connection: {get_input: cinder_dsn}
871 cinder::api::keystone_password: {get_input: cinder_password}
872 cinder::api::auth_uri: {get_input: keystone_auth_uri}
873 cinder::api::identity_uri: {get_input: keystone_identity_uri}
874 cinder::api::bind_host: {get_input: cinder_api_network}
875 cinder::rabbit_userid: {get_input: rabbit_username}
876 cinder::rabbit_password: {get_input: rabbit_password}
877 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
878 cinder::rabbit_port: {get_input: rabbit_client_port}
879 cinder::debug: {get_input: debug}
880 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
881 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
882 cinder_backend_config: {get_input: CinderBackendConfig}
885 glance::api::bind_port: {get_input: glance_port}
886 glance::api::bind_host: {get_input: glance_api_network}
887 glance::api::auth_uri: {get_input: keystone_auth_uri}
888 glance::api::identity_uri: {get_input: keystone_identity_uri}
889 glance::api::registry_host: {get_input: glance_registry_network}
890 glance::api::keystone_password: {get_input: glance_password}
891 glance::api::debug: {get_input: debug}
892 glance_notifier_strategy: {get_input: glance_notifier_strategy}
893 glance_log_file: {get_input: glance_log_file}
894 glance_log_file: {get_input: glance_log_file}
895 glance::api::database_connection: {get_input: glance_dsn}
896 glance::registry::keystone_password: {get_input: glance_password}
897 glance::registry::database_connection: {get_input: glance_dsn}
898 glance::registry::bind_host: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
899 glance::registry::auth_uri: {get_input: keystone_auth_uri}
900 glance::registry::identity_uri: {get_input: keystone_identity_uri}
901 glance::registry::debug: {get_input: debug}
902 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_address}
903 glance::backend::swift::swift_store_user: service:glance
904 glance::backend::swift::swift_store_key: {get_input: glance_password}
905 glance_backend: {get_input: glance_backend}
908 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
909 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
910 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
911 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
912 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
913 heat::rabbit_userid: {get_input: rabbit_username}
914 heat::rabbit_password: {get_input: rabbit_password}
915 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
916 heat::rabbit_port: {get_input: rabbit_client_port}
917 heat::auth_uri: {get_input: keystone_auth_uri}
918 heat::identity_uri: {get_input: keystone_identity_uri}
919 heat::keystone_password: {get_input: heat_password}
920 heat::api::bind_host: {get_input: heat_api_network}
921 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
922 heat::api_cfn::bind_host: {get_input: heat_api_network}
923 heat::database_connection: {get_input: heat_dsn}
924 heat::instance_user: heat-admin
925 heat::debug: {get_input: debug}
928 keystone::admin_token: {get_input: admin_token}
929 keystone_ca_certificate: {get_input: keystone_ca_certificate}
930 keystone_signing_key: {get_input: keystone_signing_key}
931 keystone_signing_certificate: {get_input: keystone_signing_certificate}
932 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
933 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
934 keystone::database_connection: {get_input: keystone_dsn}
935 keystone::public_bind_host: {get_input: keystone_public_api_network}
936 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
937 keystone::debug: {get_input: debug}
939 mongodb::server::bind_ip: {get_input: mongo_db_network}
941 admin_password: {get_input: admin_password}
942 enable_galera: {get_input: enable_galera}
943 enable_ceph_storage: {get_input: enable_ceph_storage}
944 enable_swift_storage: {get_input: enable_swift_storage}
945 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
946 mysql::server::root_password: {get_input: mysql_root_password}
947 mysql_cluster_name: {get_input: mysql_cluster_name}
948 mysql_bind_host: {get_input: mysql_network}
951 neutron::bind_host: {get_input: neutron_api_network}
952 neutron::rabbit_password: {get_input: rabbit_password}
953 neutron::rabbit_user: {get_input: rabbit_user}
954 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
955 neutron::rabbit_port: {get_input: rabbit_client_port}
956 neutron::debug: {get_input: debug}
957 neutron::server::auth_uri: {get_input: keystone_auth_uri}
958 neutron::server::identity_uri: {get_input: keystone_identity_uri}
959 neutron::server::database_connection: {get_input: neutron_dsn}
960 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
961 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
962 neutron_flat_networks: {get_input: neutron_flat_networks}
963 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
964 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
965 neutron_agent_mode: {get_input: neutron_agent_mode}
966 neutron_router_distributed: {get_input: neutron_router_distributed}
967 neutron_mechanism_drivers: {get_input: neutron_mechanism_drivers}
968 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
969 neutron::server::l3_ha: {get_input: neutron_l3_ha}
970 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
971 neutron_bridge_mappings: {get_input: neutron_bridge_mappings}
972 neutron_public_interface: {get_input: neutron_public_interface}
973 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
974 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
975 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
976 neutron_tenant_network_type: {get_input: neutron_tenant_network_type}
977 neutron_tunnel_types: {get_input: neutron_tunnel_types}
978 neutron::server::auth_password: {get_input: neutron_password}
979 neutron::agents::metadata::auth_password: {get_input: neutron_password}
980 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
981 neutron_dsn: {get_input: neutron_dsn}
982 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
985 ceilometer_backend: {get_input: ceilometer_backend}
986 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
987 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
988 ceilometer::rabbit_userid: {get_input: rabbit_username}
989 ceilometer::rabbit_password: {get_input: rabbit_password}
990 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
991 ceilometer::rabbit_port: {get_input: rabbit_client_port}
992 ceilometer::debug: {get_input: debug}
993 ceilometer::api::host: {get_input: ceilometer_api_network}
994 ceilometer::api::keystone_password: {get_input: ceilometer_password}
995 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
996 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
997 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
998 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_address}
999 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1000 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1001 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1004 nova::rabbit_userid: {get_input: rabbit_username}
1005 nova::rabbit_password: {get_input: rabbit_password}
1006 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1007 nova::rabbit_port: {get_input: rabbit_client_port}
1008 nova::debug: {get_input: debug}
1009 nova::api::auth_uri: {get_input: keystone_auth_uri}
1010 nova::api::identity_uri: {get_input: keystone_identity_uri}
1011 nova::api::api_bind_address: {get_input: nova_api_network}
1012 nova::api::metadata_listen: {get_input: nova_metadata_network}
1013 nova::api::admin_password: {get_input: nova_password}
1014 nova::database_connection: {get_input: nova_dsn}
1015 nova::glance_api_servers: {get_input: glance_api_servers}
1016 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1017 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
1018 nova::network::neutron::neutron_url: {get_input: neutron_url}
1019 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
1020 nova::vncproxy::host: {get_input: nova_api_network}
1023 apache::ip: {get_input: horizon_network}
1024 horizon::django_debug: {get_input: debug}
1025 horizon::secret_key: {get_input: horizon_secret}
1026 horizon::bind_address: {get_input: horizon_network}
1027 horizon::keystone_url: {get_input: keystone_auth_uri}
1030 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1031 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1033 redis::bind: {get_input: redis_network}
1034 redis_vip: {get_input: redis_vip}
1036 memcached::listen_ip: {get_input: memcached_network}
1037 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1038 ntp::servers: {get_input: ntp_servers}
1039 control_virtual_interface: {get_input: control_virtual_interface}
1040 public_virtual_interface: {get_input: public_virtual_interface}
1041 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1042 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1043 enable_package_install: {get_input: enable_package_install}
1045 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1046 ControllerExtraConfigPre:
1047 depends_on: ControllerDeployment
1048 type: OS::TripleO::ControllerExtraConfigPre
1050 server: {get_resource: Controller}
1053 type: OS::TripleO::Tasks::PackageUpdate
1056 type: OS::Heat::SoftwareDeployment
1058 config: {get_resource: UpdateConfig}
1059 server: {get_resource: Controller}
1062 get_param: UpdateIdentifier
1066 description: IP address of the server in the ctlplane network
1067 value: {get_attr: [Controller, networks, ctlplane, 0]}
1068 external_ip_address:
1069 description: IP address of the server in the external network
1070 value: {get_attr: [ExternalPort, ip_address]}
1071 internal_api_ip_address:
1072 description: IP address of the server in the internal_api network
1073 value: {get_attr: [InternalApiPort, ip_address]}
1075 description: IP address of the server in the storage network
1076 value: {get_attr: [StoragePort, ip_address]}
1077 storage_mgmt_ip_address:
1078 description: IP address of the server in the storage_mgmt network
1079 value: {get_attr: [StorageMgmtPort, ip_address]}
1081 description: IP address of the server in the tenant network
1082 value: {get_attr: [TenantPort, ip_address]}
1084 description: Hostname of the server
1085 value: {get_attr: [Controller, name]}
1088 Node object in the format {ip: ..., name: ...} format that the corosync
1091 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1092 name: {get_attr: [Controller, name]}
1095 Server's IP address and hostname in the /etc/hosts format
1098 template: IP HOST.localdomain HOST CLOUDNAME
1100 IP: {get_attr: [Controller, networks, ctlplane, 0]}
1101 HOST: {get_attr: [Controller, name]}
1102 CLOUDNAME: {get_param: CloudName}
1103 nova_server_resource:
1104 description: Heat resource handle for the Nova compute server
1106 {get_resource: Controller}
1108 description: Swift device formatted for swift-ring-builder
1111 template: 'r1z1-IP:%PORT%/d1'
1113 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1114 swift_proxy_memcache:
1115 description: Swift proxy-memcache value
1118 template: "IP:11211"
1120 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1122 description: identifier which changes if the controller configuration may need re-applying
1126 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1127 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}