1 heat_template_version: 2015-04-30
4 OpenStack controller node configured by Puppet.
9 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
14 description: The keystone auth secret and db password.
19 description: The ceilometer backend type.
21 CeilometerMeteringSecret:
23 description: Secret shared by the ceilometer services.
28 description: The password for the ceilometer service and db account.
31 CinderEnableIscsiBackend:
33 description: Whether to enable or not the Iscsi backend for Cinder
35 CinderEnableRbdBackend:
37 description: Whether to enable or not the Rbd backend for Cinder
41 description: The iSCSI helper to use with cinder.
43 CinderLVMLoopDeviceSize:
45 description: The size of the loopback file used by the cinder LVM driver.
49 description: The password for the cinder service and db account, used by cinder-api.
54 description: Contains parameters to configure Cinder backends. Typically
55 set via parameter_defaults in the resource registry.
59 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
61 ControllerExtraConfig:
64 Controller specific configuration to inject into the cluster. Same
65 structure as ExtraConfig.
67 ControlVirtualInterface:
69 description: Interface where virtual ip will be assigned.
73 description: Set to True to enable debugging on all services.
77 description: Whether to enable fencing in Pacemaker or not.
81 description: Whether to use Galera instead of regular MariaDB.
85 description: Whether to deploy Ceph Storage (OSD) on the Controller
89 description: Whether to enable Swift Storage on the Controller
94 Additional configuration to inject into the cluster. The JSON should have
95 the following structure:
98 [{"section": "SECTIONNAME",
100 [{"option": "OPTIONNAME",
111 [{"section": "default",
113 [{"option": "compute_manager",
114 "value": "ironic.nova.compute.manager.ClusterComputeManager"
120 [{"option": "driver",
121 "value": "nova.cells.rpc_driver.CellsRPCDriver"
132 Pacemaker fencing configuration. The JSON should have
133 the following structure:
137 "agent": "AGENT_NAME",
138 "host_mac": "HOST_MAC_ADDRESS",
139 "params": {"PARAM_NAME": "PARAM_VALUE"}
147 "agent": "fence_xvm",
148 "host_mac": "52:54:00:aa:bb:cc",
150 "multicast_address": "225.0.0.12",
151 "port": "baremetal_0",
153 "manage_key_file": true,
154 "key_file": "/etc/fence_xvm.key",
155 "key_file_password": "abcdef"
162 description: Flavor for control nodes to request when deploying.
165 - custom_constraint: nova.flavor
166 GlanceNotifierStrategy:
167 description: Strategy to use for Glance notification queue
171 description: The filepath of the file to use for logging messages from Glance.
176 description: The password for the glance service and db account, used by the glance services.
181 description: Glance port.
185 description: Protocol to use when connecting to glance, set to https for SSL.
189 description: The short name of the Glance backend to use. Should be one
190 of swift, rbd, or file
193 - allowed_values: ['swift', 'file', 'rbd']
196 description: The password for the Heat service and db account, used by the Heat services.
199 HeatStackDomainAdminPassword:
200 description: Password for heat_domain_admin user.
204 HeatAuthEncryptionKey:
205 description: Auth encryption key for heat-engine
208 description: Secret key for Django
212 default: overcloud-control
214 - custom_constraint: glance.image
216 default: 'REBUILD_PRESERVE_EPHEMERAL'
217 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
221 description: Name of an existing EC2 KeyPair to enable SSH access to the instances
224 - custom_constraint: nova.keypair
225 KeystoneCACertificate:
227 description: Keystone self-signed certificate authority certificate.
229 KeystoneSigningCertificate:
231 description: Keystone certificate for verifying token validity.
235 description: Keystone key for signing tokens.
238 KeystoneSSLCertificate:
240 description: Keystone certificate for verifying token validity.
242 KeystoneSSLCertificateKey:
244 description: Keystone key for signing tokens.
247 MysqlClusterUniquePart:
248 description: A unique identifier of the MySQL cluster the controller is in.
250 default: 'unset' # Has to be here because of the ignored empty value bug
251 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
253 # - length: {min: 4, max: 10}
254 MysqlInnodbBufferPoolSize:
256 Specifies the size of the buffer pool in megabytes. Setting to
257 zero should be interpreted as "no value" and will defer to the
264 default: '' # Has to be here because of the ignored empty value bug
265 NeutronExternalNetworkBridge:
266 description: Name of bridge used for external network traffic.
269 NeutronBridgeMappings:
271 The OVS logical->physical bridge mappings to use. See the Neutron
272 documentation for details. Defaults to mapping br-ex - the external
273 bridge on hosts - to a physical name 'datacentre' which can be used
274 to create provider networks (and we use this for the default floating
275 network) - if changing this either use different post-install network
276 scripts or be sure to keep 'datacentre' as a mapping network name.
278 default: "datacentre:br-ex"
279 NeutronDnsmasqOptions:
280 default: 'dhcp-option-force=26,1400'
281 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
285 description: Agent mode for the neutron-l3-agent on the controller hosts
289 description: Whether to enable l3-agent HA
291 NeutronDhcpAgentsPerNetwork:
294 description: The number of neutron dhcp agents to schedule per network
297 description: Whether to configure Neutron Distributed Virtual Routers
299 NeutronMetadataProxySharedSecret:
301 description: Shared secret to prevent spoofing
303 NeutronMechanismDrivers:
304 default: 'openvswitch'
306 The mechanism drivers for the Neutron tenant network. To specify multiple
307 values, use a comma separated string, like so: 'openvswitch,l2_population'
309 NeutronAllowL3AgentFailover:
311 description: Allow automatic l3-agent failover
313 NeutronEnableTunnelling:
318 default: 'datacentre'
319 description: If set, flat networks to configure in neutron plugins.
322 description: Whether to enable l3-agent HA
326 description: The tenant network type for Neutron, either gre or vxlan.
328 NeutronNetworkVLANRanges:
329 default: 'datacentre'
331 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
332 Neutron documentation for permitted values. Defaults to permitting any
333 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
334 type: comma_delimited_list
337 description: The password for the neutron service and db account, used by neutron agents.
340 NeutronPublicInterface:
342 description: What interface to bridge onto br-ex for network nodes.
344 NeutronPublicInterfaceTag:
347 VLAN tag for creating a public VLAN. The tag will be used to
348 create an access port on the exterior bridge for each control plane node,
349 and that port will be given the IP address returned by neutron from the
350 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
351 overcloud.yaml to include the deployment of VLAN ports to the control
354 NeutronPublicInterfaceDefaultRoute:
356 description: A custom default route for the NeutronPublicInterface.
358 NeutronPublicInterfaceIP:
360 description: A custom IP address to put onto the NeutronPublicInterface.
362 NeutronPublicInterfaceRawDevice:
364 description: If set, the public interface is a vlan with this device as the raw device.
369 The tunnel types for the Neutron tenant network. To specify multiple
370 values, use a comma separated string, like so: 'gre,vxlan'
374 description: The password for the nova service and db account, used by nova-api.
379 description: Should MongoDb journaling be disabled
386 description: The password for the 'pcsd' user.
387 PublicVirtualInterface:
390 Specifies the interface where the public-facing virtual ip will be assigned.
391 This should be int_public when a VLAN is being used.
393 PublicVirtualIP: # DEPRECATED: use per service settings instead
395 default: '' # Has to be here because of the ignored empty value bug
398 default: '' # Has to be here because of the ignored empty value bug
402 description: The password for RabbitMQ
407 description: The username for RabbitMQ
412 Rabbit client subscriber parameter to specify
413 an SSL connection to the RabbitMQ host.
417 description: Set rabbit subscriber port, change this if using SSL
421 default: '' # Has to be here because of the ignored empty value bug
422 SnmpdReadonlyUserName:
423 default: ro_snmp_user
424 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
426 SnmpdReadonlyUserPassword:
428 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
433 description: If set, the contents of an SSL certificate authority file.
437 description: If set, the contents of an SSL certificate .crt file for encrypting SSL endpoints.
442 description: If set, the contents of an SSL certificate .key file for encrypting SSL endpoints.
447 description: A random string to be used as a salt when hashing to determine mappings
453 description: Value of mount_check in Swift account/container/object -server.conf
458 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
461 description: Partition Power to use when building Swift rings
465 description: The password for the swift service account, used by the swift proxy
472 description: How many replicas to use in the swift rings.
473 VirtualIP: # DEPRECATED: use per service settings instead
475 default: '' # Has to be here because of the ignored empty value bug
485 KeystonePublicApiVirtualIP:
491 EnablePackageInstall:
493 description: Set to true to enable package installation via Puppet
497 description: Mapping of service_name -> network name. Typically set
498 via parameter_defaults in the resource registry.
504 Setting to a previously unused value during stack-update will trigger
505 package update on all nodes
508 default: '' # Defaults to Heat created hostname
513 type: OS::Nova::Server
515 image: {get_param: Image}
516 image_update_policy: {get_param: ImageUpdatePolicy}
517 flavor: {get_param: Flavor}
518 key_name: {get_param: KeyName}
521 user_data_format: SOFTWARE_CONFIG
522 user_data: {get_resource: NodeUserData}
523 name: {get_param: Hostname}
526 type: OS::TripleO::NodeUserData
529 type: OS::TripleO::Controller::Ports::ExternalPort
531 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
534 type: OS::TripleO::Controller::Ports::InternalApiPort
536 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
539 type: OS::TripleO::Controller::Ports::StoragePort
541 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
544 type: OS::TripleO::Controller::Ports::StorageMgmtPort
546 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
549 type: OS::TripleO::Controller::Ports::TenantPort
551 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
554 type: OS::TripleO::Network::Ports::NetIpMap
556 ExternalIp: {get_attr: [ExternalPort, ip_address]}
557 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
558 StorageIp: {get_attr: [StoragePort, ip_address]}
559 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
560 TenantIp: {get_attr: [TenantPort, ip_address]}
563 type: OS::TripleO::Network::Ports::NetIpMap
565 ExternalIp: {get_attr: [ExternalPort, ip_subnet]}
566 InternalApiIp: {get_attr: [InternalApiPort, ip_subnet]}
567 StorageIp: {get_attr: [StoragePort, ip_subnet]}
568 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_subnet]}
569 TenantIp: {get_attr: [TenantPort, ip_subnet]}
572 type: OS::TripleO::Controller::Net::SoftwareConfig
574 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
575 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
576 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
577 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
578 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
581 type: OS::TripleO::SoftwareDeployment
583 config: {get_resource: NetworkConfig}
584 server: {get_resource: Controller}
587 interface_name: {get_param: NeutronPublicInterface}
589 ControllerDeployment:
590 type: OS::TripleO::SoftwareDeployment
591 depends_on: NetworkDeployment
593 config: {get_resource: ControllerConfig}
594 server: {get_resource: Controller}
596 bootstack_nodeid: {get_attr: [Controller, name]}
597 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
598 heat.watch_server_url:
602 - {get_param: HeatApiVirtualIP}
604 heat.metadata_server_url:
608 - {get_param: HeatApiVirtualIP}
610 heat.waitcondition_server_url:
614 - {get_param: HeatApiVirtualIP}
615 - ':8000/v1/waitcondition'
616 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
617 horizon_secret: {get_param: HorizonSecret}
618 admin_password: {get_param: AdminPassword}
619 admin_token: {get_param: AdminToken}
620 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
621 debug: {get_param: Debug}
622 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
623 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
624 cinder_password: {get_param: CinderPassword}
625 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
626 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
627 cinder_backend_config: {get_param: CinderBackendConfig}
631 - - 'mysql://cinder:'
632 - {get_param: CinderPassword}
634 - {get_param: MysqlVirtualIP}
636 glance_port: {get_param: GlancePort}
637 glance_password: {get_param: GlancePassword}
638 glance_backend: {get_param: GlanceBackend}
639 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
640 glance_log_file: {get_param: GlanceLogFile}
644 - - 'mysql://glance:'
645 - {get_param: GlancePassword}
647 - {get_param: MysqlVirtualIP}
649 heat_password: {get_param: HeatPassword}
650 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
655 - {get_param: HeatPassword}
657 - {get_param: MysqlVirtualIP}
659 keystone_auth_address: {list_join: ['', ['http://', {get_param: KeystonePublicApiVirtualIP} , ':5000/v2.0']]}
660 keystone_ca_certificate: {get_param: KeystoneCACertificate}
661 keystone_signing_key: {get_param: KeystoneSigningKey}
662 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
663 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
664 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
668 - - 'mysql://keystone:'
669 - {get_param: AdminToken}
671 - {get_param: MysqlVirtualIP}
673 keystone_identity_uri:
677 - {get_param: KeystonePublicApiVirtualIP}
683 - {get_param: KeystonePublicApiVirtualIP}
685 enable_fencing: {get_param: EnableFencing}
686 enable_galera: {get_param: EnableGalera}
687 enable_ceph_storage: {get_param: EnableCephStorage}
688 enable_swift_storage: {get_param: EnableSwiftStorage}
689 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
690 mysql_root_password: {get_param: MysqlRootPassword}
693 template: tripleo-CLUSTER
695 CLUSTER: {get_param: MysqlClusterUniquePart}
696 neutron_flat_networks: {get_param: NeutronFlatNetworks}
697 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
698 neutron_agent_mode: {get_param: NeutronAgentMode}
699 neutron_router_distributed: {get_param: NeutronDVR}
700 neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers}
701 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
702 neutron_l3_ha: {get_param: NeutronL3HA}
703 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
704 neutron_network_vlan_ranges:
706 template: "['RANGES']"
711 - {get_param: NeutronNetworkVLANRanges}
712 neutron_bridge_mappings: {get_param: NeutronBridgeMappings}
713 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
714 neutron_public_interface: {get_param: NeutronPublicInterface}
715 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
716 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
717 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
718 neutron_tenant_network_type: {get_param: NeutronNetworkType}
719 neutron_tunnel_types: {get_param: NeutronTunnelTypes}
720 neutron_password: {get_param: NeutronPassword}
721 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
725 - - 'mysql://neutron:'
726 - {get_param: NeutronPassword}
728 - {get_param: MysqlVirtualIP}
729 - '/ovs_neutron?charset=utf8'
734 - {get_param: NeutronApiVirtualIP}
736 neutron_admin_auth_url:
740 - {get_param: KeystonePublicApiVirtualIP}
742 ceilometer_backend: {get_param: CeilometerBackend}
743 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
744 ceilometer_password: {get_param: CeilometerPassword}
745 ceilometer_coordination_url:
749 - {get_param: RedisVirtualIP}
754 - - 'mysql://ceilometer:unset@'
755 - {get_param: MysqlVirtualIP}
757 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
758 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
759 nova_password: {get_param: NovaPassword}
764 - {get_param: NovaPassword}
766 - {get_param: MysqlVirtualIP}
768 fencing_config: {get_param: FencingConfig}
769 pcsd_password: {get_param: PcsdPassword}
770 rabbit_username: {get_param: RabbitUserName}
771 rabbit_password: {get_param: RabbitPassword}
772 rabbit_cookie: {get_param: RabbitCookie}
773 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
774 rabbit_client_port: {get_param: RabbitClientPort}
775 mongodb_no_journal: {get_param: MongoDbNoJournal}
778 template: '["server"]'
780 server: {get_param: NtpServer}
781 control_virtual_interface: {get_param: ControlVirtualInterface}
782 public_virtual_interface: {get_param: PublicVirtualInterface}
783 swift_hash_suffix: {get_param: SwiftHashSuffix}
784 swift_password: {get_param: SwiftPassword}
785 swift_part_power: {get_param: SwiftPartPower}
786 swift_replicas: {get_param: SwiftReplicas}
787 swift_min_part_hours: {get_param: SwiftMinPartHours}
788 swift_mount_check: {get_param: SwiftMountCheck}
789 enable_package_install: {get_param: EnablePackageInstall}
790 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
791 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
792 cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
793 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
794 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
795 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
799 - - {get_param: GlanceProtocol}
801 - {get_param: GlanceApiVirtualIP}
803 - {get_param: GlancePort}
804 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
805 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
806 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
807 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
808 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
809 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
810 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
811 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
812 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
813 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
814 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
815 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
816 redis_vip: {get_param: RedisVirtualIP}
817 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
818 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
819 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
820 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
821 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
823 # Map heat metadata into hiera datafiles
825 type: OS::Heat::StructuredConfig
827 group: os-apply-config
831 - heat_config_%{::deploy_config_name}
834 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
835 - ceph_cluster # provided by CephClusterConfig
837 - bootstrap_node # provided by BootstrapNodeConfig
838 - all_nodes # provided by allNodesConfig
839 - vip_data # provided by vip-config
842 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
845 raw_data: {get_file: hieradata/common.yaml}
847 raw_data: {get_file: hieradata/ceph.yaml}
849 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
850 ceph::profile::params::public_network: {get_input: ceph_public_network}
851 ceph::mon::public_addr: {get_input: ceph_public_ip}
853 raw_data: {get_file: hieradata/object.yaml}
855 raw_data: {get_file: hieradata/controller.yaml}
856 mapped_data: # data supplied directly to this deployment configuration, etc
857 bootstack_nodeid: {get_input: bootstack_nodeid}
860 enable_fencing: {get_input: enable_fencing}
861 hacluster_pwd: {get_input: pcsd_password}
862 tripleo::fencing::config: {get_input: fencing_config}
865 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
866 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
867 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
868 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
869 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
870 swift::proxy::authtoken::admin_password: {get_input: swift_password}
871 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
872 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
873 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
874 swift_mount_check: {get_input: swift_mount_check}
876 # NOTE(dprince): build_ring support is currently not wired in.
877 # See: https://review.openstack.org/#/c/109225/
878 tripleo::ringbuilder::build_ring: True
881 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
882 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
883 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
884 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
885 cinder::database_connection: {get_input: cinder_dsn}
886 cinder::api::keystone_password: {get_input: cinder_password}
887 cinder::api::auth_uri: {get_input: keystone_auth_uri}
888 cinder::api::identity_uri: {get_input: keystone_identity_uri}
889 cinder::api::bind_host: {get_input: cinder_api_network}
890 cinder::rabbit_userid: {get_input: rabbit_username}
891 cinder::rabbit_password: {get_input: rabbit_password}
892 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
893 cinder::rabbit_port: {get_input: rabbit_client_port}
894 cinder::debug: {get_input: debug}
895 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
896 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
897 cinder_backend_config: {get_input: CinderBackendConfig}
900 glance::api::bind_port: {get_input: glance_port}
901 glance::api::bind_host: {get_input: glance_api_network}
902 glance::api::auth_uri: {get_input: keystone_auth_uri}
903 glance::api::identity_uri: {get_input: keystone_identity_uri}
904 glance::api::registry_host: {get_input: glance_registry_network}
905 glance::api::keystone_password: {get_input: glance_password}
906 glance::api::debug: {get_input: debug}
907 glance_notifier_strategy: {get_input: glance_notifier_strategy}
908 glance_log_file: {get_input: glance_log_file}
909 glance_log_file: {get_input: glance_log_file}
910 glance::api::database_connection: {get_input: glance_dsn}
911 glance::registry::keystone_password: {get_input: glance_password}
912 glance::registry::database_connection: {get_input: glance_dsn}
913 glance::registry::bind_host: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
914 glance::registry::auth_uri: {get_input: keystone_auth_uri}
915 glance::registry::identity_uri: {get_input: keystone_identity_uri}
916 glance::registry::debug: {get_input: debug}
917 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_address}
918 glance::backend::swift::swift_store_user: service:glance
919 glance::backend::swift::swift_store_key: {get_input: glance_password}
920 glance_backend: {get_input: glance_backend}
923 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
924 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
925 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
926 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
927 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
928 heat::rabbit_userid: {get_input: rabbit_username}
929 heat::rabbit_password: {get_input: rabbit_password}
930 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
931 heat::rabbit_port: {get_input: rabbit_client_port}
932 heat::auth_uri: {get_input: keystone_auth_uri}
933 heat::identity_uri: {get_input: keystone_identity_uri}
934 heat::keystone_password: {get_input: heat_password}
935 heat::api::bind_host: {get_input: heat_api_network}
936 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
937 heat::api_cfn::bind_host: {get_input: heat_api_network}
938 heat::database_connection: {get_input: heat_dsn}
939 heat::instance_user: heat-admin
940 heat::debug: {get_input: debug}
943 keystone::admin_token: {get_input: admin_token}
944 keystone_ca_certificate: {get_input: keystone_ca_certificate}
945 keystone_signing_key: {get_input: keystone_signing_key}
946 keystone_signing_certificate: {get_input: keystone_signing_certificate}
947 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
948 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
949 keystone::database_connection: {get_input: keystone_dsn}
950 keystone::public_bind_host: {get_input: keystone_public_api_network}
951 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
952 keystone::debug: {get_input: debug}
954 mongodb::server::bind_ip: {get_input: mongo_db_network}
955 mongodb::server::nojournal: {get_input: mongodb_no_journal}
957 admin_password: {get_input: admin_password}
958 enable_galera: {get_input: enable_galera}
959 enable_ceph_storage: {get_input: enable_ceph_storage}
960 enable_swift_storage: {get_input: enable_swift_storage}
961 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
962 mysql::server::root_password: {get_input: mysql_root_password}
963 mysql_cluster_name: {get_input: mysql_cluster_name}
964 mysql_bind_host: {get_input: mysql_network}
967 neutron::bind_host: {get_input: neutron_api_network}
968 neutron::rabbit_password: {get_input: rabbit_password}
969 neutron::rabbit_user: {get_input: rabbit_user}
970 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
971 neutron::rabbit_port: {get_input: rabbit_client_port}
972 neutron::debug: {get_input: debug}
973 neutron::server::auth_uri: {get_input: keystone_auth_uri}
974 neutron::server::identity_uri: {get_input: keystone_identity_uri}
975 neutron::server::database_connection: {get_input: neutron_dsn}
976 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
977 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
978 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
979 neutron_flat_networks: {get_input: neutron_flat_networks}
980 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
981 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
982 neutron_agent_mode: {get_input: neutron_agent_mode}
983 neutron_router_distributed: {get_input: neutron_router_distributed}
984 neutron_mechanism_drivers: {get_input: neutron_mechanism_drivers}
985 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
986 neutron::server::l3_ha: {get_input: neutron_l3_ha}
987 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
988 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
989 neutron_bridge_mappings: {get_input: neutron_bridge_mappings}
990 neutron_public_interface: {get_input: neutron_public_interface}
991 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
992 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
993 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
994 neutron_tenant_network_type: {get_input: neutron_tenant_network_type}
995 neutron_tunnel_types: {get_input: neutron_tunnel_types}
996 neutron::server::auth_password: {get_input: neutron_password}
997 neutron::agents::metadata::auth_password: {get_input: neutron_password}
998 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
999 neutron_dsn: {get_input: neutron_dsn}
1000 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1003 ceilometer_backend: {get_input: ceilometer_backend}
1004 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1005 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1006 ceilometer::rabbit_userid: {get_input: rabbit_username}
1007 ceilometer::rabbit_password: {get_input: rabbit_password}
1008 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1009 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1010 ceilometer::debug: {get_input: debug}
1011 ceilometer::api::host: {get_input: ceilometer_api_network}
1012 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1013 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1014 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1015 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1016 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_address}
1017 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1018 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1019 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1022 nova::rabbit_userid: {get_input: rabbit_username}
1023 nova::rabbit_password: {get_input: rabbit_password}
1024 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1025 nova::rabbit_port: {get_input: rabbit_client_port}
1026 nova::debug: {get_input: debug}
1027 nova::api::auth_uri: {get_input: keystone_auth_uri}
1028 nova::api::identity_uri: {get_input: keystone_identity_uri}
1029 nova::api::api_bind_address: {get_input: nova_api_network}
1030 nova::api::metadata_listen: {get_input: nova_metadata_network}
1031 nova::api::admin_password: {get_input: nova_password}
1032 nova::database_connection: {get_input: nova_dsn}
1033 nova::glance_api_servers: {get_input: glance_api_servers}
1034 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1035 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
1036 nova::network::neutron::neutron_url: {get_input: neutron_url}
1037 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
1038 nova::vncproxy::host: {get_input: nova_api_network}
1041 apache::ip: {get_input: horizon_network}
1042 horizon::django_debug: {get_input: debug}
1043 horizon::secret_key: {get_input: horizon_secret}
1044 horizon::bind_address: {get_input: horizon_network}
1045 horizon::keystone_url: {get_input: keystone_auth_uri}
1048 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1049 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1051 redis::bind: {get_input: redis_network}
1052 redis_vip: {get_input: redis_vip}
1054 memcached::listen_ip: {get_input: memcached_network}
1055 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1056 ntp::servers: {get_input: ntp_servers}
1057 control_virtual_interface: {get_input: control_virtual_interface}
1058 public_virtual_interface: {get_input: public_virtual_interface}
1059 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1060 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1061 enable_package_install: {get_input: enable_package_install}
1063 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1064 ControllerExtraConfigPre:
1065 depends_on: ControllerDeployment
1066 type: OS::TripleO::ControllerExtraConfigPre
1068 server: {get_resource: Controller}
1071 type: OS::TripleO::Tasks::PackageUpdate
1074 type: OS::Heat::SoftwareDeployment
1076 config: {get_resource: UpdateConfig}
1077 server: {get_resource: Controller}
1080 get_param: UpdateIdentifier
1084 description: IP address of the server in the ctlplane network
1085 value: {get_attr: [Controller, networks, ctlplane, 0]}
1086 external_ip_address:
1087 description: IP address of the server in the external network
1088 value: {get_attr: [ExternalPort, ip_address]}
1089 internal_api_ip_address:
1090 description: IP address of the server in the internal_api network
1091 value: {get_attr: [InternalApiPort, ip_address]}
1093 description: IP address of the server in the storage network
1094 value: {get_attr: [StoragePort, ip_address]}
1095 storage_mgmt_ip_address:
1096 description: IP address of the server in the storage_mgmt network
1097 value: {get_attr: [StorageMgmtPort, ip_address]}
1099 description: IP address of the server in the tenant network
1100 value: {get_attr: [TenantPort, ip_address]}
1102 description: Hostname of the server
1103 value: {get_attr: [Controller, name]}
1106 Node object in the format {ip: ..., name: ...} format that the corosync
1109 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1110 name: {get_attr: [Controller, name]}
1113 Server's IP address and hostname in the /etc/hosts format
1116 template: IP HOST.localdomain HOST CLOUDNAME
1118 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1119 HOST: {get_attr: [Controller, name]}
1120 CLOUDNAME: {get_param: CloudName}
1121 nova_server_resource:
1122 description: Heat resource handle for the Nova compute server
1124 {get_resource: Controller}
1126 description: Swift device formatted for swift-ring-builder
1129 template: 'r1z1-IP:%PORT%/d1'
1131 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1132 swift_proxy_memcache:
1133 description: Swift proxy-memcache value
1136 template: "IP:11211"
1138 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1140 description: identifier which changes if the controller configuration may need re-applying
1144 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1145 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
Code Review / apex-tripleo-heat-templates.git / blob