1 heat_template_version: 2015-04-30
4 OpenStack controller node configured by Puppet.
9 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
14 description: The keystone auth secret and db password.
19 description: The ceilometer backend type.
21 CeilometerMeteringSecret:
23 description: Secret shared by the ceilometer services.
28 description: The password for the ceilometer service and db account.
31 CinderEnableIscsiBackend:
33 description: Whether to enable or not the Iscsi backend for Cinder
35 CinderEnableRbdBackend:
37 description: Whether to enable or not the Rbd backend for Cinder
41 description: The iSCSI helper to use with cinder.
43 CinderLVMLoopDeviceSize:
45 description: The size of the loopback file used by the cinder LVM driver.
49 description: The password for the cinder service and db account, used by cinder-api.
54 description: Contains parameters to configure Cinder backends. Typically
55 set via parameter_defaults in the resource registry.
59 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
61 ControllerExtraConfig:
64 Controller specific hiera configuration data to inject into the cluster.
66 ControlVirtualInterface:
68 description: Interface where virtual ip will be assigned.
72 description: Set to True to enable debugging on all services.
76 description: Whether to enable fencing in Pacemaker or not.
80 description: Whether to use Galera instead of regular MariaDB.
84 description: Whether to deploy Ceph Storage (OSD) on the Controller
88 description: Whether to enable Swift Storage on the Controller
93 Additional hieradata to inject into the cluster, note that
94 ControllerExtraConfig takes precedence over ExtraConfig.
99 Pacemaker fencing configuration. The JSON should have
100 the following structure:
104 "agent": "AGENT_NAME",
105 "host_mac": "HOST_MAC_ADDRESS",
106 "params": {"PARAM_NAME": "PARAM_VALUE"}
114 "agent": "fence_xvm",
115 "host_mac": "52:54:00:aa:bb:cc",
117 "multicast_address": "225.0.0.12",
118 "port": "baremetal_0",
120 "manage_key_file": true,
121 "key_file": "/etc/fence_xvm.key",
122 "key_file_password": "abcdef"
129 description: Flavor for control nodes to request when deploying.
132 - custom_constraint: nova.flavor
133 GlanceNotifierStrategy:
134 description: Strategy to use for Glance notification queue
138 description: The filepath of the file to use for logging messages from Glance.
143 description: The password for the glance service and db account, used by the glance services.
148 description: Glance port.
152 description: Protocol to use when connecting to glance, set to https for SSL.
156 description: The short name of the Glance backend to use. Should be one
157 of swift, rbd, or file
160 - allowed_values: ['swift', 'file', 'rbd']
163 description: The password for the Heat service and db account, used by the Heat services.
166 HeatStackDomainAdminPassword:
167 description: Password for heat_domain_admin user.
171 HeatAuthEncryptionKey:
172 description: Auth encryption key for heat-engine
175 description: Secret key for Django
179 default: overcloud-control
181 - custom_constraint: glance.image
183 default: 'REBUILD_PRESERVE_EPHEMERAL'
184 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
188 description: Name of an existing EC2 KeyPair to enable SSH access to the instances
191 - custom_constraint: nova.keypair
192 KeystoneCACertificate:
194 description: Keystone self-signed certificate authority certificate.
196 KeystoneSigningCertificate:
198 description: Keystone certificate for verifying token validity.
202 description: Keystone key for signing tokens.
205 KeystoneSSLCertificate:
207 description: Keystone certificate for verifying token validity.
209 KeystoneSSLCertificateKey:
211 description: Keystone key for signing tokens.
214 MysqlClusterUniquePart:
215 description: A unique identifier of the MySQL cluster the controller is in.
217 default: 'unset' # Has to be here because of the ignored empty value bug
218 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
220 # - length: {min: 4, max: 10}
221 MysqlInnodbBufferPoolSize:
223 Specifies the size of the buffer pool in megabytes. Setting to
224 zero should be interpreted as "no value" and will defer to the
229 description: Configures MySQL max_connections config setting
235 default: '' # Has to be here because of the ignored empty value bug
236 NeutronExternalNetworkBridge:
237 description: Name of bridge used for external network traffic.
240 NeutronBridgeMappings:
242 The OVS logical->physical bridge mappings to use. See the Neutron
243 documentation for details. Defaults to mapping br-ex - the external
244 bridge on hosts - to a physical name 'datacentre' which can be used
245 to create provider networks (and we use this for the default floating
246 network) - if changing this either use different post-install network
247 scripts or be sure to keep 'datacentre' as a mapping network name.
249 default: "datacentre:br-ex"
250 NeutronDnsmasqOptions:
251 default: 'dhcp-option-force=26,1400'
252 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
256 description: Agent mode for the neutron-l3-agent on the controller hosts
260 description: Whether to enable l3-agent HA
262 NeutronDhcpAgentsPerNetwork:
265 description: The number of neutron dhcp agents to schedule per network
268 description: Whether to configure Neutron Distributed Virtual Routers
270 NeutronMetadataProxySharedSecret:
272 description: Shared secret to prevent spoofing
274 NeutronMechanismDrivers:
275 default: 'openvswitch'
277 The mechanism drivers for the Neutron tenant network. To specify multiple
278 values, use a comma separated string, like so: 'openvswitch,l2_population'
280 NeutronAllowL3AgentFailover:
282 description: Allow automatic l3-agent failover
284 NeutronEnableTunnelling:
289 default: 'datacentre'
290 description: If set, flat networks to configure in neutron plugins.
293 description: Whether to enable l3-agent HA
297 description: The tenant network type for Neutron, either gre or vxlan.
299 NeutronNetworkVLANRanges:
300 default: 'datacentre'
302 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
303 Neutron documentation for permitted values. Defaults to permitting any
304 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
305 type: comma_delimited_list
308 description: The password for the neutron service and db account, used by neutron agents.
311 NeutronPublicInterface:
313 description: What interface to bridge onto br-ex for network nodes.
315 NeutronPublicInterfaceTag:
318 VLAN tag for creating a public VLAN. The tag will be used to
319 create an access port on the exterior bridge for each control plane node,
320 and that port will be given the IP address returned by neutron from the
321 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
322 overcloud.yaml to include the deployment of VLAN ports to the control
325 NeutronPublicInterfaceDefaultRoute:
327 description: A custom default route for the NeutronPublicInterface.
329 NeutronPublicInterfaceIP:
331 description: A custom IP address to put onto the NeutronPublicInterface.
333 NeutronPublicInterfaceRawDevice:
335 description: If set, the public interface is a vlan with this device as the raw device.
340 The tunnel types for the Neutron tenant network. To specify multiple
341 values, use a comma separated string, like so: 'gre,vxlan'
343 NeutronTunnelIdRanges:
345 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
346 of GRE tunnel IDs that are available for tenant network allocation
347 default: ["1:1000", ]
348 type: comma_delimited_list
351 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
352 of VXLAN VNI IDs that are available for tenant network allocation
353 default: ["1:1000", ]
354 type: comma_delimited_list
357 description: The password for the nova service and db account, used by nova-api.
362 description: Should MongoDb journaling be disabled
369 description: The password for the 'pcsd' user.
370 PublicVirtualInterface:
373 Specifies the interface where the public-facing virtual ip will be assigned.
374 This should be int_public when a VLAN is being used.
376 PublicVirtualIP: # DEPRECATED: use per service settings instead
378 default: '' # Has to be here because of the ignored empty value bug
381 default: '' # Has to be here because of the ignored empty value bug
385 description: The password for RabbitMQ
390 description: The username for RabbitMQ
395 Rabbit client subscriber parameter to specify
396 an SSL connection to the RabbitMQ host.
400 description: Set rabbit subscriber port, change this if using SSL
404 default: '' # Has to be here because of the ignored empty value bug
405 SnmpdReadonlyUserName:
406 default: ro_snmp_user
407 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
409 SnmpdReadonlyUserPassword:
411 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
416 description: If set, the contents of an SSL certificate authority file.
420 description: If set, the contents of an SSL certificate .crt file for encrypting SSL endpoints.
425 description: If set, the contents of an SSL certificate .key file for encrypting SSL endpoints.
430 description: A random string to be used as a salt when hashing to determine mappings
436 description: Value of mount_check in Swift account/container/object -server.conf
441 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
444 description: Partition Power to use when building Swift rings
448 description: The password for the swift service account, used by the swift proxy
455 description: How many replicas to use in the swift rings.
456 VirtualIP: # DEPRECATED: use per service settings instead
458 default: '' # Has to be here because of the ignored empty value bug
468 KeystonePublicApiVirtualIP:
474 EnablePackageInstall:
476 description: Set to true to enable package installation via Puppet
480 description: Mapping of service_name -> network name. Typically set
481 via parameter_defaults in the resource registry.
487 Setting to a previously unused value during stack-update will trigger
488 package update on all nodes
491 default: '' # Defaults to Heat created hostname
496 type: OS::Nova::Server
498 image: {get_param: Image}
499 image_update_policy: {get_param: ImageUpdatePolicy}
500 flavor: {get_param: Flavor}
501 key_name: {get_param: KeyName}
504 user_data_format: SOFTWARE_CONFIG
505 user_data: {get_resource: NodeUserData}
506 name: {get_param: Hostname}
509 type: OS::TripleO::NodeUserData
512 type: OS::TripleO::Controller::Ports::ExternalPort
514 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
517 type: OS::TripleO::Controller::Ports::InternalApiPort
519 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
522 type: OS::TripleO::Controller::Ports::StoragePort
524 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
527 type: OS::TripleO::Controller::Ports::StorageMgmtPort
529 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
532 type: OS::TripleO::Controller::Ports::TenantPort
534 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
537 type: OS::TripleO::Network::Ports::NetIpMap
539 ExternalIp: {get_attr: [ExternalPort, ip_address]}
540 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
541 StorageIp: {get_attr: [StoragePort, ip_address]}
542 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
543 TenantIp: {get_attr: [TenantPort, ip_address]}
546 type: OS::TripleO::Network::Ports::NetIpMap
548 ExternalIp: {get_attr: [ExternalPort, ip_subnet]}
549 InternalApiIp: {get_attr: [InternalApiPort, ip_subnet]}
550 StorageIp: {get_attr: [StoragePort, ip_subnet]}
551 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_subnet]}
552 TenantIp: {get_attr: [TenantPort, ip_subnet]}
555 type: OS::TripleO::Controller::Net::SoftwareConfig
557 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
558 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
559 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
560 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
561 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
564 type: OS::TripleO::SoftwareDeployment
566 config: {get_resource: NetworkConfig}
567 server: {get_resource: Controller}
570 interface_name: {get_param: NeutronPublicInterface}
572 ControllerDeployment:
573 type: OS::TripleO::SoftwareDeployment
574 depends_on: NetworkDeployment
576 config: {get_resource: ControllerConfig}
577 server: {get_resource: Controller}
579 bootstack_nodeid: {get_attr: [Controller, name]}
580 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
581 heat.watch_server_url:
585 - {get_param: HeatApiVirtualIP}
587 heat.metadata_server_url:
591 - {get_param: HeatApiVirtualIP}
593 heat.waitcondition_server_url:
597 - {get_param: HeatApiVirtualIP}
598 - ':8000/v1/waitcondition'
599 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
600 horizon_secret: {get_param: HorizonSecret}
601 admin_password: {get_param: AdminPassword}
602 admin_token: {get_param: AdminToken}
603 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
604 debug: {get_param: Debug}
605 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
606 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
607 cinder_password: {get_param: CinderPassword}
608 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
609 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
610 cinder_backend_config: {get_param: CinderBackendConfig}
614 - - 'mysql://cinder:'
615 - {get_param: CinderPassword}
617 - {get_param: MysqlVirtualIP}
619 glance_port: {get_param: GlancePort}
620 glance_password: {get_param: GlancePassword}
621 glance_backend: {get_param: GlanceBackend}
622 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
623 glance_log_file: {get_param: GlanceLogFile}
627 - - 'mysql://glance:'
628 - {get_param: GlancePassword}
630 - {get_param: MysqlVirtualIP}
632 heat_password: {get_param: HeatPassword}
633 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
638 - {get_param: HeatPassword}
640 - {get_param: MysqlVirtualIP}
642 keystone_auth_address: {list_join: ['', ['http://', {get_param: KeystonePublicApiVirtualIP} , ':5000/v2.0']]}
643 keystone_ca_certificate: {get_param: KeystoneCACertificate}
644 keystone_signing_key: {get_param: KeystoneSigningKey}
645 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
646 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
647 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
651 - - 'mysql://keystone:'
652 - {get_param: AdminToken}
654 - {get_param: MysqlVirtualIP}
656 keystone_identity_uri:
660 - {get_param: KeystonePublicApiVirtualIP}
666 - {get_param: KeystonePublicApiVirtualIP}
672 - {get_param: KeystonePublicApiVirtualIP}
673 - ':5000/v2.0/ec2tokens'
674 enable_fencing: {get_param: EnableFencing}
675 enable_galera: {get_param: EnableGalera}
676 enable_ceph_storage: {get_param: EnableCephStorage}
677 enable_swift_storage: {get_param: EnableSwiftStorage}
678 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
679 mysql_max_connections: {get_param: MysqlMaxConnections}
680 mysql_root_password: {get_param: MysqlRootPassword}
683 template: tripleo-CLUSTER
685 CLUSTER: {get_param: MysqlClusterUniquePart}
686 neutron_flat_networks: {get_param: NeutronFlatNetworks}
687 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
688 neutron_agent_mode: {get_param: NeutronAgentMode}
689 neutron_router_distributed: {get_param: NeutronDVR}
690 neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers}
691 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
692 neutron_l3_ha: {get_param: NeutronL3HA}
693 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
694 neutron_network_vlan_ranges:
696 template: "['RANGES']"
701 - {get_param: NeutronNetworkVLANRanges}
702 neutron_bridge_mappings: {get_param: NeutronBridgeMappings}
703 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
704 neutron_public_interface: {get_param: NeutronPublicInterface}
705 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
706 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
707 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
708 neutron_tenant_network_type: {get_param: NeutronNetworkType}
709 neutron_tunnel_types: {get_param: NeutronTunnelTypes}
710 neutron_tunnel_id_ranges:
712 template: "['RANGES']"
717 - {get_param: NeutronTunnelIdRanges}
720 template: "['RANGES']"
725 - {get_param: NeutronVniRanges}
726 neutron_password: {get_param: NeutronPassword}
727 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
731 - - 'mysql://neutron:'
732 - {get_param: NeutronPassword}
734 - {get_param: MysqlVirtualIP}
735 - '/ovs_neutron?charset=utf8'
740 - {get_param: NeutronApiVirtualIP}
742 neutron_admin_auth_url:
746 - {get_param: KeystonePublicApiVirtualIP}
748 ceilometer_backend: {get_param: CeilometerBackend}
749 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
750 ceilometer_password: {get_param: CeilometerPassword}
751 ceilometer_coordination_url:
755 - {get_param: RedisVirtualIP}
760 - - 'mysql://ceilometer:unset@'
761 - {get_param: MysqlVirtualIP}
763 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
764 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
765 nova_password: {get_param: NovaPassword}
770 - {get_param: NovaPassword}
772 - {get_param: MysqlVirtualIP}
774 fencing_config: {get_param: FencingConfig}
775 pcsd_password: {get_param: PcsdPassword}
776 rabbit_username: {get_param: RabbitUserName}
777 rabbit_password: {get_param: RabbitPassword}
778 rabbit_cookie: {get_param: RabbitCookie}
779 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
780 rabbit_client_port: {get_param: RabbitClientPort}
781 mongodb_no_journal: {get_param: MongoDbNoJournal}
784 template: '["server"]'
786 server: {get_param: NtpServer}
787 control_virtual_interface: {get_param: ControlVirtualInterface}
788 public_virtual_interface: {get_param: PublicVirtualInterface}
789 swift_hash_suffix: {get_param: SwiftHashSuffix}
790 swift_password: {get_param: SwiftPassword}
791 swift_part_power: {get_param: SwiftPartPower}
792 swift_replicas: {get_param: SwiftReplicas}
793 swift_min_part_hours: {get_param: SwiftMinPartHours}
794 swift_mount_check: {get_param: SwiftMountCheck}
795 enable_package_install: {get_param: EnablePackageInstall}
796 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
797 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
798 cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
799 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
800 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
801 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
805 - - {get_param: GlanceProtocol}
807 - {get_param: GlanceApiVirtualIP}
809 - {get_param: GlancePort}
810 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
811 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
812 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
813 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
814 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
815 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
816 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
817 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
818 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
819 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
820 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
821 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
822 redis_vip: {get_param: RedisVirtualIP}
823 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
824 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
825 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
826 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
827 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
829 # Map heat metadata into hiera datafiles
831 type: OS::Heat::StructuredConfig
833 group: os-apply-config
837 - heat_config_%{::deploy_config_name}
838 - controller_extraconfig
842 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
843 - ceph_cluster # provided by CephClusterConfig
845 - bootstrap_node # provided by BootstrapNodeConfig
846 - all_nodes # provided by allNodesConfig
847 - vip_data # provided by vip-config
850 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
852 controller_extraconfig:
853 mapped_data: {get_param: ControllerExtraConfig}
855 mapped_data: {get_param: ExtraConfig}
857 raw_data: {get_file: hieradata/common.yaml}
859 raw_data: {get_file: hieradata/ceph.yaml}
861 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
862 ceph::profile::params::public_network: {get_input: ceph_public_network}
863 ceph::mon::public_addr: {get_input: ceph_public_ip}
865 raw_data: {get_file: hieradata/object.yaml}
867 raw_data: {get_file: hieradata/controller.yaml}
868 mapped_data: # data supplied directly to this deployment configuration, etc
869 bootstack_nodeid: {get_input: bootstack_nodeid}
872 enable_fencing: {get_input: enable_fencing}
873 hacluster_pwd: {get_input: pcsd_password}
874 tripleo::fencing::config: {get_input: fencing_config}
877 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
878 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
879 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
880 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
881 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
882 swift::proxy::authtoken::admin_password: {get_input: swift_password}
883 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
884 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
885 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
886 swift_mount_check: {get_input: swift_mount_check}
888 # NOTE(dprince): build_ring support is currently not wired in.
889 # See: https://review.openstack.org/#/c/109225/
890 tripleo::ringbuilder::build_ring: True
893 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
894 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
895 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
896 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
897 cinder::database_connection: {get_input: cinder_dsn}
898 cinder::api::keystone_password: {get_input: cinder_password}
899 cinder::api::auth_uri: {get_input: keystone_auth_uri}
900 cinder::api::identity_uri: {get_input: keystone_identity_uri}
901 cinder::api::bind_host: {get_input: cinder_api_network}
902 cinder::rabbit_userid: {get_input: rabbit_username}
903 cinder::rabbit_password: {get_input: rabbit_password}
904 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
905 cinder::rabbit_port: {get_input: rabbit_client_port}
906 cinder::debug: {get_input: debug}
907 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
908 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
909 cinder_backend_config: {get_input: CinderBackendConfig}
912 glance::api::bind_port: {get_input: glance_port}
913 glance::api::bind_host: {get_input: glance_api_network}
914 glance::api::auth_uri: {get_input: keystone_auth_uri}
915 glance::api::identity_uri: {get_input: keystone_identity_uri}
916 glance::api::registry_host: {get_input: glance_registry_network}
917 glance::api::keystone_password: {get_input: glance_password}
918 glance::api::debug: {get_input: debug}
919 glance_notifier_strategy: {get_input: glance_notifier_strategy}
920 glance_log_file: {get_input: glance_log_file}
921 glance_log_file: {get_input: glance_log_file}
922 glance::api::database_connection: {get_input: glance_dsn}
923 glance::registry::keystone_password: {get_input: glance_password}
924 glance::registry::database_connection: {get_input: glance_dsn}
925 glance::registry::bind_host: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
926 glance::registry::auth_uri: {get_input: keystone_auth_uri}
927 glance::registry::identity_uri: {get_input: keystone_identity_uri}
928 glance::registry::debug: {get_input: debug}
929 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_address}
930 glance::backend::swift::swift_store_user: service:glance
931 glance::backend::swift::swift_store_key: {get_input: glance_password}
932 glance_backend: {get_input: glance_backend}
935 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
936 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
937 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
938 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
939 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
940 heat::rabbit_userid: {get_input: rabbit_username}
941 heat::rabbit_password: {get_input: rabbit_password}
942 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
943 heat::rabbit_port: {get_input: rabbit_client_port}
944 heat::auth_uri: {get_input: keystone_auth_uri}
945 heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
946 heat::identity_uri: {get_input: keystone_identity_uri}
947 heat::keystone_password: {get_input: heat_password}
948 heat::api::bind_host: {get_input: heat_api_network}
949 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
950 heat::api_cfn::bind_host: {get_input: heat_api_network}
951 heat::database_connection: {get_input: heat_dsn}
952 heat::instance_user: heat-admin
953 heat::debug: {get_input: debug}
956 keystone::admin_token: {get_input: admin_token}
957 keystone_ca_certificate: {get_input: keystone_ca_certificate}
958 keystone_signing_key: {get_input: keystone_signing_key}
959 keystone_signing_certificate: {get_input: keystone_signing_certificate}
960 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
961 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
962 keystone::database_connection: {get_input: keystone_dsn}
963 keystone::public_bind_host: {get_input: keystone_public_api_network}
964 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
965 keystone::debug: {get_input: debug}
967 mongodb::server::bind_ip: {get_input: mongo_db_network}
968 mongodb::server::nojournal: {get_input: mongodb_no_journal}
970 admin_password: {get_input: admin_password}
971 enable_galera: {get_input: enable_galera}
972 enable_ceph_storage: {get_input: enable_ceph_storage}
973 enable_swift_storage: {get_input: enable_swift_storage}
974 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
975 mysql_max_connections: {get_input: mysql_max_connections}
976 mysql::server::root_password: {get_input: mysql_root_password}
977 mysql_cluster_name: {get_input: mysql_cluster_name}
978 mysql_bind_host: {get_input: mysql_network}
981 neutron::bind_host: {get_input: neutron_api_network}
982 neutron::rabbit_password: {get_input: rabbit_password}
983 neutron::rabbit_user: {get_input: rabbit_user}
984 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
985 neutron::rabbit_port: {get_input: rabbit_client_port}
986 neutron::debug: {get_input: debug}
987 neutron::server::auth_uri: {get_input: keystone_auth_uri}
988 neutron::server::identity_uri: {get_input: keystone_identity_uri}
989 neutron::server::database_connection: {get_input: neutron_dsn}
990 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
991 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
992 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
993 neutron_flat_networks: {get_input: neutron_flat_networks}
994 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
995 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
996 neutron_agent_mode: {get_input: neutron_agent_mode}
997 neutron_router_distributed: {get_input: neutron_router_distributed}
998 neutron_mechanism_drivers: {get_input: neutron_mechanism_drivers}
999 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
1000 neutron::server::l3_ha: {get_input: neutron_l3_ha}
1001 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
1002 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
1003 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
1004 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
1005 neutron_bridge_mappings: {get_input: neutron_bridge_mappings}
1006 neutron_public_interface: {get_input: neutron_public_interface}
1007 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
1008 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
1009 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
1010 neutron_tenant_network_type: {get_input: neutron_tenant_network_type}
1011 neutron_tunnel_types: {get_input: neutron_tunnel_types}
1012 neutron::server::auth_password: {get_input: neutron_password}
1013 neutron::agents::metadata::auth_password: {get_input: neutron_password}
1014 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
1015 neutron_dsn: {get_input: neutron_dsn}
1016 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1019 ceilometer_backend: {get_input: ceilometer_backend}
1020 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1021 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1022 ceilometer::rabbit_userid: {get_input: rabbit_username}
1023 ceilometer::rabbit_password: {get_input: rabbit_password}
1024 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1025 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1026 ceilometer::debug: {get_input: debug}
1027 ceilometer::api::host: {get_input: ceilometer_api_network}
1028 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1029 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1030 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1031 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1032 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_address}
1033 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1034 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1035 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1038 nova::rabbit_userid: {get_input: rabbit_username}
1039 nova::rabbit_password: {get_input: rabbit_password}
1040 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1041 nova::rabbit_port: {get_input: rabbit_client_port}
1042 nova::debug: {get_input: debug}
1043 nova::api::auth_uri: {get_input: keystone_auth_uri}
1044 nova::api::identity_uri: {get_input: keystone_identity_uri}
1045 nova::api::api_bind_address: {get_input: nova_api_network}
1046 nova::api::metadata_listen: {get_input: nova_metadata_network}
1047 nova::api::admin_password: {get_input: nova_password}
1048 nova::database_connection: {get_input: nova_dsn}
1049 nova::glance_api_servers: {get_input: glance_api_servers}
1050 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1051 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
1052 nova::network::neutron::neutron_url: {get_input: neutron_url}
1053 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
1054 nova::vncproxy::host: {get_input: nova_api_network}
1057 apache::ip: {get_input: horizon_network}
1058 horizon::django_debug: {get_input: debug}
1059 horizon::secret_key: {get_input: horizon_secret}
1060 horizon::bind_address: {get_input: horizon_network}
1061 horizon::keystone_url: {get_input: keystone_auth_uri}
1064 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1065 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1067 redis::bind: {get_input: redis_network}
1068 redis_vip: {get_input: redis_vip}
1070 memcached::listen_ip: {get_input: memcached_network}
1071 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1072 ntp::servers: {get_input: ntp_servers}
1073 control_virtual_interface: {get_input: control_virtual_interface}
1074 public_virtual_interface: {get_input: public_virtual_interface}
1075 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1076 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1077 enable_package_install: {get_input: enable_package_install}
1079 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1080 ControllerExtraConfigPre:
1081 depends_on: ControllerDeployment
1082 type: OS::TripleO::ControllerExtraConfigPre
1084 server: {get_resource: Controller}
1087 type: OS::TripleO::Tasks::PackageUpdate
1090 type: OS::Heat::SoftwareDeployment
1092 config: {get_resource: UpdateConfig}
1093 server: {get_resource: Controller}
1096 get_param: UpdateIdentifier
1100 description: IP address of the server in the ctlplane network
1101 value: {get_attr: [Controller, networks, ctlplane, 0]}
1102 external_ip_address:
1103 description: IP address of the server in the external network
1104 value: {get_attr: [ExternalPort, ip_address]}
1105 internal_api_ip_address:
1106 description: IP address of the server in the internal_api network
1107 value: {get_attr: [InternalApiPort, ip_address]}
1109 description: IP address of the server in the storage network
1110 value: {get_attr: [StoragePort, ip_address]}
1111 storage_mgmt_ip_address:
1112 description: IP address of the server in the storage_mgmt network
1113 value: {get_attr: [StorageMgmtPort, ip_address]}
1115 description: IP address of the server in the tenant network
1116 value: {get_attr: [TenantPort, ip_address]}
1118 description: Hostname of the server
1119 value: {get_attr: [Controller, name]}
1122 Node object in the format {ip: ..., name: ...} format that the corosync
1125 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1126 name: {get_attr: [Controller, name]}
1129 Server's IP address and hostname in the /etc/hosts format
1132 template: IP HOST.localdomain HOST CLOUDNAME
1134 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1135 HOST: {get_attr: [Controller, name]}
1136 CLOUDNAME: {get_param: CloudName}
1137 nova_server_resource:
1138 description: Heat resource handle for the Nova compute server
1140 {get_resource: Controller}
1142 description: Swift device formatted for swift-ring-builder
1145 template: 'r1z1-IP:%PORT%/d1'
1147 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1148 swift_proxy_memcache:
1149 description: Swift proxy-memcache value
1152 template: "IP:11211"
1154 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1156 description: identifier which changes if the controller configuration may need re-applying
1160 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1161 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}