1 heat_template_version: 2015-04-30
4 OpenStack controller node configured by Puppet.
8 default: 'admin@example.com'
9 description: The email for the keystone admin account.
13 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
17 description: The keystone auth secret and db password.
20 CeilometerApiVirtualIP:
25 description: The ceilometer backend type.
27 CeilometerMeteringSecret:
28 description: Secret shared by the ceilometer services.
32 description: The password for the ceilometer service and db account.
38 CinderEnableNfsBackend:
40 description: Whether to enable or not the NFS backend for Cinder
42 CinderEnableIscsiBackend:
44 description: Whether to enable or not the Iscsi backend for Cinder
46 CinderEnableRbdBackend:
48 description: Whether to enable or not the Rbd backend for Cinder
52 description: The iSCSI helper to use with cinder.
54 CinderLVMLoopDeviceSize:
56 description: The size of the loopback file used by the cinder LVM driver.
58 CinderNfsMountOptions:
61 Mount options for NFS mounts used by Cinder NFS backend. Effective
62 when CinderEnableNfsBackend is true.
67 NFS servers used by Cinder NFS backend. Effective when
68 CinderEnableNfsBackend is true.
69 type: comma_delimited_list
71 description: The password for the cinder service and db account, used by cinder-api.
76 description: Contains parameters to configure Cinder backends. Typically
77 set via parameter_defaults in the resource registry.
81 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
83 ControllerExtraConfig:
86 Controller specific hiera configuration data to inject into the cluster.
88 ControlVirtualInterface:
90 description: Interface where virtual ip will be assigned.
94 description: Set to True to enable debugging on all services.
98 description: Whether to enable fencing in Pacemaker or not.
102 description: Whether to use Galera instead of regular MariaDB.
106 description: Whether to deploy a LoadBalancer on the Controller
110 description: Whether to deploy Ceph Storage (OSD) on the Controller
114 description: Whether to enable Swift Storage on the Controller
119 Additional hieradata to inject into the cluster, note that
120 ControllerExtraConfig takes precedence over ExtraConfig.
125 Pacemaker fencing configuration. The JSON should have
126 the following structure:
130 "agent": "AGENT_NAME",
131 "host_mac": "HOST_MAC_ADDRESS",
132 "params": {"PARAM_NAME": "PARAM_VALUE"}
140 "agent": "fence_xvm",
141 "host_mac": "52:54:00:aa:bb:cc",
143 "multicast_address": "225.0.0.12",
144 "port": "baremetal_0",
146 "manage_key_file": true,
147 "key_file": "/etc/fence_xvm.key",
148 "key_file_password": "abcdef"
155 description: Flavor for control nodes to request when deploying.
158 - custom_constraint: nova.flavor
159 GlanceNotifierStrategy:
160 description: Strategy to use for Glance notification queue
164 description: The filepath of the file to use for logging messages from Glance.
168 description: The password for the glance service and db account, used by the glance services.
173 description: The short name of the Glance backend to use. Should be one
174 of swift, rbd, or file
177 - allowed_values: ['swift', 'file', 'rbd']
178 GlanceFilePcmkDevice:
181 An exported storage device that should be mounted by Pacemaker
182 as Glance storage. Effective when GlanceFilePcmkManage is true.
184 GlanceFilePcmkFstype:
187 Filesystem type for Pacemaker mount used as Glance storage.
188 Effective when GlanceFilePcmkManage is true.
190 GlanceFilePcmkManage:
193 Whether to make Glance file backend a mount managed by Pacemaker.
194 Effective when GlanceBackend is 'file'.
196 GlanceFilePcmkOptions:
199 Mount options for Pacemaker mount used as Glance storage.
200 Effective when GlanceFilePcmkManage is true.
202 HAProxySyslogAddress:
204 description: Syslog address where HAproxy will send its log
207 description: The password for the Heat service and db account, used by the Heat services.
210 HeatStackDomainAdminPassword:
211 description: Password for heat_domain_admin user.
214 HeatAuthEncryptionKey:
215 description: Auth encryption key for heat-engine
220 description: A list of IP/Hostname allowed to connect to horizon
221 type: comma_delimited_list
223 description: Secret key for Django
228 default: overcloud-control
230 - custom_constraint: glance.image
232 default: 'REBUILD_PRESERVE_EPHEMERAL'
233 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
235 InstanceNameTemplate:
236 default: 'instance-%08x'
237 description: Template string to be used to generate instance names
241 description: Name of an existing EC2 KeyPair to enable SSH access to the instances
244 - custom_constraint: nova.keypair
245 KeystoneCACertificate:
247 description: Keystone self-signed certificate authority certificate.
249 KeystoneSigningCertificate:
251 description: Keystone certificate for verifying token validity.
255 description: Keystone key for signing tokens.
258 KeystoneSSLCertificate:
260 description: Keystone certificate for verifying token validity.
262 KeystoneSSLCertificateKey:
264 description: Keystone key for signing tokens.
267 KeystoneNotificationDriver:
268 description: Comma-separated list of Oslo notification drivers used by Keystone
269 default: ['messaging']
270 type: comma_delimited_list
271 KeystoneNotificationFormat:
272 description: The Keystone notification format
276 - allowed_values: [ 'basic', 'cadf' ]
280 description: Keystone region for endpoint
283 description: Whether to manage IPtables rules.
287 description: Whether IPtables rules should be purged before setting up the new ones.
289 MysqlClusterUniquePart:
290 description: A unique identifier of the MySQL cluster the controller is in.
292 default: 'unset' # Has to be here because of the ignored empty value bug
293 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
295 # - length: {min: 4, max: 10}
296 MysqlInnodbBufferPoolSize:
298 Specifies the size of the buffer pool in megabytes. Setting to
299 zero should be interpreted as "no value" and will defer to the
304 description: Configures MySQL max_connections config setting
310 default: '' # Has to be here because of the ignored empty value bug
311 NeutronExternalNetworkBridge:
312 description: Name of bridge used for external network traffic.
315 NeutronBridgeMappings:
317 The OVS logical->physical bridge mappings to use. See the Neutron
318 documentation for details. Defaults to mapping br-ex - the external
319 bridge on hosts - to a physical name 'datacentre' which can be used
320 to create provider networks (and we use this for the default floating
321 network) - if changing this either use different post-install network
322 scripts or be sure to keep 'datacentre' as a mapping network name.
324 default: "datacentre:br-ex"
325 NeutronDnsmasqOptions:
326 default: 'dhcp-option-force=26,1400'
327 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
329 NeutronEnableDHCPAgent:
330 description: Knob to enable/disable DHCP Agent
333 NeutronEnableL3Agent:
334 description: Knob to enable/disable L3 agent
337 NeutronEnableMetadataAgent:
338 description: Knob to enable/disable Metadata agent
341 NeutronEnableOVSAgent:
342 description: Knob to enable/disable OVS Agent
347 description: Agent mode for the neutron-l3-agent on the controller hosts
351 description: Whether to enable l3-agent HA
353 NeutronDhcpAgentsPerNetwork:
356 description: The number of neutron dhcp agents to schedule per network
359 description: Whether to configure Neutron Distributed Virtual Routers
361 NeutronMetadataProxySharedSecret:
362 description: Shared secret to prevent spoofing
368 The core plugin for Neutron. The value should be the entrypoint to be loaded
369 from neutron.core_plugins namespace.
371 NeutronServicePlugins:
374 Comma-separated list of service plugin entrypoints to be loaded from the
375 neutron.service_plugins namespace.
376 type: comma_delimited_list
378 default: "vxlan,vlan,flat,gre"
380 Comma-separated list of network type driver entrypoints to be loaded.
381 type: comma_delimited_list
382 NeutronMechanismDrivers:
383 default: 'openvswitch'
385 The mechanism drivers for the Neutron tenant network. To specify multiple
386 values, use a comma separated string, like so: 'openvswitch,l2_population'
388 NeutronAllowL3AgentFailover:
390 description: Allow automatic l3-agent failover
392 NeutronEnableIsolatedMetadata:
394 description: If True, DHCP provide metadata route to VM.
396 NeutronEnableTunnelling:
402 Enable/disable the L2 population feature in the Neutron agents.
406 default: 'datacentre'
407 description: If set, flat networks to configure in neutron plugins.
410 description: Whether to enable l3-agent HA
414 description: The tenant network type for Neutron, either gre or vxlan.
416 NeutronNetworkVLANRanges:
417 default: 'datacentre'
419 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
420 Neutron documentation for permitted values. Defaults to permitting any
421 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
422 type: comma_delimited_list
424 description: The password for the neutron service and db account, used by neutron agents.
427 NeutronPublicInterface:
429 description: What interface to bridge onto br-ex for network nodes.
431 NeutronPublicInterfaceTag:
434 VLAN tag for creating a public VLAN. The tag will be used to
435 create an access port on the exterior bridge for each control plane node,
436 and that port will be given the IP address returned by neutron from the
437 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
438 overcloud.yaml to include the deployment of VLAN ports to the control
441 NeutronPublicInterfaceDefaultRoute:
443 description: A custom default route for the NeutronPublicInterface.
445 NeutronPublicInterfaceIP:
447 description: A custom IP address to put onto the NeutronPublicInterface.
449 NeutronPublicInterfaceRawDevice:
451 description: If set, the public interface is a vlan with this device as the raw device.
456 The tunnel types for the Neutron tenant network. To specify multiple
457 values, use a comma separated string, like so: 'gre,vxlan'
459 NeutronTunnelIdRanges:
461 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
462 of GRE tunnel IDs that are available for tenant network allocation
463 default: ["1:1000", ]
464 type: comma_delimited_list
467 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
468 of VXLAN VNI IDs that are available for tenant network allocation
469 default: ["1:1000", ]
470 type: comma_delimited_list
475 description: The password for the nova service and db account, used by nova-api.
480 description: Should MongoDb journaling be disabled
484 description: Comma-separated list of ntp servers
485 type: comma_delimited_list
488 description: The password for the 'pcsd' user.
490 PublicVirtualInterface:
493 Specifies the interface where the public-facing virtual ip will be assigned.
494 This should be int_public when a VLAN is being used.
498 default: '' # Has to be here because of the ignored empty value bug
501 default: '' # Has to be here because of the ignored empty value bug
505 description: The password for RabbitMQ
510 description: The username for RabbitMQ
515 Rabbit client subscriber parameter to specify
516 an SSL connection to the RabbitMQ host.
520 description: Set rabbit subscriber port, change this if using SSL
524 description: Configures RabbitMQ FD limit
528 default: '' # Has to be here because of the ignored empty value bug
529 SnmpdReadonlyUserName:
530 default: ro_snmp_user
531 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
533 SnmpdReadonlyUserPassword:
534 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
538 description: A random string to be used as a salt when hashing to determine mappings
544 description: Value of mount_check in Swift account/container/object -server.conf
549 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
552 description: Partition Power to use when building Swift rings
555 description: The password for the swift service account, used by the swift proxy
565 description: How many replicas to use in the swift rings.
566 VirtualIP: # DEPRECATED: use per service settings instead
568 default: '' # Has to be here because of the ignored empty value bug
575 GlanceRegistryVirtualIP:
581 KeystoneAdminApiVirtualIP:
584 KeystonePublicApiVirtualIP:
590 EnablePackageInstall:
592 description: Set to true to enable package installation via Puppet
596 description: Mapping of service_name -> network name. Typically set
597 via parameter_defaults in the resource registry.
601 description: Mapping of service endpoint -> protocol. Typically set
602 via parameter_defaults in the resource registry.
608 Setting to a previously unused value during stack-update will trigger
609 package update on all nodes
612 default: '' # Defaults to Heat created hostname
613 NetworkDeploymentActions:
614 type: comma_delimited_list
616 Heat action when to apply network configuration changes
625 The DNS domain used for the hosts. This should match the dhcp_domain
626 configured in the Undercloud neutron. Defaults to localdomain.
630 Extra properties or metadata passed to Nova for the created nodes in
631 the overcloud. It's accessible via the Nova metadata API.
637 type: OS::Nova::Server
639 image: {get_param: Image}
640 image_update_policy: {get_param: ImageUpdatePolicy}
641 flavor: {get_param: Flavor}
642 key_name: {get_param: KeyName}
645 user_data_format: SOFTWARE_CONFIG
646 user_data: {get_resource: UserData}
647 name: {get_param: Hostname}
648 metadata: {get_param: ServerMetadata}
650 # Combine the NodeAdminUserData and NodeUserData mime archives
652 type: OS::Heat::MultipartMime
655 - config: {get_resource: NodeAdminUserData}
657 - config: {get_resource: NodeUserData}
660 # Creates the "heat-admin" user if configured via the environment
661 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
663 type: OS::TripleO::NodeAdminUserData
665 # For optional operator additional userdata
666 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
668 type: OS::TripleO::NodeUserData
671 type: OS::TripleO::Controller::Ports::ExternalPort
673 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
676 type: OS::TripleO::Controller::Ports::InternalApiPort
678 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
681 type: OS::TripleO::Controller::Ports::StoragePort
683 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
686 type: OS::TripleO::Controller::Ports::StorageMgmtPort
688 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
691 type: OS::TripleO::Controller::Ports::TenantPort
693 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
696 type: OS::TripleO::Network::Ports::NetIpMap
698 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
699 ExternalIp: {get_attr: [ExternalPort, ip_address]}
700 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
701 StorageIp: {get_attr: [StoragePort, ip_address]}
702 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
703 TenantIp: {get_attr: [TenantPort, ip_address]}
706 type: OS::TripleO::Network::Ports::NetIpSubnetMap
708 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
709 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
710 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
711 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
712 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
713 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
716 type: OS::TripleO::Controller::Net::SoftwareConfig
718 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
719 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
720 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
721 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
722 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
723 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
726 type: OS::TripleO::SoftwareDeployment
728 config: {get_resource: NetworkConfig}
729 server: {get_resource: Controller}
730 actions: {get_param: NetworkDeploymentActions}
733 interface_name: {get_param: NeutronPublicInterface}
735 # Resource for site-specific injection of root certificate
737 depends_on: NetworkDeployment
738 type: OS::TripleO::NodeTLSCAData
740 server: {get_resource: Controller}
742 # Resource for site-specific passing of private keys/certificates
744 depends_on: NodeTLSCAData
745 type: OS::TripleO::NodeTLSData
747 server: {get_resource: Controller}
748 NodeIndex: {get_param: NodeIndex}
750 ControllerDeployment:
751 type: OS::TripleO::SoftwareDeployment
752 depends_on: NetworkDeployment
754 config: {get_resource: ControllerConfig}
755 server: {get_resource: Controller}
757 bootstack_nodeid: {get_attr: [Controller, name]}
758 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
759 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
760 neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
761 haproxy_log_address: {get_param: HAProxySyslogAddress}
762 heat.watch_server_url:
766 - {get_param: HeatApiVirtualIP}
768 heat.metadata_server_url:
772 - {get_param: HeatApiVirtualIP}
774 heat.waitcondition_server_url:
778 - {get_param: HeatApiVirtualIP}
779 - ':8000/v1/waitcondition'
780 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
781 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
782 horizon_secret: {get_param: HorizonSecret}
783 admin_email: {get_param: AdminEmail}
784 admin_password: {get_param: AdminPassword}
785 admin_token: {get_param: AdminToken}
786 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
787 debug: {get_param: Debug}
788 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
789 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
790 cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
793 template: "['SERVERS']"
798 - {get_param: CinderNfsServers}
799 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
800 cinder_password: {get_param: CinderPassword}
801 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
802 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
803 cinder_backend_config: {get_param: CinderBackendConfig}
807 - - 'mysql://cinder:'
808 - {get_param: CinderPassword}
810 - {get_param: MysqlVirtualIP}
812 glance_port: {get_param: [EndpointMap, GlanceInternal, port]}
813 glance_password: {get_param: GlancePassword}
814 glance_backend: {get_param: GlanceBackend}
815 glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice}
816 glance_file_pcmk_fstype: {get_param: GlanceFilePcmkFstype}
817 glance_file_pcmk_manage: {get_param: GlanceFilePcmkManage}
818 glance_file_pcmk_options: {get_param: GlanceFilePcmkOptions}
819 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
820 glance_log_file: {get_param: GlanceLogFile}
824 - - 'mysql://glance:'
825 - {get_param: GlancePassword}
827 - {get_param: MysqlVirtualIP}
829 heat_password: {get_param: HeatPassword}
830 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
835 - {get_param: HeatPassword}
837 - {get_param: MysqlVirtualIP}
839 keystone_ca_certificate: {get_param: KeystoneCACertificate}
840 keystone_signing_key: {get_param: KeystoneSigningKey}
841 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
842 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
843 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
844 keystone_notification_driver: {get_param: KeystoneNotificationDriver}
845 keystone_notification_format: {get_param: KeystoneNotificationFormat}
849 - - 'mysql://keystone:'
850 - {get_param: AdminToken}
852 - {get_param: MysqlVirtualIP}
854 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
855 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
856 keystone_public_url: { get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
857 keystone_internal_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
858 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
859 enable_fencing: {get_param: EnableFencing}
860 enable_galera: {get_param: EnableGalera}
861 enable_load_balancer: {get_param: EnableLoadBalancer}
862 enable_ceph_storage: {get_param: EnableCephStorage}
863 enable_swift_storage: {get_param: EnableSwiftStorage}
864 manage_firewall: {get_param: ManageFirewall}
865 purge_firewall_rules: {get_param: PurgeFirewallRules}
866 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
867 mysql_max_connections: {get_param: MysqlMaxConnections}
868 mysql_root_password: {get_param: MysqlRootPassword}
871 template: tripleo-CLUSTER
873 CLUSTER: {get_param: MysqlClusterUniquePart}
874 neutron_flat_networks: {get_param: NeutronFlatNetworks}
875 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
876 neutron_agent_mode: {get_param: NeutronAgentMode}
877 neutron_router_distributed: {get_param: NeutronDVR}
878 neutron_core_plugin: {get_param: NeutronCorePlugin}
879 neutron_service_plugins:
881 template: "['PLUGINS']"
886 - {get_param: NeutronServicePlugins}
887 neutron_type_drivers:
889 template: "['DRIVERS']"
894 - {get_param: NeutronTypeDrivers}
895 neutron_enable_dhcp_agent: {get_param: NeutronEnableDHCPAgent}
896 neutron_enable_l3_agent: {get_param: NeutronEnableL3Agent}
897 neutron_enable_metadata_agent: {get_param: NeutronEnableMetadataAgent}
898 neutron_enable_ovs_agent: {get_param: NeutronEnableOVSAgent}
899 neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers}
900 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
901 neutron_l3_ha: {get_param: NeutronL3HA}
902 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
903 neutron_network_vlan_ranges:
905 template: "['RANGES']"
910 - {get_param: NeutronNetworkVLANRanges}
911 neutron_bridge_mappings: {get_param: NeutronBridgeMappings}
912 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
913 neutron_public_interface: {get_param: NeutronPublicInterface}
914 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
915 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
916 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
917 neutron_tenant_network_type: {get_param: NeutronNetworkType}
918 neutron_tunnel_types: {get_param: NeutronTunnelTypes}
919 neutron_tunnel_id_ranges:
921 template: "['RANGES']"
926 - {get_param: NeutronTunnelIdRanges}
929 template: "['RANGES']"
934 - {get_param: NeutronVniRanges}
935 neutron_password: {get_param: NeutronPassword}
936 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
940 - - 'mysql://neutron:'
941 - {get_param: NeutronPassword}
943 - {get_param: MysqlVirtualIP}
944 - '/ovs_neutron?charset=utf8'
945 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
946 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
947 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
948 neutron_admin_auth_url: { get_param: [ EndpointMap, KeystoneAdmin, uri ] }
949 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
950 ceilometer_backend: {get_param: CeilometerBackend}
951 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
952 ceilometer_password: {get_param: CeilometerPassword}
953 ceilometer_coordination_url:
957 - {get_param: RedisVirtualIP}
962 - - 'mysql://ceilometer:'
963 - {get_param: CeilometerPassword}
965 - {get_param: MysqlVirtualIP}
967 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
968 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
969 nova_password: {get_param: NovaPassword}
974 - {get_param: NovaPassword}
976 - {get_param: MysqlVirtualIP}
978 instance_name_template: {get_param: InstanceNameTemplate}
979 fencing_config: {get_param: FencingConfig}
980 pcsd_password: {get_param: PcsdPassword}
981 rabbit_username: {get_param: RabbitUserName}
982 rabbit_password: {get_param: RabbitPassword}
983 rabbit_cookie: {get_param: RabbitCookie}
984 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
985 rabbit_client_port: {get_param: RabbitClientPort}
986 mongodb_no_journal: {get_param: MongoDbNoJournal}
987 # We need to force this into quotes or hiera will return integer causing
988 # the puppet module validation regexp to fail.
989 # Remove when: https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/401
994 LIMIT: {get_param: RabbitFDLimit}
995 ntp_servers: {get_param: NtpServer}
996 control_virtual_interface: {get_param: ControlVirtualInterface}
997 public_virtual_interface: {get_param: PublicVirtualInterface}
998 swift_hash_suffix: {get_param: SwiftHashSuffix}
999 swift_password: {get_param: SwiftPassword}
1000 swift_part_power: {get_param: SwiftPartPower}
1001 swift_replicas: {get_param: SwiftReplicas}
1002 swift_min_part_hours: {get_param: SwiftMinPartHours}
1003 swift_mount_check: {get_param: SwiftMountCheck}
1004 enable_package_install: {get_param: EnablePackageInstall}
1005 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
1006 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
1007 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1008 cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
1009 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
1010 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
1011 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
1012 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
1013 glance_registry_host: {get_param: GlanceRegistryVirtualIP}
1014 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
1015 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
1016 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
1017 keystone_region: {get_param: KeystoneRegion}
1018 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
1019 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
1020 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
1021 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
1022 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
1023 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
1024 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
1025 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
1026 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
1027 redis_vip: {get_param: RedisVirtualIP}
1028 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1029 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
1030 mysql_virtual_ip: {get_param: MysqlVirtualIP}
1031 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
1032 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1033 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1035 # Map heat metadata into hiera datafiles
1037 type: OS::Heat::StructuredConfig
1039 group: os-apply-config
1044 - heat_config_%{::deploy_config_name}
1045 - controller_extraconfig
1050 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
1051 - ceph_cluster # provided by CephClusterConfig
1053 - bootstrap_node # provided by BootstrapNodeConfig
1054 - all_nodes # provided by allNodesConfig
1055 - vip_data # provided by vip-config
1058 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
1059 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
1060 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
1061 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
1062 - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
1064 controller_extraconfig:
1065 mapped_data: {get_param: ControllerExtraConfig}
1067 mapped_data: {get_param: ExtraConfig}
1069 raw_data: {get_file: hieradata/common.yaml}
1071 raw_data: {get_file: hieradata/ceph.yaml}
1073 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
1074 ceph::profile::params::public_network: {get_input: ceph_public_network}
1075 ceph::mon::public_addr: {get_input: ceph_public_ip}
1077 raw_data: {get_file: hieradata/database.yaml}
1079 raw_data: {get_file: hieradata/object.yaml}
1081 raw_data: {get_file: hieradata/controller.yaml}
1082 mapped_data: # data supplied directly to this deployment configuration, etc
1083 bootstack_nodeid: {get_input: bootstack_nodeid}
1086 enable_fencing: {get_input: enable_fencing}
1087 enable_load_balancer: {get_input: enable_load_balancer}
1088 hacluster_pwd: {get_input: pcsd_password}
1089 tripleo::fencing::config: {get_input: fencing_config}
1092 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
1093 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
1094 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
1095 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
1096 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
1097 swift::proxy::authtoken::admin_password: {get_input: swift_password}
1098 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
1099 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
1100 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
1101 swift_mount_check: {get_input: swift_mount_check}
1103 # NOTE(dprince): build_ring support is currently not wired in.
1104 # See: https://review.openstack.org/#/c/109225/
1105 tripleo::ringbuilder::build_ring: True
1108 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
1109 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
1110 cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
1111 cinder_nfs_servers: {get_input: cinder_nfs_servers}
1112 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
1113 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
1114 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
1115 cinder::database_connection: {get_input: cinder_dsn}
1116 cinder::api::keystone_password: {get_input: cinder_password}
1117 cinder::api::auth_uri: {get_input: keystone_auth_uri}
1118 cinder::api::identity_uri: {get_input: keystone_identity_uri}
1119 cinder::api::bind_host: {get_input: cinder_api_network}
1120 cinder::rabbit_userid: {get_input: rabbit_username}
1121 cinder::rabbit_password: {get_input: rabbit_password}
1122 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1123 cinder::rabbit_port: {get_input: rabbit_client_port}
1124 cinder::debug: {get_input: debug}
1125 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
1126 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
1127 cinder_backend_config: {get_input: CinderBackendConfig}
1128 cinder::db::mysql::password: {get_input: cinder_password}
1131 glance::api::bind_port: {get_input: glance_port}
1132 glance::api::bind_host: {get_input: glance_api_network}
1133 glance::api::auth_uri: {get_input: keystone_auth_uri}
1134 glance::api::identity_uri: {get_input: keystone_identity_uri}
1135 glance::api::registry_host: {get_input: glance_registry_host}
1136 glance::api::keystone_password: {get_input: glance_password}
1137 glance::api::debug: {get_input: debug}
1138 glance_notifier_strategy: {get_input: glance_notifier_strategy}
1139 glance_log_file: {get_input: glance_log_file}
1140 glance_log_file: {get_input: glance_log_file}
1141 glance::api::database_connection: {get_input: glance_dsn}
1142 glance::registry::keystone_password: {get_input: glance_password}
1143 glance::registry::database_connection: {get_input: glance_dsn}
1144 glance::registry::bind_host: {get_input: glance_registry_network}
1145 glance::registry::auth_uri: {get_input: keystone_auth_uri}
1146 glance::registry::identity_uri: {get_input: keystone_identity_uri}
1147 glance::registry::debug: {get_input: debug}
1148 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_uri}
1149 glance::backend::swift::swift_store_user: service:glance
1150 glance::backend::swift::swift_store_key: {get_input: glance_password}
1151 glance_backend: {get_input: glance_backend}
1152 glance::db::mysql::password: {get_input: glance_password}
1153 glance_file_pcmk_device: {get_input: glance_file_pcmk_device}
1154 glance_file_pcmk_fstype: {get_input: glance_file_pcmk_fstype}
1155 glance_file_pcmk_manage: {get_input: glance_file_pcmk_manage}
1156 glance_file_pcmk_options: {get_input: glance_file_pcmk_options}
1159 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
1160 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
1161 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
1162 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
1163 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
1164 heat::rabbit_userid: {get_input: rabbit_username}
1165 heat::rabbit_password: {get_input: rabbit_password}
1166 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1167 heat::rabbit_port: {get_input: rabbit_client_port}
1168 heat::auth_uri: {get_input: keystone_auth_uri}
1169 heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
1170 heat::identity_uri: {get_input: keystone_identity_uri}
1171 heat::keystone_password: {get_input: heat_password}
1172 heat::api::bind_host: {get_input: heat_api_network}
1173 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
1174 heat::api_cfn::bind_host: {get_input: heat_api_network}
1175 heat::database_connection: {get_input: heat_dsn}
1176 heat::debug: {get_input: debug}
1177 heat::db::mysql::password: {get_input: heat_password}
1180 keystone::admin_token: {get_input: admin_token}
1181 keystone_ca_certificate: {get_input: keystone_ca_certificate}
1182 keystone_signing_key: {get_input: keystone_signing_key}
1183 keystone_signing_certificate: {get_input: keystone_signing_certificate}
1184 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
1185 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
1186 keystone::database_connection: {get_input: keystone_dsn}
1187 keystone::public_bind_host: {get_input: keystone_public_api_network}
1188 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
1189 keystone::debug: {get_input: debug}
1190 keystone::db::mysql::password: {get_input: admin_token}
1191 keystone::rabbit_userid: {get_input: rabbit_username}
1192 keystone::rabbit_password: {get_input: rabbit_password}
1193 keystone::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1194 keystone::rabbit_port: {get_input: rabbit_client_port}
1195 keystone::notification_driver: {get_input: keystone_notification_driver}
1196 keystone::notification_format: {get_input: keystone_notification_format}
1197 keystone::roles::admin::email: {get_input: admin_email}
1198 keystone::roles::admin::password: {get_input: admin_password}
1199 keystone::endpoint::public_url: {get_input: keystone_public_url}
1200 keystone::endpoint::internal_url: {get_input: keystone_internal_url}
1201 keystone::endpoint::admin_url: {get_input: keystone_identity_uri}
1202 keystone::endpoint::region: {get_input: keystone_region}
1204 mongodb::server::bind_ip: {get_input: mongo_db_network}
1205 mongodb::server::nojournal: {get_input: mongodb_no_journal}
1207 admin_password: {get_input: admin_password}
1208 enable_galera: {get_input: enable_galera}
1209 enable_ceph_storage: {get_input: enable_ceph_storage}
1210 enable_swift_storage: {get_input: enable_swift_storage}
1211 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
1212 mysql_max_connections: {get_input: mysql_max_connections}
1213 mysql::server::root_password: {get_input: mysql_root_password}
1214 mysql_cluster_name: {get_input: mysql_cluster_name}
1215 mysql_bind_host: {get_input: mysql_network}
1216 mysql_virtual_ip: {get_input: mysql_virtual_ip}
1219 neutron::bind_host: {get_input: neutron_api_network}
1220 neutron::rabbit_password: {get_input: rabbit_password}
1221 neutron::rabbit_user: {get_input: rabbit_username}
1222 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1223 neutron::rabbit_port: {get_input: rabbit_client_port}
1224 neutron::debug: {get_input: debug}
1225 neutron::server::auth_uri: {get_input: keystone_auth_uri}
1226 neutron::server::identity_uri: {get_input: keystone_identity_uri}
1227 neutron::server::database_connection: {get_input: neutron_dsn}
1228 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
1229 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
1230 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
1231 neutron::agents::dhcp::enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata}
1232 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
1233 neutron_flat_networks: {get_input: neutron_flat_networks}
1234 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1235 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
1236 neutron_agent_mode: {get_input: neutron_agent_mode}
1237 neutron_router_distributed: {get_input: neutron_router_distributed}
1238 neutron::core_plugin: {get_input: neutron_core_plugin}
1239 neutron::service_plugins: {get_input: neutron_service_plugins}
1240 neutron::enable_dhcp_agent: {get_input: neutron_enable_dhcp_agent}
1241 neutron::enable_l3_agent: {get_input: neutron_enable_l3_agent}
1242 neutron::enable_metadata_agent: {get_input: neutron_enable_metadata_agent}
1243 neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent}
1244 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
1245 neutron_mechanism_drivers: {get_input: neutron_mechanism_drivers}
1246 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
1247 neutron::server::l3_ha: {get_input: neutron_l3_ha}
1248 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
1249 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
1250 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
1251 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
1252 neutron_bridge_mappings: {get_input: neutron_bridge_mappings}
1253 neutron_public_interface: {get_input: neutron_public_interface}
1254 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
1255 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
1256 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
1257 neutron_tenant_network_type: {get_input: neutron_tenant_network_type}
1258 neutron_tunnel_types: {get_input: neutron_tunnel_types}
1259 neutron::server::auth_password: {get_input: neutron_password}
1260 neutron::agents::metadata::auth_password: {get_input: neutron_password}
1261 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
1262 neutron_dsn: {get_input: neutron_dsn}
1263 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1264 neutron::db::mysql::password: {get_input: neutron_password}
1265 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
1266 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
1267 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
1268 neutron::keystone::auth::password: {get_input: neutron_password }
1269 neutron::keystone::auth::region: {get_input: keystone_region}
1270 neutron::server::notifications::nova_url: {get_input: nova_internal_url}
1271 neutron::server::notifications::auth_url: {get_input: neutron_admin_auth_url}
1272 neutron::server::notifications::tenant_name: 'service'
1273 neutron::server::notifications::password: {get_input: nova_password}
1276 ceilometer_backend: {get_input: ceilometer_backend}
1277 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1278 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1279 ceilometer::rabbit_userid: {get_input: rabbit_username}
1280 ceilometer::rabbit_password: {get_input: rabbit_password}
1281 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1282 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1283 ceilometer::debug: {get_input: debug}
1284 ceilometer::api::host: {get_input: ceilometer_api_network}
1285 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1286 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1287 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1288 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1289 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
1290 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1291 ceilometer::db::mysql::password: {get_input: ceilometer_password}
1292 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1293 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1296 nova::rabbit_userid: {get_input: rabbit_username}
1297 nova::rabbit_password: {get_input: rabbit_password}
1298 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1299 nova::rabbit_port: {get_input: rabbit_client_port}
1300 nova::debug: {get_input: debug}
1301 nova::api::auth_uri: {get_input: keystone_auth_uri}
1302 nova::api::identity_uri: {get_input: keystone_identity_uri}
1303 nova::api::api_bind_address: {get_input: nova_api_network}
1304 nova::api::metadata_listen: {get_input: nova_metadata_network}
1305 nova::api::admin_password: {get_input: nova_password}
1306 nova::database_connection: {get_input: nova_dsn}
1307 nova::glance_api_servers: {get_input: glance_api_servers}
1308 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1309 nova::api::instance_name_template: {get_input: instance_name_template}
1310 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
1311 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1312 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
1313 nova::vncproxy::host: {get_input: nova_api_network}
1314 nova::db::mysql::password: {get_input: nova_password}
1317 apache::ip: {get_input: horizon_network}
1318 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1319 horizon::django_debug: {get_input: debug}
1320 horizon::secret_key: {get_input: horizon_secret}
1321 horizon::bind_address: {get_input: horizon_network}
1322 horizon::keystone_url: {get_input: keystone_auth_uri}
1325 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1326 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1327 rabbitmq::file_limit: {get_input: rabbit_fd_limit}
1328 rabbitmq::default_user: {get_input: rabbit_username}
1329 rabbitmq::default_pass: {get_input: rabbit_password}
1331 redis::bind: {get_input: redis_network}
1332 redis_vip: {get_input: redis_vip}
1334 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1335 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1337 memcached::listen_ip: {get_input: memcached_network}
1338 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1339 ntp::servers: {get_input: ntp_servers}
1340 control_virtual_interface: {get_input: control_virtual_interface}
1341 public_virtual_interface: {get_input: public_virtual_interface}
1342 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1343 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1344 tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address}
1345 # NOTE(jaosorior): The service certificate configuration for
1346 # HAProxy was left commented because to properly use this, we
1347 # need to be able to set up the keystone endpoints. And
1348 # currently that is not possible, but is being addressed by
1349 # other commits. A subsequent commit will uncomment this.
1350 #tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1351 tripleo::packages::enable_install: {get_input: enable_package_install}
1352 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1354 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1355 ControllerExtraConfigPre:
1356 depends_on: ControllerDeployment
1357 type: OS::TripleO::ControllerExtraConfigPre
1359 server: {get_resource: Controller}
1361 # Hook for site-specific additional pre-deployment config,
1362 # applying to all nodes, e.g node registration/unregistration
1364 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1365 type: OS::TripleO::NodeExtraConfig
1367 server: {get_resource: Controller}
1370 type: OS::TripleO::Tasks::PackageUpdate
1373 type: OS::Heat::SoftwareDeployment
1375 config: {get_resource: UpdateConfig}
1376 server: {get_resource: Controller}
1379 get_param: UpdateIdentifier
1383 description: IP address of the server in the ctlplane network
1384 value: {get_attr: [Controller, networks, ctlplane, 0]}
1385 external_ip_address:
1386 description: IP address of the server in the external network
1387 value: {get_attr: [ExternalPort, ip_address]}
1388 internal_api_ip_address:
1389 description: IP address of the server in the internal_api network
1390 value: {get_attr: [InternalApiPort, ip_address]}
1392 description: IP address of the server in the storage network
1393 value: {get_attr: [StoragePort, ip_address]}
1394 storage_mgmt_ip_address:
1395 description: IP address of the server in the storage_mgmt network
1396 value: {get_attr: [StorageMgmtPort, ip_address]}
1398 description: IP address of the server in the tenant network
1399 value: {get_attr: [TenantPort, ip_address]}
1401 description: Hostname of the server
1402 value: {get_attr: [Controller, name]}
1405 Node object in the format {ip: ..., name: ...} format that the corosync
1408 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1409 name: {get_attr: [Controller, name]}
1412 Server's IP address and hostname in the /etc/hosts format
1415 template: IP HOST.DOMAIN HOST CLOUDNAME
1417 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1418 DOMAIN: {get_param: CloudDomain}
1419 HOST: {get_attr: [Controller, name]}
1420 CLOUDNAME: {get_param: CloudName}
1421 nova_server_resource:
1422 description: Heat resource handle for the Nova compute server
1424 {get_resource: Controller}
1426 description: Swift device formatted for swift-ring-builder
1429 template: 'r1z1-IP:%PORT%/d1'
1431 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1432 swift_proxy_memcache:
1433 description: Swift proxy-memcache value
1436 template: "IP:11211"
1438 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1440 description: identifier which changes if the controller configuration may need re-applying
1444 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1445 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1446 - {get_attr: [NodeTLSData, deploy_stdout]}
1447 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1448 - {get_param: UpdateIdentifier}
1449 tls_key_modulus_md5:
1450 description: MD5 checksum of the TLS Key Modulus
1451 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1452 tls_cert_modulus_md5:
1453 description: MD5 checksum of the TLS Certificate Modulus
1454 value: {get_attr: [NodeTLSData, cert_modulus_md5]}