1 heat_template_version: 2015-04-30
4 OpenStack controller node configured by Puppet.
8 default: 'admin@example.com'
9 description: The email for the keystone admin account.
14 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
19 description: The keystone auth secret and db password.
22 CeilometerApiVirtualIP:
27 description: The ceilometer backend type.
29 CeilometerMeteringSecret:
31 description: Secret shared by the ceilometer services.
36 description: The password for the ceilometer service and db account.
42 CinderEnableNfsBackend:
44 description: Whether to enable or not the NFS backend for Cinder
46 CinderEnableIscsiBackend:
48 description: Whether to enable or not the Iscsi backend for Cinder
50 CinderEnableRbdBackend:
52 description: Whether to enable or not the Rbd backend for Cinder
56 description: The iSCSI helper to use with cinder.
58 CinderLVMLoopDeviceSize:
60 description: The size of the loopback file used by the cinder LVM driver.
62 CinderNfsMountOptions:
65 Mount options for NFS mounts used by Cinder NFS backend. Effective
66 when CinderEnableNfsBackend is true.
71 NFS servers used by Cinder NFS backend. Effective when
72 CinderEnableNfsBackend is true.
73 type: comma_delimited_list
76 description: The password for the cinder service and db account, used by cinder-api.
81 description: Contains parameters to configure Cinder backends. Typically
82 set via parameter_defaults in the resource registry.
86 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
88 ControllerExtraConfig:
91 Controller specific hiera configuration data to inject into the cluster.
96 A network mapped list of IPs to assign to Controllers in the following form:
98 "internal_api": ["a.b.c.d", "e.f.g.h"],
102 ControlVirtualInterface:
104 description: Interface where virtual ip will be assigned.
108 description: Set to True to enable debugging on all services.
112 description: Whether to enable fencing in Pacemaker or not.
116 description: Whether to use Galera instead of regular MariaDB.
120 description: Whether to deploy a LoadBalancer on the Controller
124 description: Whether to deploy Ceph Storage (OSD) on the Controller
128 description: Whether to enable Swift Storage on the Controller
133 Additional hieradata to inject into the cluster, note that
134 ControllerExtraConfig takes precedence over ExtraConfig.
139 Pacemaker fencing configuration. The JSON should have
140 the following structure:
144 "agent": "AGENT_NAME",
145 "host_mac": "HOST_MAC_ADDRESS",
146 "params": {"PARAM_NAME": "PARAM_VALUE"}
154 "agent": "fence_xvm",
155 "host_mac": "52:54:00:aa:bb:cc",
157 "multicast_address": "225.0.0.12",
158 "port": "baremetal_0",
160 "manage_key_file": true,
161 "key_file": "/etc/fence_xvm.key",
162 "key_file_password": "abcdef"
169 description: Flavor for control nodes to request when deploying.
172 - custom_constraint: nova.flavor
173 GlanceNotifierStrategy:
174 description: Strategy to use for Glance notification queue
178 description: The filepath of the file to use for logging messages from Glance.
183 description: The password for the glance service and db account, used by the glance services.
188 description: The short name of the Glance backend to use. Should be one
189 of swift, rbd, or file
192 - allowed_values: ['swift', 'file', 'rbd']
193 GlanceFilePcmkDevice:
196 An exported storage device that should be mounted by Pacemaker
197 as Glance storage. Effective when GlanceFilePcmkManage is true.
199 GlanceFilePcmkFstype:
202 Filesystem type for Pacemaker mount used as Glance storage.
203 Effective when GlanceFilePcmkManage is true.
205 GlanceFilePcmkManage:
208 Whether to make Glance file backend a mount managed by Pacemaker.
209 Effective when GlanceBackend is 'file'.
211 GlanceFilePcmkOptions:
214 Mount options for Pacemaker mount used as Glance storage.
215 Effective when GlanceFilePcmkManage is true.
217 HAProxySyslogAddress:
219 description: Syslog address where HAproxy will send its log
223 description: The password for the Heat service and db account, used by the Heat services.
226 HeatStackDomainAdminPassword:
227 description: Password for heat_domain_admin user.
231 HeatAuthEncryptionKey:
232 description: Auth encryption key for heat-engine
237 description: A list of IP/Hostname allowed to connect to horizon
238 type: comma_delimited_list
240 description: Secret key for Django
245 default: overcloud-control
247 - custom_constraint: glance.image
249 default: 'REBUILD_PRESERVE_EPHEMERAL'
250 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
252 InstanceNameTemplate:
253 default: 'instance-%08x'
254 description: Template string to be used to generate instance names
258 description: Name of an existing Nova key pair to enable SSH access to the instances
261 - custom_constraint: nova.keypair
262 KeystoneCACertificate:
264 description: Keystone self-signed certificate authority certificate.
266 KeystoneSigningCertificate:
268 description: Keystone certificate for verifying token validity.
272 description: Keystone key for signing tokens.
275 KeystoneSSLCertificate:
277 description: Keystone certificate for verifying token validity.
279 KeystoneSSLCertificateKey:
281 description: Keystone key for signing tokens.
284 KeystoneNotificationDriver:
285 description: Comma-separated list of Oslo notification drivers used by Keystone
286 default: ['messaging']
287 type: comma_delimited_list
288 KeystoneNotificationFormat:
289 description: The Keystone notification format
293 - allowed_values: [ 'basic', 'cadf' ]
297 description: Keystone region for endpoint
300 description: Whether to manage IPtables rules.
304 description: Whether IPtables rules should be purged before setting up the new ones.
306 MysqlClusterUniquePart:
307 description: A unique identifier of the MySQL cluster the controller is in.
309 default: 'unset' # Has to be here because of the ignored empty value bug
310 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
312 # - length: {min: 4, max: 10}
313 MysqlInnodbBufferPoolSize:
315 Specifies the size of the buffer pool in megabytes. Setting to
316 zero should be interpreted as "no value" and will defer to the
321 description: Configures MySQL max_connections config setting
327 default: '' # Has to be here because of the ignored empty value bug
328 NeutronExternalNetworkBridge:
329 description: Name of bridge used for external network traffic.
332 NeutronBridgeMappings:
334 The OVS logical->physical bridge mappings to use. See the Neutron
335 documentation for details. Defaults to mapping br-ex - the external
336 bridge on hosts - to a physical name 'datacentre' which can be used
337 to create provider networks (and we use this for the default floating
338 network) - if changing this either use different post-install network
339 scripts or be sure to keep 'datacentre' as a mapping network name.
341 default: "datacentre:br-ex"
342 NeutronDnsmasqOptions:
343 default: 'dhcp-option-force=26,1400'
344 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
346 NeutronEnableDHCPAgent:
347 description: Knob to enable/disable DHCP Agent
350 NeutronEnableL3Agent:
351 description: Knob to enable/disable L3 agent
354 NeutronEnableMetadataAgent:
355 description: Knob to enable/disable Metadata agent
358 NeutronEnableOVSAgent:
359 description: Knob to enable/disable OVS Agent
364 description: Agent mode for the neutron-l3-agent on the controller hosts
368 description: Whether to enable l3-agent HA
370 NeutronDhcpAgentsPerNetwork:
373 description: The number of neutron dhcp agents to schedule per network
376 description: Whether to configure Neutron Distributed Virtual Routers
378 NeutronMetadataProxySharedSecret:
380 description: Shared secret to prevent spoofing
386 The core plugin for Neutron. The value should be the entrypoint to be loaded
387 from neutron.core_plugins namespace.
389 NeutronServicePlugins:
392 Comma-separated list of service plugin entrypoints to be loaded from the
393 neutron.service_plugins namespace.
394 type: comma_delimited_list
396 default: "vxlan,vlan,flat,gre"
398 Comma-separated list of network type driver entrypoints to be loaded.
399 type: comma_delimited_list
400 NeutronMechanismDrivers:
401 default: 'openvswitch'
403 The mechanism drivers for the Neutron tenant network. To specify multiple
404 values, use a comma separated string, like so: 'openvswitch,l2_population'
406 NeutronAllowL3AgentFailover:
408 description: Allow automatic l3-agent failover
410 NeutronEnableIsolatedMetadata:
412 description: If True, DHCP provide metadata route to VM.
414 NeutronEnableTunnelling:
420 Enable/disable the L2 population feature in the Neutron agents.
424 default: 'datacentre'
425 description: If set, flat networks to configure in neutron plugins.
428 description: Whether to enable l3-agent HA
432 description: The tenant network type for Neutron, either gre or vxlan.
434 NeutronNetworkVLANRanges:
435 default: 'datacentre'
437 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
438 Neutron documentation for permitted values. Defaults to permitting any
439 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
440 type: comma_delimited_list
443 description: The password for the neutron service and db account, used by neutron agents.
446 NeutronPublicInterface:
448 description: What interface to bridge onto br-ex for network nodes.
450 NeutronPublicInterfaceTag:
453 VLAN tag for creating a public VLAN. The tag will be used to
454 create an access port on the exterior bridge for each control plane node,
455 and that port will be given the IP address returned by neutron from the
456 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
457 overcloud.yaml to include the deployment of VLAN ports to the control
460 NeutronPublicInterfaceDefaultRoute:
462 description: A custom default route for the NeutronPublicInterface.
464 NeutronPublicInterfaceIP:
466 description: A custom IP address to put onto the NeutronPublicInterface.
468 NeutronPublicInterfaceRawDevice:
470 description: If set, the public interface is a vlan with this device as the raw device.
475 The tunnel types for the Neutron tenant network. To specify multiple
476 values, use a comma separated string, like so: 'gre,vxlan'
478 NeutronTunnelIdRanges:
480 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
481 of GRE tunnel IDs that are available for tenant network allocation
482 default: ["1:1000", ]
483 type: comma_delimited_list
486 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
487 of VXLAN VNI IDs that are available for tenant network allocation
488 default: ["1:1000", ]
489 type: comma_delimited_list
495 description: The password for the nova service and db account, used by nova-api.
500 description: Should MongoDb journaling be disabled
504 description: Comma-separated list of ntp servers
505 type: comma_delimited_list
508 description: The password for the 'pcsd' user.
510 PublicVirtualInterface:
513 Specifies the interface where the public-facing virtual ip will be assigned.
514 This should be int_public when a VLAN is being used.
518 default: '' # Has to be here because of the ignored empty value bug
521 default: '' # Has to be here because of the ignored empty value bug
525 description: The password for RabbitMQ
530 description: The username for RabbitMQ
535 Rabbit client subscriber parameter to specify
536 an SSL connection to the RabbitMQ host.
540 description: Set rabbit subscriber port, change this if using SSL
544 description: Configures RabbitMQ FD limit
548 default: '' # Has to be here because of the ignored empty value bug
549 SnmpdReadonlyUserName:
550 default: ro_snmp_user
551 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
553 SnmpdReadonlyUserPassword:
555 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
560 description: A random string to be used as a salt when hashing to determine mappings
566 description: Value of mount_check in Swift account/container/object -server.conf
571 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
574 description: Partition Power to use when building Swift rings
578 description: The password for the swift service account, used by the swift proxy
588 description: How many replicas to use in the swift rings.
589 VirtualIP: # DEPRECATED: use per service settings instead
591 default: '' # Has to be here because of the ignored empty value bug
598 GlanceRegistryVirtualIP:
604 KeystoneAdminApiVirtualIP:
607 KeystonePublicApiVirtualIP:
613 EnablePackageInstall:
615 description: Set to true to enable package installation via Puppet
619 description: Mapping of service_name -> network name. Typically set
620 via parameter_defaults in the resource registry.
624 description: Mapping of service endpoint -> protocol. Typically set
625 via parameter_defaults in the resource registry.
631 Setting to a previously unused value during stack-update will trigger
632 package update on all nodes
635 default: '' # Defaults to Heat created hostname
636 NetworkDeploymentActions:
637 type: comma_delimited_list
639 Heat action when to apply network configuration changes
648 The DNS domain used for the hosts. This should match the dhcp_domain
649 configured in the Undercloud neutron. Defaults to localdomain.
653 Extra properties or metadata passed to Nova for the created nodes in
654 the overcloud. It's accessible via the Nova metadata API.
658 description: Optional scheduler hints to pass to nova
664 type: OS::Nova::Server
666 image: {get_param: Image}
667 image_update_policy: {get_param: ImageUpdatePolicy}
668 flavor: {get_param: Flavor}
669 key_name: {get_param: KeyName}
672 user_data_format: SOFTWARE_CONFIG
673 user_data: {get_resource: UserData}
674 name: {get_param: Hostname}
675 metadata: {get_param: ServerMetadata}
676 scheduler_hints: {get_param: SchedulerHints}
678 # Combine the NodeAdminUserData and NodeUserData mime archives
680 type: OS::Heat::MultipartMime
683 - config: {get_resource: NodeAdminUserData}
685 - config: {get_resource: NodeUserData}
688 # Creates the "heat-admin" user if configured via the environment
689 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
691 type: OS::TripleO::NodeAdminUserData
693 # For optional operator additional userdata
694 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
696 type: OS::TripleO::NodeUserData
699 type: OS::TripleO::Controller::Ports::ExternalPort
701 IPPool: {get_param: ControllerIPs}
702 NodeIndex: {get_param: NodeIndex}
703 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
706 type: OS::TripleO::Controller::Ports::InternalApiPort
708 IPPool: {get_param: ControllerIPs}
709 NodeIndex: {get_param: NodeIndex}
710 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
713 type: OS::TripleO::Controller::Ports::StoragePort
715 IPPool: {get_param: ControllerIPs}
716 NodeIndex: {get_param: NodeIndex}
717 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
720 type: OS::TripleO::Controller::Ports::StorageMgmtPort
722 IPPool: {get_param: ControllerIPs}
723 NodeIndex: {get_param: NodeIndex}
724 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
727 type: OS::TripleO::Controller::Ports::TenantPort
729 IPPool: {get_param: ControllerIPs}
730 NodeIndex: {get_param: NodeIndex}
731 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
734 type: OS::TripleO::Network::Ports::NetIpMap
736 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
737 ExternalIp: {get_attr: [ExternalPort, ip_address]}
738 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
739 StorageIp: {get_attr: [StoragePort, ip_address]}
740 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
741 TenantIp: {get_attr: [TenantPort, ip_address]}
744 type: OS::TripleO::Network::Ports::NetIpSubnetMap
746 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
747 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
748 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
749 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
750 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
751 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
754 type: OS::TripleO::Controller::Net::SoftwareConfig
756 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
757 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
758 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
759 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
760 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
761 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
764 type: OS::TripleO::SoftwareDeployment
766 config: {get_resource: NetworkConfig}
767 server: {get_resource: Controller}
768 actions: {get_param: NetworkDeploymentActions}
771 interface_name: {get_param: NeutronPublicInterface}
773 # Resource for site-specific injection of root certificate
775 depends_on: NetworkDeployment
776 type: OS::TripleO::NodeTLSCAData
778 server: {get_resource: Controller}
780 # Resource for site-specific passing of private keys/certificates
782 depends_on: NodeTLSCAData
783 type: OS::TripleO::NodeTLSData
785 server: {get_resource: Controller}
786 NodeIndex: {get_param: NodeIndex}
788 ControllerDeployment:
789 type: OS::TripleO::SoftwareDeployment
790 depends_on: NetworkDeployment
792 config: {get_resource: ControllerConfig}
793 server: {get_resource: Controller}
795 bootstack_nodeid: {get_attr: [Controller, name]}
796 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
797 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
798 neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
799 haproxy_log_address: {get_param: HAProxySyslogAddress}
800 heat.watch_server_url:
804 - {get_param: HeatApiVirtualIP}
806 heat.metadata_server_url:
810 - {get_param: HeatApiVirtualIP}
812 heat.waitcondition_server_url:
816 - {get_param: HeatApiVirtualIP}
817 - ':8000/v1/waitcondition'
818 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
819 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
820 horizon_secret: {get_param: HorizonSecret}
821 admin_email: {get_param: AdminEmail}
822 admin_password: {get_param: AdminPassword}
823 admin_token: {get_param: AdminToken}
824 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
825 debug: {get_param: Debug}
826 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
827 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
828 cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
831 template: "['SERVERS']"
836 - {get_param: CinderNfsServers}
837 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
838 cinder_password: {get_param: CinderPassword}
839 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
840 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
841 cinder_backend_config: {get_param: CinderBackendConfig}
845 - - 'mysql://cinder:'
846 - {get_param: CinderPassword}
848 - {get_param: MysqlVirtualIP}
850 glance_port: {get_param: [EndpointMap, GlanceInternal, port]}
851 glance_password: {get_param: GlancePassword}
852 glance_backend: {get_param: GlanceBackend}
853 glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice}
854 glance_file_pcmk_fstype: {get_param: GlanceFilePcmkFstype}
855 glance_file_pcmk_manage: {get_param: GlanceFilePcmkManage}
856 glance_file_pcmk_options: {get_param: GlanceFilePcmkOptions}
857 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
858 glance_log_file: {get_param: GlanceLogFile}
862 - - 'mysql://glance:'
863 - {get_param: GlancePassword}
865 - {get_param: MysqlVirtualIP}
867 heat_password: {get_param: HeatPassword}
868 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
873 - {get_param: HeatPassword}
875 - {get_param: MysqlVirtualIP}
877 keystone_ca_certificate: {get_param: KeystoneCACertificate}
878 keystone_signing_key: {get_param: KeystoneSigningKey}
879 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
880 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
881 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
882 keystone_notification_driver: {get_param: KeystoneNotificationDriver}
883 keystone_notification_format: {get_param: KeystoneNotificationFormat}
887 - - 'mysql://keystone:'
888 - {get_param: AdminToken}
890 - {get_param: MysqlVirtualIP}
892 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
893 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
894 keystone_public_url: { get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
895 keystone_internal_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
896 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
897 enable_fencing: {get_param: EnableFencing}
898 enable_galera: {get_param: EnableGalera}
899 enable_load_balancer: {get_param: EnableLoadBalancer}
900 enable_ceph_storage: {get_param: EnableCephStorage}
901 enable_swift_storage: {get_param: EnableSwiftStorage}
902 manage_firewall: {get_param: ManageFirewall}
903 purge_firewall_rules: {get_param: PurgeFirewallRules}
904 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
905 mysql_max_connections: {get_param: MysqlMaxConnections}
906 mysql_root_password: {get_param: MysqlRootPassword}
909 template: tripleo-CLUSTER
911 CLUSTER: {get_param: MysqlClusterUniquePart}
912 neutron_flat_networks: {get_param: NeutronFlatNetworks}
913 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
914 neutron_agent_mode: {get_param: NeutronAgentMode}
915 neutron_router_distributed: {get_param: NeutronDVR}
916 neutron_core_plugin: {get_param: NeutronCorePlugin}
917 neutron_service_plugins:
919 template: "['PLUGINS']"
924 - {get_param: NeutronServicePlugins}
925 neutron_type_drivers:
927 template: "['DRIVERS']"
932 - {get_param: NeutronTypeDrivers}
933 neutron_enable_dhcp_agent: {get_param: NeutronEnableDHCPAgent}
934 neutron_enable_l3_agent: {get_param: NeutronEnableL3Agent}
935 neutron_enable_metadata_agent: {get_param: NeutronEnableMetadataAgent}
936 neutron_enable_ovs_agent: {get_param: NeutronEnableOVSAgent}
937 neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers}
938 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
939 neutron_l3_ha: {get_param: NeutronL3HA}
940 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
941 neutron_network_vlan_ranges:
943 template: "['RANGES']"
948 - {get_param: NeutronNetworkVLANRanges}
949 neutron_bridge_mappings: {get_param: NeutronBridgeMappings}
950 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
951 neutron_public_interface: {get_param: NeutronPublicInterface}
952 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
953 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
954 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
955 neutron_tenant_network_type: {get_param: NeutronNetworkType}
956 neutron_tunnel_types: {get_param: NeutronTunnelTypes}
957 neutron_tunnel_id_ranges:
959 template: "['RANGES']"
964 - {get_param: NeutronTunnelIdRanges}
967 template: "['RANGES']"
972 - {get_param: NeutronVniRanges}
973 neutron_password: {get_param: NeutronPassword}
974 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
978 - - 'mysql://neutron:'
979 - {get_param: NeutronPassword}
981 - {get_param: MysqlVirtualIP}
982 - '/ovs_neutron?charset=utf8'
983 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
984 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
985 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
986 neutron_admin_auth_url: { get_param: [ EndpointMap, KeystoneAdmin, uri ] }
987 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
988 ceilometer_backend: {get_param: CeilometerBackend}
989 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
990 ceilometer_password: {get_param: CeilometerPassword}
991 ceilometer_coordination_url:
995 - {get_param: RedisVirtualIP}
1000 - - 'mysql://ceilometer:'
1001 - {get_param: CeilometerPassword}
1003 - {get_param: MysqlVirtualIP}
1005 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
1006 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
1007 nova_password: {get_param: NovaPassword}
1012 - {get_param: NovaPassword}
1014 - {get_param: MysqlVirtualIP}
1016 instance_name_template: {get_param: InstanceNameTemplate}
1017 fencing_config: {get_param: FencingConfig}
1018 pcsd_password: {get_param: PcsdPassword}
1019 rabbit_username: {get_param: RabbitUserName}
1020 rabbit_password: {get_param: RabbitPassword}
1021 rabbit_cookie: {get_param: RabbitCookie}
1022 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
1023 rabbit_client_port: {get_param: RabbitClientPort}
1024 mongodb_no_journal: {get_param: MongoDbNoJournal}
1025 # We need to force this into quotes or hiera will return integer causing
1026 # the puppet module validation regexp to fail.
1027 # Remove when: https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/401
1032 LIMIT: {get_param: RabbitFDLimit}
1033 ntp_servers: {get_param: NtpServer}
1034 control_virtual_interface: {get_param: ControlVirtualInterface}
1035 public_virtual_interface: {get_param: PublicVirtualInterface}
1036 swift_hash_suffix: {get_param: SwiftHashSuffix}
1037 swift_password: {get_param: SwiftPassword}
1038 swift_part_power: {get_param: SwiftPartPower}
1039 swift_replicas: {get_param: SwiftReplicas}
1040 swift_min_part_hours: {get_param: SwiftMinPartHours}
1041 swift_mount_check: {get_param: SwiftMountCheck}
1042 enable_package_install: {get_param: EnablePackageInstall}
1043 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
1044 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
1045 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1046 cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
1047 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
1048 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
1049 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
1050 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
1051 glance_registry_host: {get_param: GlanceRegistryVirtualIP}
1052 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
1053 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
1054 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
1055 keystone_region: {get_param: KeystoneRegion}
1056 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
1057 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
1058 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
1059 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
1060 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
1061 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
1062 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
1063 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
1064 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
1065 redis_vip: {get_param: RedisVirtualIP}
1066 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1067 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
1068 mysql_virtual_ip: {get_param: MysqlVirtualIP}
1069 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
1070 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1071 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1073 # Map heat metadata into hiera datafiles
1075 type: OS::Heat::StructuredConfig
1077 group: os-apply-config
1082 - heat_config_%{::deploy_config_name}
1083 - controller_extraconfig
1088 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
1089 - ceph_cluster # provided by CephClusterConfig
1091 - bootstrap_node # provided by BootstrapNodeConfig
1092 - all_nodes # provided by allNodesConfig
1093 - vip_data # provided by vip-config
1096 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
1097 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
1098 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
1099 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
1100 - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
1102 controller_extraconfig:
1103 mapped_data: {get_param: ControllerExtraConfig}
1105 mapped_data: {get_param: ExtraConfig}
1107 raw_data: {get_file: hieradata/common.yaml}
1109 raw_data: {get_file: hieradata/ceph.yaml}
1111 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
1112 ceph::profile::params::public_network: {get_input: ceph_public_network}
1113 ceph::mon::public_addr: {get_input: ceph_public_ip}
1115 raw_data: {get_file: hieradata/database.yaml}
1117 raw_data: {get_file: hieradata/object.yaml}
1119 raw_data: {get_file: hieradata/controller.yaml}
1120 mapped_data: # data supplied directly to this deployment configuration, etc
1121 bootstack_nodeid: {get_input: bootstack_nodeid}
1124 enable_fencing: {get_input: enable_fencing}
1125 enable_load_balancer: {get_input: enable_load_balancer}
1126 hacluster_pwd: {get_input: pcsd_password}
1127 tripleo::fencing::config: {get_input: fencing_config}
1130 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
1131 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
1132 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
1133 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
1134 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
1135 swift::proxy::authtoken::admin_password: {get_input: swift_password}
1136 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
1137 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
1138 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
1139 swift_mount_check: {get_input: swift_mount_check}
1141 # NOTE(dprince): build_ring support is currently not wired in.
1142 # See: https://review.openstack.org/#/c/109225/
1143 tripleo::ringbuilder::build_ring: True
1146 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
1147 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
1148 cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
1149 cinder_nfs_servers: {get_input: cinder_nfs_servers}
1150 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
1151 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
1152 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
1153 cinder::database_connection: {get_input: cinder_dsn}
1154 cinder::api::keystone_password: {get_input: cinder_password}
1155 cinder::api::auth_uri: {get_input: keystone_auth_uri}
1156 cinder::api::identity_uri: {get_input: keystone_identity_uri}
1157 cinder::api::bind_host: {get_input: cinder_api_network}
1158 cinder::rabbit_userid: {get_input: rabbit_username}
1159 cinder::rabbit_password: {get_input: rabbit_password}
1160 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1161 cinder::rabbit_port: {get_input: rabbit_client_port}
1162 cinder::debug: {get_input: debug}
1163 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
1164 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
1165 cinder_backend_config: {get_input: CinderBackendConfig}
1166 cinder::db::mysql::password: {get_input: cinder_password}
1169 glance::api::bind_port: {get_input: glance_port}
1170 glance::api::bind_host: {get_input: glance_api_network}
1171 glance::api::auth_uri: {get_input: keystone_auth_uri}
1172 glance::api::identity_uri: {get_input: keystone_identity_uri}
1173 glance::api::registry_host: {get_input: glance_registry_host}
1174 glance::api::keystone_password: {get_input: glance_password}
1175 glance::api::debug: {get_input: debug}
1176 glance_notifier_strategy: {get_input: glance_notifier_strategy}
1177 glance_log_file: {get_input: glance_log_file}
1178 glance_log_file: {get_input: glance_log_file}
1179 glance::api::database_connection: {get_input: glance_dsn}
1180 glance::registry::keystone_password: {get_input: glance_password}
1181 glance::registry::database_connection: {get_input: glance_dsn}
1182 glance::registry::bind_host: {get_input: glance_registry_network}
1183 glance::registry::auth_uri: {get_input: keystone_auth_uri}
1184 glance::registry::identity_uri: {get_input: keystone_identity_uri}
1185 glance::registry::debug: {get_input: debug}
1186 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_uri}
1187 glance::backend::swift::swift_store_user: service:glance
1188 glance::backend::swift::swift_store_key: {get_input: glance_password}
1189 glance_backend: {get_input: glance_backend}
1190 glance::db::mysql::password: {get_input: glance_password}
1191 glance_file_pcmk_device: {get_input: glance_file_pcmk_device}
1192 glance_file_pcmk_fstype: {get_input: glance_file_pcmk_fstype}
1193 glance_file_pcmk_manage: {get_input: glance_file_pcmk_manage}
1194 glance_file_pcmk_options: {get_input: glance_file_pcmk_options}
1197 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
1198 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
1199 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
1200 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
1201 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
1202 heat::rabbit_userid: {get_input: rabbit_username}
1203 heat::rabbit_password: {get_input: rabbit_password}
1204 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1205 heat::rabbit_port: {get_input: rabbit_client_port}
1206 heat::auth_uri: {get_input: keystone_auth_uri}
1207 heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
1208 heat::identity_uri: {get_input: keystone_identity_uri}
1209 heat::keystone_password: {get_input: heat_password}
1210 heat::api::bind_host: {get_input: heat_api_network}
1211 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
1212 heat::api_cfn::bind_host: {get_input: heat_api_network}
1213 heat::database_connection: {get_input: heat_dsn}
1214 heat::debug: {get_input: debug}
1215 heat::db::mysql::password: {get_input: heat_password}
1218 keystone::admin_token: {get_input: admin_token}
1219 keystone_ca_certificate: {get_input: keystone_ca_certificate}
1220 keystone_signing_key: {get_input: keystone_signing_key}
1221 keystone_signing_certificate: {get_input: keystone_signing_certificate}
1222 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
1223 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
1224 keystone::database_connection: {get_input: keystone_dsn}
1225 keystone::public_bind_host: {get_input: keystone_public_api_network}
1226 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
1227 keystone::debug: {get_input: debug}
1228 keystone::db::mysql::password: {get_input: admin_token}
1229 keystone::rabbit_userid: {get_input: rabbit_username}
1230 keystone::rabbit_password: {get_input: rabbit_password}
1231 keystone::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1232 keystone::rabbit_port: {get_input: rabbit_client_port}
1233 keystone::notification_driver: {get_input: keystone_notification_driver}
1234 keystone::notification_format: {get_input: keystone_notification_format}
1235 keystone::roles::admin::email: {get_input: admin_email}
1236 keystone::roles::admin::password: {get_input: admin_password}
1237 keystone::endpoint::public_url: {get_input: keystone_public_url}
1238 keystone::endpoint::internal_url: {get_input: keystone_internal_url}
1239 keystone::endpoint::admin_url: {get_input: keystone_identity_uri}
1240 keystone::endpoint::region: {get_input: keystone_region}
1242 mongodb::server::bind_ip: {get_input: mongo_db_network}
1243 mongodb::server::nojournal: {get_input: mongodb_no_journal}
1245 admin_password: {get_input: admin_password}
1246 enable_galera: {get_input: enable_galera}
1247 enable_ceph_storage: {get_input: enable_ceph_storage}
1248 enable_swift_storage: {get_input: enable_swift_storage}
1249 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
1250 mysql_max_connections: {get_input: mysql_max_connections}
1251 mysql::server::root_password: {get_input: mysql_root_password}
1252 mysql_cluster_name: {get_input: mysql_cluster_name}
1253 mysql_bind_host: {get_input: mysql_network}
1254 mysql_virtual_ip: {get_input: mysql_virtual_ip}
1257 neutron::bind_host: {get_input: neutron_api_network}
1258 neutron::rabbit_password: {get_input: rabbit_password}
1259 neutron::rabbit_user: {get_input: rabbit_username}
1260 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1261 neutron::rabbit_port: {get_input: rabbit_client_port}
1262 neutron::debug: {get_input: debug}
1263 neutron::server::auth_uri: {get_input: keystone_auth_uri}
1264 neutron::server::identity_uri: {get_input: keystone_identity_uri}
1265 neutron::server::database_connection: {get_input: neutron_dsn}
1266 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
1267 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
1268 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
1269 neutron::agents::dhcp::enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata}
1270 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
1271 neutron_flat_networks: {get_input: neutron_flat_networks}
1272 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1273 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
1274 neutron_agent_mode: {get_input: neutron_agent_mode}
1275 neutron_router_distributed: {get_input: neutron_router_distributed}
1276 neutron::core_plugin: {get_input: neutron_core_plugin}
1277 neutron::service_plugins: {get_input: neutron_service_plugins}
1278 neutron::enable_dhcp_agent: {get_input: neutron_enable_dhcp_agent}
1279 neutron::enable_l3_agent: {get_input: neutron_enable_l3_agent}
1280 neutron::enable_metadata_agent: {get_input: neutron_enable_metadata_agent}
1281 neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent}
1282 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
1283 neutron_mechanism_drivers: {get_input: neutron_mechanism_drivers}
1284 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
1285 neutron::server::l3_ha: {get_input: neutron_l3_ha}
1286 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
1287 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
1288 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
1289 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
1290 neutron_bridge_mappings: {get_input: neutron_bridge_mappings}
1291 neutron_public_interface: {get_input: neutron_public_interface}
1292 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
1293 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
1294 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
1295 neutron_tenant_network_type: {get_input: neutron_tenant_network_type}
1296 neutron_tunnel_types: {get_input: neutron_tunnel_types}
1297 neutron::server::auth_password: {get_input: neutron_password}
1298 neutron::agents::metadata::auth_password: {get_input: neutron_password}
1299 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
1300 neutron_dsn: {get_input: neutron_dsn}
1301 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1302 neutron::db::mysql::password: {get_input: neutron_password}
1303 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
1304 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
1305 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
1306 neutron::keystone::auth::password: {get_input: neutron_password }
1307 neutron::keystone::auth::region: {get_input: keystone_region}
1308 neutron::server::notifications::nova_url: {get_input: nova_internal_url}
1309 neutron::server::notifications::auth_url: {get_input: neutron_admin_auth_url}
1310 neutron::server::notifications::tenant_name: 'service'
1311 neutron::server::notifications::password: {get_input: nova_password}
1314 ceilometer_backend: {get_input: ceilometer_backend}
1315 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1316 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1317 ceilometer::rabbit_userid: {get_input: rabbit_username}
1318 ceilometer::rabbit_password: {get_input: rabbit_password}
1319 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1320 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1321 ceilometer::debug: {get_input: debug}
1322 ceilometer::api::host: {get_input: ceilometer_api_network}
1323 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1324 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1325 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1326 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1327 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
1328 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1329 ceilometer::db::mysql::password: {get_input: ceilometer_password}
1330 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1331 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1334 nova::rabbit_userid: {get_input: rabbit_username}
1335 nova::rabbit_password: {get_input: rabbit_password}
1336 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1337 nova::rabbit_port: {get_input: rabbit_client_port}
1338 nova::debug: {get_input: debug}
1339 nova::api::auth_uri: {get_input: keystone_auth_uri}
1340 nova::api::identity_uri: {get_input: keystone_identity_uri}
1341 nova::api::api_bind_address: {get_input: nova_api_network}
1342 nova::api::metadata_listen: {get_input: nova_metadata_network}
1343 nova::api::admin_password: {get_input: nova_password}
1344 nova::database_connection: {get_input: nova_dsn}
1345 nova::glance_api_servers: {get_input: glance_api_servers}
1346 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1347 nova::api::instance_name_template: {get_input: instance_name_template}
1348 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
1349 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1350 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
1351 nova::vncproxy::host: {get_input: nova_api_network}
1352 nova::db::mysql::password: {get_input: nova_password}
1355 apache::ip: {get_input: horizon_network}
1356 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1357 horizon::django_debug: {get_input: debug}
1358 horizon::secret_key: {get_input: horizon_secret}
1359 horizon::bind_address: {get_input: horizon_network}
1360 horizon::keystone_url: {get_input: keystone_auth_uri}
1363 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1364 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1365 rabbitmq::file_limit: {get_input: rabbit_fd_limit}
1366 rabbitmq::default_user: {get_input: rabbit_username}
1367 rabbitmq::default_pass: {get_input: rabbit_password}
1369 redis::bind: {get_input: redis_network}
1370 redis_vip: {get_input: redis_vip}
1372 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1373 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1375 memcached::listen_ip: {get_input: memcached_network}
1376 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1377 ntp::servers: {get_input: ntp_servers}
1378 control_virtual_interface: {get_input: control_virtual_interface}
1379 public_virtual_interface: {get_input: public_virtual_interface}
1380 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1381 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1382 tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address}
1383 # NOTE(jaosorior): The service certificate configuration for
1384 # HAProxy was left commented because to properly use this, we
1385 # need to be able to set up the keystone endpoints. And
1386 # currently that is not possible, but is being addressed by
1387 # other commits. A subsequent commit will uncomment this.
1388 #tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1389 tripleo::packages::enable_install: {get_input: enable_package_install}
1390 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1392 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1393 ControllerExtraConfigPre:
1394 depends_on: ControllerDeployment
1395 type: OS::TripleO::ControllerExtraConfigPre
1397 server: {get_resource: Controller}
1399 # Hook for site-specific additional pre-deployment config,
1400 # applying to all nodes, e.g node registration/unregistration
1402 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1403 type: OS::TripleO::NodeExtraConfig
1405 server: {get_resource: Controller}
1408 type: OS::TripleO::Tasks::PackageUpdate
1411 type: OS::Heat::SoftwareDeployment
1413 config: {get_resource: UpdateConfig}
1414 server: {get_resource: Controller}
1417 get_param: UpdateIdentifier
1421 description: IP address of the server in the ctlplane network
1422 value: {get_attr: [Controller, networks, ctlplane, 0]}
1423 external_ip_address:
1424 description: IP address of the server in the external network
1425 value: {get_attr: [ExternalPort, ip_address]}
1426 internal_api_ip_address:
1427 description: IP address of the server in the internal_api network
1428 value: {get_attr: [InternalApiPort, ip_address]}
1430 description: IP address of the server in the storage network
1431 value: {get_attr: [StoragePort, ip_address]}
1432 storage_mgmt_ip_address:
1433 description: IP address of the server in the storage_mgmt network
1434 value: {get_attr: [StorageMgmtPort, ip_address]}
1436 description: IP address of the server in the tenant network
1437 value: {get_attr: [TenantPort, ip_address]}
1439 description: Hostname of the server
1440 value: {get_attr: [Controller, name]}
1443 Node object in the format {ip: ..., name: ...} format that the corosync
1446 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1447 name: {get_attr: [Controller, name]}
1450 Server's IP address and hostname in the /etc/hosts format
1453 template: IP HOST.DOMAIN HOST CLOUDNAME
1455 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1456 DOMAIN: {get_param: CloudDomain}
1457 HOST: {get_attr: [Controller, name]}
1458 CLOUDNAME: {get_param: CloudName}
1459 nova_server_resource:
1460 description: Heat resource handle for the Nova compute server
1462 {get_resource: Controller}
1464 description: Swift device formatted for swift-ring-builder
1467 template: 'r1z1-IP:%PORT%/d1'
1469 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1470 swift_proxy_memcache:
1471 description: Swift proxy-memcache value
1474 template: "IP:11211"
1476 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1478 description: identifier which changes if the controller configuration may need re-applying
1482 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1483 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1484 - {get_attr: [NodeTLSData, deploy_stdout]}
1485 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1486 - {get_param: UpdateIdentifier}
1487 tls_key_modulus_md5:
1488 description: MD5 checksum of the TLS Key Modulus
1489 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1490 tls_cert_modulus_md5:
1491 description: MD5 checksum of the TLS Certificate Modulus
1492 value: {get_attr: [NodeTLSData, cert_modulus_md5]}