1 heat_template_version: 2016-04-08
4 OpenStack controller node configured by Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
15 description: The password for the aodh services.
18 #TODO(composable Redis): Remove the Redis password param
19 #As is used by ceilometer
20 CeilometerApiVirtualIP:
25 description: The ceilometer backend type.
27 CeilometerMeteringSecret:
28 description: Secret shared by the ceilometer services.
32 description: The password for the ceilometer service and db account.
35 CeilometerStoreEvents:
37 description: Whether to store events in ceilometer.
39 CeilometerMeterDispatcher:
41 description: Dispatcher to process meter data
44 - allowed_values: ['gnocchi', 'database']
50 description: Number of workers for Ceilometer service.
52 controllerExtraConfig:
55 Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
57 ControllerExtraConfig:
60 Controller specific hiera configuration data to inject into the cluster.
65 A network mapped list of IPs to assign to Controllers in the following form:
67 "internal_api": ["a.b.c.d", "e.f.g.h"],
71 ControlVirtualInterface:
73 description: Interface where virtual ip will be assigned.
77 description: Enable IPv6 in Corosync
81 description: Set to True to enable debugging on all services.
85 description: Whether to enable fencing in Pacemaker or not.
89 description: Whether to use Galera instead of regular MariaDB.
93 description: Whether to deploy a LoadBalancer on the Controller
97 description: Whether to deploy Ceph Storage (OSD) on the Controller
101 description: Whether to enable Swift Storage on the Controller
106 Additional hieradata to inject into the cluster, note that
107 ControllerExtraConfig takes precedence over ExtraConfig.
112 Pacemaker fencing configuration. The JSON should have
113 the following structure:
117 "agent": "AGENT_NAME",
118 "host_mac": "HOST_MAC_ADDRESS",
119 "params": {"PARAM_NAME": "PARAM_VALUE"}
127 "agent": "fence_xvm",
128 "host_mac": "52:54:00:aa:bb:cc",
130 "multicast_address": "225.0.0.12",
131 "port": "baremetal_0",
133 "manage_key_file": true,
134 "key_file": "/etc/fence_xvm.key",
135 "key_file_password": "abcdef"
142 description: Flavor for control nodes to request when deploying.
145 - custom_constraint: nova.flavor
148 description: The short name of the Gnocchi backend to use. Should be one
149 of swift, rbd, or file
152 - allowed_values: ['swift', 'file', 'rbd']
153 GnocchiIndexerBackend:
155 description: The short name of the Gnocchi indexer backend to use.
161 description: The password for the gnocchi service and db account.
164 HAProxyStatsPassword:
165 description: Password for HAProxy stats endpoint
168 description: User for HAProxy stats endpoint
171 HAProxySyslogAddress:
173 description: Syslog address where HAproxy will send its log
175 HeatAuthEncryptionKey:
176 description: Auth encryption key for heat-engine
181 description: A list of IP/Hostname allowed to connect to horizon
182 type: comma_delimited_list
184 description: Secret key for Django
189 default: overcloud-control
191 - custom_constraint: glance.image
193 default: 'REBUILD_PRESERVE_EPHEMERAL'
194 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
196 InstanceNameTemplate:
197 default: 'instance-%08x'
198 description: Template string to be used to generate instance names
202 description: Name of an existing Nova key pair to enable SSH access to the instances
205 - custom_constraint: nova.keypair
209 description: Keystone region for endpoint
212 description: Whether to manage IPtables rules.
216 description: Enable IPv6 features in Memcached.
220 description: Whether IPtables rules should be purged before setting up the new ones.
225 MysqlClusterUniquePart:
226 description: A unique identifier of the MySQL cluster the controller is in.
228 default: 'unset' # Has to be here because of the ignored empty value bug
229 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
231 # - length: {min: 4, max: 10}
232 MysqlInnodbBufferPoolSize:
234 Specifies the size of the buffer pool in megabytes. Setting to
235 zero should be interpreted as "no value" and will defer to the
240 description: Configures MySQL max_connections config setting
243 MysqlClustercheckPassword:
249 default: '' # Has to be here because of the ignored empty value bug
250 NeutronMetadataProxySharedSecret:
251 description: Shared secret to prevent spoofing
257 The core plugin for Neutron. The value should be the entrypoint to be loaded
258 from neutron.core_plugins namespace.
260 NeutronServicePlugins:
261 default: "router,qos"
263 Comma-separated list of service plugin entrypoints to be loaded from the
264 neutron.service_plugins namespace.
265 type: comma_delimited_list
267 description: The password for the neutron service and db account, used by neutron agents.
270 NeutronPublicInterface:
272 description: What interface to bridge onto br-ex for network nodes.
276 The default MTU for tenant networks. For VXLAN/GRE tunneling, this should
277 be at least 50 bytes smaller than the MTU on the physical network. This
278 value will be used to set the MTU on the virtual Ethernet device.
279 This number is related to the value of NeutronDnsmasqOptions, since that
280 will determine the MTU that is assigned to the VM host through DHCP.
289 Whether to create cron job for purging soft deleted rows in Nova database.
293 description: Enable IPv6 features in Nova
296 description: The password for the nova service and db account, used by nova-api.
301 description: Number of workers for Nova service.
305 description: Should MongoDb journaling be disabled
309 description: Enable IPv6 if Mongo DB VIP is IPv6
313 description: Comma-separated list of ntp servers
314 type: comma_delimited_list
317 description: The password for the 'pcsd' user.
319 PublicVirtualInterface:
322 Specifies the interface where the public-facing virtual ip will be assigned.
323 This should be int_public when a VLAN is being used.
327 default: '' # Has to be here because of the ignored empty value bug
330 default: '' # Has to be here because of the ignored empty value bug
333 description: The password for RabbitMQ
338 description: The username for RabbitMQ
343 Rabbit client subscriber parameter to specify
344 an SSL connection to the RabbitMQ host.
348 description: Set rabbit subscriber port, change this if using SSL
351 description: The password for Redis
356 default: '' # Has to be here because of the ignored empty value bug
359 default: '' # Has to be here because of the ignored empty value bug
360 description: An IP address which is wrapped in brackets in case of IPv6
361 SnmpdReadonlyUserName:
362 default: ro_snmp_user
363 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
365 SnmpdReadonlyUserPassword:
366 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
370 description: A random string to be used as a salt when hashing to determine mappings
376 description: Value of mount_check in Swift account/container/object -server.conf
381 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
384 description: Partition Power to use when building Swift rings
388 description: Whether to manage Swift rings or not
396 description: How many replicas to use in the swift rings.
399 description: The timezone to be set on controller nodes.
401 UpgradeLevelNovaCompute:
403 description: Nova Compute upgrade level
405 VirtualIP: # DEPRECATED: use per service settings instead
407 default: '' # Has to be here because of the ignored empty value bug
420 EnablePackageInstall:
422 description: Set to true to enable package installation via Puppet
426 description: Mapping of service_name -> network name. Typically set
427 via parameter_defaults in the resource registry.
431 description: Mapping of service endpoint -> protocol. Typically set
432 via parameter_defaults in the resource registry.
438 Setting to a previously unused value during stack-update will trigger
439 package update on all nodes
442 default: '' # Defaults to Heat created hostname
446 description: Optional mapping to override hostnames
447 NetworkDeploymentActions:
448 type: comma_delimited_list
450 Heat action when to apply network configuration changes
455 SoftwareConfigTransport:
456 default: POLL_SERVER_CFN
458 How the server should receive the metadata required for software configuration.
461 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
466 The DNS domain used for the hosts. This should match the dhcp_domain
467 configured in the Undercloud neutron. Defaults to localdomain.
471 Extra properties or metadata passed to Nova for the created nodes in
472 the overcloud. It's accessible via the Nova metadata API.
476 description: Optional scheduler hints to pass to nova
478 ServiceConfigSettings:
484 description: Do not use deprecated params, they will be removed.
486 - controllerExtraConfig
491 type: OS::Nova::Server
493 image: {get_param: Image}
494 image_update_policy: {get_param: ImageUpdatePolicy}
495 flavor: {get_param: Flavor}
496 key_name: {get_param: KeyName}
499 user_data_format: SOFTWARE_CONFIG
500 user_data: {get_resource: UserData}
503 template: {get_param: Hostname}
504 params: {get_param: HostnameMap}
505 software_config_transport: {get_param: SoftwareConfigTransport}
506 metadata: {get_param: ServerMetadata}
507 scheduler_hints: {get_param: SchedulerHints}
509 # Combine the NodeAdminUserData and NodeUserData mime archives
511 type: OS::Heat::MultipartMime
514 - config: {get_resource: NodeAdminUserData}
516 - config: {get_resource: NodeUserData}
519 # Creates the "heat-admin" user if configured via the environment
520 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
522 type: OS::TripleO::NodeAdminUserData
524 # For optional operator additional userdata
525 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
527 type: OS::TripleO::NodeUserData
530 type: OS::TripleO::Controller::Ports::ExternalPort
532 IPPool: {get_param: ControllerIPs}
533 NodeIndex: {get_param: NodeIndex}
534 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
537 type: OS::TripleO::Controller::Ports::InternalApiPort
539 IPPool: {get_param: ControllerIPs}
540 NodeIndex: {get_param: NodeIndex}
541 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
544 type: OS::TripleO::Controller::Ports::StoragePort
546 IPPool: {get_param: ControllerIPs}
547 NodeIndex: {get_param: NodeIndex}
548 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
551 type: OS::TripleO::Controller::Ports::StorageMgmtPort
553 IPPool: {get_param: ControllerIPs}
554 NodeIndex: {get_param: NodeIndex}
555 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
558 type: OS::TripleO::Controller::Ports::TenantPort
560 IPPool: {get_param: ControllerIPs}
561 NodeIndex: {get_param: NodeIndex}
562 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
565 type: OS::TripleO::Controller::Ports::ManagementPort
567 IPPool: {get_param: ControllerIPs}
568 NodeIndex: {get_param: NodeIndex}
569 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
572 type: OS::TripleO::Network::Ports::NetIpMap
574 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
575 ExternalIp: {get_attr: [ExternalPort, ip_address]}
576 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
577 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
578 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
579 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
580 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
581 StorageIp: {get_attr: [StoragePort, ip_address]}
582 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
583 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
584 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
585 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
586 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
587 TenantIp: {get_attr: [TenantPort, ip_address]}
588 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
589 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
590 ManagementIp: {get_attr: [ManagementPort, ip_address]}
591 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
592 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
595 type: OS::TripleO::Controller::Net::SoftwareConfig
597 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
598 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
599 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
600 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
601 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
602 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
603 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
606 type: OS::TripleO::SoftwareDeployment
608 name: NetworkDeployment
609 config: {get_resource: NetworkConfig}
610 server: {get_resource: Controller}
611 actions: {get_param: NetworkDeploymentActions}
614 interface_name: {get_param: NeutronPublicInterface}
616 # Resource for site-specific injection of root certificate
618 depends_on: NetworkDeployment
619 type: OS::TripleO::NodeTLSCAData
621 server: {get_resource: Controller}
623 # Resource for site-specific passing of private keys/certificates
625 depends_on: NodeTLSCAData
626 type: OS::TripleO::NodeTLSData
628 server: {get_resource: Controller}
629 NodeIndex: {get_param: NodeIndex}
632 ControllerDeployment:
633 type: OS::TripleO::SoftwareDeployment
634 depends_on: NetworkDeployment
636 name: ControllerDeployment
637 config: {get_resource: ControllerConfig}
638 server: {get_resource: Controller}
640 bootstack_nodeid: {get_attr: [Controller, name]}
641 ceilometer_workers: {get_param: CeilometerWorkers}
642 nova_workers: {get_param: NovaWorkers}
643 haproxy_log_address: {get_param: HAProxySyslogAddress}
644 haproxy_stats_password: {get_param: HAProxyStatsPassword}
645 haproxy_stats_user: {get_param: HAProxyStatsUser}
646 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
647 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
648 horizon_secret: {get_param: HorizonSecret}
649 admin_password: {get_param: AdminPassword}
650 debug: {get_param: Debug}
651 cinder_public_url: {get_param: [EndpointMap, CinderPublic, uri]}
652 cinder_internal_url: {get_param: [EndpointMap, CinderInternal, uri]}
653 cinder_admin_url: {get_param: [EndpointMap, CinderAdmin, uri]}
654 cinder_public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]}
655 cinder_internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]}
656 cinder_admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]}
657 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
658 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
659 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
660 enable_fencing: {get_param: EnableFencing}
661 enable_galera: {get_param: EnableGalera}
662 enable_load_balancer: {get_param: EnableLoadBalancer}
663 enable_ceph_storage: {get_param: EnableCephStorage}
664 enable_swift_storage: {get_param: EnableSwiftStorage}
665 manage_firewall: {get_param: ManageFirewall}
666 purge_firewall_rules: {get_param: PurgeFirewallRules}
667 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
668 mysql_max_connections: {get_param: MysqlMaxConnections}
669 mysql_root_password: {get_param: MysqlRootPassword}
670 mysql_clustercheck_password: {get_param: MysqlClustercheckPassword}
673 template: tripleo-CLUSTER
675 CLUSTER: {get_param: MysqlClusterUniquePart}
676 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
677 neutron_core_plugin: {get_param: NeutronCorePlugin}
678 neutron_service_plugins:
682 PLUGINS: {get_param: NeutronServicePlugins}
683 neutron_password: {get_param: NeutronPassword}
684 neutron_tenant_mtu: {get_param: NeutronTenantMtu}
685 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
686 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
687 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
688 neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
689 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
690 ceilometer_backend: {get_param: CeilometerBackend}
691 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
692 ceilometer_password: {get_param: CeilometerPassword}
693 ceilometer_store_events: {get_param: CeilometerStoreEvents}
694 aodh_password: {get_param: AodhPassword}
695 aodh_internal_url: { get_param: [ EndpointMap, AodhInternal, uri ] }
696 aodh_public_url: { get_param: [ EndpointMap, AodhPublic, uri ] }
697 aodh_admin_url: { get_param: [ EndpointMap, AodhAdmin, uri ] }
698 ceilometer_meter_dispatcher: {get_param: CeilometerMeterDispatcher}
699 gnocchi_password: {get_param: GnocchiPassword}
700 gnocchi_backend: {get_param: GnocchiBackend}
701 gnocchi_indexer_backend: {get_param: GnocchiIndexerBackend}
702 ceilometer_coordination_url:
706 - {get_param: RedisPassword}
708 - {get_param: RedisVirtualIPUri}
713 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
715 - {get_param: CeilometerPassword}
717 - {get_param: [EndpointMap, MysqlInternal, host]}
722 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
724 - {get_param: GnocchiPassword}
726 - {get_param: [EndpointMap, MysqlInternal, host]}
728 gnocchi_internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]}
729 gnocchi_public_url: { get_param: [ EndpointMap, GnocchiPublic, uri ] }
730 gnocchi_admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] }
731 ceilometer_public_url: {get_param: [EndpointMap, CeilometerPublic, uri]}
732 ceilometer_internal_url: {get_param: [EndpointMap, CeilometerInternal, uri]}
733 ceilometer_admin_url: {get_param: [EndpointMap, CeilometerAdmin, uri]}
734 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
735 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
736 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
737 nova_ipv6: {get_param: NovaIPv6}
738 corosync_ipv6: {get_param: CorosyncIPv6}
739 memcached_ipv6: {get_param: MemcachedIPv6}
740 nova_password: {get_param: NovaPassword}
744 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
746 - {get_param: NovaPassword}
748 - {get_param: [EndpointMap, MysqlInternal, host]}
753 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
755 - {get_param: NovaPassword}
757 - {get_param: [EndpointMap, MysqlInternal, host]}
759 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
760 instance_name_template: {get_param: InstanceNameTemplate}
761 nova_public_url: {get_param: [EndpointMap, NovaPublic, uri]}
762 nova_internal_url: {get_param: [EndpointMap, NovaInternal, uri]}
763 nova_admin_url: {get_param: [EndpointMap, NovaAdmin, uri]}
764 fencing_config: {get_param: FencingConfig}
765 pcsd_password: {get_param: PcsdPassword}
766 rabbit_username: {get_param: RabbitUserName}
767 rabbit_password: {get_param: RabbitPassword}
768 rabbit_cookie: {get_param: RabbitCookie}
769 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
770 rabbit_client_port: {get_param: RabbitClientPort}
771 mongodb_no_journal: {get_param: MongoDbNoJournal}
772 mongodb_ipv6: {get_param: MongoDbIPv6}
773 ntp_servers: {get_param: NtpServer}
774 timezone: {get_param: TimeZone}
775 control_virtual_interface: {get_param: ControlVirtualInterface}
776 public_virtual_interface: {get_param: PublicVirtualInterface}
777 swift_hash_suffix: {get_param: SwiftHashSuffix}
778 swift_part_power: {get_param: SwiftPartPower}
779 swift_ring_build: {get_param: SwiftRingBuild}
780 swift_replicas: {get_param: SwiftReplicas}
781 swift_min_part_hours: {get_param: SwiftMinPartHours}
782 swift_mount_check: {get_param: SwiftMountCheck}
783 enable_package_install: {get_param: EnablePackageInstall}
784 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
785 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
786 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
787 cinder_iscsi_network:
791 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
792 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
793 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
794 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
795 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
796 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
797 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
798 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
799 keystone_region: {get_param: KeystoneRegion}
800 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
801 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
802 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
803 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
804 aodh_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]}
805 gnocchi_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]}
806 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
807 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
808 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
811 template: "['SUBNET']"
813 SUBNET: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
814 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
815 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
816 redis_vip: {get_param: RedisVirtualIP}
817 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
818 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
819 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
820 mysql_virtual_ip: {get_param: MysqlVirtualIP}
821 ceph_cluster_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
822 ceph_public_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
823 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
825 # Map heat metadata into hiera datafiles
827 type: OS::Heat::StructuredConfig
829 group: os-apply-config
834 - heat_config_%{::deploy_config_name}
835 - controller_extraconfig
841 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
842 - ceph_cluster # provided by CephClusterConfig
844 - bootstrap_node # provided by BootstrapNodeConfig
845 - all_nodes # provided by allNodesConfig
846 - vip_data # provided by vip-config
850 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
851 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
852 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
853 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
854 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
855 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
856 - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
857 - midonet_data #Optionally provided by AllNodesExtraConfig
858 - neutron_opencontrail_data # Optionally provided by ControllerExtraConfigPre
859 - neutron_plumgrid_data # Optionally provided by ControllerExtraConfigPre
860 merge_behavior: deeper
863 mapped_data: {get_param: ServiceConfigSettings}
864 controller_extraconfig:
867 - {get_param: controllerExtraConfig}
868 - {get_param: ControllerExtraConfig}
870 mapped_data: {get_param: ExtraConfig}
872 raw_data: {get_file: hieradata/common.yaml}
875 net_ip_map: {get_attr: [NetIpMap, net_ip_map]}
876 net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]}
877 net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]}
879 raw_data: {get_file: hieradata/ceph.yaml}
881 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
882 ceph::profile::params::public_network: {get_input: ceph_public_network}
883 ceph::profile::params::public_addr: {get_input: ceph_public_ip}
885 raw_data: {get_file: hieradata/database.yaml}
887 raw_data: {get_file: hieradata/object.yaml}
889 raw_data: {get_file: hieradata/controller.yaml}
890 mapped_data: # data supplied directly to this deployment configuration, etc
891 bootstack_nodeid: {get_input: bootstack_nodeid}
894 enable_fencing: {get_input: enable_fencing}
895 enable_load_balancer: {get_input: enable_load_balancer}
896 hacluster_pwd: {get_input: pcsd_password}
897 corosync_ipv6: {get_input: corosync_ipv6}
898 tripleo::fencing::config: {get_input: fencing_config}
901 # FIXME: need to move proxy_local_net_ip into swift-proxy.yaml
902 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
903 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
904 swift::swift_hash_path_suffix: {get_input: swift_hash_suffix}
905 tripleo::ringbuilder::build_ring: { get_input: swift_ring_build }
906 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
907 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
908 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
909 swift_mount_check: {get_input: swift_mount_check}
912 tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: {get_input: cinder_iscsi_network}
913 cinder::api::bind_host: {get_input: cinder_api_network}
914 cinder::keystone::auth::public_url: {get_input: cinder_public_url }
915 cinder::keystone::auth::internal_url: {get_input: cinder_internal_url }
916 cinder::keystone::auth::admin_url: {get_input: cinder_admin_url }
917 cinder::keystone::auth::public_url_v2: {get_input: cinder_public_url_v2 }
918 cinder::keystone::auth::internal_url_v2: {get_input: cinder_internal_url_v2 }
919 cinder::keystone::auth::admin_url_v2: {get_input: cinder_admin_url_v2 }
920 cinder::keystone::auth::password: {get_input: cinder_password }
921 cinder::keystone::auth::region: {get_input: keystone_region}
924 glance::api::bind_host: {get_input: glance_api_network}
925 glance::registry::bind_host: {get_input: glance_registry_network}
926 glance::keystone::auth::region: {get_input: keystone_region}
929 heat::api::bind_host: {get_input: heat_api_network}
930 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
931 heat::api_cfn::bind_host: {get_input: heat_api_network}
932 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
935 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
936 keystone::public_bind_host: {get_input: keystone_public_api_network}
937 keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
938 keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
940 mongodb::server::bind_ip: {get_input: mongo_db_network}
941 mongodb::server::nojournal: {get_input: mongodb_no_journal}
942 mongodb::server::ipv6: {get_input: mongodb_ipv6}
944 admin_password: {get_input: admin_password}
945 enable_galera: {get_input: enable_galera}
946 enable_ceph_storage: {get_input: enable_ceph_storage}
947 enable_swift_storage: {get_input: enable_swift_storage}
948 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
949 mysql_max_connections: {get_input: mysql_max_connections}
950 mysql::server::root_password: {get_input: mysql_root_password}
951 mysql_clustercheck_password: {get_input: mysql_clustercheck_password}
952 mysql_cluster_name: {get_input: mysql_cluster_name}
953 mysql_bind_host: {get_input: mysql_network}
954 mysql_virtual_ip: {get_input: mysql_virtual_ip}
957 neutron::bind_host: {get_input: neutron_api_network}
958 neutron::network_device_mtu: {get_input: neutron_tenant_mtu}
959 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
960 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
961 neutron::core_plugin: {get_input: neutron_core_plugin}
962 neutron::service_plugins: {get_input: neutron_service_plugins}
963 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
964 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
965 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
966 neutron::keystone::auth::password: {get_input: neutron_password }
967 neutron::keystone::auth::region: {get_input: keystone_region}
970 ceilometer_backend: {get_input: ceilometer_backend}
971 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
972 ceilometer::telemetry_secret: {get_input: ceilometer_metering_secret}
973 ceilometer::rabbit_userid: {get_input: rabbit_username}
974 ceilometer::rabbit_password: {get_input: rabbit_password}
975 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
976 ceilometer::rabbit_port: {get_input: rabbit_client_port}
977 ceilometer::debug: {get_input: debug}
978 ceilometer::api::host: {get_input: ceilometer_api_network}
979 ceilometer::api::keystone_password: {get_input: ceilometer_password}
980 ceilometer::api::auth_uri: {get_input: keystone_auth_uri}
981 ceilometer::api::identity_uri: {get_input: keystone_identity_uri}
982 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
983 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
984 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
985 ceilometer::agent::notification::store_events: {get_input: ceilometer_store_events}
986 ceilometer::db::mysql::password: {get_input: ceilometer_password}
987 ceilometer::collector::meter_dispatcher: {get_input: ceilometer_meter_dispatcher}
988 ceilometer::dispatcher::gnocchi::url: {get_input: gnocchi_internal_url }
989 ceilometer::dispatcher::gnocchi::filter_project: 'service'
990 ceilometer::dispatcher::gnocchi::archive_policy: 'low'
991 ceilometer::dispatcher::gnocchi::resources_definition_file: 'gnocchi_resources.yaml'
992 ceilometer::keystone::auth::public_url: {get_input: ceilometer_public_url }
993 ceilometer::keystone::auth::internal_url: {get_input: ceilometer_internal_url }
994 ceilometer::keystone::auth::admin_url: {get_input: ceilometer_admin_url }
995 ceilometer::keystone::auth::password: {get_input: ceilometer_password }
996 ceilometer::keystone::auth::region: {get_input: keystone_region}
997 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
998 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1001 aodh::rabbit_userid: {get_input: rabbit_username}
1002 aodh::rabbit_password: {get_input: rabbit_password}
1003 aodh::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1004 aodh::rabbit_port: {get_input: rabbit_client_port}
1005 aodh::debug: {get_input: debug}
1006 aodh::wsgi::apache::ssl: false
1007 aodh::wsgi::apache::bind_host: {get_input: aodh_api_network}
1008 aodh::api::service_name: 'httpd'
1009 aodh::api::host: {get_input: aodh_api_network}
1010 aodh::api::keystone_password: {get_input: aodh_password}
1011 aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1012 aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1013 aodh::auth::auth_password: {get_input: aodh_password}
1014 aodh::db::mysql::password: {get_input: aodh_password}
1015 # for a migration path from ceilometer-alarm to aodh, we use the same database & coordination
1016 aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url}
1017 aodh::keystone::auth::public_url: {get_input: aodh_public_url }
1018 aodh::keystone::auth::internal_url: {get_input: aodh_internal_url }
1019 aodh::keystone::auth::admin_url: {get_input: aodh_admin_url }
1020 aodh::keystone::auth::password: {get_input: aodh_password }
1021 aodh::keystone::auth::region: {get_input: keystone_region}
1024 gnocchi_backend: {get_input: gnocchi_backend}
1025 gnocchi_indexer_backend: {get_input: gnocchi_indexer_backend}
1026 gnocchi_mysql_conn_string: {get_input: gnocchi_dsn}
1027 gnocchi::debug: {get_input: debug}
1028 gnocchi::wsgi::apache::ssl: false
1029 gnocchi::wsgi::apache::bind_host: {get_input: gnocchi_api_network}
1030 gnocchi::api::service_name: 'httpd'
1031 gnocchi::api::host: {get_input: gnocchi_api_network}
1032 gnocchi::api::keystone_password: {get_input: gnocchi_password}
1033 gnocchi::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1034 gnocchi::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1035 gnocchi::db::mysql::password: {get_input: gnocchi_password}
1036 gnocchi::storage::swift::swift_authurl: {get_input: keystone_auth_uri}
1037 gnocchi::storage::swift::swift_key: {get_input: gnocchi_password}
1038 gnocchi::keystone::auth::public_url: {get_input: gnocchi_public_url }
1039 gnocchi::keystone::auth::internal_url: {get_input: gnocchi_internal_url }
1040 gnocchi::keystone::auth::admin_url: {get_input: gnocchi_admin_url }
1041 gnocchi::keystone::auth::password: {get_input: gnocchi_password }
1042 gnocchi::keystone::auth::region: {get_input: keystone_region}
1045 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
1046 nova::use_ipv6: {get_input: nova_ipv6}
1047 nova::api::auth_uri: {get_input: keystone_auth_uri}
1048 nova::api::identity_uri: {get_input: keystone_identity_uri}
1049 nova::api::api_bind_address: {get_input: nova_api_network}
1050 nova::api::metadata_listen: {get_input: nova_metadata_network}
1051 nova::api::admin_password: {get_input: nova_password}
1052 nova::api::osapi_compute_workers: {get_input: nova_workers}
1053 nova::api::metadata_workers: {get_input: nova_workers}
1054 nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu}
1055 nova::database_connection: {get_input: nova_dsn}
1056 nova::api_database_connection: {get_input: nova_api_dsn}
1057 nova::glance_api_servers: {get_input: glance_api_servers}
1058 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1059 nova::api::instance_name_template: {get_input: instance_name_template}
1060 nova::network::neutron::neutron_password: {get_input: neutron_password}
1061 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1062 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
1063 nova::vncproxy::host: {get_input: nova_api_network}
1064 nova::db::mysql::password: {get_input: nova_password}
1065 nova::db::mysql_api::password: {get_input: nova_password}
1066 nova_enable_db_purge: {get_input: nova_enable_db_purge}
1067 nova::keystone::auth::public_url: {get_input: nova_public_url}
1068 nova::keystone::auth::internal_url: {get_input: nova_internal_url}
1069 nova::keystone::auth::admin_url: {get_input: nova_admin_url}
1070 nova::keystone::auth::password: {get_input: nova_password }
1071 nova::keystone::auth::region: {get_input: keystone_region}
1074 apache::mod::remoteip::proxy_ips: {get_input: horizon_subnet}
1075 apache::ip: {get_input: horizon_network}
1076 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1077 horizon::django_debug: {get_input: debug}
1078 horizon::secret_key: {get_input: horizon_secret}
1079 horizon::bind_address: {get_input: horizon_network}
1080 horizon::keystone_url: {get_input: keystone_auth_uri}
1083 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1084 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1086 redis::bind: {get_input: redis_network}
1087 redis_vip: {get_input: redis_vip}
1089 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1090 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1092 memcached_ipv6: {get_input: memcached_ipv6}
1093 memcached::listen_ip: {get_input: memcached_network}
1094 ntp::servers: {get_input: ntp_servers}
1095 timezone::timezone: {get_input: timezone}
1096 control_virtual_interface: {get_input: control_virtual_interface}
1097 public_virtual_interface: {get_input: public_virtual_interface}
1098 tripleo::keepalived::control_virtual_interface: {get_input: control_virtual_interface}
1099 tripleo::keepalived::public_virtual_interface: {get_input: public_virtual_interface}
1100 tripleo::haproxy::control_virtual_interface: {get_input: control_virtual_interface}
1101 tripleo::haproxy::public_virtual_interface: {get_input: public_virtual_interface}
1102 tripleo::haproxy::haproxy_log_address: {get_input: haproxy_log_address}
1103 tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1104 tripleo::haproxy::haproxy_stats_user: {get_input: haproxy_stats_user}
1105 tripleo::haproxy::haproxy_stats_password: {get_input: haproxy_stats_password}
1106 tripleo::haproxy::redis_password: {get_input: redis_password}
1107 tripleo::packages::enable_install: {get_input: enable_package_install}
1108 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1110 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1111 ControllerExtraConfigPre:
1112 depends_on: ControllerDeployment
1113 type: OS::TripleO::ControllerExtraConfigPre
1115 server: {get_resource: Controller}
1117 # Hook for site-specific additional pre-deployment config,
1118 # applying to all nodes, e.g node registration/unregistration
1120 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1121 type: OS::TripleO::NodeExtraConfig
1123 server: {get_resource: Controller}
1126 type: OS::TripleO::Tasks::PackageUpdate
1129 type: OS::Heat::SoftwareDeployment
1131 name: UpdateDeployment
1132 config: {get_resource: UpdateConfig}
1133 server: {get_resource: Controller}
1136 get_param: UpdateIdentifier
1140 description: IP address of the server in the ctlplane network
1141 value: {get_attr: [Controller, networks, ctlplane, 0]}
1142 external_ip_address:
1143 description: IP address of the server in the external network
1144 value: {get_attr: [ExternalPort, ip_address]}
1145 internal_api_ip_address:
1146 description: IP address of the server in the internal_api network
1147 value: {get_attr: [InternalApiPort, ip_address]}
1149 description: IP address of the server in the storage network
1150 value: {get_attr: [StoragePort, ip_address]}
1151 storage_mgmt_ip_address:
1152 description: IP address of the server in the storage_mgmt network
1153 value: {get_attr: [StorageMgmtPort, ip_address]}
1155 description: IP address of the server in the tenant network
1156 value: {get_attr: [TenantPort, ip_address]}
1157 management_ip_address:
1158 description: IP address of the server in the management network
1159 value: {get_attr: [ManagementPort, ip_address]}
1161 description: Hostname of the server
1162 value: {get_attr: [Controller, name]}
1165 Server's IP address and hostname in the /etc/hosts format
1169 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
1170 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
1171 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
1172 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
1173 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
1174 TENANTIP TENANTHOST.DOMAIN TENANTHOST
1175 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
1177 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1178 DOMAIN: {get_param: CloudDomain}
1179 PRIMARYHOST: {get_attr: [Controller, name]}
1180 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
1184 - - {get_attr: [Controller, name]}
1186 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
1190 - - {get_attr: [Controller, name]}
1192 STORAGEIP: {get_attr: [StoragePort, ip_address]}
1196 - - {get_attr: [Controller, name]}
1198 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
1202 - - {get_attr: [Controller, name]}
1204 TENANTIP: {get_attr: [TenantPort, ip_address]}
1208 - - {get_attr: [Controller, name]}
1210 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
1214 - - {get_attr: [Controller, name]}
1216 nova_server_resource:
1217 description: Heat resource handle for the Nova compute server
1219 {get_resource: Controller}
1221 description: Swift device formatted for swift-ring-builder
1224 template: 'r1z1-IP:%PORT%/d1'
1226 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1227 swift_proxy_memcache:
1228 description: Swift proxy-memcache value
1231 template: "IP:11211"
1233 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1235 description: identifier which changes if the controller configuration may need re-applying
1239 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1240 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1241 - {get_attr: [NodeTLSData, deploy_stdout]}
1242 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1243 - {get_param: UpdateIdentifier}
1244 tls_key_modulus_md5:
1245 description: MD5 checksum of the TLS Key Modulus
1246 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1247 tls_cert_modulus_md5:
1248 description: MD5 checksum of the TLS Certificate Modulus
1249 value: {get_attr: [NodeTLSData, cert_modulus_md5]}