1 heat_template_version: 2015-10-15
4 OpenStack controller node configured by Puppet.
8 default: 'admin@example.com'
9 description: The email for the keystone admin account.
13 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
17 description: The keystone auth secret and db password.
25 description: The password for the aodh services.
28 CeilometerApiVirtualIP:
33 description: The ceilometer backend type.
35 CeilometerMeteringSecret:
36 description: Secret shared by the ceilometer services.
40 description: The password for the ceilometer service and db account.
48 description: Number of workers for Ceilometer service.
53 Whether to create cron job for purging soft deleted rows in Cinder database.
55 CinderEnableNfsBackend:
57 description: Whether to enable or not the NFS backend for Cinder
59 CinderEnableIscsiBackend:
61 description: Whether to enable or not the Iscsi backend for Cinder
63 CinderEnableRbdBackend:
65 description: Whether to enable or not the Rbd backend for Cinder
69 description: The iSCSI helper to use with cinder.
71 CinderLVMLoopDeviceSize:
73 description: The size of the loopback file used by the cinder LVM driver.
75 CinderNfsMountOptions:
78 Mount options for NFS mounts used by Cinder NFS backend. Effective
79 when CinderEnableNfsBackend is true.
84 NFS servers used by Cinder NFS backend. Effective when
85 CinderEnableNfsBackend is true.
86 type: comma_delimited_list
88 description: The password for the cinder service and db account, used by cinder-api.
93 description: Contains parameters to configure Cinder backends. Typically
94 set via parameter_defaults in the resource registry.
98 description: Number of workers for Cinder service.
100 ControllerExtraConfig:
103 Controller specific hiera configuration data to inject into the cluster.
108 A network mapped list of IPs to assign to Controllers in the following form:
110 "internal_api": ["a.b.c.d", "e.f.g.h"],
114 ControlVirtualInterface:
116 description: Interface where virtual ip will be assigned.
120 description: Enable IPv6 in Corosync
124 description: Set to True to enable debugging on all services.
128 description: Whether to enable fencing in Pacemaker or not.
132 description: Whether to use Galera instead of regular MariaDB.
136 description: Whether to deploy a LoadBalancer on the Controller
140 description: Whether to deploy Ceph Storage (OSD) on the Controller
144 description: Whether to enable Swift Storage on the Controller
149 Additional hieradata to inject into the cluster, note that
150 ControllerExtraConfig takes precedence over ExtraConfig.
155 Pacemaker fencing configuration. The JSON should have
156 the following structure:
160 "agent": "AGENT_NAME",
161 "host_mac": "HOST_MAC_ADDRESS",
162 "params": {"PARAM_NAME": "PARAM_VALUE"}
170 "agent": "fence_xvm",
171 "host_mac": "52:54:00:aa:bb:cc",
173 "multicast_address": "225.0.0.12",
174 "port": "baremetal_0",
176 "manage_key_file": true,
177 "key_file": "/etc/fence_xvm.key",
178 "key_file_password": "abcdef"
185 description: Flavor for control nodes to request when deploying.
188 - custom_constraint: nova.flavor
189 GlanceNotifierStrategy:
190 description: Strategy to use for Glance notification queue
194 description: The filepath of the file to use for logging messages from Glance.
198 description: The password for the glance service and db account, used by the glance services.
203 description: The short name of the Glance backend to use. Should be one
204 of swift, rbd, or file
207 - allowed_values: ['swift', 'file', 'rbd']
208 GlanceFilePcmkDevice:
211 An exported storage device that should be mounted by Pacemaker
212 as Glance storage. Effective when GlanceFilePcmkManage is true.
214 GlanceFilePcmkFstype:
217 Filesystem type for Pacemaker mount used as Glance storage.
218 Effective when GlanceFilePcmkManage is true.
220 GlanceFilePcmkManage:
223 Whether to make Glance file backend a mount managed by Pacemaker.
224 Effective when GlanceBackend is 'file'.
226 GlanceFilePcmkOptions:
229 Mount options for Pacemaker mount used as Glance storage.
230 Effective when GlanceFilePcmkManage is true.
232 HAProxySyslogAddress:
234 description: Syslog address where HAproxy will send its log
238 description: Number of workers for Glance service.
241 description: The password for the Heat service and db account, used by the Heat services.
244 HeatStackDomainAdminPassword:
245 description: Password for heat_domain_admin user.
248 HeatAuthEncryptionKey:
249 description: Auth encryption key for heat-engine
254 description: A list of IP/Hostname allowed to connect to horizon
255 type: comma_delimited_list
258 description: Number of workers for Heat service.
264 Whether to create cron job for purging soft deleted rows in the Heat database.
266 description: Secret key for Django
271 default: overcloud-control
273 - custom_constraint: glance.image
275 default: 'REBUILD_PRESERVE_EPHEMERAL'
276 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
278 InstanceNameTemplate:
279 default: 'instance-%08x'
280 description: Template string to be used to generate instance names
284 description: Name of an existing Nova key pair to enable SSH access to the instances
287 - custom_constraint: nova.keypair
288 KeystoneCACertificate:
290 description: Keystone self-signed certificate authority certificate.
292 KeystoneEnableDBPurge:
295 Whether to create cron job for purging soft deleted rows in Keystone database.
297 KeystoneSigningCertificate:
299 description: Keystone certificate for verifying token validity.
303 description: Keystone key for signing tokens.
306 KeystoneSSLCertificate:
308 description: Keystone certificate for verifying token validity.
310 KeystoneSSLCertificateKey:
312 description: Keystone key for signing tokens.
315 KeystoneNotificationDriver:
316 description: Comma-separated list of Oslo notification drivers used by Keystone
317 default: ['messaging']
318 type: comma_delimited_list
319 KeystoneNotificationFormat:
320 description: The Keystone notification format
324 - allowed_values: [ 'basic', 'cadf' ]
328 description: Keystone region for endpoint
331 description: Whether to manage IPtables rules.
335 description: Whether IPtables rules should be purged before setting up the new ones.
339 description: Number of workers for Keystone service.
346 description: The password for the sahara service account, used by sahara-api.
349 MysqlClusterUniquePart:
350 description: A unique identifier of the MySQL cluster the controller is in.
352 default: 'unset' # Has to be here because of the ignored empty value bug
353 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
355 # - length: {min: 4, max: 10}
356 MysqlInnodbBufferPoolSize:
358 Specifies the size of the buffer pool in megabytes. Setting to
359 zero should be interpreted as "no value" and will defer to the
364 description: Configures MySQL max_connections config setting
370 default: '' # Has to be here because of the ignored empty value bug
371 NeutronExternalNetworkBridge:
372 description: Name of bridge used for external network traffic.
375 NeutronBridgeMappings:
377 The OVS logical->physical bridge mappings to use. See the Neutron
378 documentation for details. Defaults to mapping br-ex - the external
379 bridge on hosts - to a physical name 'datacentre' which can be used
380 to create provider networks (and we use this for the default floating
381 network) - if changing this either use different post-install network
382 scripts or be sure to keep 'datacentre' as a mapping network name.
383 type: comma_delimited_list
384 default: "datacentre:br-ex"
385 NeutronDnsmasqOptions:
386 default: 'dhcp-option-force=26,1400'
387 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
389 NeutronEnableDHCPAgent:
390 description: Knob to enable/disable DHCP Agent
393 NeutronEnableL3Agent:
394 description: Knob to enable/disable L3 agent
397 NeutronEnableMetadataAgent:
398 description: Knob to enable/disable Metadata agent
401 NeutronEnableOVSAgent:
402 description: Knob to enable/disable OVS Agent
407 description: Agent mode for the neutron-l3-agent on the controller hosts
411 description: Whether to enable l3-agent HA
413 NeutronDhcpAgentsPerNetwork:
416 description: The number of neutron dhcp agents to schedule per network
419 description: Whether to configure Neutron Distributed Virtual Routers
421 NeutronMetadataProxySharedSecret:
422 description: Shared secret to prevent spoofing
428 The core plugin for Neutron. The value should be the entrypoint to be loaded
429 from neutron.core_plugins namespace.
431 NeutronServicePlugins:
432 default: "router,qos"
434 Comma-separated list of service plugin entrypoints to be loaded from the
435 neutron.service_plugins namespace.
436 type: comma_delimited_list
438 default: "vxlan,vlan,flat,gre"
440 Comma-separated list of network type driver entrypoints to be loaded.
441 type: comma_delimited_list
442 NeutronMechanismDrivers:
443 default: 'openvswitch'
445 The mechanism drivers for the Neutron tenant network.
446 type: comma_delimited_list
447 NeutronAllowL3AgentFailover:
449 description: Allow automatic l3-agent failover
451 NeutronEnableIsolatedMetadata:
453 description: If True, DHCP provide metadata route to VM.
455 NeutronEnableTunnelling:
461 Enable/disable the L2 population feature in the Neutron agents.
464 type: comma_delimited_list
465 default: 'datacentre'
466 description: If set, flat networks to configure in neutron plugins.
469 description: Whether to enable l3-agent HA
473 description: The tenant network type for Neutron.
474 type: comma_delimited_list
475 NeutronNetworkVLANRanges:
476 default: 'datacentre:1:1000'
478 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
479 Neutron documentation for permitted values. Defaults to permitting any
480 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
481 type: comma_delimited_list
483 description: The password for the neutron service and db account, used by neutron agents.
486 NeutronPublicInterface:
488 description: What interface to bridge onto br-ex for network nodes.
490 NeutronPublicInterfaceTag:
493 VLAN tag for creating a public VLAN. The tag will be used to
494 create an access port on the exterior bridge for each control plane node,
495 and that port will be given the IP address returned by neutron from the
496 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
497 overcloud.yaml to include the deployment of VLAN ports to the control
500 NeutronPublicInterfaceDefaultRoute:
502 description: A custom default route for the NeutronPublicInterface.
504 NeutronPublicInterfaceIP:
506 description: A custom IP address to put onto the NeutronPublicInterface.
508 NeutronPublicInterfaceRawDevice:
510 description: If set, the public interface is a vlan with this device as the raw device.
514 The default MTU for tenant networks. For VXLAN/GRE tunneling, this should
515 be at least 50 bytes smaller than the MTU on the physical network. This
516 value will be used to set the MTU on the virtual Ethernet device.
517 This number is related to the value of NeutronDnsmasqOptions, since that
518 will determine the MTU that is assigned to the VM host through DHCP.
524 The tunnel types for the Neutron tenant network.
525 type: comma_delimited_list
526 NeutronTunnelIdRanges:
528 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
529 of GRE tunnel IDs that are available for tenant network allocation
530 default: ["1:4094", ]
531 type: comma_delimited_list
534 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
535 of VXLAN VNI IDs that are available for tenant network allocation
536 default: ["1:4094", ]
537 type: comma_delimited_list
538 NeutronPluginExtensions:
539 default: "qos,port_security"
541 Comma-separated list of extensions enabled for the Neutron plugin.
542 type: comma_delimited_list
543 NeutronAgentExtensions:
546 Comma-separated list of extensions enabled for the Neutron agents.
547 type: comma_delimited_list
553 description: Number of workers for Neutron service.
558 Whether to create cron job for purging soft deleted rows in Nova database.
562 description: Enable IPv6 features in Nova
565 description: The password for the nova service and db account, used by nova-api.
570 description: Number of workers for Nova service.
574 description: Should MongoDb journaling be disabled
578 description: Enable IPv6 if Mongo DB VIP is IPv6
582 description: Comma-separated list of ntp servers
583 type: comma_delimited_list
586 description: The password for the 'pcsd' user.
588 PublicVirtualInterface:
591 Specifies the interface where the public-facing virtual ip will be assigned.
592 This should be int_public when a VLAN is being used.
596 default: '' # Has to be here because of the ignored empty value bug
599 default: '' # Has to be here because of the ignored empty value bug
603 description: The password for RabbitMQ
608 description: The username for RabbitMQ
613 Rabbit client subscriber parameter to specify
614 an SSL connection to the RabbitMQ host.
618 description: Set rabbit subscriber port, change this if using SSL
622 description: Configures RabbitMQ FD limit
626 default: '' # Has to be here because of the ignored empty value bug
629 default: '' # Has to be here because of the ignored empty value bug
630 description: An IP address which is wrapped in brackets in case of IPv6
631 SnmpdReadonlyUserName:
632 default: ro_snmp_user
633 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
635 SnmpdReadonlyUserPassword:
636 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
640 description: A random string to be used as a salt when hashing to determine mappings
646 description: Value of mount_check in Swift account/container/object -server.conf
651 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
654 description: Partition Power to use when building Swift rings
657 description: The password for the swift service account, used by the swift proxy
667 description: How many replicas to use in the swift rings.
670 description: Number of workers for Swift service.
674 description: The timezone to be set on controller nodes.
676 UpgradeLevelNovaCompute:
678 description: Nova Compute upgrade level
680 VirtualIP: # DEPRECATED: use per service settings instead
682 default: '' # Has to be here because of the ignored empty value bug
692 GlanceRegistryVirtualIP:
701 KeystoneAdminApiVirtualIP:
704 KeystonePublicApiVirtualIP:
710 EnablePackageInstall:
712 description: Set to true to enable package installation via Puppet
716 description: Mapping of service_name -> network name. Typically set
717 via parameter_defaults in the resource registry.
721 description: Mapping of service endpoint -> protocol. Typically set
722 via parameter_defaults in the resource registry.
728 Setting to a previously unused value during stack-update will trigger
729 package update on all nodes
732 default: '' # Defaults to Heat created hostname
736 description: Optional mapping to override hostnames
737 NetworkDeploymentActions:
738 type: comma_delimited_list
740 Heat action when to apply network configuration changes
745 SoftwareConfigTransport:
746 default: POLL_SERVER_CFN
748 How the server should receive the metadata required for software configuration.
751 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
756 The DNS domain used for the hosts. This should match the dhcp_domain
757 configured in the Undercloud neutron. Defaults to localdomain.
761 Extra properties or metadata passed to Nova for the created nodes in
762 the overcloud. It's accessible via the Nova metadata API.
766 description: Optional scheduler hints to pass to nova
772 type: OS::Nova::Server
774 image: {get_param: Image}
775 image_update_policy: {get_param: ImageUpdatePolicy}
776 flavor: {get_param: Flavor}
777 key_name: {get_param: KeyName}
780 user_data_format: SOFTWARE_CONFIG
781 user_data: {get_resource: UserData}
784 template: {get_param: Hostname}
785 params: {get_param: HostnameMap}
786 software_config_transport: {get_param: SoftwareConfigTransport}
787 metadata: {get_param: ServerMetadata}
788 scheduler_hints: {get_param: SchedulerHints}
790 # Combine the NodeAdminUserData and NodeUserData mime archives
792 type: OS::Heat::MultipartMime
795 - config: {get_resource: NodeAdminUserData}
797 - config: {get_resource: NodeUserData}
800 # Creates the "heat-admin" user if configured via the environment
801 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
803 type: OS::TripleO::NodeAdminUserData
805 # For optional operator additional userdata
806 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
808 type: OS::TripleO::NodeUserData
811 type: OS::TripleO::Controller::Ports::ExternalPort
813 IPPool: {get_param: ControllerIPs}
814 NodeIndex: {get_param: NodeIndex}
815 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
818 type: OS::TripleO::Controller::Ports::InternalApiPort
820 IPPool: {get_param: ControllerIPs}
821 NodeIndex: {get_param: NodeIndex}
822 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
825 type: OS::TripleO::Controller::Ports::StoragePort
827 IPPool: {get_param: ControllerIPs}
828 NodeIndex: {get_param: NodeIndex}
829 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
832 type: OS::TripleO::Controller::Ports::StorageMgmtPort
834 IPPool: {get_param: ControllerIPs}
835 NodeIndex: {get_param: NodeIndex}
836 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
839 type: OS::TripleO::Controller::Ports::TenantPort
841 IPPool: {get_param: ControllerIPs}
842 NodeIndex: {get_param: NodeIndex}
843 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
846 type: OS::TripleO::Controller::Ports::ManagementPort
848 IPPool: {get_param: ControllerIPs}
849 NodeIndex: {get_param: NodeIndex}
850 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
853 type: OS::TripleO::Network::Ports::NetIpMap
855 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
856 ExternalIp: {get_attr: [ExternalPort, ip_address]}
857 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
858 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
859 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
860 StorageIp: {get_attr: [StoragePort, ip_address]}
861 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
862 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
863 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
864 TenantIp: {get_attr: [TenantPort, ip_address]}
865 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
866 ManagementIp: {get_attr: [ManagementPort, ip_address]}
867 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
870 type: OS::TripleO::Network::Ports::NetIpSubnetMap
872 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
873 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
874 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
875 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
876 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
877 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
878 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
881 type: OS::TripleO::Controller::Net::SoftwareConfig
883 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
884 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
885 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
886 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
887 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
888 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
889 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
892 type: OS::TripleO::SoftwareDeployment
894 name: NetworkDeployment
895 config: {get_resource: NetworkConfig}
896 server: {get_resource: Controller}
897 actions: {get_param: NetworkDeploymentActions}
900 interface_name: {get_param: NeutronPublicInterface}
902 # Resource for site-specific injection of root certificate
904 depends_on: NetworkDeployment
905 type: OS::TripleO::NodeTLSCAData
907 server: {get_resource: Controller}
909 # Resource for site-specific passing of private keys/certificates
911 depends_on: NodeTLSCAData
912 type: OS::TripleO::NodeTLSData
914 server: {get_resource: Controller}
915 NodeIndex: {get_param: NodeIndex}
918 ControllerDeployment:
919 type: OS::TripleO::SoftwareDeployment
920 depends_on: NetworkDeployment
922 name: ControllerDeployment
923 config: {get_resource: ControllerConfig}
924 server: {get_resource: Controller}
926 bootstack_nodeid: {get_attr: [Controller, name]}
927 ceilometer_workers: {get_param: CeilometerWorkers}
928 cinder_workers: {get_param: CinderWorkers}
929 glance_workers: {get_param: GlanceWorkers}
930 heat_workers: {get_param: HeatWorkers}
931 keystone_workers: {get_param: KeystoneWorkers}
932 nova_workers: {get_param: NovaWorkers}
933 neutron_workers: {get_param: NeutronWorkers}
934 swift_workers: {get_param: SwiftWorkers}
935 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
936 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
937 neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
938 haproxy_log_address: {get_param: HAProxySyslogAddress}
939 heat.watch_server_url:
943 - {get_param: HeatApiVirtualIPUri}
945 heat.metadata_server_url:
949 - {get_param: HeatApiVirtualIPUri}
951 heat.waitcondition_server_url:
955 - {get_param: HeatApiVirtualIPUri}
956 - ':8000/v1/waitcondition'
957 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
958 heat_enable_db_purge: {get_param: HeatEnableDBPurge}
959 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
960 horizon_secret: {get_param: HorizonSecret}
961 admin_email: {get_param: AdminEmail}
962 admin_password: {get_param: AdminPassword}
963 admin_token: {get_param: AdminToken}
964 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
965 debug: {get_param: Debug}
966 cinder_enable_db_purge: {get_param: CinderEnableDBPurge}
967 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
968 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
969 cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
974 SERVERS: {get_param: CinderNfsServers}
975 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
976 cinder_password: {get_param: CinderPassword}
977 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
978 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
979 cinder_backend_config: {get_param: CinderBackendConfig}
983 - - 'mysql+pymysql://cinder:'
984 - {get_param: CinderPassword}
986 - {get_param: MysqlVirtualIPUri}
988 glance_port: {get_param: [EndpointMap, GlanceInternal, port]}
989 glance_password: {get_param: GlancePassword}
990 glance_backend: {get_param: GlanceBackend}
991 glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice}
992 glance_file_pcmk_fstype: {get_param: GlanceFilePcmkFstype}
993 glance_file_pcmk_manage: {get_param: GlanceFilePcmkManage}
994 glance_file_pcmk_options: {get_param: GlanceFilePcmkOptions}
995 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
996 glance_log_file: {get_param: GlanceLogFile}
1000 - - 'mysql+pymysql://glance:'
1001 - {get_param: GlancePassword}
1003 - {get_param: MysqlVirtualIPUri}
1005 heat_password: {get_param: HeatPassword}
1006 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
1010 - - 'mysql+pymysql://heat:'
1011 - {get_param: HeatPassword}
1013 - {get_param: MysqlVirtualIPUri}
1015 keystone_ca_certificate: {get_param: KeystoneCACertificate}
1016 keystone_signing_key: {get_param: KeystoneSigningKey}
1017 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
1018 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
1019 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
1020 keystone_notification_driver: {get_param: KeystoneNotificationDriver}
1021 keystone_notification_format: {get_param: KeystoneNotificationFormat}
1022 keystone_enable_db_purge: {get_param: KeystoneEnableDBPurge}
1026 - - 'mysql+pymysql://keystone:'
1027 - {get_param: AdminToken}
1029 - {get_param: MysqlVirtualIPUri}
1031 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
1032 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
1033 keystone_public_url: { get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
1034 keystone_internal_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
1035 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
1036 enable_fencing: {get_param: EnableFencing}
1037 enable_galera: {get_param: EnableGalera}
1038 enable_load_balancer: {get_param: EnableLoadBalancer}
1039 enable_ceph_storage: {get_param: EnableCephStorage}
1040 enable_swift_storage: {get_param: EnableSwiftStorage}
1041 manage_firewall: {get_param: ManageFirewall}
1042 purge_firewall_rules: {get_param: PurgeFirewallRules}
1043 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
1044 mysql_max_connections: {get_param: MysqlMaxConnections}
1045 mysql_root_password: {get_param: MysqlRootPassword}
1048 template: tripleo-CLUSTER
1050 CLUSTER: {get_param: MysqlClusterUniquePart}
1051 neutron_flat_networks:
1055 NETWORKS: {get_param: NeutronFlatNetworks}
1056 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
1057 neutron_agent_mode: {get_param: NeutronAgentMode}
1058 neutron_router_distributed: {get_param: NeutronDVR}
1059 neutron_core_plugin: {get_param: NeutronCorePlugin}
1060 neutron_service_plugins:
1064 PLUGINS: {get_param: NeutronServicePlugins}
1065 neutron_type_drivers:
1069 DRIVERS: {get_param: NeutronTypeDrivers}
1070 neutron_enable_dhcp_agent: {get_param: NeutronEnableDHCPAgent}
1071 neutron_enable_l3_agent: {get_param: NeutronEnableL3Agent}
1072 neutron_enable_metadata_agent: {get_param: NeutronEnableMetadataAgent}
1073 neutron_enable_ovs_agent: {get_param: NeutronEnableOVSAgent}
1074 neutron_mechanism_drivers:
1076 template: MECHANISMS
1078 MECHANISMS: {get_param: NeutronMechanismDrivers}
1079 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
1080 neutron_l3_ha: {get_param: NeutronL3HA}
1081 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
1082 neutron_network_vlan_ranges:
1086 RANGES: {get_param: NeutronNetworkVLANRanges}
1087 neutron_bridge_mappings:
1091 MAPPINGS: {get_param: NeutronBridgeMappings}
1092 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
1093 neutron_public_interface: {get_param: NeutronPublicInterface}
1094 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
1095 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
1096 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
1097 neutron_tunnel_id_ranges:
1101 RANGES: {get_param: NeutronTunnelIdRanges}
1106 RANGES: {get_param: NeutronVniRanges}
1107 neutron_tenant_network_types:
1111 TYPES: {get_param: NeutronNetworkType}
1112 neutron_tunnel_types:
1116 TYPES: {get_param: NeutronTunnelTypes}
1117 neutron_plugin_extensions:
1119 template: PLUGIN_EXTENSIONS
1121 PLUGIN_EXTENSIONS: {get_param: NeutronPluginExtensions}
1122 neutron_agent_extensions:
1124 template: AGENT_EXTENSIONS
1126 AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
1127 neutron_password: {get_param: NeutronPassword}
1128 neutron_tenant_mtu: {get_param: NeutronTenantMtu}
1129 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
1133 - - 'mysql+pymysql://neutron:'
1134 - {get_param: NeutronPassword}
1136 - {get_param: MysqlVirtualIPUri}
1137 - '/ovs_neutron?charset=utf8'
1138 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
1139 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
1140 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
1141 neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
1142 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
1143 ceilometer_backend: {get_param: CeilometerBackend}
1144 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
1145 ceilometer_password: {get_param: CeilometerPassword}
1146 aodh_password: {get_param: AodhPassword}
1147 ceilometer_coordination_url:
1151 - {get_param: RedisVirtualIPUri}
1156 - - 'mysql+pymysql://ceilometer:'
1157 - {get_param: CeilometerPassword}
1159 - {get_param: MysqlVirtualIPUri}
1161 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
1162 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
1163 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
1164 nova_ipv6: {get_param: NovaIPv6}
1165 corosync_ipv6: {get_param: CorosyncIPv6}
1166 nova_password: {get_param: NovaPassword}
1170 - - 'mysql+pymysql://nova:'
1171 - {get_param: NovaPassword}
1173 - {get_param: MysqlVirtualIPUri}
1178 - - 'mysql+pymysql://nova_api:'
1179 - {get_param: NovaPassword}
1181 - {get_param: MysqlVirtualIP}
1183 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
1184 instance_name_template: {get_param: InstanceNameTemplate}
1185 fencing_config: {get_param: FencingConfig}
1186 pcsd_password: {get_param: PcsdPassword}
1187 rabbit_username: {get_param: RabbitUserName}
1188 rabbit_password: {get_param: RabbitPassword}
1189 rabbit_cookie: {get_param: RabbitCookie}
1190 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
1191 rabbit_client_port: {get_param: RabbitClientPort}
1192 mongodb_no_journal: {get_param: MongoDbNoJournal}
1193 mongodb_ipv6: {get_param: MongoDbIPv6}
1194 # We need to force this into quotes or hiera will return integer causing
1195 # the puppet module validation regexp to fail.
1196 # Remove when: https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/401
1201 LIMIT: {get_param: RabbitFDLimit}
1202 ntp_servers: {get_param: NtpServer}
1203 timezone: {get_param: TimeZone}
1204 control_virtual_interface: {get_param: ControlVirtualInterface}
1205 public_virtual_interface: {get_param: PublicVirtualInterface}
1206 swift_hash_suffix: {get_param: SwiftHashSuffix}
1207 swift_password: {get_param: SwiftPassword}
1208 swift_part_power: {get_param: SwiftPartPower}
1209 swift_replicas: {get_param: SwiftReplicas}
1210 swift_min_part_hours: {get_param: SwiftMinPartHours}
1211 swift_mount_check: {get_param: SwiftMountCheck}
1212 enable_package_install: {get_param: EnablePackageInstall}
1213 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
1214 sahara_password: {get_param: SaharaPassword}
1218 - - 'mysql://sahara:'
1219 - {get_param: SaharaPassword}
1221 - {get_param: MysqlVirtualIP}
1223 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
1224 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1225 cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
1226 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
1227 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
1228 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
1229 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
1230 glance_registry_host: {get_param: GlanceRegistryVirtualIP}
1231 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
1232 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
1233 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
1234 keystone_region: {get_param: KeystoneRegion}
1235 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
1236 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
1237 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
1238 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
1239 aodh_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]}
1240 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
1241 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
1242 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
1243 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
1244 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
1245 redis_vip: {get_param: RedisVirtualIP}
1246 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
1247 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1248 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
1249 mysql_virtual_ip: {get_param: MysqlVirtualIP}
1250 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
1251 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1252 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1254 # Map heat metadata into hiera datafiles
1256 type: OS::Heat::StructuredConfig
1258 group: os-apply-config
1263 - heat_config_%{::deploy_config_name}
1264 - controller_extraconfig
1269 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
1270 - ceph_cluster # provided by CephClusterConfig
1272 - bootstrap_node # provided by BootstrapNodeConfig
1273 - all_nodes # provided by allNodesConfig
1274 - vip_data # provided by vip-config
1277 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
1278 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
1279 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
1280 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
1281 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
1282 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
1283 - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
1284 - midonet_data #Optionally provided by AllNodesExtraConfig
1285 - neutron_opencontrail_data # Optionally provided by ControllerExtraConfigPre
1287 controller_extraconfig:
1288 mapped_data: {get_param: ControllerExtraConfig}
1290 mapped_data: {get_param: ExtraConfig}
1292 raw_data: {get_file: hieradata/common.yaml}
1294 raw_data: {get_file: hieradata/ceph.yaml}
1296 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
1297 ceph::profile::params::public_network: {get_input: ceph_public_network}
1298 ceph::mon::public_addr: {get_input: ceph_public_ip}
1300 raw_data: {get_file: hieradata/database.yaml}
1302 raw_data: {get_file: hieradata/object.yaml}
1304 raw_data: {get_file: hieradata/controller.yaml}
1305 mapped_data: # data supplied directly to this deployment configuration, etc
1306 bootstack_nodeid: {get_input: bootstack_nodeid}
1309 enable_fencing: {get_input: enable_fencing}
1310 enable_load_balancer: {get_input: enable_load_balancer}
1311 hacluster_pwd: {get_input: pcsd_password}
1312 corosync_ipv6: {get_input: corosync_ipv6}
1313 tripleo::fencing::config: {get_input: fencing_config}
1316 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
1317 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
1318 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
1319 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
1320 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
1321 swift::proxy::authtoken::admin_password: {get_input: swift_password}
1322 swift::proxy::workers: {get_input: swift_workers}
1323 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
1324 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
1325 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
1326 swift_mount_check: {get_input: swift_mount_check}
1328 # NOTE(dprince): build_ring support is currently not wired in.
1329 # See: https://review.openstack.org/#/c/109225/
1330 tripleo::ringbuilder::build_ring: True
1333 cinder_enable_db_purge: {get_input: cinder_enable_db_purge}
1334 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
1335 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
1336 cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
1337 cinder_nfs_servers: {get_input: cinder_nfs_servers}
1338 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
1339 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
1340 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
1341 cinder::database_connection: {get_input: cinder_dsn}
1342 cinder::api::keystone_password: {get_input: cinder_password}
1343 cinder::api::auth_uri: {get_input: keystone_auth_uri}
1344 cinder::api::identity_uri: {get_input: keystone_identity_uri}
1345 cinder::api::bind_host: {get_input: cinder_api_network}
1346 cinder::rabbit_userid: {get_input: rabbit_username}
1347 cinder::rabbit_password: {get_input: rabbit_password}
1348 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1349 cinder::rabbit_port: {get_input: rabbit_client_port}
1350 cinder::debug: {get_input: debug}
1351 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
1352 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
1353 cinder_backend_config: {get_input: CinderBackendConfig}
1354 cinder::db::mysql::password: {get_input: cinder_password}
1357 glance::api::bind_port: {get_input: glance_port}
1358 glance::api::bind_host: {get_input: glance_api_network}
1359 glance::api::auth_uri: {get_input: keystone_auth_uri}
1360 glance::api::identity_uri: {get_input: keystone_identity_uri}
1361 glance::api::registry_host: {get_input: glance_registry_host}
1362 glance::api::keystone_password: {get_input: glance_password}
1363 glance::api::debug: {get_input: debug}
1364 glance::api::workers: {get_input: glance_workers}
1365 glance_notifier_strategy: {get_input: glance_notifier_strategy}
1366 glance_log_file: {get_input: glance_log_file}
1367 glance_log_file: {get_input: glance_log_file}
1368 glance::api::database_connection: {get_input: glance_dsn}
1369 glance::registry::keystone_password: {get_input: glance_password}
1370 glance::registry::database_connection: {get_input: glance_dsn}
1371 glance::registry::bind_host: {get_input: glance_registry_network}
1372 glance::registry::auth_uri: {get_input: keystone_auth_uri}
1373 glance::registry::identity_uri: {get_input: keystone_identity_uri}
1374 glance::registry::debug: {get_input: debug}
1375 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_uri}
1376 glance::registry::workers: {get_input: glance_workers}
1377 glance::backend::swift::swift_store_user: service:glance
1378 glance::backend::swift::swift_store_key: {get_input: glance_password}
1379 glance_backend: {get_input: glance_backend}
1380 glance::db::mysql::password: {get_input: glance_password}
1381 glance_file_pcmk_device: {get_input: glance_file_pcmk_device}
1382 glance_file_pcmk_fstype: {get_input: glance_file_pcmk_fstype}
1383 glance_file_pcmk_manage: {get_input: glance_file_pcmk_manage}
1384 glance_file_pcmk_options: {get_input: glance_file_pcmk_options}
1385 glance::notify::rabbitmq::rabbit_userid: {get_input: rabbit_username}
1386 glance::notify::rabbitmq::rabbit_password: {get_input: rabbit_password}
1387 glance::notify::rabbitmq::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1390 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
1391 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
1392 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
1393 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
1394 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
1395 heat::rabbit_userid: {get_input: rabbit_username}
1396 heat::rabbit_password: {get_input: rabbit_password}
1397 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1398 heat::rabbit_port: {get_input: rabbit_client_port}
1399 heat::auth_uri: {get_input: keystone_auth_uri}
1400 heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
1401 heat::identity_uri: {get_input: keystone_identity_uri}
1402 heat::keystone_password: {get_input: heat_password}
1403 heat::api::bind_host: {get_input: heat_api_network}
1404 heat::api::workers: {get_input: heat_workers}
1405 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
1406 heat::api_cloudwatch::workers: {get_input: heat_workers}
1407 heat::api_cfn::bind_host: {get_input: heat_api_network}
1408 heat::api_cfn::workers: {get_input: heat_workers}
1409 heat::database_connection: {get_input: heat_dsn}
1410 heat::debug: {get_input: debug}
1411 heat::db::mysql::password: {get_input: heat_password}
1412 heat_enable_db_purge: {get_input: heat_enable_db_purge}
1415 keystone::admin_token: {get_input: admin_token}
1416 keystone_ca_certificate: {get_input: keystone_ca_certificate}
1417 keystone_signing_key: {get_input: keystone_signing_key}
1418 keystone_signing_certificate: {get_input: keystone_signing_certificate}
1419 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
1420 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
1421 keystone::database_connection: {get_input: keystone_dsn}
1422 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
1423 keystone::public_bind_host: {get_input: keystone_public_api_network}
1424 keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
1425 keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
1426 keystone::debug: {get_input: debug}
1427 keystone::db::mysql::password: {get_input: admin_token}
1428 keystone::rabbit_userid: {get_input: rabbit_username}
1429 keystone::rabbit_password: {get_input: rabbit_password}
1430 keystone::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1431 keystone::rabbit_port: {get_input: rabbit_client_port}
1432 keystone::notification_driver: {get_input: keystone_notification_driver}
1433 keystone::notification_format: {get_input: keystone_notification_format}
1434 keystone::roles::admin::email: {get_input: admin_email}
1435 keystone::roles::admin::password: {get_input: admin_password}
1436 keystone::endpoint::public_url: {get_input: keystone_public_url}
1437 keystone::endpoint::internal_url: {get_input: keystone_internal_url}
1438 keystone::endpoint::admin_url: {get_input: keystone_identity_uri}
1439 keystone::endpoint::region: {get_input: keystone_region}
1440 keystone::admin_workers: {get_input: keystone_workers}
1441 keystone::public_workers: {get_input: keystone_workers}
1442 keystone_enable_db_purge: {get_input: keystone_enable_db_purge}
1443 keystone::public_endpoint: {get_input: keystone_public_url}
1445 mongodb::server::bind_ip: {get_input: mongo_db_network}
1446 mongodb::server::nojournal: {get_input: mongodb_no_journal}
1447 mongodb::server::ipv6: {get_input: mongodb_ipv6}
1449 admin_password: {get_input: admin_password}
1450 enable_galera: {get_input: enable_galera}
1451 enable_ceph_storage: {get_input: enable_ceph_storage}
1452 enable_swift_storage: {get_input: enable_swift_storage}
1453 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
1454 mysql_max_connections: {get_input: mysql_max_connections}
1455 mysql::server::root_password: {get_input: mysql_root_password}
1456 mysql_cluster_name: {get_input: mysql_cluster_name}
1457 mysql_bind_host: {get_input: mysql_network}
1458 mysql_virtual_ip: {get_input: mysql_virtual_ip}
1461 neutron::bind_host: {get_input: neutron_api_network}
1462 neutron::rabbit_password: {get_input: rabbit_password}
1463 neutron::rabbit_user: {get_input: rabbit_username}
1464 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1465 neutron::rabbit_port: {get_input: rabbit_client_port}
1466 neutron::debug: {get_input: debug}
1467 neutron::server::auth_uri: {get_input: keystone_auth_uri}
1468 neutron::server::identity_uri: {get_input: keystone_identity_uri}
1469 neutron::server::database_connection: {get_input: neutron_dsn}
1470 neutron::server::api_workers: {get_input: neutron_workers}
1471 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
1472 neutron::network_device_mtu: {get_input: neutron_tenant_mtu}
1473 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
1474 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
1475 neutron::agents::dhcp::enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata}
1476 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
1477 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
1478 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1479 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
1480 neutron::agents::metadata::metadata_workers: {get_input: neutron_workers}
1481 neutron_agent_mode: {get_input: neutron_agent_mode}
1482 neutron_router_distributed: {get_input: neutron_router_distributed}
1483 neutron::core_plugin: {get_input: neutron_core_plugin}
1484 neutron::service_plugins: {get_input: neutron_service_plugins}
1485 neutron::enable_dhcp_agent: {get_input: neutron_enable_dhcp_agent}
1486 neutron::enable_l3_agent: {get_input: neutron_enable_l3_agent}
1487 neutron::enable_metadata_agent: {get_input: neutron_enable_metadata_agent}
1488 neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent}
1489 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
1490 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
1491 neutron::plugins::ml2::extension_drivers: {get_input: neutron_plugin_extensions}
1492 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
1493 neutron::server::l3_ha: {get_input: neutron_l3_ha}
1494 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
1495 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
1496 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
1497 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
1498 neutron::agents::ml2::ovs::bridge_mappings: {get_input: neutron_bridge_mappings}
1499 neutron_public_interface: {get_input: neutron_public_interface}
1500 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
1501 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
1502 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
1503 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
1504 neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types}
1505 neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions}
1506 neutron::server::auth_password: {get_input: neutron_password}
1507 neutron::agents::metadata::auth_password: {get_input: neutron_password}
1508 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
1509 neutron_dsn: {get_input: neutron_dsn}
1510 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1511 neutron::db::mysql::password: {get_input: neutron_password}
1512 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
1513 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
1514 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
1515 neutron::keystone::auth::password: {get_input: neutron_password }
1516 neutron::keystone::auth::region: {get_input: keystone_region}
1517 neutron::server::notifications::nova_url: {get_input: nova_internal_url}
1518 neutron::server::notifications::auth_url: {get_input: neutron_auth_url}
1519 neutron::server::notifications::tenant_name: 'service'
1520 neutron::server::notifications::project_name: 'service'
1521 neutron::server::notifications::password: {get_input: nova_password}
1524 ceilometer_backend: {get_input: ceilometer_backend}
1525 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1526 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1527 ceilometer::rabbit_userid: {get_input: rabbit_username}
1528 ceilometer::rabbit_password: {get_input: rabbit_password}
1529 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1530 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1531 ceilometer::debug: {get_input: debug}
1532 ceilometer::api::host: {get_input: ceilometer_api_network}
1533 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1534 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1535 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1536 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1537 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
1538 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1539 ceilometer::db::mysql::password: {get_input: ceilometer_password}
1540 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1541 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1544 aodh::rabbit_userid: {get_input: rabbit_username}
1545 aodh::rabbit_password: {get_input: rabbit_password}
1546 aodh::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1547 aodh::rabbit_port: {get_input: rabbit_client_port}
1548 aodh::debug: {get_input: debug}
1549 aodh::wsgi::apache::ssl: false
1550 aodh::wsgi::apache::bind_host: {get_input: aodh_api_network}
1551 aodh::api::service_name: 'httpd'
1552 aodh::api::host: {get_input: aodh_api_network}
1553 aodh::api::keystone_password: {get_input: aodh_password}
1554 aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1555 aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1556 aodh::auth::auth_password: {get_input: aodh_password}
1557 aodh::db::mysql::password: {get_input: aodh_password}
1558 # for a migration path from ceilometer-alarm to aodh, we use the same database & coordination
1559 aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url}
1562 nova::rabbit_userid: {get_input: rabbit_username}
1563 nova::rabbit_password: {get_input: rabbit_password}
1564 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1565 nova::rabbit_port: {get_input: rabbit_client_port}
1566 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
1567 nova::debug: {get_input: debug}
1568 nova::use_ipv6: {get_input: nova_ipv6}
1569 nova::api::auth_uri: {get_input: keystone_auth_uri}
1570 nova::api::identity_uri: {get_input: keystone_identity_uri}
1571 nova::api::api_bind_address: {get_input: nova_api_network}
1572 nova::api::metadata_listen: {get_input: nova_metadata_network}
1573 nova::api::admin_password: {get_input: nova_password}
1574 nova::api::osapi_compute_workers: {get_input: nova_workers}
1575 nova::api::ec2_workers: {get_input: nova_workers}
1576 nova::api::metadata_workers: {get_input: nova_workers}
1577 nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu}
1578 nova::database_connection: {get_input: nova_dsn}
1579 nova::api_database_connection: {get_input: nova_api_dsn}
1580 nova::glance_api_servers: {get_input: glance_api_servers}
1581 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1582 nova::api::instance_name_template: {get_input: instance_name_template}
1583 nova::network::neutron::neutron_password: {get_input: neutron_password}
1584 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1585 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
1586 nova::vncproxy::host: {get_input: nova_api_network}
1587 nova::db::mysql::password: {get_input: nova_password}
1588 nova::db::mysql_api::password: {get_input: nova_password}
1589 nova_enable_db_purge: {get_input: nova_enable_db_purge}
1592 apache::ip: {get_input: horizon_network}
1593 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1594 horizon::django_debug: {get_input: debug}
1595 horizon::secret_key: {get_input: horizon_secret}
1596 horizon::bind_address: {get_input: horizon_network}
1597 horizon::keystone_url: {get_input: keystone_auth_uri}
1600 sahara::host: {get_input: sahara_api_network}
1608 sahara::admin_password: {get_input: sahara_password}
1609 sahara::auth_uri: {get_input: keystone_auth_uri}
1610 sahara::admin_user: sahara
1611 sahara::identity_uri: {get_input: keystone_identity_uri}
1612 sahara::use_neutron: true
1613 sahara::database_connection: {get_input: sahara_dsn}
1614 sahara::debug: {get_input: debug}
1615 sahara::rpc_backend: rabbit
1616 sahara::rabbit_userid: {get_input: rabbit_username}
1617 sahara::rabbit_password: {get_input: rabbit_password}
1618 sahara::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1619 sahara::rabbit_port: {get_input: rabbit_client_port}
1620 sahara::db::mysql::password: {get_input: sahara_password}
1623 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1624 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1625 rabbitmq::file_limit: {get_input: rabbit_fd_limit}
1626 rabbitmq::default_user: {get_input: rabbit_username}
1627 rabbitmq::default_pass: {get_input: rabbit_password}
1629 redis::bind: {get_input: redis_network}
1630 redis_vip: {get_input: redis_vip}
1632 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1633 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1635 memcached::listen_ip: {get_input: memcached_network}
1636 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1637 ntp::servers: {get_input: ntp_servers}
1638 timezone::timezone: {get_input: timezone}
1639 control_virtual_interface: {get_input: control_virtual_interface}
1640 public_virtual_interface: {get_input: public_virtual_interface}
1641 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1642 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1643 tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address}
1644 tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1645 tripleo::packages::enable_install: {get_input: enable_package_install}
1646 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1648 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1649 ControllerExtraConfigPre:
1650 depends_on: ControllerDeployment
1651 type: OS::TripleO::ControllerExtraConfigPre
1653 server: {get_resource: Controller}
1655 # Hook for site-specific additional pre-deployment config,
1656 # applying to all nodes, e.g node registration/unregistration
1658 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1659 type: OS::TripleO::NodeExtraConfig
1661 server: {get_resource: Controller}
1664 type: OS::TripleO::Tasks::PackageUpdate
1667 type: OS::Heat::SoftwareDeployment
1669 name: UpdateDeployment
1670 config: {get_resource: UpdateConfig}
1671 server: {get_resource: Controller}
1674 get_param: UpdateIdentifier
1678 description: IP address of the server in the ctlplane network
1679 value: {get_attr: [Controller, networks, ctlplane, 0]}
1680 external_ip_address:
1681 description: IP address of the server in the external network
1682 value: {get_attr: [ExternalPort, ip_address]}
1683 internal_api_ip_address:
1684 description: IP address of the server in the internal_api network
1685 value: {get_attr: [InternalApiPort, ip_address]}
1687 description: IP address of the server in the storage network
1688 value: {get_attr: [StoragePort, ip_address]}
1689 storage_mgmt_ip_address:
1690 description: IP address of the server in the storage_mgmt network
1691 value: {get_attr: [StorageMgmtPort, ip_address]}
1693 description: IP address of the server in the tenant network
1694 value: {get_attr: [TenantPort, ip_address]}
1695 management_ip_address:
1696 description: IP address of the server in the management network
1697 value: {get_attr: [ManagementPort, ip_address]}
1699 description: Hostname of the server
1700 value: {get_attr: [Controller, name]}
1703 Node object in the format {ip: ..., name: ...} format that the corosync
1706 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1707 name: {get_attr: [Controller, name]}
1710 Server's IP address and hostname in the /etc/hosts format
1714 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
1715 EXTERNALIP EXTERNALHOST
1716 INTERNAL_APIIP INTERNAL_APIHOST
1717 STORAGEIP STORAGEHOST
1718 STORAGE_MGMTIP STORAGE_MGMTHOST
1720 MANAGEMENTIP MANAGEMENTHOST
1722 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1723 DOMAIN: {get_param: CloudDomain}
1724 PRIMARYHOST: {get_attr: [Controller, name]}
1725 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
1729 - - {get_attr: [Controller, name]}
1731 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
1735 - - {get_attr: [Controller, name]}
1737 STORAGEIP: {get_attr: [StoragePort, ip_address]}
1741 - - {get_attr: [Controller, name]}
1743 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
1747 - - {get_attr: [Controller, name]}
1749 TENANTIP: {get_attr: [TenantPort, ip_address]}
1753 - - {get_attr: [Controller, name]}
1755 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
1759 - - {get_attr: [Controller, name]}
1761 nova_server_resource:
1762 description: Heat resource handle for the Nova compute server
1764 {get_resource: Controller}
1766 description: Swift device formatted for swift-ring-builder
1769 template: 'r1z1-IP:%PORT%/d1'
1771 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1772 swift_proxy_memcache:
1773 description: Swift proxy-memcache value
1776 template: "IP:11211"
1778 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1780 description: identifier which changes if the controller configuration may need re-applying
1784 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1785 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1786 - {get_attr: [NodeTLSData, deploy_stdout]}
1787 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1788 - {get_param: UpdateIdentifier}
1789 tls_key_modulus_md5:
1790 description: MD5 checksum of the TLS Key Modulus
1791 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1792 tls_cert_modulus_md5:
1793 description: MD5 checksum of the TLS Certificate Modulus
1794 value: {get_attr: [NodeTLSData, cert_modulus_md5]}