1 heat_template_version: 2016-04-08
4 OpenStack controller node configured by Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
12 description: The password for the aodh services.
15 #TODO(composable Redis): Remove the Redis password param
16 #As is used by ceilometer
19 description: The ceilometer backend type.
21 CeilometerMeteringSecret:
22 description: Secret shared by the ceilometer services.
26 description: The password for the ceilometer service and db account.
29 CeilometerStoreEvents:
31 description: Whether to store events in ceilometer.
33 CeilometerMeterDispatcher:
35 description: Dispatcher to process meter data
38 - allowed_values: ['gnocchi', 'database']
41 description: Number of workers for Ceilometer service.
43 controllerExtraConfig:
46 Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
48 ControllerExtraConfig:
51 Controller specific hiera configuration data to inject into the cluster.
56 A network mapped list of IPs to assign to Controllers in the following form:
58 "internal_api": ["a.b.c.d", "e.f.g.h"],
62 ControlVirtualInterface:
64 description: Interface where virtual ip will be assigned.
68 description: Enable IPv6 in Corosync
72 description: Set to True to enable debugging on all services.
76 description: Whether to enable fencing in Pacemaker or not.
80 description: Whether to use Galera instead of regular MariaDB.
84 description: Whether to deploy a LoadBalancer on the Controller
89 Additional hieradata to inject into the cluster, note that
90 ControllerExtraConfig takes precedence over ExtraConfig.
95 Pacemaker fencing configuration. The JSON should have
96 the following structure:
100 "agent": "AGENT_NAME",
101 "host_mac": "HOST_MAC_ADDRESS",
102 "params": {"PARAM_NAME": "PARAM_VALUE"}
110 "agent": "fence_xvm",
111 "host_mac": "52:54:00:aa:bb:cc",
113 "multicast_address": "225.0.0.12",
114 "port": "baremetal_0",
116 "manage_key_file": true,
117 "key_file": "/etc/fence_xvm.key",
118 "key_file_password": "abcdef"
125 description: Flavor for control nodes to request when deploying.
128 - custom_constraint: nova.flavor
131 description: The short name of the Gnocchi backend to use. Should be one
132 of swift, rbd, or file
135 - allowed_values: ['swift', 'file', 'rbd']
136 GnocchiIndexerBackend:
138 description: The short name of the Gnocchi indexer backend to use.
141 description: The password for the gnocchi service and db account.
144 HAProxyStatsPassword:
145 description: Password for HAProxy stats endpoint
148 description: User for HAProxy stats endpoint
151 HAProxySyslogAddress:
153 description: Syslog address where HAproxy will send its log
155 HeatAuthEncryptionKey:
156 description: Auth encryption key for heat-engine
161 description: A list of IP/Hostname allowed to connect to horizon
162 type: comma_delimited_list
164 description: Secret key for Django
169 default: overcloud-control
171 - custom_constraint: glance.image
173 default: 'REBUILD_PRESERVE_EPHEMERAL'
174 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
176 InstanceNameTemplate:
177 default: 'instance-%08x'
178 description: Template string to be used to generate instance names
182 description: Name of an existing Nova key pair to enable SSH access to the instances
185 - custom_constraint: nova.keypair
189 description: Keystone region for endpoint
192 description: Whether to manage IPtables rules.
196 description: Enable IPv6 features in Memcached.
200 description: Whether IPtables rules should be purged before setting up the new ones.
202 MysqlClusterUniquePart:
203 description: A unique identifier of the MySQL cluster the controller is in.
205 default: 'unset' # Has to be here because of the ignored empty value bug
206 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
208 # - length: {min: 4, max: 10}
209 MysqlInnodbBufferPoolSize:
211 Specifies the size of the buffer pool in megabytes. Setting to
212 zero should be interpreted as "no value" and will defer to the
217 description: Configures MySQL max_connections config setting
220 MysqlClustercheckPassword:
226 default: '' # Has to be here because of the ignored empty value bug
227 NeutronMetadataProxySharedSecret:
228 description: Shared secret to prevent spoofing
232 description: The password for the neutron service and db account, used by neutron agents.
235 NeutronPublicInterface:
237 description: What interface to bridge onto br-ex for network nodes.
242 Whether to create cron job for purging soft deleted rows in Nova database.
246 description: Enable IPv6 features in Nova
249 description: The password for the nova service and db account, used by nova-api.
254 description: The password for the 'pcsd' user.
256 PublicVirtualInterface:
259 Specifies the interface where the public-facing virtual ip will be assigned.
260 This should be int_public when a VLAN is being used.
264 default: '' # Has to be here because of the ignored empty value bug
267 description: The password for RabbitMQ
272 description: The username for RabbitMQ
277 Rabbit client subscriber parameter to specify
278 an SSL connection to the RabbitMQ host.
282 description: Set rabbit subscriber port, change this if using SSL
285 description: The password for Redis
290 default: '' # Has to be here because of the ignored empty value bug
293 default: '' # Has to be here because of the ignored empty value bug
294 description: An IP address which is wrapped in brackets in case of IPv6
296 description: A random string to be used as a salt when hashing to determine mappings
303 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
306 description: Partition Power to use when building Swift rings
310 description: Whether to manage Swift rings or not
315 description: How many replicas to use in the swift rings.
316 UpgradeLevelNovaCompute:
318 description: Nova Compute upgrade level
323 EnablePackageInstall:
325 description: Set to true to enable package installation via Puppet
329 description: Mapping of service_name -> network name. Typically set
330 via parameter_defaults in the resource registry.
334 description: Mapping of service endpoint -> protocol. Typically set
335 via parameter_defaults in the resource registry.
341 Setting to a previously unused value during stack-update will trigger
342 package update on all nodes
345 default: '' # Defaults to Heat created hostname
349 description: Optional mapping to override hostnames
350 NetworkDeploymentActions:
351 type: comma_delimited_list
353 Heat action when to apply network configuration changes
358 SoftwareConfigTransport:
359 default: POLL_SERVER_CFN
361 How the server should receive the metadata required for software configuration.
364 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
369 The DNS domain used for the hosts. This should match the dhcp_domain
370 configured in the Undercloud neutron. Defaults to localdomain.
374 Extra properties or metadata passed to Nova for the created nodes in
375 the overcloud. It's accessible via the Nova metadata API.
379 description: Optional scheduler hints to pass to nova
381 ServiceConfigSettings:
387 description: Do not use deprecated params, they will be removed.
389 - controllerExtraConfig
394 type: OS::Nova::Server
396 image: {get_param: Image}
397 image_update_policy: {get_param: ImageUpdatePolicy}
398 flavor: {get_param: Flavor}
399 key_name: {get_param: KeyName}
402 user_data_format: SOFTWARE_CONFIG
403 user_data: {get_resource: UserData}
406 template: {get_param: Hostname}
407 params: {get_param: HostnameMap}
408 software_config_transport: {get_param: SoftwareConfigTransport}
409 metadata: {get_param: ServerMetadata}
410 scheduler_hints: {get_param: SchedulerHints}
412 # Combine the NodeAdminUserData and NodeUserData mime archives
414 type: OS::Heat::MultipartMime
417 - config: {get_resource: NodeAdminUserData}
419 - config: {get_resource: NodeUserData}
422 # Creates the "heat-admin" user if configured via the environment
423 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
425 type: OS::TripleO::NodeAdminUserData
427 # For optional operator additional userdata
428 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
430 type: OS::TripleO::NodeUserData
433 type: OS::TripleO::Controller::Ports::ExternalPort
435 IPPool: {get_param: ControllerIPs}
436 NodeIndex: {get_param: NodeIndex}
437 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
440 type: OS::TripleO::Controller::Ports::InternalApiPort
442 IPPool: {get_param: ControllerIPs}
443 NodeIndex: {get_param: NodeIndex}
444 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
447 type: OS::TripleO::Controller::Ports::StoragePort
449 IPPool: {get_param: ControllerIPs}
450 NodeIndex: {get_param: NodeIndex}
451 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
454 type: OS::TripleO::Controller::Ports::StorageMgmtPort
456 IPPool: {get_param: ControllerIPs}
457 NodeIndex: {get_param: NodeIndex}
458 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
461 type: OS::TripleO::Controller::Ports::TenantPort
463 IPPool: {get_param: ControllerIPs}
464 NodeIndex: {get_param: NodeIndex}
465 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
468 type: OS::TripleO::Controller::Ports::ManagementPort
470 IPPool: {get_param: ControllerIPs}
471 NodeIndex: {get_param: NodeIndex}
472 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
475 type: OS::TripleO::Network::Ports::NetIpMap
477 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
478 ExternalIp: {get_attr: [ExternalPort, ip_address]}
479 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
480 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
481 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
482 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
483 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
484 StorageIp: {get_attr: [StoragePort, ip_address]}
485 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
486 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
487 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
488 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
489 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
490 TenantIp: {get_attr: [TenantPort, ip_address]}
491 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
492 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
493 ManagementIp: {get_attr: [ManagementPort, ip_address]}
494 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
495 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
498 type: OS::TripleO::Controller::Net::SoftwareConfig
500 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
501 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
502 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
503 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
504 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
505 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
506 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
509 type: OS::TripleO::SoftwareDeployment
511 name: NetworkDeployment
512 config: {get_resource: NetworkConfig}
513 server: {get_resource: Controller}
514 actions: {get_param: NetworkDeploymentActions}
517 interface_name: {get_param: NeutronPublicInterface}
519 # Resource for site-specific injection of root certificate
521 depends_on: NetworkDeployment
522 type: OS::TripleO::NodeTLSCAData
524 server: {get_resource: Controller}
526 # Resource for site-specific passing of private keys/certificates
528 depends_on: NodeTLSCAData
529 type: OS::TripleO::NodeTLSData
531 server: {get_resource: Controller}
532 NodeIndex: {get_param: NodeIndex}
535 ControllerDeployment:
536 type: OS::TripleO::SoftwareDeployment
537 depends_on: NetworkDeployment
539 name: ControllerDeployment
540 config: {get_resource: ControllerConfig}
541 server: {get_resource: Controller}
543 bootstack_nodeid: {get_attr: [Controller, name]}
544 ceilometer_workers: {get_param: CeilometerWorkers}
545 haproxy_log_address: {get_param: HAProxySyslogAddress}
546 haproxy_stats_password: {get_param: HAProxyStatsPassword}
547 haproxy_stats_user: {get_param: HAProxyStatsUser}
548 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
549 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
550 horizon_secret: {get_param: HorizonSecret}
551 admin_password: {get_param: AdminPassword}
552 debug: {get_param: Debug}
553 cinder_public_url: {get_param: [EndpointMap, CinderPublic, uri]}
554 cinder_internal_url: {get_param: [EndpointMap, CinderInternal, uri]}
555 cinder_admin_url: {get_param: [EndpointMap, CinderAdmin, uri]}
556 cinder_public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]}
557 cinder_internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]}
558 cinder_admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]}
559 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
560 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
561 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
562 enable_fencing: {get_param: EnableFencing}
563 enable_galera: {get_param: EnableGalera}
564 enable_load_balancer: {get_param: EnableLoadBalancer}
565 manage_firewall: {get_param: ManageFirewall}
566 purge_firewall_rules: {get_param: PurgeFirewallRules}
567 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
568 mysql_max_connections: {get_param: MysqlMaxConnections}
569 mysql_root_password: {get_param: MysqlRootPassword}
570 mysql_clustercheck_password: {get_param: MysqlClustercheckPassword}
573 template: tripleo-CLUSTER
575 CLUSTER: {get_param: MysqlClusterUniquePart}
576 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
577 neutron_password: {get_param: NeutronPassword}
578 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
579 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
580 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
581 neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
582 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
583 ceilometer_backend: {get_param: CeilometerBackend}
584 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
585 ceilometer_password: {get_param: CeilometerPassword}
586 ceilometer_store_events: {get_param: CeilometerStoreEvents}
587 aodh_password: {get_param: AodhPassword}
588 aodh_internal_url: { get_param: [ EndpointMap, AodhInternal, uri ] }
589 aodh_public_url: { get_param: [ EndpointMap, AodhPublic, uri ] }
590 aodh_admin_url: { get_param: [ EndpointMap, AodhAdmin, uri ] }
591 ceilometer_meter_dispatcher: {get_param: CeilometerMeterDispatcher}
592 gnocchi_password: {get_param: GnocchiPassword}
593 gnocchi_backend: {get_param: GnocchiBackend}
594 gnocchi_indexer_backend: {get_param: GnocchiIndexerBackend}
595 ceilometer_coordination_url:
599 - {get_param: RedisPassword}
601 - {get_param: RedisVirtualIPUri}
606 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
608 - {get_param: CeilometerPassword}
610 - {get_param: [EndpointMap, MysqlInternal, host]}
615 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
617 - {get_param: GnocchiPassword}
619 - {get_param: [EndpointMap, MysqlInternal, host]}
624 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
626 - {get_param: AodhPassword}
628 - {get_param: [EndpointMap, MysqlInternal, host]}
630 gnocchi_internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]}
631 gnocchi_public_url: { get_param: [ EndpointMap, GnocchiPublic, uri ] }
632 gnocchi_admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] }
633 ceilometer_public_url: {get_param: [EndpointMap, CeilometerPublic, uri]}
634 ceilometer_internal_url: {get_param: [EndpointMap, CeilometerInternal, uri]}
635 ceilometer_admin_url: {get_param: [EndpointMap, CeilometerAdmin, uri]}
636 ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
637 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
638 nova_ipv6: {get_param: NovaIPv6}
639 corosync_ipv6: {get_param: CorosyncIPv6}
640 memcached_ipv6: {get_param: MemcachedIPv6}
641 nova_password: {get_param: NovaPassword}
645 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
647 - {get_param: NovaPassword}
649 - {get_param: [EndpointMap, MysqlInternal, host]}
654 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
656 - {get_param: NovaPassword}
658 - {get_param: [EndpointMap, MysqlInternal, host]}
660 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
661 instance_name_template: {get_param: InstanceNameTemplate}
662 nova_public_url: {get_param: [EndpointMap, NovaPublic, uri]}
663 nova_internal_url: {get_param: [EndpointMap, NovaInternal, uri]}
664 nova_admin_url: {get_param: [EndpointMap, NovaAdmin, uri]}
665 fencing_config: {get_param: FencingConfig}
666 pcsd_password: {get_param: PcsdPassword}
667 rabbit_username: {get_param: RabbitUserName}
668 rabbit_password: {get_param: RabbitPassword}
669 rabbit_cookie: {get_param: RabbitCookie}
670 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
671 rabbit_client_port: {get_param: RabbitClientPort}
672 control_virtual_interface: {get_param: ControlVirtualInterface}
673 public_virtual_interface: {get_param: PublicVirtualInterface}
674 swift_hash_suffix: {get_param: SwiftHashSuffix}
675 swift_part_power: {get_param: SwiftPartPower}
676 swift_ring_build: {get_param: SwiftRingBuild}
677 swift_replicas: {get_param: SwiftReplicas}
678 swift_min_part_hours: {get_param: SwiftMinPartHours}
679 enable_package_install: {get_param: EnablePackageInstall}
680 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
681 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
682 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
683 cinder_iscsi_network:
687 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
688 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
689 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
690 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
691 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
692 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
693 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
694 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
695 keystone_region: {get_param: KeystoneRegion}
696 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
697 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
698 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
699 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
700 aodh_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]}
701 gnocchi_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]}
702 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
703 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
704 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
707 template: "['SUBNET']"
709 SUBNET: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
710 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
711 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
712 redis_vip: {get_param: RedisVirtualIP}
713 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
714 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
715 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
716 mysql_virtual_ip: {get_param: MysqlVirtualIP}
717 ceph_cluster_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
718 ceph_public_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
719 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
720 ironic_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]}
722 # Map heat metadata into hiera datafiles
724 type: OS::Heat::StructuredConfig
726 group: os-apply-config
731 - heat_config_%{::deploy_config_name}
732 - controller_extraconfig
738 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
739 - ceph_cluster # provided by CephClusterConfig
741 - bootstrap_node # provided by BootstrapNodeConfig
742 - all_nodes # provided by allNodesConfig
743 - vip_data # provided by vip-config
747 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
748 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
749 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
750 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
751 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
752 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
753 - midonet_data #Optionally provided by AllNodesExtraConfig
754 merge_behavior: deeper
757 mapped_data: {get_param: ServiceConfigSettings}
758 controller_extraconfig:
761 - {get_param: controllerExtraConfig}
762 - {get_param: ControllerExtraConfig}
764 mapped_data: {get_param: ExtraConfig}
766 raw_data: {get_file: hieradata/common.yaml}
769 net_ip_map: {get_attr: [NetIpMap, net_ip_map]}
770 net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]}
771 net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]}
773 raw_data: {get_file: hieradata/ceph.yaml}
775 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
776 ceph::profile::params::public_network: {get_input: ceph_public_network}
777 ceph::profile::params::public_addr: {get_input: ceph_public_ip}
779 raw_data: {get_file: hieradata/database.yaml}
781 raw_data: {get_file: hieradata/object.yaml}
783 raw_data: {get_file: hieradata/controller.yaml}
784 mapped_data: # data supplied directly to this deployment configuration, etc
785 bootstack_nodeid: {get_input: bootstack_nodeid}
788 enable_fencing: {get_input: enable_fencing}
789 enable_load_balancer: {get_input: enable_load_balancer}
790 hacluster_pwd: {get_input: pcsd_password}
791 corosync_ipv6: {get_input: corosync_ipv6}
792 tripleo::fencing::config: {get_input: fencing_config}
795 # FIXME: need to move proxy_local_net_ip into swift-proxy.yaml
796 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
797 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
798 swift::swift_hash_path_suffix: {get_input: swift_hash_suffix}
799 tripleo::ringbuilder::build_ring: { get_input: swift_ring_build }
800 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
801 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
802 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
805 tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: {get_input: cinder_iscsi_network}
806 cinder::api::bind_host: {get_input: cinder_api_network}
807 cinder::keystone::auth::public_url: {get_input: cinder_public_url }
808 cinder::keystone::auth::internal_url: {get_input: cinder_internal_url }
809 cinder::keystone::auth::admin_url: {get_input: cinder_admin_url }
810 cinder::keystone::auth::public_url_v2: {get_input: cinder_public_url_v2 }
811 cinder::keystone::auth::internal_url_v2: {get_input: cinder_internal_url_v2 }
812 cinder::keystone::auth::admin_url_v2: {get_input: cinder_admin_url_v2 }
813 cinder::keystone::auth::password: {get_input: cinder_password }
814 cinder::keystone::auth::region: {get_input: keystone_region}
817 glance::api::bind_host: {get_input: glance_api_network}
818 glance::registry::bind_host: {get_input: glance_registry_network}
819 glance::keystone::auth::region: {get_input: keystone_region}
822 heat::api::bind_host: {get_input: heat_api_network}
823 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
824 heat::api_cfn::bind_host: {get_input: heat_api_network}
825 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
828 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
829 keystone::public_bind_host: {get_input: keystone_public_api_network}
830 keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
831 keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
834 mongodb::server::bind_ip: {get_input: mongo_db_network}
837 admin_password: {get_input: admin_password}
838 enable_galera: {get_input: enable_galera}
839 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
840 mysql_max_connections: {get_input: mysql_max_connections}
841 mysql::server::root_password: {get_input: mysql_root_password}
842 mysql_clustercheck_password: {get_input: mysql_clustercheck_password}
843 mysql_cluster_name: {get_input: mysql_cluster_name}
844 mysql_bind_host: {get_input: mysql_network}
845 mysql_virtual_ip: {get_input: mysql_virtual_ip}
848 neutron::bind_host: {get_input: neutron_api_network}
849 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
850 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
851 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
852 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
853 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
854 neutron::keystone::auth::password: {get_input: neutron_password }
855 neutron::keystone::auth::region: {get_input: keystone_region}
858 ceilometer_backend: {get_input: ceilometer_backend}
859 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
860 ceilometer::telemetry_secret: {get_input: ceilometer_metering_secret}
861 ceilometer::rabbit_userid: {get_input: rabbit_username}
862 ceilometer::rabbit_password: {get_input: rabbit_password}
863 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
864 ceilometer::rabbit_port: {get_input: rabbit_client_port}
865 ceilometer::debug: {get_input: debug}
866 ceilometer::api::host: {get_input: ceilometer_api_network}
867 ceilometer::api::keystone_password: {get_input: ceilometer_password}
868 ceilometer::api::auth_uri: {get_input: keystone_auth_uri}
869 ceilometer::api::identity_uri: {get_input: keystone_identity_uri}
870 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
871 ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url}
872 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
873 ceilometer::agent::notification::store_events: {get_input: ceilometer_store_events}
874 ceilometer::db::mysql::password: {get_input: ceilometer_password}
875 ceilometer::collector::meter_dispatcher: {get_input: ceilometer_meter_dispatcher}
876 ceilometer::dispatcher::gnocchi::url: {get_input: gnocchi_internal_url }
877 ceilometer::dispatcher::gnocchi::filter_project: 'service'
878 ceilometer::dispatcher::gnocchi::archive_policy: 'low'
879 ceilometer::dispatcher::gnocchi::resources_definition_file: 'gnocchi_resources.yaml'
880 ceilometer::keystone::auth::public_url: {get_input: ceilometer_public_url }
881 ceilometer::keystone::auth::internal_url: {get_input: ceilometer_internal_url }
882 ceilometer::keystone::auth::admin_url: {get_input: ceilometer_admin_url }
883 ceilometer::keystone::auth::password: {get_input: ceilometer_password }
884 ceilometer::keystone::auth::region: {get_input: keystone_region}
885 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
886 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
889 aodh_mysql_conn_string: {get_input: aodh_dsn}
890 aodh::rabbit_userid: {get_input: rabbit_username}
891 aodh::rabbit_password: {get_input: rabbit_password}
892 aodh::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
893 aodh::rabbit_port: {get_input: rabbit_client_port}
894 aodh::debug: {get_input: debug}
895 aodh::wsgi::apache::ssl: false
896 aodh::wsgi::apache::bind_host: {get_input: aodh_api_network}
897 aodh::api::service_name: 'httpd'
898 aodh::api::host: {get_input: aodh_api_network}
899 aodh::api::keystone_password: {get_input: aodh_password}
900 aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri}
901 aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri}
902 aodh::auth::auth_url: {get_input: keystone_auth_uri}
903 aodh::auth::auth_password: {get_input: aodh_password}
904 aodh::db::mysql::password: {get_input: aodh_password}
905 # for a migration path from ceilometer-alarm to aodh, we use the same database & coordination
906 aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url}
907 aodh::keystone::auth::public_url: {get_input: aodh_public_url }
908 aodh::keystone::auth::internal_url: {get_input: aodh_internal_url }
909 aodh::keystone::auth::admin_url: {get_input: aodh_admin_url }
910 aodh::keystone::auth::password: {get_input: aodh_password }
911 aodh::keystone::auth::region: {get_input: keystone_region}
914 gnocchi_backend: {get_input: gnocchi_backend}
915 gnocchi_indexer_backend: {get_input: gnocchi_indexer_backend}
916 gnocchi_mysql_conn_string: {get_input: gnocchi_dsn}
917 gnocchi::debug: {get_input: debug}
918 gnocchi::wsgi::apache::ssl: false
919 gnocchi::wsgi::apache::bind_host: {get_input: gnocchi_api_network}
920 gnocchi::api::service_name: 'httpd'
921 gnocchi::api::host: {get_input: gnocchi_api_network}
922 gnocchi::api::keystone_password: {get_input: gnocchi_password}
923 gnocchi::api::keystone_auth_uri: {get_input: keystone_auth_uri}
924 gnocchi::api::keystone_identity_uri: {get_input: keystone_identity_uri}
925 gnocchi::db::mysql::password: {get_input: gnocchi_password}
926 gnocchi::storage::swift::swift_authurl: {get_input: keystone_auth_uri}
927 gnocchi::storage::swift::swift_key: {get_input: gnocchi_password}
928 gnocchi::keystone::auth::public_url: {get_input: gnocchi_public_url }
929 gnocchi::keystone::auth::internal_url: {get_input: gnocchi_internal_url }
930 gnocchi::keystone::auth::admin_url: {get_input: gnocchi_admin_url }
931 gnocchi::keystone::auth::password: {get_input: gnocchi_password }
932 gnocchi::keystone::auth::region: {get_input: keystone_region}
935 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
936 nova::use_ipv6: {get_input: nova_ipv6}
937 nova::api::auth_uri: {get_input: keystone_auth_uri}
938 nova::api::identity_uri: {get_input: keystone_identity_uri}
939 nova::api::api_bind_address: {get_input: nova_api_network}
940 nova::api::metadata_listen: {get_input: nova_metadata_network}
941 nova::api::admin_password: {get_input: nova_password}
942 nova::database_connection: {get_input: nova_dsn}
943 nova::api_database_connection: {get_input: nova_api_dsn}
944 nova::glance_api_servers: {get_input: glance_api_servers}
945 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
946 nova::api::instance_name_template: {get_input: instance_name_template}
947 nova::network::neutron::neutron_password: {get_input: neutron_password}
948 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
949 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
950 nova::vncproxy::host: {get_input: nova_api_network}
951 nova::db::mysql::password: {get_input: nova_password}
952 nova::db::mysql_api::password: {get_input: nova_password}
953 nova_enable_db_purge: {get_input: nova_enable_db_purge}
954 nova::keystone::auth::public_url: {get_input: nova_public_url}
955 nova::keystone::auth::internal_url: {get_input: nova_internal_url}
956 nova::keystone::auth::admin_url: {get_input: nova_admin_url}
957 nova::keystone::auth::password: {get_input: nova_password }
958 nova::keystone::auth::region: {get_input: keystone_region}
961 apache::mod::remoteip::proxy_ips: {get_input: horizon_subnet}
962 apache::ip: {get_input: horizon_network}
963 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
964 horizon::django_debug: {get_input: debug}
965 horizon::secret_key: {get_input: horizon_secret}
966 horizon::bind_address: {get_input: horizon_network}
967 horizon::keystone_url: {get_input: keystone_auth_uri}
970 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
971 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
973 redis::bind: {get_input: redis_network}
974 redis_vip: {get_input: redis_vip}
976 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
977 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
979 memcached_ipv6: {get_input: memcached_ipv6}
980 memcached::listen_ip: {get_input: memcached_network}
981 control_virtual_interface: {get_input: control_virtual_interface}
982 public_virtual_interface: {get_input: public_virtual_interface}
983 tripleo::keepalived::control_virtual_interface: {get_input: control_virtual_interface}
984 tripleo::keepalived::public_virtual_interface: {get_input: public_virtual_interface}
985 tripleo::haproxy::control_virtual_interface: {get_input: control_virtual_interface}
986 tripleo::haproxy::public_virtual_interface: {get_input: public_virtual_interface}
987 tripleo::haproxy::haproxy_log_address: {get_input: haproxy_log_address}
988 tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
989 tripleo::haproxy::haproxy_stats_user: {get_input: haproxy_stats_user}
990 tripleo::haproxy::haproxy_stats_password: {get_input: haproxy_stats_password}
991 tripleo::haproxy::redis_password: {get_input: redis_password}
992 tripleo::packages::enable_install: {get_input: enable_package_install}
993 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
995 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
996 ControllerExtraConfigPre:
997 depends_on: ControllerDeployment
998 type: OS::TripleO::ControllerExtraConfigPre
1000 server: {get_resource: Controller}
1002 # Hook for site-specific additional pre-deployment config,
1003 # applying to all nodes, e.g node registration/unregistration
1005 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1006 type: OS::TripleO::NodeExtraConfig
1008 server: {get_resource: Controller}
1011 type: OS::TripleO::Tasks::PackageUpdate
1014 type: OS::Heat::SoftwareDeployment
1016 name: UpdateDeployment
1017 config: {get_resource: UpdateConfig}
1018 server: {get_resource: Controller}
1021 get_param: UpdateIdentifier
1025 description: IP address of the server in the ctlplane network
1026 value: {get_attr: [Controller, networks, ctlplane, 0]}
1027 external_ip_address:
1028 description: IP address of the server in the external network
1029 value: {get_attr: [ExternalPort, ip_address]}
1030 internal_api_ip_address:
1031 description: IP address of the server in the internal_api network
1032 value: {get_attr: [InternalApiPort, ip_address]}
1034 description: IP address of the server in the storage network
1035 value: {get_attr: [StoragePort, ip_address]}
1036 storage_mgmt_ip_address:
1037 description: IP address of the server in the storage_mgmt network
1038 value: {get_attr: [StorageMgmtPort, ip_address]}
1040 description: IP address of the server in the tenant network
1041 value: {get_attr: [TenantPort, ip_address]}
1042 management_ip_address:
1043 description: IP address of the server in the management network
1044 value: {get_attr: [ManagementPort, ip_address]}
1046 description: Hostname of the server
1047 value: {get_attr: [Controller, name]}
1050 Server's IP address and hostname in the /etc/hosts format
1054 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
1055 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
1056 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
1057 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
1058 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
1059 TENANTIP TENANTHOST.DOMAIN TENANTHOST
1060 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
1062 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1063 DOMAIN: {get_param: CloudDomain}
1064 PRIMARYHOST: {get_attr: [Controller, name]}
1065 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
1069 - - {get_attr: [Controller, name]}
1071 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
1075 - - {get_attr: [Controller, name]}
1077 STORAGEIP: {get_attr: [StoragePort, ip_address]}
1081 - - {get_attr: [Controller, name]}
1083 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
1087 - - {get_attr: [Controller, name]}
1089 TENANTIP: {get_attr: [TenantPort, ip_address]}
1093 - - {get_attr: [Controller, name]}
1095 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
1099 - - {get_attr: [Controller, name]}
1101 nova_server_resource:
1102 description: Heat resource handle for the Nova compute server
1104 {get_resource: Controller}
1106 description: Swift device formatted for swift-ring-builder
1109 template: 'r1z1-IP:%PORT%/d1'
1111 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1112 swift_proxy_memcache:
1113 description: Swift proxy-memcache value
1116 template: "IP:11211"
1118 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1119 tls_key_modulus_md5:
1120 description: MD5 checksum of the TLS Key Modulus
1121 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1122 tls_cert_modulus_md5:
1123 description: MD5 checksum of the TLS Certificate Modulus
1124 value: {get_attr: [NodeTLSData, cert_modulus_md5]}
Code Review / apex-tripleo-heat-templates.git / blob