1 heat_template_version: 2015-10-15
4 OpenStack controller node configured by Puppet.
8 default: 'admin@example.com'
9 description: The email for the keystone admin account.
14 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
19 description: The keystone auth secret and db password.
22 CeilometerApiVirtualIP:
27 description: The ceilometer backend type.
29 CeilometerMeteringSecret:
31 description: Secret shared by the ceilometer services.
36 description: The password for the ceilometer service and db account.
44 description: Number of workers for Ceilometer service.
46 CinderEnableNfsBackend:
48 description: Whether to enable or not the NFS backend for Cinder
50 CinderEnableIscsiBackend:
52 description: Whether to enable or not the Iscsi backend for Cinder
54 CinderEnableRbdBackend:
56 description: Whether to enable or not the Rbd backend for Cinder
60 description: The iSCSI helper to use with cinder.
62 CinderLVMLoopDeviceSize:
64 description: The size of the loopback file used by the cinder LVM driver.
66 CinderNfsMountOptions:
69 Mount options for NFS mounts used by Cinder NFS backend. Effective
70 when CinderEnableNfsBackend is true.
75 NFS servers used by Cinder NFS backend. Effective when
76 CinderEnableNfsBackend is true.
77 type: comma_delimited_list
80 description: The password for the cinder service and db account, used by cinder-api.
85 description: Contains parameters to configure Cinder backends. Typically
86 set via parameter_defaults in the resource registry.
90 description: Number of workers for Cinder service.
94 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
96 ControllerExtraConfig:
99 Controller specific hiera configuration data to inject into the cluster.
104 A network mapped list of IPs to assign to Controllers in the following form:
106 "internal_api": ["a.b.c.d", "e.f.g.h"],
110 ControlVirtualInterface:
112 description: Interface where virtual ip will be assigned.
116 description: Set to True to enable debugging on all services.
120 description: Whether to enable fencing in Pacemaker or not.
124 description: Whether to use Galera instead of regular MariaDB.
128 description: Whether to deploy a LoadBalancer on the Controller
132 description: Whether to deploy Ceph Storage (OSD) on the Controller
136 description: Whether to enable Swift Storage on the Controller
141 Additional hieradata to inject into the cluster, note that
142 ControllerExtraConfig takes precedence over ExtraConfig.
147 Pacemaker fencing configuration. The JSON should have
148 the following structure:
152 "agent": "AGENT_NAME",
153 "host_mac": "HOST_MAC_ADDRESS",
154 "params": {"PARAM_NAME": "PARAM_VALUE"}
162 "agent": "fence_xvm",
163 "host_mac": "52:54:00:aa:bb:cc",
165 "multicast_address": "225.0.0.12",
166 "port": "baremetal_0",
168 "manage_key_file": true,
169 "key_file": "/etc/fence_xvm.key",
170 "key_file_password": "abcdef"
177 description: Flavor for control nodes to request when deploying.
180 - custom_constraint: nova.flavor
181 GlanceNotifierStrategy:
182 description: Strategy to use for Glance notification queue
186 description: The filepath of the file to use for logging messages from Glance.
191 description: The password for the glance service and db account, used by the glance services.
196 description: The short name of the Glance backend to use. Should be one
197 of swift, rbd, or file
200 - allowed_values: ['swift', 'file', 'rbd']
201 GlanceFilePcmkDevice:
204 An exported storage device that should be mounted by Pacemaker
205 as Glance storage. Effective when GlanceFilePcmkManage is true.
207 GlanceFilePcmkFstype:
210 Filesystem type for Pacemaker mount used as Glance storage.
211 Effective when GlanceFilePcmkManage is true.
213 GlanceFilePcmkManage:
216 Whether to make Glance file backend a mount managed by Pacemaker.
217 Effective when GlanceBackend is 'file'.
219 GlanceFilePcmkOptions:
222 Mount options for Pacemaker mount used as Glance storage.
223 Effective when GlanceFilePcmkManage is true.
225 HAProxySyslogAddress:
227 description: Syslog address where HAproxy will send its log
231 description: Number of workers for Glance service.
235 description: The password for the Heat service and db account, used by the Heat services.
238 HeatStackDomainAdminPassword:
239 description: Password for heat_domain_admin user.
243 HeatAuthEncryptionKey:
244 description: Auth encryption key for heat-engine
249 description: A list of IP/Hostname allowed to connect to horizon
250 type: comma_delimited_list
253 description: Number of workers for Heat service.
256 description: Secret key for Django
261 default: overcloud-control
263 - custom_constraint: glance.image
265 default: 'REBUILD_PRESERVE_EPHEMERAL'
266 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
268 InstanceNameTemplate:
269 default: 'instance-%08x'
270 description: Template string to be used to generate instance names
274 description: Name of an existing Nova key pair to enable SSH access to the instances
277 - custom_constraint: nova.keypair
278 KeystoneCACertificate:
280 description: Keystone self-signed certificate authority certificate.
282 KeystoneSigningCertificate:
284 description: Keystone certificate for verifying token validity.
288 description: Keystone key for signing tokens.
291 KeystoneSSLCertificate:
293 description: Keystone certificate for verifying token validity.
295 KeystoneSSLCertificateKey:
297 description: Keystone key for signing tokens.
300 KeystoneNotificationDriver:
301 description: Comma-separated list of Oslo notification drivers used by Keystone
302 default: ['messaging']
303 type: comma_delimited_list
304 KeystoneNotificationFormat:
305 description: The Keystone notification format
309 - allowed_values: [ 'basic', 'cadf' ]
313 description: Keystone region for endpoint
316 description: Whether to manage IPtables rules.
320 description: Whether IPtables rules should be purged before setting up the new ones.
324 description: Number of workers for Keystone service.
326 MysqlClusterUniquePart:
327 description: A unique identifier of the MySQL cluster the controller is in.
329 default: 'unset' # Has to be here because of the ignored empty value bug
330 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
332 # - length: {min: 4, max: 10}
333 MysqlInnodbBufferPoolSize:
335 Specifies the size of the buffer pool in megabytes. Setting to
336 zero should be interpreted as "no value" and will defer to the
341 description: Configures MySQL max_connections config setting
347 default: '' # Has to be here because of the ignored empty value bug
348 NeutronExternalNetworkBridge:
349 description: Name of bridge used for external network traffic.
352 NeutronBridgeMappings:
354 The OVS logical->physical bridge mappings to use. See the Neutron
355 documentation for details. Defaults to mapping br-ex - the external
356 bridge on hosts - to a physical name 'datacentre' which can be used
357 to create provider networks (and we use this for the default floating
358 network) - if changing this either use different post-install network
359 scripts or be sure to keep 'datacentre' as a mapping network name.
360 type: comma_delimited_list
361 default: "datacentre:br-ex"
362 NeutronDnsmasqOptions:
363 default: 'dhcp-option-force=26,1400'
364 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
366 NeutronEnableDHCPAgent:
367 description: Knob to enable/disable DHCP Agent
370 NeutronEnableL3Agent:
371 description: Knob to enable/disable L3 agent
374 NeutronEnableMetadataAgent:
375 description: Knob to enable/disable Metadata agent
378 NeutronEnableOVSAgent:
379 description: Knob to enable/disable OVS Agent
384 description: Agent mode for the neutron-l3-agent on the controller hosts
388 description: Whether to enable l3-agent HA
390 NeutronDhcpAgentsPerNetwork:
393 description: The number of neutron dhcp agents to schedule per network
396 description: Whether to configure Neutron Distributed Virtual Routers
398 NeutronMetadataProxySharedSecret:
400 description: Shared secret to prevent spoofing
406 The core plugin for Neutron. The value should be the entrypoint to be loaded
407 from neutron.core_plugins namespace.
409 NeutronServicePlugins:
412 Comma-separated list of service plugin entrypoints to be loaded from the
413 neutron.service_plugins namespace.
414 type: comma_delimited_list
416 default: "vxlan,vlan,flat,gre"
418 Comma-separated list of network type driver entrypoints to be loaded.
419 type: comma_delimited_list
420 NeutronMechanismDrivers:
421 default: 'openvswitch'
423 The mechanism drivers for the Neutron tenant network.
424 type: comma_delimited_list
425 NeutronAllowL3AgentFailover:
427 description: Allow automatic l3-agent failover
429 NeutronEnableIsolatedMetadata:
431 description: If True, DHCP provide metadata route to VM.
433 NeutronEnableTunnelling:
439 Enable/disable the L2 population feature in the Neutron agents.
442 type: comma_delimited_list
443 default: 'datacentre'
444 description: If set, flat networks to configure in neutron plugins.
447 description: Whether to enable l3-agent HA
451 description: The tenant network type for Neutron.
452 type: comma_delimited_list
453 NeutronNetworkVLANRanges:
454 default: 'datacentre'
456 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
457 Neutron documentation for permitted values. Defaults to permitting any
458 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
459 type: comma_delimited_list
462 description: The password for the neutron service and db account, used by neutron agents.
465 NeutronPublicInterface:
467 description: What interface to bridge onto br-ex for network nodes.
469 NeutronPublicInterfaceTag:
472 VLAN tag for creating a public VLAN. The tag will be used to
473 create an access port on the exterior bridge for each control plane node,
474 and that port will be given the IP address returned by neutron from the
475 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
476 overcloud.yaml to include the deployment of VLAN ports to the control
479 NeutronPublicInterfaceDefaultRoute:
481 description: A custom default route for the NeutronPublicInterface.
483 NeutronPublicInterfaceIP:
485 description: A custom IP address to put onto the NeutronPublicInterface.
487 NeutronPublicInterfaceRawDevice:
489 description: If set, the public interface is a vlan with this device as the raw device.
494 The tunnel types for the Neutron tenant network.
495 type: comma_delimited_list
496 NeutronTunnelIdRanges:
498 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
499 of GRE tunnel IDs that are available for tenant network allocation
500 default: ["1:1000", ]
501 type: comma_delimited_list
504 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
505 of VXLAN VNI IDs that are available for tenant network allocation
506 default: ["1:1000", ]
507 type: comma_delimited_list
513 description: Number of workers for Neutron service.
517 description: The password for the nova service and db account, used by nova-api.
522 description: Number of workers for Nova service.
526 description: Should MongoDb journaling be disabled
530 description: Comma-separated list of ntp servers
531 type: comma_delimited_list
534 description: The password for the 'pcsd' user.
536 PublicVirtualInterface:
539 Specifies the interface where the public-facing virtual ip will be assigned.
540 This should be int_public when a VLAN is being used.
544 default: '' # Has to be here because of the ignored empty value bug
547 default: '' # Has to be here because of the ignored empty value bug
551 description: The password for RabbitMQ
556 description: The username for RabbitMQ
561 Rabbit client subscriber parameter to specify
562 an SSL connection to the RabbitMQ host.
566 description: Set rabbit subscriber port, change this if using SSL
570 description: Configures RabbitMQ FD limit
574 default: '' # Has to be here because of the ignored empty value bug
575 SnmpdReadonlyUserName:
576 default: ro_snmp_user
577 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
579 SnmpdReadonlyUserPassword:
581 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
586 description: A random string to be used as a salt when hashing to determine mappings
592 description: Value of mount_check in Swift account/container/object -server.conf
597 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
600 description: Partition Power to use when building Swift rings
604 description: The password for the swift service account, used by the swift proxy
614 description: How many replicas to use in the swift rings.
617 description: Number of workers for Swift service.
619 VirtualIP: # DEPRECATED: use per service settings instead
621 default: '' # Has to be here because of the ignored empty value bug
628 GlanceRegistryVirtualIP:
634 KeystoneAdminApiVirtualIP:
637 KeystonePublicApiVirtualIP:
643 EnablePackageInstall:
645 description: Set to true to enable package installation via Puppet
649 description: Mapping of service_name -> network name. Typically set
650 via parameter_defaults in the resource registry.
654 description: Mapping of service endpoint -> protocol. Typically set
655 via parameter_defaults in the resource registry.
661 Setting to a previously unused value during stack-update will trigger
662 package update on all nodes
665 default: '' # Defaults to Heat created hostname
666 NetworkDeploymentActions:
667 type: comma_delimited_list
669 Heat action when to apply network configuration changes
674 SoftwareConfigTransport:
675 default: POLL_SERVER_CFN
677 How the server should receive the metadata required for software configuration.
680 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
685 The DNS domain used for the hosts. This should match the dhcp_domain
686 configured in the Undercloud neutron. Defaults to localdomain.
690 Extra properties or metadata passed to Nova for the created nodes in
691 the overcloud. It's accessible via the Nova metadata API.
695 description: Optional scheduler hints to pass to nova
701 type: OS::Nova::Server
703 image: {get_param: Image}
704 image_update_policy: {get_param: ImageUpdatePolicy}
705 flavor: {get_param: Flavor}
706 key_name: {get_param: KeyName}
709 user_data_format: SOFTWARE_CONFIG
710 user_data: {get_resource: UserData}
711 name: {get_param: Hostname}
712 software_config_transport: {get_param: SoftwareConfigTransport}
713 metadata: {get_param: ServerMetadata}
714 scheduler_hints: {get_param: SchedulerHints}
716 # Combine the NodeAdminUserData and NodeUserData mime archives
718 type: OS::Heat::MultipartMime
721 - config: {get_resource: NodeAdminUserData}
723 - config: {get_resource: NodeUserData}
726 # Creates the "heat-admin" user if configured via the environment
727 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
729 type: OS::TripleO::NodeAdminUserData
731 # For optional operator additional userdata
732 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
734 type: OS::TripleO::NodeUserData
737 type: OS::TripleO::Controller::Ports::ExternalPort
739 IPPool: {get_param: ControllerIPs}
740 NodeIndex: {get_param: NodeIndex}
741 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
744 type: OS::TripleO::Controller::Ports::InternalApiPort
746 IPPool: {get_param: ControllerIPs}
747 NodeIndex: {get_param: NodeIndex}
748 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
751 type: OS::TripleO::Controller::Ports::StoragePort
753 IPPool: {get_param: ControllerIPs}
754 NodeIndex: {get_param: NodeIndex}
755 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
758 type: OS::TripleO::Controller::Ports::StorageMgmtPort
760 IPPool: {get_param: ControllerIPs}
761 NodeIndex: {get_param: NodeIndex}
762 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
765 type: OS::TripleO::Controller::Ports::TenantPort
767 IPPool: {get_param: ControllerIPs}
768 NodeIndex: {get_param: NodeIndex}
769 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
772 type: OS::TripleO::Network::Ports::NetIpMap
774 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
775 ExternalIp: {get_attr: [ExternalPort, ip_address]}
776 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
777 StorageIp: {get_attr: [StoragePort, ip_address]}
778 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
779 TenantIp: {get_attr: [TenantPort, ip_address]}
782 type: OS::TripleO::Network::Ports::NetIpSubnetMap
784 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
785 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
786 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
787 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
788 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
789 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
792 type: OS::TripleO::Controller::Net::SoftwareConfig
794 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
795 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
796 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
797 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
798 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
799 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
802 type: OS::TripleO::SoftwareDeployment
804 config: {get_resource: NetworkConfig}
805 server: {get_resource: Controller}
806 actions: {get_param: NetworkDeploymentActions}
809 interface_name: {get_param: NeutronPublicInterface}
811 # Resource for site-specific injection of root certificate
813 depends_on: NetworkDeployment
814 type: OS::TripleO::NodeTLSCAData
816 server: {get_resource: Controller}
818 # Resource for site-specific passing of private keys/certificates
820 depends_on: NodeTLSCAData
821 type: OS::TripleO::NodeTLSData
823 server: {get_resource: Controller}
824 NodeIndex: {get_param: NodeIndex}
826 ControllerDeployment:
827 type: OS::TripleO::SoftwareDeployment
828 depends_on: NetworkDeployment
830 config: {get_resource: ControllerConfig}
831 server: {get_resource: Controller}
833 bootstack_nodeid: {get_attr: [Controller, name]}
834 ceilometer_workers: {get_param: CeilometerWorkers}
835 cinder_workers: {get_param: CinderWorkers}
836 glance_workers: {get_param: GlanceWorkers}
837 heat_workers: {get_param: HeatWorkers}
838 keystone_workers: {get_param: KeystoneWorkers}
839 nova_workers: {get_param: NovaWorkers}
840 neutron_workers: {get_param: NeutronWorkers}
841 swift_workers: {get_param: SwiftWorkers}
842 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
843 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
844 neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
845 haproxy_log_address: {get_param: HAProxySyslogAddress}
846 heat.watch_server_url:
850 - {get_param: HeatApiVirtualIP}
852 heat.metadata_server_url:
856 - {get_param: HeatApiVirtualIP}
858 heat.waitcondition_server_url:
862 - {get_param: HeatApiVirtualIP}
863 - ':8000/v1/waitcondition'
864 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
865 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
866 horizon_secret: {get_param: HorizonSecret}
867 admin_email: {get_param: AdminEmail}
868 admin_password: {get_param: AdminPassword}
869 admin_token: {get_param: AdminToken}
870 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
871 debug: {get_param: Debug}
872 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
873 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
874 cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
879 SERVERS: {get_param: CinderNfsServers}
880 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
881 cinder_password: {get_param: CinderPassword}
882 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
883 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
884 cinder_backend_config: {get_param: CinderBackendConfig}
888 - - 'mysql://cinder:'
889 - {get_param: CinderPassword}
891 - {get_param: MysqlVirtualIP}
893 glance_port: {get_param: [EndpointMap, GlanceInternal, port]}
894 glance_password: {get_param: GlancePassword}
895 glance_backend: {get_param: GlanceBackend}
896 glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice}
897 glance_file_pcmk_fstype: {get_param: GlanceFilePcmkFstype}
898 glance_file_pcmk_manage: {get_param: GlanceFilePcmkManage}
899 glance_file_pcmk_options: {get_param: GlanceFilePcmkOptions}
900 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
901 glance_log_file: {get_param: GlanceLogFile}
905 - - 'mysql://glance:'
906 - {get_param: GlancePassword}
908 - {get_param: MysqlVirtualIP}
910 heat_password: {get_param: HeatPassword}
911 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
916 - {get_param: HeatPassword}
918 - {get_param: MysqlVirtualIP}
920 keystone_ca_certificate: {get_param: KeystoneCACertificate}
921 keystone_signing_key: {get_param: KeystoneSigningKey}
922 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
923 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
924 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
925 keystone_notification_driver: {get_param: KeystoneNotificationDriver}
926 keystone_notification_format: {get_param: KeystoneNotificationFormat}
930 - - 'mysql://keystone:'
931 - {get_param: AdminToken}
933 - {get_param: MysqlVirtualIP}
935 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
936 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
937 keystone_public_url: { get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
938 keystone_internal_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
939 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
940 enable_fencing: {get_param: EnableFencing}
941 enable_galera: {get_param: EnableGalera}
942 enable_load_balancer: {get_param: EnableLoadBalancer}
943 enable_ceph_storage: {get_param: EnableCephStorage}
944 enable_swift_storage: {get_param: EnableSwiftStorage}
945 manage_firewall: {get_param: ManageFirewall}
946 purge_firewall_rules: {get_param: PurgeFirewallRules}
947 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
948 mysql_max_connections: {get_param: MysqlMaxConnections}
949 mysql_root_password: {get_param: MysqlRootPassword}
952 template: tripleo-CLUSTER
954 CLUSTER: {get_param: MysqlClusterUniquePart}
955 neutron_flat_networks:
959 NETWORKS: {get_param: NeutronFlatNetworks}
960 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
961 neutron_agent_mode: {get_param: NeutronAgentMode}
962 neutron_router_distributed: {get_param: NeutronDVR}
963 neutron_core_plugin: {get_param: NeutronCorePlugin}
964 neutron_service_plugins:
968 PLUGINS: {get_param: NeutronServicePlugins}
969 neutron_type_drivers:
973 DRIVERS: {get_param: NeutronTypeDrivers}
974 neutron_enable_dhcp_agent: {get_param: NeutronEnableDHCPAgent}
975 neutron_enable_l3_agent: {get_param: NeutronEnableL3Agent}
976 neutron_enable_metadata_agent: {get_param: NeutronEnableMetadataAgent}
977 neutron_enable_ovs_agent: {get_param: NeutronEnableOVSAgent}
978 neutron_mechanism_drivers:
982 MECHANISMS: {get_param: NeutronMechanismDrivers}
983 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
984 neutron_l3_ha: {get_param: NeutronL3HA}
985 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
986 neutron_network_vlan_ranges:
990 RANGES: {get_param: NeutronNetworkVLANRanges}
991 neutron_bridge_mappings:
995 MAPPINGS: {get_param: NeutronBridgeMappings}
996 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
997 neutron_public_interface: {get_param: NeutronPublicInterface}
998 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
999 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
1000 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
1001 neutron_tunnel_id_ranges:
1005 RANGES: {get_param: NeutronTunnelIdRanges}
1010 RANGES: {get_param: NeutronVniRanges}
1011 neutron_tenant_network_types:
1015 TYPES: {get_param: NeutronNetworkType}
1016 neutron_tunnel_types:
1020 TYPES: {get_param: NeutronTunnelTypes}
1021 neutron_password: {get_param: NeutronPassword}
1022 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
1026 - - 'mysql://neutron:'
1027 - {get_param: NeutronPassword}
1029 - {get_param: MysqlVirtualIP}
1030 - '/ovs_neutron?charset=utf8'
1031 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
1032 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
1033 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
1034 neutron_admin_auth_url: { get_param: [ EndpointMap, KeystoneAdmin, uri ] }
1035 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
1036 ceilometer_backend: {get_param: CeilometerBackend}
1037 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
1038 ceilometer_password: {get_param: CeilometerPassword}
1039 ceilometer_coordination_url:
1043 - {get_param: RedisVirtualIP}
1048 - - 'mysql://ceilometer:'
1049 - {get_param: CeilometerPassword}
1051 - {get_param: MysqlVirtualIP}
1053 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
1054 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
1055 nova_password: {get_param: NovaPassword}
1060 - {get_param: NovaPassword}
1062 - {get_param: MysqlVirtualIP}
1064 instance_name_template: {get_param: InstanceNameTemplate}
1065 fencing_config: {get_param: FencingConfig}
1066 pcsd_password: {get_param: PcsdPassword}
1067 rabbit_username: {get_param: RabbitUserName}
1068 rabbit_password: {get_param: RabbitPassword}
1069 rabbit_cookie: {get_param: RabbitCookie}
1070 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
1071 rabbit_client_port: {get_param: RabbitClientPort}
1072 mongodb_no_journal: {get_param: MongoDbNoJournal}
1073 # We need to force this into quotes or hiera will return integer causing
1074 # the puppet module validation regexp to fail.
1075 # Remove when: https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/401
1080 LIMIT: {get_param: RabbitFDLimit}
1081 ntp_servers: {get_param: NtpServer}
1082 control_virtual_interface: {get_param: ControlVirtualInterface}
1083 public_virtual_interface: {get_param: PublicVirtualInterface}
1084 swift_hash_suffix: {get_param: SwiftHashSuffix}
1085 swift_password: {get_param: SwiftPassword}
1086 swift_part_power: {get_param: SwiftPartPower}
1087 swift_replicas: {get_param: SwiftReplicas}
1088 swift_min_part_hours: {get_param: SwiftMinPartHours}
1089 swift_mount_check: {get_param: SwiftMountCheck}
1090 enable_package_install: {get_param: EnablePackageInstall}
1091 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
1092 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
1093 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1094 cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
1095 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
1096 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
1097 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
1098 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
1099 glance_registry_host: {get_param: GlanceRegistryVirtualIP}
1100 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
1101 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
1102 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
1103 keystone_region: {get_param: KeystoneRegion}
1104 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
1105 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
1106 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
1107 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
1108 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
1109 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
1110 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
1111 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
1112 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
1113 redis_vip: {get_param: RedisVirtualIP}
1114 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1115 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
1116 mysql_virtual_ip: {get_param: MysqlVirtualIP}
1117 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
1118 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1119 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1121 # Map heat metadata into hiera datafiles
1123 type: OS::Heat::StructuredConfig
1125 group: os-apply-config
1130 - heat_config_%{::deploy_config_name}
1131 - controller_extraconfig
1136 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
1137 - ceph_cluster # provided by CephClusterConfig
1139 - bootstrap_node # provided by BootstrapNodeConfig
1140 - all_nodes # provided by allNodesConfig
1141 - vip_data # provided by vip-config
1144 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
1145 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
1146 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
1147 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
1148 - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
1150 controller_extraconfig:
1151 mapped_data: {get_param: ControllerExtraConfig}
1153 mapped_data: {get_param: ExtraConfig}
1155 raw_data: {get_file: hieradata/common.yaml}
1157 raw_data: {get_file: hieradata/ceph.yaml}
1159 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
1160 ceph::profile::params::public_network: {get_input: ceph_public_network}
1161 ceph::mon::public_addr: {get_input: ceph_public_ip}
1163 raw_data: {get_file: hieradata/database.yaml}
1165 raw_data: {get_file: hieradata/object.yaml}
1167 raw_data: {get_file: hieradata/controller.yaml}
1168 mapped_data: # data supplied directly to this deployment configuration, etc
1169 bootstack_nodeid: {get_input: bootstack_nodeid}
1172 enable_fencing: {get_input: enable_fencing}
1173 enable_load_balancer: {get_input: enable_load_balancer}
1174 hacluster_pwd: {get_input: pcsd_password}
1175 tripleo::fencing::config: {get_input: fencing_config}
1178 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
1179 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
1180 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
1181 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
1182 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
1183 swift::proxy::authtoken::admin_password: {get_input: swift_password}
1184 swift::proxy::workers: {get_input: swift_workers}
1185 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
1186 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
1187 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
1188 swift_mount_check: {get_input: swift_mount_check}
1190 # NOTE(dprince): build_ring support is currently not wired in.
1191 # See: https://review.openstack.org/#/c/109225/
1192 tripleo::ringbuilder::build_ring: True
1195 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
1196 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
1197 cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
1198 cinder_nfs_servers: {get_input: cinder_nfs_servers}
1199 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
1200 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
1201 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
1202 cinder::database_connection: {get_input: cinder_dsn}
1203 cinder::api::keystone_password: {get_input: cinder_password}
1204 cinder::api::auth_uri: {get_input: keystone_auth_uri}
1205 cinder::api::identity_uri: {get_input: keystone_identity_uri}
1206 cinder::api::bind_host: {get_input: cinder_api_network}
1207 cinder::rabbit_userid: {get_input: rabbit_username}
1208 cinder::rabbit_password: {get_input: rabbit_password}
1209 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1210 cinder::rabbit_port: {get_input: rabbit_client_port}
1211 cinder::debug: {get_input: debug}
1212 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
1213 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
1214 cinder_backend_config: {get_input: CinderBackendConfig}
1215 cinder::db::mysql::password: {get_input: cinder_password}
1218 glance::api::bind_port: {get_input: glance_port}
1219 glance::api::bind_host: {get_input: glance_api_network}
1220 glance::api::auth_uri: {get_input: keystone_auth_uri}
1221 glance::api::identity_uri: {get_input: keystone_identity_uri}
1222 glance::api::registry_host: {get_input: glance_registry_host}
1223 glance::api::keystone_password: {get_input: glance_password}
1224 glance::api::debug: {get_input: debug}
1225 glance::api::workers: {get_input: glance_workers}
1226 glance_notifier_strategy: {get_input: glance_notifier_strategy}
1227 glance_log_file: {get_input: glance_log_file}
1228 glance_log_file: {get_input: glance_log_file}
1229 glance::api::database_connection: {get_input: glance_dsn}
1230 glance::registry::keystone_password: {get_input: glance_password}
1231 glance::registry::database_connection: {get_input: glance_dsn}
1232 glance::registry::bind_host: {get_input: glance_registry_network}
1233 glance::registry::auth_uri: {get_input: keystone_auth_uri}
1234 glance::registry::identity_uri: {get_input: keystone_identity_uri}
1235 glance::registry::debug: {get_input: debug}
1236 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_uri}
1237 glance::registry::workers: {get_input: glance_workers}
1238 glance::backend::swift::swift_store_user: service:glance
1239 glance::backend::swift::swift_store_key: {get_input: glance_password}
1240 glance_backend: {get_input: glance_backend}
1241 glance::db::mysql::password: {get_input: glance_password}
1242 glance_file_pcmk_device: {get_input: glance_file_pcmk_device}
1243 glance_file_pcmk_fstype: {get_input: glance_file_pcmk_fstype}
1244 glance_file_pcmk_manage: {get_input: glance_file_pcmk_manage}
1245 glance_file_pcmk_options: {get_input: glance_file_pcmk_options}
1248 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
1249 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
1250 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
1251 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
1252 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
1253 heat::rabbit_userid: {get_input: rabbit_username}
1254 heat::rabbit_password: {get_input: rabbit_password}
1255 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1256 heat::rabbit_port: {get_input: rabbit_client_port}
1257 heat::auth_uri: {get_input: keystone_auth_uri}
1258 heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
1259 heat::identity_uri: {get_input: keystone_identity_uri}
1260 heat::keystone_password: {get_input: heat_password}
1261 heat::api::bind_host: {get_input: heat_api_network}
1262 heat::api::workers: {get_input: heat_workers}
1263 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
1264 heat::api_cloudwatch::workers: {get_input: heat_workers}
1265 heat::api_cfn::bind_host: {get_input: heat_api_network}
1266 heat::api_cfn::workers: {get_input: heat_workers}
1267 heat::database_connection: {get_input: heat_dsn}
1268 heat::debug: {get_input: debug}
1269 heat::db::mysql::password: {get_input: heat_password}
1272 keystone::admin_token: {get_input: admin_token}
1273 keystone_ca_certificate: {get_input: keystone_ca_certificate}
1274 keystone_signing_key: {get_input: keystone_signing_key}
1275 keystone_signing_certificate: {get_input: keystone_signing_certificate}
1276 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
1277 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
1278 keystone::database_connection: {get_input: keystone_dsn}
1279 keystone::public_bind_host: {get_input: keystone_public_api_network}
1280 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
1281 keystone::debug: {get_input: debug}
1282 keystone::db::mysql::password: {get_input: admin_token}
1283 keystone::rabbit_userid: {get_input: rabbit_username}
1284 keystone::rabbit_password: {get_input: rabbit_password}
1285 keystone::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1286 keystone::rabbit_port: {get_input: rabbit_client_port}
1287 keystone::notification_driver: {get_input: keystone_notification_driver}
1288 keystone::notification_format: {get_input: keystone_notification_format}
1289 keystone::roles::admin::email: {get_input: admin_email}
1290 keystone::roles::admin::password: {get_input: admin_password}
1291 keystone::endpoint::public_url: {get_input: keystone_public_url}
1292 keystone::endpoint::internal_url: {get_input: keystone_internal_url}
1293 keystone::endpoint::admin_url: {get_input: keystone_identity_uri}
1294 keystone::endpoint::region: {get_input: keystone_region}
1295 keystone::admin_workers: {get_input: keystone_workers}
1296 keystone::public_workers: {get_input: keystone_workers}
1299 mongodb::server::bind_ip: {get_input: mongo_db_network}
1300 mongodb::server::nojournal: {get_input: mongodb_no_journal}
1302 admin_password: {get_input: admin_password}
1303 enable_galera: {get_input: enable_galera}
1304 enable_ceph_storage: {get_input: enable_ceph_storage}
1305 enable_swift_storage: {get_input: enable_swift_storage}
1306 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
1307 mysql_max_connections: {get_input: mysql_max_connections}
1308 mysql::server::root_password: {get_input: mysql_root_password}
1309 mysql_cluster_name: {get_input: mysql_cluster_name}
1310 mysql_bind_host: {get_input: mysql_network}
1311 mysql_virtual_ip: {get_input: mysql_virtual_ip}
1314 neutron::bind_host: {get_input: neutron_api_network}
1315 neutron::rabbit_password: {get_input: rabbit_password}
1316 neutron::rabbit_user: {get_input: rabbit_username}
1317 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1318 neutron::rabbit_port: {get_input: rabbit_client_port}
1319 neutron::debug: {get_input: debug}
1320 neutron::server::auth_uri: {get_input: keystone_auth_uri}
1321 neutron::server::identity_uri: {get_input: keystone_identity_uri}
1322 neutron::server::database_connection: {get_input: neutron_dsn}
1323 neutron::server::api_workers: {get_input: neutron_workers}
1324 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
1325 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
1326 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
1327 neutron::agents::dhcp::enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata}
1328 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
1329 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
1330 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1331 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
1332 neutron::agents::metadata::metadata_workers: {get_input: neutron_workers}
1333 neutron_agent_mode: {get_input: neutron_agent_mode}
1334 neutron_router_distributed: {get_input: neutron_router_distributed}
1335 neutron::core_plugin: {get_input: neutron_core_plugin}
1336 neutron::service_plugins: {get_input: neutron_service_plugins}
1337 neutron::enable_dhcp_agent: {get_input: neutron_enable_dhcp_agent}
1338 neutron::enable_l3_agent: {get_input: neutron_enable_l3_agent}
1339 neutron::enable_metadata_agent: {get_input: neutron_enable_metadata_agent}
1340 neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent}
1341 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
1342 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
1343 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
1344 neutron::server::l3_ha: {get_input: neutron_l3_ha}
1345 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
1346 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
1347 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
1348 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
1349 neutron::agents::ml2::ovs:bridge_mappings: {get_input: neutron_bridge_mappings}
1350 neutron_public_interface: {get_input: neutron_public_interface}
1351 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
1352 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
1353 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
1354 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
1355 neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types}
1356 neutron::server::auth_password: {get_input: neutron_password}
1357 neutron::agents::metadata::auth_password: {get_input: neutron_password}
1358 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
1359 neutron_dsn: {get_input: neutron_dsn}
1360 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1361 neutron::db::mysql::password: {get_input: neutron_password}
1362 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
1363 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
1364 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
1365 neutron::keystone::auth::password: {get_input: neutron_password }
1366 neutron::keystone::auth::region: {get_input: keystone_region}
1367 neutron::server::notifications::nova_url: {get_input: nova_internal_url}
1368 neutron::server::notifications::auth_url: {get_input: neutron_admin_auth_url}
1369 neutron::server::notifications::tenant_name: 'service'
1370 neutron::server::notifications::password: {get_input: nova_password}
1373 ceilometer_backend: {get_input: ceilometer_backend}
1374 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1375 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1376 ceilometer::rabbit_userid: {get_input: rabbit_username}
1377 ceilometer::rabbit_password: {get_input: rabbit_password}
1378 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1379 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1380 ceilometer::debug: {get_input: debug}
1381 ceilometer::api::host: {get_input: ceilometer_api_network}
1382 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1383 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1384 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1385 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1386 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
1387 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1388 ceilometer::db::mysql::password: {get_input: ceilometer_password}
1389 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1390 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1393 nova::rabbit_userid: {get_input: rabbit_username}
1394 nova::rabbit_password: {get_input: rabbit_password}
1395 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1396 nova::rabbit_port: {get_input: rabbit_client_port}
1397 nova::debug: {get_input: debug}
1398 nova::api::auth_uri: {get_input: keystone_auth_uri}
1399 nova::api::identity_uri: {get_input: keystone_identity_uri}
1400 nova::api::api_bind_address: {get_input: nova_api_network}
1401 nova::api::metadata_listen: {get_input: nova_metadata_network}
1402 nova::api::admin_password: {get_input: nova_password}
1403 nova::api::osapi_compute_workers: {get_input: nova_workers}
1404 nova::api::ec2_workers: {get_input: nova_workers}
1405 nova::api::metadata_workers: {get_input: nova_workers}
1406 nova::database_connection: {get_input: nova_dsn}
1407 nova::glance_api_servers: {get_input: glance_api_servers}
1408 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1409 nova::api::instance_name_template: {get_input: instance_name_template}
1410 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
1411 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1412 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
1413 nova::vncproxy::host: {get_input: nova_api_network}
1414 nova::db::mysql::password: {get_input: nova_password}
1417 apache::ip: {get_input: horizon_network}
1418 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1419 horizon::django_debug: {get_input: debug}
1420 horizon::secret_key: {get_input: horizon_secret}
1421 horizon::bind_address: {get_input: horizon_network}
1422 horizon::keystone_url: {get_input: keystone_auth_uri}
1425 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1426 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1427 rabbitmq::file_limit: {get_input: rabbit_fd_limit}
1428 rabbitmq::default_user: {get_input: rabbit_username}
1429 rabbitmq::default_pass: {get_input: rabbit_password}
1431 redis::bind: {get_input: redis_network}
1432 redis_vip: {get_input: redis_vip}
1434 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1435 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1437 memcached::listen_ip: {get_input: memcached_network}
1438 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1439 ntp::servers: {get_input: ntp_servers}
1440 control_virtual_interface: {get_input: control_virtual_interface}
1441 public_virtual_interface: {get_input: public_virtual_interface}
1442 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1443 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1444 tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address}
1445 # NOTE(jaosorior): The service certificate configuration for
1446 # HAProxy was left commented because to properly use this, we
1447 # need to be able to set up the keystone endpoints. And
1448 # currently that is not possible, but is being addressed by
1449 # other commits. A subsequent commit will uncomment this.
1450 #tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1451 tripleo::packages::enable_install: {get_input: enable_package_install}
1452 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1454 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1455 ControllerExtraConfigPre:
1456 depends_on: ControllerDeployment
1457 type: OS::TripleO::ControllerExtraConfigPre
1459 server: {get_resource: Controller}
1461 # Hook for site-specific additional pre-deployment config,
1462 # applying to all nodes, e.g node registration/unregistration
1464 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1465 type: OS::TripleO::NodeExtraConfig
1467 server: {get_resource: Controller}
1470 type: OS::TripleO::Tasks::PackageUpdate
1473 type: OS::Heat::SoftwareDeployment
1475 config: {get_resource: UpdateConfig}
1476 server: {get_resource: Controller}
1479 get_param: UpdateIdentifier
1483 description: IP address of the server in the ctlplane network
1484 value: {get_attr: [Controller, networks, ctlplane, 0]}
1485 external_ip_address:
1486 description: IP address of the server in the external network
1487 value: {get_attr: [ExternalPort, ip_address]}
1488 internal_api_ip_address:
1489 description: IP address of the server in the internal_api network
1490 value: {get_attr: [InternalApiPort, ip_address]}
1492 description: IP address of the server in the storage network
1493 value: {get_attr: [StoragePort, ip_address]}
1494 storage_mgmt_ip_address:
1495 description: IP address of the server in the storage_mgmt network
1496 value: {get_attr: [StorageMgmtPort, ip_address]}
1498 description: IP address of the server in the tenant network
1499 value: {get_attr: [TenantPort, ip_address]}
1501 description: Hostname of the server
1502 value: {get_attr: [Controller, name]}
1505 Node object in the format {ip: ..., name: ...} format that the corosync
1508 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1509 name: {get_attr: [Controller, name]}
1512 Server's IP address and hostname in the /etc/hosts format
1515 template: IP HOST.DOMAIN HOST CLOUDNAME
1517 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1518 DOMAIN: {get_param: CloudDomain}
1519 HOST: {get_attr: [Controller, name]}
1520 CLOUDNAME: {get_param: CloudName}
1521 nova_server_resource:
1522 description: Heat resource handle for the Nova compute server
1524 {get_resource: Controller}
1526 description: Swift device formatted for swift-ring-builder
1529 template: 'r1z1-IP:%PORT%/d1'
1531 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1532 swift_proxy_memcache:
1533 description: Swift proxy-memcache value
1536 template: "IP:11211"
1538 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1540 description: identifier which changes if the controller configuration may need re-applying
1544 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1545 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1546 - {get_attr: [NodeTLSData, deploy_stdout]}
1547 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1548 - {get_param: UpdateIdentifier}
1549 tls_key_modulus_md5:
1550 description: MD5 checksum of the TLS Key Modulus
1551 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1552 tls_cert_modulus_md5:
1553 description: MD5 checksum of the TLS Certificate Modulus
1554 value: {get_attr: [NodeTLSData, cert_modulus_md5]}