1 heat_template_version: 2015-10-15
4 OpenStack controller node configured by Puppet.
8 default: 'admin@example.com'
9 description: The email for the keystone admin account.
13 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
17 description: The keystone auth secret and db password.
20 CeilometerApiVirtualIP:
25 description: The ceilometer backend type.
27 CeilometerMeteringSecret:
28 description: Secret shared by the ceilometer services.
32 description: The password for the ceilometer service and db account.
40 description: Number of workers for Ceilometer service.
42 CinderEnableNfsBackend:
44 description: Whether to enable or not the NFS backend for Cinder
46 CinderEnableIscsiBackend:
48 description: Whether to enable or not the Iscsi backend for Cinder
50 CinderEnableRbdBackend:
52 description: Whether to enable or not the Rbd backend for Cinder
56 description: The iSCSI helper to use with cinder.
58 CinderLVMLoopDeviceSize:
60 description: The size of the loopback file used by the cinder LVM driver.
62 CinderNfsMountOptions:
65 Mount options for NFS mounts used by Cinder NFS backend. Effective
66 when CinderEnableNfsBackend is true.
71 NFS servers used by Cinder NFS backend. Effective when
72 CinderEnableNfsBackend is true.
73 type: comma_delimited_list
75 description: The password for the cinder service and db account, used by cinder-api.
80 description: Contains parameters to configure Cinder backends. Typically
81 set via parameter_defaults in the resource registry.
85 description: Number of workers for Cinder service.
89 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
91 ControllerExtraConfig:
94 Controller specific hiera configuration data to inject into the cluster.
99 A network mapped list of IPs to assign to Controllers in the following form:
101 "internal_api": ["a.b.c.d", "e.f.g.h"],
105 ControlVirtualInterface:
107 description: Interface where virtual ip will be assigned.
111 description: Set to True to enable debugging on all services.
115 description: Whether to enable fencing in Pacemaker or not.
119 description: Whether to use Galera instead of regular MariaDB.
123 description: Whether to deploy a LoadBalancer on the Controller
127 description: Whether to deploy Ceph Storage (OSD) on the Controller
131 description: Whether to enable Swift Storage on the Controller
136 Additional hieradata to inject into the cluster, note that
137 ControllerExtraConfig takes precedence over ExtraConfig.
142 Pacemaker fencing configuration. The JSON should have
143 the following structure:
147 "agent": "AGENT_NAME",
148 "host_mac": "HOST_MAC_ADDRESS",
149 "params": {"PARAM_NAME": "PARAM_VALUE"}
157 "agent": "fence_xvm",
158 "host_mac": "52:54:00:aa:bb:cc",
160 "multicast_address": "225.0.0.12",
161 "port": "baremetal_0",
163 "manage_key_file": true,
164 "key_file": "/etc/fence_xvm.key",
165 "key_file_password": "abcdef"
172 description: Flavor for control nodes to request when deploying.
175 - custom_constraint: nova.flavor
176 GlanceNotifierStrategy:
177 description: Strategy to use for Glance notification queue
181 description: The filepath of the file to use for logging messages from Glance.
185 description: The password for the glance service and db account, used by the glance services.
190 description: The short name of the Glance backend to use. Should be one
191 of swift, rbd, or file
194 - allowed_values: ['swift', 'file', 'rbd']
195 GlanceFilePcmkDevice:
198 An exported storage device that should be mounted by Pacemaker
199 as Glance storage. Effective when GlanceFilePcmkManage is true.
201 GlanceFilePcmkFstype:
204 Filesystem type for Pacemaker mount used as Glance storage.
205 Effective when GlanceFilePcmkManage is true.
207 GlanceFilePcmkManage:
210 Whether to make Glance file backend a mount managed by Pacemaker.
211 Effective when GlanceBackend is 'file'.
213 GlanceFilePcmkOptions:
216 Mount options for Pacemaker mount used as Glance storage.
217 Effective when GlanceFilePcmkManage is true.
219 HAProxySyslogAddress:
221 description: Syslog address where HAproxy will send its log
225 description: Number of workers for Glance service.
228 description: The password for the Heat service and db account, used by the Heat services.
231 HeatStackDomainAdminPassword:
232 description: Password for heat_domain_admin user.
235 HeatAuthEncryptionKey:
236 description: Auth encryption key for heat-engine
241 description: A list of IP/Hostname allowed to connect to horizon
242 type: comma_delimited_list
245 description: Number of workers for Heat service.
248 description: Secret key for Django
253 default: overcloud-control
255 - custom_constraint: glance.image
257 default: 'REBUILD_PRESERVE_EPHEMERAL'
258 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
260 InstanceNameTemplate:
261 default: 'instance-%08x'
262 description: Template string to be used to generate instance names
266 description: Name of an existing Nova key pair to enable SSH access to the instances
269 - custom_constraint: nova.keypair
270 KeystoneCACertificate:
272 description: Keystone self-signed certificate authority certificate.
274 KeystoneSigningCertificate:
276 description: Keystone certificate for verifying token validity.
280 description: Keystone key for signing tokens.
283 KeystoneSSLCertificate:
285 description: Keystone certificate for verifying token validity.
287 KeystoneSSLCertificateKey:
289 description: Keystone key for signing tokens.
292 KeystoneNotificationDriver:
293 description: Comma-separated list of Oslo notification drivers used by Keystone
294 default: ['messaging']
295 type: comma_delimited_list
296 KeystoneNotificationFormat:
297 description: The Keystone notification format
301 - allowed_values: [ 'basic', 'cadf' ]
305 description: Keystone region for endpoint
308 description: Whether to manage IPtables rules.
312 description: Whether IPtables rules should be purged before setting up the new ones.
316 description: Number of workers for Keystone service.
318 MysqlClusterUniquePart:
319 description: A unique identifier of the MySQL cluster the controller is in.
321 default: 'unset' # Has to be here because of the ignored empty value bug
322 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
324 # - length: {min: 4, max: 10}
325 MysqlInnodbBufferPoolSize:
327 Specifies the size of the buffer pool in megabytes. Setting to
328 zero should be interpreted as "no value" and will defer to the
333 description: Configures MySQL max_connections config setting
339 default: '' # Has to be here because of the ignored empty value bug
340 NeutronExternalNetworkBridge:
341 description: Name of bridge used for external network traffic.
344 NeutronBridgeMappings:
346 The OVS logical->physical bridge mappings to use. See the Neutron
347 documentation for details. Defaults to mapping br-ex - the external
348 bridge on hosts - to a physical name 'datacentre' which can be used
349 to create provider networks (and we use this for the default floating
350 network) - if changing this either use different post-install network
351 scripts or be sure to keep 'datacentre' as a mapping network name.
352 type: comma_delimited_list
353 default: "datacentre:br-ex"
354 NeutronDnsmasqOptions:
355 default: 'dhcp-option-force=26,1400'
356 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
358 NeutronEnableDHCPAgent:
359 description: Knob to enable/disable DHCP Agent
362 NeutronEnableL3Agent:
363 description: Knob to enable/disable L3 agent
366 NeutronEnableMetadataAgent:
367 description: Knob to enable/disable Metadata agent
370 NeutronEnableOVSAgent:
371 description: Knob to enable/disable OVS Agent
376 description: Agent mode for the neutron-l3-agent on the controller hosts
380 description: Whether to enable l3-agent HA
382 NeutronDhcpAgentsPerNetwork:
385 description: The number of neutron dhcp agents to schedule per network
388 description: Whether to configure Neutron Distributed Virtual Routers
390 NeutronMetadataProxySharedSecret:
391 description: Shared secret to prevent spoofing
397 The core plugin for Neutron. The value should be the entrypoint to be loaded
398 from neutron.core_plugins namespace.
400 NeutronServicePlugins:
401 default: "router,qos"
403 Comma-separated list of service plugin entrypoints to be loaded from the
404 neutron.service_plugins namespace.
405 type: comma_delimited_list
407 default: "vxlan,vlan,flat,gre"
409 Comma-separated list of network type driver entrypoints to be loaded.
410 type: comma_delimited_list
411 NeutronMechanismDrivers:
412 default: 'openvswitch'
414 The mechanism drivers for the Neutron tenant network.
415 type: comma_delimited_list
416 NeutronAllowL3AgentFailover:
418 description: Allow automatic l3-agent failover
420 NeutronEnableIsolatedMetadata:
422 description: If True, DHCP provide metadata route to VM.
424 NeutronEnableTunnelling:
430 Enable/disable the L2 population feature in the Neutron agents.
433 type: comma_delimited_list
434 default: 'datacentre'
435 description: If set, flat networks to configure in neutron plugins.
438 description: Whether to enable l3-agent HA
442 description: The tenant network type for Neutron.
443 type: comma_delimited_list
444 NeutronNetworkVLANRanges:
445 default: 'datacentre:1:1000'
447 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
448 Neutron documentation for permitted values. Defaults to permitting any
449 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
450 type: comma_delimited_list
452 description: The password for the neutron service and db account, used by neutron agents.
455 NeutronPublicInterface:
457 description: What interface to bridge onto br-ex for network nodes.
459 NeutronPublicInterfaceTag:
462 VLAN tag for creating a public VLAN. The tag will be used to
463 create an access port on the exterior bridge for each control plane node,
464 and that port will be given the IP address returned by neutron from the
465 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
466 overcloud.yaml to include the deployment of VLAN ports to the control
469 NeutronPublicInterfaceDefaultRoute:
471 description: A custom default route for the NeutronPublicInterface.
473 NeutronPublicInterfaceIP:
475 description: A custom IP address to put onto the NeutronPublicInterface.
477 NeutronPublicInterfaceRawDevice:
479 description: If set, the public interface is a vlan with this device as the raw device.
484 The tunnel types for the Neutron tenant network.
485 type: comma_delimited_list
486 NeutronTunnelIdRanges:
488 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
489 of GRE tunnel IDs that are available for tenant network allocation
490 default: ["1:1000", ]
491 type: comma_delimited_list
494 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
495 of VXLAN VNI IDs that are available for tenant network allocation
496 default: ["1:1000", ]
497 type: comma_delimited_list
498 NeutronPluginExtensions:
501 Comma-separated list of extensions enabled for the Neutron plugin.
502 type: comma_delimited_list
503 NeutronAgentExtensions:
506 Comma-separated list of extensions enabled for the Neutron agents.
507 type: comma_delimited_list
513 description: Number of workers for Neutron service.
518 Whether to create cron job for purging soft deleted rows in Nova database.
521 description: The password for the nova service and db account, used by nova-api.
526 description: Number of workers for Nova service.
530 description: Should MongoDb journaling be disabled
534 description: Comma-separated list of ntp servers
535 type: comma_delimited_list
538 description: The password for the 'pcsd' user.
540 PublicVirtualInterface:
543 Specifies the interface where the public-facing virtual ip will be assigned.
544 This should be int_public when a VLAN is being used.
548 default: '' # Has to be here because of the ignored empty value bug
551 default: '' # Has to be here because of the ignored empty value bug
555 description: The password for RabbitMQ
560 description: The username for RabbitMQ
565 Rabbit client subscriber parameter to specify
566 an SSL connection to the RabbitMQ host.
570 description: Set rabbit subscriber port, change this if using SSL
574 description: Configures RabbitMQ FD limit
578 default: '' # Has to be here because of the ignored empty value bug
579 SnmpdReadonlyUserName:
580 default: ro_snmp_user
581 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
583 SnmpdReadonlyUserPassword:
584 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
588 description: A random string to be used as a salt when hashing to determine mappings
594 description: Value of mount_check in Swift account/container/object -server.conf
599 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
602 description: Partition Power to use when building Swift rings
605 description: The password for the swift service account, used by the swift proxy
615 description: How many replicas to use in the swift rings.
618 description: Number of workers for Swift service.
620 VirtualIP: # DEPRECATED: use per service settings instead
622 default: '' # Has to be here because of the ignored empty value bug
629 GlanceRegistryVirtualIP:
635 KeystoneAdminApiVirtualIP:
638 KeystonePublicApiVirtualIP:
644 EnablePackageInstall:
646 description: Set to true to enable package installation via Puppet
650 description: Mapping of service_name -> network name. Typically set
651 via parameter_defaults in the resource registry.
655 description: Mapping of service endpoint -> protocol. Typically set
656 via parameter_defaults in the resource registry.
662 Setting to a previously unused value during stack-update will trigger
663 package update on all nodes
666 default: '' # Defaults to Heat created hostname
667 NetworkDeploymentActions:
668 type: comma_delimited_list
670 Heat action when to apply network configuration changes
675 SoftwareConfigTransport:
676 default: POLL_SERVER_CFN
678 How the server should receive the metadata required for software configuration.
681 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
686 The DNS domain used for the hosts. This should match the dhcp_domain
687 configured in the Undercloud neutron. Defaults to localdomain.
691 Extra properties or metadata passed to Nova for the created nodes in
692 the overcloud. It's accessible via the Nova metadata API.
696 description: Optional scheduler hints to pass to nova
702 type: OS::Nova::Server
704 image: {get_param: Image}
705 image_update_policy: {get_param: ImageUpdatePolicy}
706 flavor: {get_param: Flavor}
707 key_name: {get_param: KeyName}
710 user_data_format: SOFTWARE_CONFIG
711 user_data: {get_resource: UserData}
712 name: {get_param: Hostname}
713 software_config_transport: {get_param: SoftwareConfigTransport}
714 metadata: {get_param: ServerMetadata}
715 scheduler_hints: {get_param: SchedulerHints}
717 # Combine the NodeAdminUserData and NodeUserData mime archives
719 type: OS::Heat::MultipartMime
722 - config: {get_resource: NodeAdminUserData}
724 - config: {get_resource: NodeUserData}
727 # Creates the "heat-admin" user if configured via the environment
728 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
730 type: OS::TripleO::NodeAdminUserData
732 # For optional operator additional userdata
733 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
735 type: OS::TripleO::NodeUserData
738 type: OS::TripleO::Controller::Ports::ExternalPort
740 IPPool: {get_param: ControllerIPs}
741 NodeIndex: {get_param: NodeIndex}
742 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
745 type: OS::TripleO::Controller::Ports::InternalApiPort
747 IPPool: {get_param: ControllerIPs}
748 NodeIndex: {get_param: NodeIndex}
749 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
752 type: OS::TripleO::Controller::Ports::StoragePort
754 IPPool: {get_param: ControllerIPs}
755 NodeIndex: {get_param: NodeIndex}
756 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
759 type: OS::TripleO::Controller::Ports::StorageMgmtPort
761 IPPool: {get_param: ControllerIPs}
762 NodeIndex: {get_param: NodeIndex}
763 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
766 type: OS::TripleO::Controller::Ports::TenantPort
768 IPPool: {get_param: ControllerIPs}
769 NodeIndex: {get_param: NodeIndex}
770 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
773 type: OS::TripleO::Controller::Ports::ManagementPort
775 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
778 type: OS::TripleO::Network::Ports::NetIpMap
780 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
781 ExternalIp: {get_attr: [ExternalPort, ip_address]}
782 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
783 StorageIp: {get_attr: [StoragePort, ip_address]}
784 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
785 TenantIp: {get_attr: [TenantPort, ip_address]}
786 ManagementIp: {get_attr: [ManagementPort, ip_address]}
789 type: OS::TripleO::Network::Ports::NetIpSubnetMap
791 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
792 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
793 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
794 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
795 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
796 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
797 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
800 type: OS::TripleO::Controller::Net::SoftwareConfig
802 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
803 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
804 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
805 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
806 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
807 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
808 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
811 type: OS::TripleO::SoftwareDeployment
813 config: {get_resource: NetworkConfig}
814 server: {get_resource: Controller}
815 actions: {get_param: NetworkDeploymentActions}
818 interface_name: {get_param: NeutronPublicInterface}
820 # Resource for site-specific injection of root certificate
822 depends_on: NetworkDeployment
823 type: OS::TripleO::NodeTLSCAData
825 server: {get_resource: Controller}
827 # Resource for site-specific passing of private keys/certificates
829 depends_on: NodeTLSCAData
830 type: OS::TripleO::NodeTLSData
832 server: {get_resource: Controller}
833 NodeIndex: {get_param: NodeIndex}
835 ControllerDeployment:
836 type: OS::TripleO::SoftwareDeployment
837 depends_on: NetworkDeployment
839 config: {get_resource: ControllerConfig}
840 server: {get_resource: Controller}
842 bootstack_nodeid: {get_attr: [Controller, name]}
843 ceilometer_workers: {get_param: CeilometerWorkers}
844 cinder_workers: {get_param: CinderWorkers}
845 glance_workers: {get_param: GlanceWorkers}
846 heat_workers: {get_param: HeatWorkers}
847 keystone_workers: {get_param: KeystoneWorkers}
848 nova_workers: {get_param: NovaWorkers}
849 neutron_workers: {get_param: NeutronWorkers}
850 swift_workers: {get_param: SwiftWorkers}
851 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
852 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
853 neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
854 haproxy_log_address: {get_param: HAProxySyslogAddress}
855 heat.watch_server_url:
859 - {get_param: HeatApiVirtualIP}
861 heat.metadata_server_url:
865 - {get_param: HeatApiVirtualIP}
867 heat.waitcondition_server_url:
871 - {get_param: HeatApiVirtualIP}
872 - ':8000/v1/waitcondition'
873 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
874 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
875 horizon_secret: {get_param: HorizonSecret}
876 admin_email: {get_param: AdminEmail}
877 admin_password: {get_param: AdminPassword}
878 admin_token: {get_param: AdminToken}
879 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
880 debug: {get_param: Debug}
881 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
882 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
883 cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
888 SERVERS: {get_param: CinderNfsServers}
889 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
890 cinder_password: {get_param: CinderPassword}
891 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
892 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
893 cinder_backend_config: {get_param: CinderBackendConfig}
897 - - 'mysql://cinder:'
898 - {get_param: CinderPassword}
900 - {get_param: MysqlVirtualIP}
902 glance_port: {get_param: [EndpointMap, GlanceInternal, port]}
903 glance_password: {get_param: GlancePassword}
904 glance_backend: {get_param: GlanceBackend}
905 glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice}
906 glance_file_pcmk_fstype: {get_param: GlanceFilePcmkFstype}
907 glance_file_pcmk_manage: {get_param: GlanceFilePcmkManage}
908 glance_file_pcmk_options: {get_param: GlanceFilePcmkOptions}
909 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
910 glance_log_file: {get_param: GlanceLogFile}
914 - - 'mysql://glance:'
915 - {get_param: GlancePassword}
917 - {get_param: MysqlVirtualIP}
919 heat_password: {get_param: HeatPassword}
920 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
925 - {get_param: HeatPassword}
927 - {get_param: MysqlVirtualIP}
929 keystone_ca_certificate: {get_param: KeystoneCACertificate}
930 keystone_signing_key: {get_param: KeystoneSigningKey}
931 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
932 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
933 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
934 keystone_notification_driver: {get_param: KeystoneNotificationDriver}
935 keystone_notification_format: {get_param: KeystoneNotificationFormat}
939 - - 'mysql://keystone:'
940 - {get_param: AdminToken}
942 - {get_param: MysqlVirtualIP}
944 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
945 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
946 keystone_public_url: { get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
947 keystone_internal_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
948 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
949 enable_fencing: {get_param: EnableFencing}
950 enable_galera: {get_param: EnableGalera}
951 enable_load_balancer: {get_param: EnableLoadBalancer}
952 enable_ceph_storage: {get_param: EnableCephStorage}
953 enable_swift_storage: {get_param: EnableSwiftStorage}
954 manage_firewall: {get_param: ManageFirewall}
955 purge_firewall_rules: {get_param: PurgeFirewallRules}
956 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
957 mysql_max_connections: {get_param: MysqlMaxConnections}
958 mysql_root_password: {get_param: MysqlRootPassword}
961 template: tripleo-CLUSTER
963 CLUSTER: {get_param: MysqlClusterUniquePart}
964 neutron_flat_networks:
968 NETWORKS: {get_param: NeutronFlatNetworks}
969 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
970 neutron_agent_mode: {get_param: NeutronAgentMode}
971 neutron_router_distributed: {get_param: NeutronDVR}
972 neutron_core_plugin: {get_param: NeutronCorePlugin}
973 neutron_service_plugins:
977 PLUGINS: {get_param: NeutronServicePlugins}
978 neutron_type_drivers:
982 DRIVERS: {get_param: NeutronTypeDrivers}
983 neutron_enable_dhcp_agent: {get_param: NeutronEnableDHCPAgent}
984 neutron_enable_l3_agent: {get_param: NeutronEnableL3Agent}
985 neutron_enable_metadata_agent: {get_param: NeutronEnableMetadataAgent}
986 neutron_enable_ovs_agent: {get_param: NeutronEnableOVSAgent}
987 neutron_mechanism_drivers:
991 MECHANISMS: {get_param: NeutronMechanismDrivers}
992 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
993 neutron_l3_ha: {get_param: NeutronL3HA}
994 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
995 neutron_network_vlan_ranges:
999 RANGES: {get_param: NeutronNetworkVLANRanges}
1000 neutron_bridge_mappings:
1004 MAPPINGS: {get_param: NeutronBridgeMappings}
1005 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
1006 neutron_public_interface: {get_param: NeutronPublicInterface}
1007 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
1008 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
1009 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
1010 neutron_tunnel_id_ranges:
1014 RANGES: {get_param: NeutronTunnelIdRanges}
1019 RANGES: {get_param: NeutronVniRanges}
1020 neutron_tenant_network_types:
1024 TYPES: {get_param: NeutronNetworkType}
1025 neutron_tunnel_types:
1029 TYPES: {get_param: NeutronTunnelTypes}
1030 neutron_plugin_extensions:
1032 template: PLUGIN_EXTENSIONS
1034 PLUGIN_EXTENSIONS: {get_param: NeutronPluginExtensions}
1035 neutron_agent_extensions:
1037 template: AGENT_EXTENSIONS
1039 AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
1040 neutron_password: {get_param: NeutronPassword}
1041 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
1045 - - 'mysql://neutron:'
1046 - {get_param: NeutronPassword}
1048 - {get_param: MysqlVirtualIP}
1049 - '/ovs_neutron?charset=utf8'
1050 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
1051 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
1052 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
1053 neutron_admin_auth_url: { get_param: [ EndpointMap, KeystoneAdmin, uri ] }
1054 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
1055 ceilometer_backend: {get_param: CeilometerBackend}
1056 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
1057 ceilometer_password: {get_param: CeilometerPassword}
1058 ceilometer_coordination_url:
1062 - {get_param: RedisVirtualIP}
1067 - - 'mysql://ceilometer:'
1068 - {get_param: CeilometerPassword}
1070 - {get_param: MysqlVirtualIP}
1072 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
1073 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
1074 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
1075 nova_password: {get_param: NovaPassword}
1080 - {get_param: NovaPassword}
1082 - {get_param: MysqlVirtualIP}
1084 instance_name_template: {get_param: InstanceNameTemplate}
1085 fencing_config: {get_param: FencingConfig}
1086 pcsd_password: {get_param: PcsdPassword}
1087 rabbit_username: {get_param: RabbitUserName}
1088 rabbit_password: {get_param: RabbitPassword}
1089 rabbit_cookie: {get_param: RabbitCookie}
1090 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
1091 rabbit_client_port: {get_param: RabbitClientPort}
1092 mongodb_no_journal: {get_param: MongoDbNoJournal}
1093 # We need to force this into quotes or hiera will return integer causing
1094 # the puppet module validation regexp to fail.
1095 # Remove when: https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/401
1100 LIMIT: {get_param: RabbitFDLimit}
1101 ntp_servers: {get_param: NtpServer}
1102 control_virtual_interface: {get_param: ControlVirtualInterface}
1103 public_virtual_interface: {get_param: PublicVirtualInterface}
1104 swift_hash_suffix: {get_param: SwiftHashSuffix}
1105 swift_password: {get_param: SwiftPassword}
1106 swift_part_power: {get_param: SwiftPartPower}
1107 swift_replicas: {get_param: SwiftReplicas}
1108 swift_min_part_hours: {get_param: SwiftMinPartHours}
1109 swift_mount_check: {get_param: SwiftMountCheck}
1110 enable_package_install: {get_param: EnablePackageInstall}
1111 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
1112 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
1113 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1114 cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
1115 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
1116 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
1117 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
1118 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
1119 glance_registry_host: {get_param: GlanceRegistryVirtualIP}
1120 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
1121 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
1122 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
1123 keystone_region: {get_param: KeystoneRegion}
1124 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
1125 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
1126 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
1127 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
1128 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
1129 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
1130 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
1131 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
1132 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
1133 redis_vip: {get_param: RedisVirtualIP}
1134 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1135 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
1136 mysql_virtual_ip: {get_param: MysqlVirtualIP}
1137 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
1138 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1139 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1141 # Map heat metadata into hiera datafiles
1143 type: OS::Heat::StructuredConfig
1145 group: os-apply-config
1150 - heat_config_%{::deploy_config_name}
1151 - controller_extraconfig
1156 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
1157 - ceph_cluster # provided by CephClusterConfig
1159 - bootstrap_node # provided by BootstrapNodeConfig
1160 - all_nodes # provided by allNodesConfig
1161 - vip_data # provided by vip-config
1164 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
1165 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
1166 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
1167 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
1168 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
1169 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
1170 - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
1171 - midonet_data #Optionally provided by AllNodesExtraConfig
1173 controller_extraconfig:
1174 mapped_data: {get_param: ControllerExtraConfig}
1176 mapped_data: {get_param: ExtraConfig}
1178 raw_data: {get_file: hieradata/common.yaml}
1180 raw_data: {get_file: hieradata/ceph.yaml}
1182 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
1183 ceph::profile::params::public_network: {get_input: ceph_public_network}
1184 ceph::mon::public_addr: {get_input: ceph_public_ip}
1186 raw_data: {get_file: hieradata/database.yaml}
1188 raw_data: {get_file: hieradata/object.yaml}
1190 raw_data: {get_file: hieradata/controller.yaml}
1191 mapped_data: # data supplied directly to this deployment configuration, etc
1192 bootstack_nodeid: {get_input: bootstack_nodeid}
1195 enable_fencing: {get_input: enable_fencing}
1196 enable_load_balancer: {get_input: enable_load_balancer}
1197 hacluster_pwd: {get_input: pcsd_password}
1198 tripleo::fencing::config: {get_input: fencing_config}
1201 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
1202 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
1203 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
1204 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
1205 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
1206 swift::proxy::authtoken::admin_password: {get_input: swift_password}
1207 swift::proxy::workers: {get_input: swift_workers}
1208 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
1209 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
1210 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
1211 swift_mount_check: {get_input: swift_mount_check}
1213 # NOTE(dprince): build_ring support is currently not wired in.
1214 # See: https://review.openstack.org/#/c/109225/
1215 tripleo::ringbuilder::build_ring: True
1218 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
1219 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
1220 cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
1221 cinder_nfs_servers: {get_input: cinder_nfs_servers}
1222 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
1223 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
1224 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
1225 cinder::database_connection: {get_input: cinder_dsn}
1226 cinder::api::keystone_password: {get_input: cinder_password}
1227 cinder::api::auth_uri: {get_input: keystone_auth_uri}
1228 cinder::api::identity_uri: {get_input: keystone_identity_uri}
1229 cinder::api::bind_host: {get_input: cinder_api_network}
1230 cinder::rabbit_userid: {get_input: rabbit_username}
1231 cinder::rabbit_password: {get_input: rabbit_password}
1232 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1233 cinder::rabbit_port: {get_input: rabbit_client_port}
1234 cinder::debug: {get_input: debug}
1235 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
1236 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
1237 cinder_backend_config: {get_input: CinderBackendConfig}
1238 cinder::db::mysql::password: {get_input: cinder_password}
1241 glance::api::bind_port: {get_input: glance_port}
1242 glance::api::bind_host: {get_input: glance_api_network}
1243 glance::api::auth_uri: {get_input: keystone_auth_uri}
1244 glance::api::identity_uri: {get_input: keystone_identity_uri}
1245 glance::api::registry_host: {get_input: glance_registry_host}
1246 glance::api::keystone_password: {get_input: glance_password}
1247 glance::api::debug: {get_input: debug}
1248 glance::api::workers: {get_input: glance_workers}
1249 glance_notifier_strategy: {get_input: glance_notifier_strategy}
1250 glance_log_file: {get_input: glance_log_file}
1251 glance_log_file: {get_input: glance_log_file}
1252 glance::api::database_connection: {get_input: glance_dsn}
1253 glance::registry::keystone_password: {get_input: glance_password}
1254 glance::registry::database_connection: {get_input: glance_dsn}
1255 glance::registry::bind_host: {get_input: glance_registry_network}
1256 glance::registry::auth_uri: {get_input: keystone_auth_uri}
1257 glance::registry::identity_uri: {get_input: keystone_identity_uri}
1258 glance::registry::debug: {get_input: debug}
1259 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_uri}
1260 glance::registry::workers: {get_input: glance_workers}
1261 glance::backend::swift::swift_store_user: service:glance
1262 glance::backend::swift::swift_store_key: {get_input: glance_password}
1263 glance_backend: {get_input: glance_backend}
1264 glance::db::mysql::password: {get_input: glance_password}
1265 glance_file_pcmk_device: {get_input: glance_file_pcmk_device}
1266 glance_file_pcmk_fstype: {get_input: glance_file_pcmk_fstype}
1267 glance_file_pcmk_manage: {get_input: glance_file_pcmk_manage}
1268 glance_file_pcmk_options: {get_input: glance_file_pcmk_options}
1271 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
1272 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
1273 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
1274 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
1275 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
1276 heat::rabbit_userid: {get_input: rabbit_username}
1277 heat::rabbit_password: {get_input: rabbit_password}
1278 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1279 heat::rabbit_port: {get_input: rabbit_client_port}
1280 heat::auth_uri: {get_input: keystone_auth_uri}
1281 heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
1282 heat::identity_uri: {get_input: keystone_identity_uri}
1283 heat::keystone_password: {get_input: heat_password}
1284 heat::api::bind_host: {get_input: heat_api_network}
1285 heat::api::workers: {get_input: heat_workers}
1286 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
1287 heat::api_cloudwatch::workers: {get_input: heat_workers}
1288 heat::api_cfn::bind_host: {get_input: heat_api_network}
1289 heat::api_cfn::workers: {get_input: heat_workers}
1290 heat::database_connection: {get_input: heat_dsn}
1291 heat::debug: {get_input: debug}
1292 heat::db::mysql::password: {get_input: heat_password}
1295 keystone::admin_token: {get_input: admin_token}
1296 keystone_ca_certificate: {get_input: keystone_ca_certificate}
1297 keystone_signing_key: {get_input: keystone_signing_key}
1298 keystone_signing_certificate: {get_input: keystone_signing_certificate}
1299 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
1300 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
1301 keystone::database_connection: {get_input: keystone_dsn}
1302 keystone::public_bind_host: {get_input: keystone_public_api_network}
1303 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
1304 keystone::debug: {get_input: debug}
1305 keystone::db::mysql::password: {get_input: admin_token}
1306 keystone::rabbit_userid: {get_input: rabbit_username}
1307 keystone::rabbit_password: {get_input: rabbit_password}
1308 keystone::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1309 keystone::rabbit_port: {get_input: rabbit_client_port}
1310 keystone::notification_driver: {get_input: keystone_notification_driver}
1311 keystone::notification_format: {get_input: keystone_notification_format}
1312 keystone::roles::admin::email: {get_input: admin_email}
1313 keystone::roles::admin::password: {get_input: admin_password}
1314 keystone::endpoint::public_url: {get_input: keystone_public_url}
1315 keystone::endpoint::internal_url: {get_input: keystone_internal_url}
1316 keystone::endpoint::admin_url: {get_input: keystone_identity_uri}
1317 keystone::endpoint::region: {get_input: keystone_region}
1318 keystone::admin_workers: {get_input: keystone_workers}
1319 keystone::public_workers: {get_input: keystone_workers}
1322 mongodb::server::bind_ip: {get_input: mongo_db_network}
1323 mongodb::server::nojournal: {get_input: mongodb_no_journal}
1325 admin_password: {get_input: admin_password}
1326 enable_galera: {get_input: enable_galera}
1327 enable_ceph_storage: {get_input: enable_ceph_storage}
1328 enable_swift_storage: {get_input: enable_swift_storage}
1329 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
1330 mysql_max_connections: {get_input: mysql_max_connections}
1331 mysql::server::root_password: {get_input: mysql_root_password}
1332 mysql_cluster_name: {get_input: mysql_cluster_name}
1333 mysql_bind_host: {get_input: mysql_network}
1334 mysql_virtual_ip: {get_input: mysql_virtual_ip}
1337 neutron::bind_host: {get_input: neutron_api_network}
1338 neutron::rabbit_password: {get_input: rabbit_password}
1339 neutron::rabbit_user: {get_input: rabbit_username}
1340 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1341 neutron::rabbit_port: {get_input: rabbit_client_port}
1342 neutron::debug: {get_input: debug}
1343 neutron::server::auth_uri: {get_input: keystone_auth_uri}
1344 neutron::server::identity_uri: {get_input: keystone_identity_uri}
1345 neutron::server::database_connection: {get_input: neutron_dsn}
1346 neutron::server::api_workers: {get_input: neutron_workers}
1347 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
1348 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
1349 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
1350 neutron::agents::dhcp::enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata}
1351 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
1352 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
1353 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1354 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
1355 neutron::agents::metadata::metadata_workers: {get_input: neutron_workers}
1356 neutron_agent_mode: {get_input: neutron_agent_mode}
1357 neutron_router_distributed: {get_input: neutron_router_distributed}
1358 neutron::core_plugin: {get_input: neutron_core_plugin}
1359 neutron::service_plugins: {get_input: neutron_service_plugins}
1360 neutron::enable_dhcp_agent: {get_input: neutron_enable_dhcp_agent}
1361 neutron::enable_l3_agent: {get_input: neutron_enable_l3_agent}
1362 neutron::enable_metadata_agent: {get_input: neutron_enable_metadata_agent}
1363 neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent}
1364 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
1365 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
1366 neutron::plugins::ml2::extension_drivers: {get_input: neutron_plugin_extensions}
1367 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
1368 neutron::server::l3_ha: {get_input: neutron_l3_ha}
1369 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
1370 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
1371 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
1372 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
1373 neutron::agents::ml2::ovs:bridge_mappings: {get_input: neutron_bridge_mappings}
1374 neutron_public_interface: {get_input: neutron_public_interface}
1375 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
1376 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
1377 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
1378 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
1379 neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types}
1380 neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions}
1381 neutron::server::auth_password: {get_input: neutron_password}
1382 neutron::agents::metadata::auth_password: {get_input: neutron_password}
1383 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
1384 neutron_dsn: {get_input: neutron_dsn}
1385 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1386 neutron::db::mysql::password: {get_input: neutron_password}
1387 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
1388 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
1389 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
1390 neutron::keystone::auth::password: {get_input: neutron_password }
1391 neutron::keystone::auth::region: {get_input: keystone_region}
1392 neutron::server::notifications::nova_url: {get_input: nova_internal_url}
1393 neutron::server::notifications::auth_url: {get_input: neutron_admin_auth_url}
1394 neutron::server::notifications::tenant_name: 'service'
1395 neutron::server::notifications::password: {get_input: nova_password}
1398 ceilometer_backend: {get_input: ceilometer_backend}
1399 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1400 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1401 ceilometer::rabbit_userid: {get_input: rabbit_username}
1402 ceilometer::rabbit_password: {get_input: rabbit_password}
1403 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1404 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1405 ceilometer::debug: {get_input: debug}
1406 ceilometer::api::host: {get_input: ceilometer_api_network}
1407 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1408 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1409 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1410 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1411 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
1412 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1413 ceilometer::db::mysql::password: {get_input: ceilometer_password}
1414 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1415 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1418 nova::rabbit_userid: {get_input: rabbit_username}
1419 nova::rabbit_password: {get_input: rabbit_password}
1420 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1421 nova::rabbit_port: {get_input: rabbit_client_port}
1422 nova::debug: {get_input: debug}
1423 nova::api::auth_uri: {get_input: keystone_auth_uri}
1424 nova::api::identity_uri: {get_input: keystone_identity_uri}
1425 nova::api::api_bind_address: {get_input: nova_api_network}
1426 nova::api::metadata_listen: {get_input: nova_metadata_network}
1427 nova::api::admin_password: {get_input: nova_password}
1428 nova::api::osapi_compute_workers: {get_input: nova_workers}
1429 nova::api::ec2_workers: {get_input: nova_workers}
1430 nova::api::metadata_workers: {get_input: nova_workers}
1431 nova::database_connection: {get_input: nova_dsn}
1432 nova::glance_api_servers: {get_input: glance_api_servers}
1433 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1434 nova::api::instance_name_template: {get_input: instance_name_template}
1435 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
1436 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1437 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
1438 nova::vncproxy::host: {get_input: nova_api_network}
1439 nova::db::mysql::password: {get_input: nova_password}
1440 nova_enable_db_purge: {get_input: nova_enable_db_purge}
1443 apache::ip: {get_input: horizon_network}
1444 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1445 horizon::django_debug: {get_input: debug}
1446 horizon::secret_key: {get_input: horizon_secret}
1447 horizon::bind_address: {get_input: horizon_network}
1448 horizon::keystone_url: {get_input: keystone_auth_uri}
1451 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1452 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1453 rabbitmq::file_limit: {get_input: rabbit_fd_limit}
1454 rabbitmq::default_user: {get_input: rabbit_username}
1455 rabbitmq::default_pass: {get_input: rabbit_password}
1457 redis::bind: {get_input: redis_network}
1458 redis_vip: {get_input: redis_vip}
1460 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1461 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1463 memcached::listen_ip: {get_input: memcached_network}
1464 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1465 ntp::servers: {get_input: ntp_servers}
1466 control_virtual_interface: {get_input: control_virtual_interface}
1467 public_virtual_interface: {get_input: public_virtual_interface}
1468 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1469 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1470 tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address}
1471 tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1472 tripleo::packages::enable_install: {get_input: enable_package_install}
1473 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1475 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1476 ControllerExtraConfigPre:
1477 depends_on: ControllerDeployment
1478 type: OS::TripleO::ControllerExtraConfigPre
1480 server: {get_resource: Controller}
1482 # Hook for site-specific additional pre-deployment config,
1483 # applying to all nodes, e.g node registration/unregistration
1485 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1486 type: OS::TripleO::NodeExtraConfig
1488 server: {get_resource: Controller}
1491 type: OS::TripleO::Tasks::PackageUpdate
1494 type: OS::Heat::SoftwareDeployment
1496 config: {get_resource: UpdateConfig}
1497 server: {get_resource: Controller}
1500 get_param: UpdateIdentifier
1504 description: IP address of the server in the ctlplane network
1505 value: {get_attr: [Controller, networks, ctlplane, 0]}
1506 external_ip_address:
1507 description: IP address of the server in the external network
1508 value: {get_attr: [ExternalPort, ip_address]}
1509 internal_api_ip_address:
1510 description: IP address of the server in the internal_api network
1511 value: {get_attr: [InternalApiPort, ip_address]}
1513 description: IP address of the server in the storage network
1514 value: {get_attr: [StoragePort, ip_address]}
1515 storage_mgmt_ip_address:
1516 description: IP address of the server in the storage_mgmt network
1517 value: {get_attr: [StorageMgmtPort, ip_address]}
1519 description: IP address of the server in the tenant network
1520 value: {get_attr: [TenantPort, ip_address]}
1521 management_ip_address:
1522 description: IP address of the server in the management network
1523 value: {get_attr: [ManagementPort, ip_address]}
1525 description: Hostname of the server
1526 value: {get_attr: [Controller, name]}
1529 Node object in the format {ip: ..., name: ...} format that the corosync
1532 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1533 name: {get_attr: [Controller, name]}
1536 Server's IP address and hostname in the /etc/hosts format
1539 template: IP HOST.DOMAIN HOST CLOUDNAME
1541 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1542 DOMAIN: {get_param: CloudDomain}
1543 HOST: {get_attr: [Controller, name]}
1544 CLOUDNAME: {get_param: CloudName}
1545 nova_server_resource:
1546 description: Heat resource handle for the Nova compute server
1548 {get_resource: Controller}
1550 description: Swift device formatted for swift-ring-builder
1553 template: 'r1z1-IP:%PORT%/d1'
1555 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1556 swift_proxy_memcache:
1557 description: Swift proxy-memcache value
1560 template: "IP:11211"
1562 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1564 description: identifier which changes if the controller configuration may need re-applying
1568 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1569 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1570 - {get_attr: [NodeTLSData, deploy_stdout]}
1571 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1572 - {get_param: UpdateIdentifier}
1573 tls_key_modulus_md5:
1574 description: MD5 checksum of the TLS Key Modulus
1575 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1576 tls_cert_modulus_md5:
1577 description: MD5 checksum of the TLS Certificate Modulus
1578 value: {get_attr: [NodeTLSData, cert_modulus_md5]}