1 heat_template_version: 2015-10-15
4 OpenStack controller node configured by Puppet.
8 default: 'admin@example.com'
9 description: The email for the keystone admin account.
14 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
19 description: The keystone auth secret and db password.
22 CeilometerApiVirtualIP:
27 description: The ceilometer backend type.
29 CeilometerMeteringSecret:
31 description: Secret shared by the ceilometer services.
36 description: The password for the ceilometer service and db account.
42 CinderEnableNfsBackend:
44 description: Whether to enable or not the NFS backend for Cinder
46 CinderEnableIscsiBackend:
48 description: Whether to enable or not the Iscsi backend for Cinder
50 CinderEnableRbdBackend:
52 description: Whether to enable or not the Rbd backend for Cinder
56 description: The iSCSI helper to use with cinder.
58 CinderLVMLoopDeviceSize:
60 description: The size of the loopback file used by the cinder LVM driver.
62 CinderNfsMountOptions:
65 Mount options for NFS mounts used by Cinder NFS backend. Effective
66 when CinderEnableNfsBackend is true.
71 NFS servers used by Cinder NFS backend. Effective when
72 CinderEnableNfsBackend is true.
73 type: comma_delimited_list
76 description: The password for the cinder service and db account, used by cinder-api.
81 description: Contains parameters to configure Cinder backends. Typically
82 set via parameter_defaults in the resource registry.
86 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
88 ControllerExtraConfig:
91 Controller specific hiera configuration data to inject into the cluster.
93 ControlVirtualInterface:
95 description: Interface where virtual ip will be assigned.
99 description: Set to True to enable debugging on all services.
103 description: Whether to enable fencing in Pacemaker or not.
107 description: Whether to use Galera instead of regular MariaDB.
111 description: Whether to deploy a LoadBalancer on the Controller
115 description: Whether to deploy Ceph Storage (OSD) on the Controller
119 description: Whether to enable Swift Storage on the Controller
124 Additional hieradata to inject into the cluster, note that
125 ControllerExtraConfig takes precedence over ExtraConfig.
130 Pacemaker fencing configuration. The JSON should have
131 the following structure:
135 "agent": "AGENT_NAME",
136 "host_mac": "HOST_MAC_ADDRESS",
137 "params": {"PARAM_NAME": "PARAM_VALUE"}
145 "agent": "fence_xvm",
146 "host_mac": "52:54:00:aa:bb:cc",
148 "multicast_address": "225.0.0.12",
149 "port": "baremetal_0",
151 "manage_key_file": true,
152 "key_file": "/etc/fence_xvm.key",
153 "key_file_password": "abcdef"
160 description: Flavor for control nodes to request when deploying.
163 - custom_constraint: nova.flavor
164 GlanceNotifierStrategy:
165 description: Strategy to use for Glance notification queue
169 description: The filepath of the file to use for logging messages from Glance.
174 description: The password for the glance service and db account, used by the glance services.
179 description: The short name of the Glance backend to use. Should be one
180 of swift, rbd, or file
183 - allowed_values: ['swift', 'file', 'rbd']
184 GlanceFilePcmkDevice:
187 An exported storage device that should be mounted by Pacemaker
188 as Glance storage. Effective when GlanceFilePcmkManage is true.
190 GlanceFilePcmkFstype:
193 Filesystem type for Pacemaker mount used as Glance storage.
194 Effective when GlanceFilePcmkManage is true.
196 GlanceFilePcmkManage:
199 Whether to make Glance file backend a mount managed by Pacemaker.
200 Effective when GlanceBackend is 'file'.
202 GlanceFilePcmkOptions:
205 Mount options for Pacemaker mount used as Glance storage.
206 Effective when GlanceFilePcmkManage is true.
208 HAProxySyslogAddress:
210 description: Syslog address where HAproxy will send its log
214 description: The password for the Heat service and db account, used by the Heat services.
217 HeatStackDomainAdminPassword:
218 description: Password for heat_domain_admin user.
222 HeatAuthEncryptionKey:
223 description: Auth encryption key for heat-engine
228 description: A list of IP/Hostname allowed to connect to horizon
229 type: comma_delimited_list
231 description: Secret key for Django
236 default: overcloud-control
238 - custom_constraint: glance.image
240 default: 'REBUILD_PRESERVE_EPHEMERAL'
241 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
243 InstanceNameTemplate:
244 default: 'instance-%08x'
245 description: Template string to be used to generate instance names
249 description: Name of an existing Nova key pair to enable SSH access to the instances
252 - custom_constraint: nova.keypair
253 KeystoneCACertificate:
255 description: Keystone self-signed certificate authority certificate.
257 KeystoneSigningCertificate:
259 description: Keystone certificate for verifying token validity.
263 description: Keystone key for signing tokens.
266 KeystoneSSLCertificate:
268 description: Keystone certificate for verifying token validity.
270 KeystoneSSLCertificateKey:
272 description: Keystone key for signing tokens.
275 KeystoneNotificationDriver:
276 description: Comma-separated list of Oslo notification drivers used by Keystone
277 default: ['messaging']
278 type: comma_delimited_list
279 KeystoneNotificationFormat:
280 description: The Keystone notification format
284 - allowed_values: [ 'basic', 'cadf' ]
288 description: Keystone region for endpoint
291 description: Whether to manage IPtables rules.
295 description: Whether IPtables rules should be purged before setting up the new ones.
297 MysqlClusterUniquePart:
298 description: A unique identifier of the MySQL cluster the controller is in.
300 default: 'unset' # Has to be here because of the ignored empty value bug
301 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
303 # - length: {min: 4, max: 10}
304 MysqlInnodbBufferPoolSize:
306 Specifies the size of the buffer pool in megabytes. Setting to
307 zero should be interpreted as "no value" and will defer to the
312 description: Configures MySQL max_connections config setting
318 default: '' # Has to be here because of the ignored empty value bug
319 NeutronExternalNetworkBridge:
320 description: Name of bridge used for external network traffic.
323 NeutronBridgeMappings:
325 The OVS logical->physical bridge mappings to use. See the Neutron
326 documentation for details. Defaults to mapping br-ex - the external
327 bridge on hosts - to a physical name 'datacentre' which can be used
328 to create provider networks (and we use this for the default floating
329 network) - if changing this either use different post-install network
330 scripts or be sure to keep 'datacentre' as a mapping network name.
331 type: comma_delimited_list
332 default: "datacentre:br-ex"
333 NeutronDnsmasqOptions:
334 default: 'dhcp-option-force=26,1400'
335 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
337 NeutronEnableDHCPAgent:
338 description: Knob to enable/disable DHCP Agent
341 NeutronEnableL3Agent:
342 description: Knob to enable/disable L3 agent
345 NeutronEnableMetadataAgent:
346 description: Knob to enable/disable Metadata agent
349 NeutronEnableOVSAgent:
350 description: Knob to enable/disable OVS Agent
355 description: Agent mode for the neutron-l3-agent on the controller hosts
359 description: Whether to enable l3-agent HA
361 NeutronDhcpAgentsPerNetwork:
364 description: The number of neutron dhcp agents to schedule per network
367 description: Whether to configure Neutron Distributed Virtual Routers
369 NeutronMetadataProxySharedSecret:
371 description: Shared secret to prevent spoofing
377 The core plugin for Neutron. The value should be the entrypoint to be loaded
378 from neutron.core_plugins namespace.
380 NeutronServicePlugins:
383 Comma-separated list of service plugin entrypoints to be loaded from the
384 neutron.service_plugins namespace.
385 type: comma_delimited_list
387 default: "vxlan,vlan,flat,gre"
389 Comma-separated list of network type driver entrypoints to be loaded.
390 type: comma_delimited_list
391 NeutronMechanismDrivers:
392 default: 'openvswitch'
394 The mechanism drivers for the Neutron tenant network.
395 type: comma_delimited_list
396 NeutronAllowL3AgentFailover:
398 description: Allow automatic l3-agent failover
400 NeutronEnableIsolatedMetadata:
402 description: If True, DHCP provide metadata route to VM.
404 NeutronEnableTunnelling:
410 Enable/disable the L2 population feature in the Neutron agents.
413 type: comma_delimited_list
414 default: 'datacentre'
415 description: If set, flat networks to configure in neutron plugins.
418 description: Whether to enable l3-agent HA
422 description: The tenant network type for Neutron.
423 type: comma_delimited_list
424 NeutronNetworkVLANRanges:
425 default: 'datacentre:1:1000'
427 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
428 Neutron documentation for permitted values. Defaults to permitting any
429 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
430 type: comma_delimited_list
433 description: The password for the neutron service and db account, used by neutron agents.
436 NeutronPublicInterface:
438 description: What interface to bridge onto br-ex for network nodes.
440 NeutronPublicInterfaceTag:
443 VLAN tag for creating a public VLAN. The tag will be used to
444 create an access port on the exterior bridge for each control plane node,
445 and that port will be given the IP address returned by neutron from the
446 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
447 overcloud.yaml to include the deployment of VLAN ports to the control
450 NeutronPublicInterfaceDefaultRoute:
452 description: A custom default route for the NeutronPublicInterface.
454 NeutronPublicInterfaceIP:
456 description: A custom IP address to put onto the NeutronPublicInterface.
458 NeutronPublicInterfaceRawDevice:
460 description: If set, the public interface is a vlan with this device as the raw device.
465 The tunnel types for the Neutron tenant network.
466 type: comma_delimited_list
467 NeutronTunnelIdRanges:
469 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
470 of GRE tunnel IDs that are available for tenant network allocation
471 default: ["1:1000", ]
472 type: comma_delimited_list
475 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
476 of VXLAN VNI IDs that are available for tenant network allocation
477 default: ["1:1000", ]
478 type: comma_delimited_list
484 description: The password for the nova service and db account, used by nova-api.
489 description: Should MongoDb journaling be disabled
493 description: Comma-separated list of ntp servers
494 type: comma_delimited_list
497 description: The password for the 'pcsd' user.
499 PublicVirtualInterface:
502 Specifies the interface where the public-facing virtual ip will be assigned.
503 This should be int_public when a VLAN is being used.
507 default: '' # Has to be here because of the ignored empty value bug
510 default: '' # Has to be here because of the ignored empty value bug
514 description: The password for RabbitMQ
519 description: The username for RabbitMQ
524 Rabbit client subscriber parameter to specify
525 an SSL connection to the RabbitMQ host.
529 description: Set rabbit subscriber port, change this if using SSL
533 description: Configures RabbitMQ FD limit
537 default: '' # Has to be here because of the ignored empty value bug
538 SnmpdReadonlyUserName:
539 default: ro_snmp_user
540 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
542 SnmpdReadonlyUserPassword:
544 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
549 description: A random string to be used as a salt when hashing to determine mappings
555 description: Value of mount_check in Swift account/container/object -server.conf
560 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
563 description: Partition Power to use when building Swift rings
567 description: The password for the swift service account, used by the swift proxy
577 description: How many replicas to use in the swift rings.
578 VirtualIP: # DEPRECATED: use per service settings instead
580 default: '' # Has to be here because of the ignored empty value bug
587 GlanceRegistryVirtualIP:
593 KeystoneAdminApiVirtualIP:
596 KeystonePublicApiVirtualIP:
602 EnablePackageInstall:
604 description: Set to true to enable package installation via Puppet
608 description: Mapping of service_name -> network name. Typically set
609 via parameter_defaults in the resource registry.
613 description: Mapping of service endpoint -> protocol. Typically set
614 via parameter_defaults in the resource registry.
620 Setting to a previously unused value during stack-update will trigger
621 package update on all nodes
624 default: '' # Defaults to Heat created hostname
625 NetworkDeploymentActions:
626 type: comma_delimited_list
628 Heat action when to apply network configuration changes
637 The DNS domain used for the hosts. This should match the dhcp_domain
638 configured in the Undercloud neutron. Defaults to localdomain.
642 Extra properties or metadata passed to Nova for the created nodes in
643 the overcloud. It's accessible via the Nova metadata API.
647 description: Optional scheduler hints to pass to nova
653 type: OS::Nova::Server
655 image: {get_param: Image}
656 image_update_policy: {get_param: ImageUpdatePolicy}
657 flavor: {get_param: Flavor}
658 key_name: {get_param: KeyName}
661 user_data_format: SOFTWARE_CONFIG
662 user_data: {get_resource: UserData}
663 name: {get_param: Hostname}
664 metadata: {get_param: ServerMetadata}
665 scheduler_hints: {get_param: SchedulerHints}
667 # Combine the NodeAdminUserData and NodeUserData mime archives
669 type: OS::Heat::MultipartMime
672 - config: {get_resource: NodeAdminUserData}
674 - config: {get_resource: NodeUserData}
677 # Creates the "heat-admin" user if configured via the environment
678 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
680 type: OS::TripleO::NodeAdminUserData
682 # For optional operator additional userdata
683 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
685 type: OS::TripleO::NodeUserData
688 type: OS::TripleO::Controller::Ports::ExternalPort
690 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
693 type: OS::TripleO::Controller::Ports::InternalApiPort
695 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
698 type: OS::TripleO::Controller::Ports::StoragePort
700 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
703 type: OS::TripleO::Controller::Ports::StorageMgmtPort
705 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
708 type: OS::TripleO::Controller::Ports::TenantPort
710 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
713 type: OS::TripleO::Network::Ports::NetIpMap
715 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
716 ExternalIp: {get_attr: [ExternalPort, ip_address]}
717 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
718 StorageIp: {get_attr: [StoragePort, ip_address]}
719 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
720 TenantIp: {get_attr: [TenantPort, ip_address]}
723 type: OS::TripleO::Network::Ports::NetIpSubnetMap
725 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
726 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
727 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
728 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
729 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
730 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
733 type: OS::TripleO::Controller::Net::SoftwareConfig
735 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
736 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
737 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
738 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
739 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
740 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
743 type: OS::TripleO::SoftwareDeployment
745 config: {get_resource: NetworkConfig}
746 server: {get_resource: Controller}
747 actions: {get_param: NetworkDeploymentActions}
750 interface_name: {get_param: NeutronPublicInterface}
752 # Resource for site-specific injection of root certificate
754 depends_on: NetworkDeployment
755 type: OS::TripleO::NodeTLSCAData
757 server: {get_resource: Controller}
759 # Resource for site-specific passing of private keys/certificates
761 depends_on: NodeTLSCAData
762 type: OS::TripleO::NodeTLSData
764 server: {get_resource: Controller}
765 NodeIndex: {get_param: NodeIndex}
767 ControllerDeployment:
768 type: OS::TripleO::SoftwareDeployment
769 depends_on: NetworkDeployment
771 config: {get_resource: ControllerConfig}
772 server: {get_resource: Controller}
774 bootstack_nodeid: {get_attr: [Controller, name]}
775 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
776 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
777 neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
778 haproxy_log_address: {get_param: HAProxySyslogAddress}
779 heat.watch_server_url:
783 - {get_param: HeatApiVirtualIP}
785 heat.metadata_server_url:
789 - {get_param: HeatApiVirtualIP}
791 heat.waitcondition_server_url:
795 - {get_param: HeatApiVirtualIP}
796 - ':8000/v1/waitcondition'
797 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
798 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
799 horizon_secret: {get_param: HorizonSecret}
800 admin_email: {get_param: AdminEmail}
801 admin_password: {get_param: AdminPassword}
802 admin_token: {get_param: AdminToken}
803 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
804 debug: {get_param: Debug}
805 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
806 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
807 cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
812 SERVERS: {get_param: CinderNfsServers}
813 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
814 cinder_password: {get_param: CinderPassword}
815 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
816 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
817 cinder_backend_config: {get_param: CinderBackendConfig}
821 - - 'mysql://cinder:'
822 - {get_param: CinderPassword}
824 - {get_param: MysqlVirtualIP}
826 glance_port: {get_param: [EndpointMap, GlanceInternal, port]}
827 glance_password: {get_param: GlancePassword}
828 glance_backend: {get_param: GlanceBackend}
829 glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice}
830 glance_file_pcmk_fstype: {get_param: GlanceFilePcmkFstype}
831 glance_file_pcmk_manage: {get_param: GlanceFilePcmkManage}
832 glance_file_pcmk_options: {get_param: GlanceFilePcmkOptions}
833 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
834 glance_log_file: {get_param: GlanceLogFile}
838 - - 'mysql://glance:'
839 - {get_param: GlancePassword}
841 - {get_param: MysqlVirtualIP}
843 heat_password: {get_param: HeatPassword}
844 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
849 - {get_param: HeatPassword}
851 - {get_param: MysqlVirtualIP}
853 keystone_ca_certificate: {get_param: KeystoneCACertificate}
854 keystone_signing_key: {get_param: KeystoneSigningKey}
855 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
856 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
857 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
858 keystone_notification_driver: {get_param: KeystoneNotificationDriver}
859 keystone_notification_format: {get_param: KeystoneNotificationFormat}
863 - - 'mysql://keystone:'
864 - {get_param: AdminToken}
866 - {get_param: MysqlVirtualIP}
868 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
869 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
870 keystone_public_url: { get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
871 keystone_internal_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
872 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
873 enable_fencing: {get_param: EnableFencing}
874 enable_galera: {get_param: EnableGalera}
875 enable_load_balancer: {get_param: EnableLoadBalancer}
876 enable_ceph_storage: {get_param: EnableCephStorage}
877 enable_swift_storage: {get_param: EnableSwiftStorage}
878 manage_firewall: {get_param: ManageFirewall}
879 purge_firewall_rules: {get_param: PurgeFirewallRules}
880 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
881 mysql_max_connections: {get_param: MysqlMaxConnections}
882 mysql_root_password: {get_param: MysqlRootPassword}
885 template: tripleo-CLUSTER
887 CLUSTER: {get_param: MysqlClusterUniquePart}
888 neutron_flat_networks:
892 NETWORKS: {get_param: NeutronFlatNetworks}
893 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
894 neutron_agent_mode: {get_param: NeutronAgentMode}
895 neutron_router_distributed: {get_param: NeutronDVR}
896 neutron_core_plugin: {get_param: NeutronCorePlugin}
897 neutron_service_plugins:
901 PLUGINS: {get_param: NeutronServicePlugins}
902 neutron_type_drivers:
906 DRIVERS: {get_param: NeutronTypeDrivers}
907 neutron_enable_dhcp_agent: {get_param: NeutronEnableDHCPAgent}
908 neutron_enable_l3_agent: {get_param: NeutronEnableL3Agent}
909 neutron_enable_metadata_agent: {get_param: NeutronEnableMetadataAgent}
910 neutron_enable_ovs_agent: {get_param: NeutronEnableOVSAgent}
911 neutron_mechanism_drivers:
915 MECHANISMS: {get_param: NeutronMechanismDrivers}
916 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
917 neutron_l3_ha: {get_param: NeutronL3HA}
918 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
919 neutron_network_vlan_ranges:
923 RANGES: {get_param: NeutronNetworkVLANRanges}
924 neutron_bridge_mappings:
928 MAPPINGS: {get_param: NeutronBridgeMappings}
929 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
930 neutron_public_interface: {get_param: NeutronPublicInterface}
931 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
932 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
933 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
934 neutron_tunnel_id_ranges:
938 RANGES: {get_param: NeutronTunnelIdRanges}
943 RANGES: {get_param: NeutronVniRanges}
944 neutron_tenant_network_types:
948 TYPES: {get_param: NeutronNetworkType}
949 neutron_tunnel_types:
953 TYPES: {get_param: NeutronTunnelTypes}
954 neutron_password: {get_param: NeutronPassword}
955 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
959 - - 'mysql://neutron:'
960 - {get_param: NeutronPassword}
962 - {get_param: MysqlVirtualIP}
963 - '/ovs_neutron?charset=utf8'
964 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
965 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
966 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
967 neutron_admin_auth_url: { get_param: [ EndpointMap, KeystoneAdmin, uri ] }
968 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
969 ceilometer_backend: {get_param: CeilometerBackend}
970 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
971 ceilometer_password: {get_param: CeilometerPassword}
972 ceilometer_coordination_url:
976 - {get_param: RedisVirtualIP}
981 - - 'mysql://ceilometer:'
982 - {get_param: CeilometerPassword}
984 - {get_param: MysqlVirtualIP}
986 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
987 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
988 nova_password: {get_param: NovaPassword}
993 - {get_param: NovaPassword}
995 - {get_param: MysqlVirtualIP}
997 instance_name_template: {get_param: InstanceNameTemplate}
998 fencing_config: {get_param: FencingConfig}
999 pcsd_password: {get_param: PcsdPassword}
1000 rabbit_username: {get_param: RabbitUserName}
1001 rabbit_password: {get_param: RabbitPassword}
1002 rabbit_cookie: {get_param: RabbitCookie}
1003 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
1004 rabbit_client_port: {get_param: RabbitClientPort}
1005 mongodb_no_journal: {get_param: MongoDbNoJournal}
1006 # We need to force this into quotes or hiera will return integer causing
1007 # the puppet module validation regexp to fail.
1008 # Remove when: https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/401
1013 LIMIT: {get_param: RabbitFDLimit}
1014 ntp_servers: {get_param: NtpServer}
1015 control_virtual_interface: {get_param: ControlVirtualInterface}
1016 public_virtual_interface: {get_param: PublicVirtualInterface}
1017 swift_hash_suffix: {get_param: SwiftHashSuffix}
1018 swift_password: {get_param: SwiftPassword}
1019 swift_part_power: {get_param: SwiftPartPower}
1020 swift_replicas: {get_param: SwiftReplicas}
1021 swift_min_part_hours: {get_param: SwiftMinPartHours}
1022 swift_mount_check: {get_param: SwiftMountCheck}
1023 enable_package_install: {get_param: EnablePackageInstall}
1024 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
1025 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
1026 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1027 cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
1028 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
1029 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
1030 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
1031 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
1032 glance_registry_host: {get_param: GlanceRegistryVirtualIP}
1033 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
1034 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
1035 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
1036 keystone_region: {get_param: KeystoneRegion}
1037 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
1038 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
1039 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
1040 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
1041 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
1042 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
1043 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
1044 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
1045 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
1046 redis_vip: {get_param: RedisVirtualIP}
1047 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1048 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
1049 mysql_virtual_ip: {get_param: MysqlVirtualIP}
1050 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
1051 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1052 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1054 # Map heat metadata into hiera datafiles
1056 type: OS::Heat::StructuredConfig
1058 group: os-apply-config
1063 - heat_config_%{::deploy_config_name}
1064 - controller_extraconfig
1069 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
1070 - ceph_cluster # provided by CephClusterConfig
1072 - bootstrap_node # provided by BootstrapNodeConfig
1073 - all_nodes # provided by allNodesConfig
1074 - vip_data # provided by vip-config
1077 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
1078 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
1079 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
1080 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
1081 - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
1083 controller_extraconfig:
1084 mapped_data: {get_param: ControllerExtraConfig}
1086 mapped_data: {get_param: ExtraConfig}
1088 raw_data: {get_file: hieradata/common.yaml}
1090 raw_data: {get_file: hieradata/ceph.yaml}
1092 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
1093 ceph::profile::params::public_network: {get_input: ceph_public_network}
1094 ceph::mon::public_addr: {get_input: ceph_public_ip}
1096 raw_data: {get_file: hieradata/database.yaml}
1098 raw_data: {get_file: hieradata/object.yaml}
1100 raw_data: {get_file: hieradata/controller.yaml}
1101 mapped_data: # data supplied directly to this deployment configuration, etc
1102 bootstack_nodeid: {get_input: bootstack_nodeid}
1105 enable_fencing: {get_input: enable_fencing}
1106 enable_load_balancer: {get_input: enable_load_balancer}
1107 hacluster_pwd: {get_input: pcsd_password}
1108 tripleo::fencing::config: {get_input: fencing_config}
1111 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
1112 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
1113 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
1114 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
1115 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
1116 swift::proxy::authtoken::admin_password: {get_input: swift_password}
1117 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
1118 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
1119 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
1120 swift_mount_check: {get_input: swift_mount_check}
1122 # NOTE(dprince): build_ring support is currently not wired in.
1123 # See: https://review.openstack.org/#/c/109225/
1124 tripleo::ringbuilder::build_ring: True
1127 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
1128 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
1129 cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
1130 cinder_nfs_servers: {get_input: cinder_nfs_servers}
1131 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
1132 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
1133 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
1134 cinder::database_connection: {get_input: cinder_dsn}
1135 cinder::api::keystone_password: {get_input: cinder_password}
1136 cinder::api::auth_uri: {get_input: keystone_auth_uri}
1137 cinder::api::identity_uri: {get_input: keystone_identity_uri}
1138 cinder::api::bind_host: {get_input: cinder_api_network}
1139 cinder::rabbit_userid: {get_input: rabbit_username}
1140 cinder::rabbit_password: {get_input: rabbit_password}
1141 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1142 cinder::rabbit_port: {get_input: rabbit_client_port}
1143 cinder::debug: {get_input: debug}
1144 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
1145 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
1146 cinder_backend_config: {get_input: CinderBackendConfig}
1147 cinder::db::mysql::password: {get_input: cinder_password}
1150 glance::api::bind_port: {get_input: glance_port}
1151 glance::api::bind_host: {get_input: glance_api_network}
1152 glance::api::auth_uri: {get_input: keystone_auth_uri}
1153 glance::api::identity_uri: {get_input: keystone_identity_uri}
1154 glance::api::registry_host: {get_input: glance_registry_host}
1155 glance::api::keystone_password: {get_input: glance_password}
1156 glance::api::debug: {get_input: debug}
1157 glance_notifier_strategy: {get_input: glance_notifier_strategy}
1158 glance_log_file: {get_input: glance_log_file}
1159 glance_log_file: {get_input: glance_log_file}
1160 glance::api::database_connection: {get_input: glance_dsn}
1161 glance::registry::keystone_password: {get_input: glance_password}
1162 glance::registry::database_connection: {get_input: glance_dsn}
1163 glance::registry::bind_host: {get_input: glance_registry_network}
1164 glance::registry::auth_uri: {get_input: keystone_auth_uri}
1165 glance::registry::identity_uri: {get_input: keystone_identity_uri}
1166 glance::registry::debug: {get_input: debug}
1167 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_uri}
1168 glance::backend::swift::swift_store_user: service:glance
1169 glance::backend::swift::swift_store_key: {get_input: glance_password}
1170 glance_backend: {get_input: glance_backend}
1171 glance::db::mysql::password: {get_input: glance_password}
1172 glance_file_pcmk_device: {get_input: glance_file_pcmk_device}
1173 glance_file_pcmk_fstype: {get_input: glance_file_pcmk_fstype}
1174 glance_file_pcmk_manage: {get_input: glance_file_pcmk_manage}
1175 glance_file_pcmk_options: {get_input: glance_file_pcmk_options}
1178 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
1179 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
1180 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
1181 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
1182 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
1183 heat::rabbit_userid: {get_input: rabbit_username}
1184 heat::rabbit_password: {get_input: rabbit_password}
1185 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1186 heat::rabbit_port: {get_input: rabbit_client_port}
1187 heat::auth_uri: {get_input: keystone_auth_uri}
1188 heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
1189 heat::identity_uri: {get_input: keystone_identity_uri}
1190 heat::keystone_password: {get_input: heat_password}
1191 heat::api::bind_host: {get_input: heat_api_network}
1192 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
1193 heat::api_cfn::bind_host: {get_input: heat_api_network}
1194 heat::database_connection: {get_input: heat_dsn}
1195 heat::debug: {get_input: debug}
1196 heat::db::mysql::password: {get_input: heat_password}
1199 keystone::admin_token: {get_input: admin_token}
1200 keystone_ca_certificate: {get_input: keystone_ca_certificate}
1201 keystone_signing_key: {get_input: keystone_signing_key}
1202 keystone_signing_certificate: {get_input: keystone_signing_certificate}
1203 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
1204 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
1205 keystone::database_connection: {get_input: keystone_dsn}
1206 keystone::public_bind_host: {get_input: keystone_public_api_network}
1207 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
1208 keystone::debug: {get_input: debug}
1209 keystone::db::mysql::password: {get_input: admin_token}
1210 keystone::rabbit_userid: {get_input: rabbit_username}
1211 keystone::rabbit_password: {get_input: rabbit_password}
1212 keystone::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1213 keystone::rabbit_port: {get_input: rabbit_client_port}
1214 keystone::notification_driver: {get_input: keystone_notification_driver}
1215 keystone::notification_format: {get_input: keystone_notification_format}
1216 keystone::roles::admin::email: {get_input: admin_email}
1217 keystone::roles::admin::password: {get_input: admin_password}
1218 keystone::endpoint::public_url: {get_input: keystone_public_url}
1219 keystone::endpoint::internal_url: {get_input: keystone_internal_url}
1220 keystone::endpoint::admin_url: {get_input: keystone_identity_uri}
1221 keystone::endpoint::region: {get_input: keystone_region}
1223 mongodb::server::bind_ip: {get_input: mongo_db_network}
1224 mongodb::server::nojournal: {get_input: mongodb_no_journal}
1226 admin_password: {get_input: admin_password}
1227 enable_galera: {get_input: enable_galera}
1228 enable_ceph_storage: {get_input: enable_ceph_storage}
1229 enable_swift_storage: {get_input: enable_swift_storage}
1230 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
1231 mysql_max_connections: {get_input: mysql_max_connections}
1232 mysql::server::root_password: {get_input: mysql_root_password}
1233 mysql_cluster_name: {get_input: mysql_cluster_name}
1234 mysql_bind_host: {get_input: mysql_network}
1235 mysql_virtual_ip: {get_input: mysql_virtual_ip}
1238 neutron::bind_host: {get_input: neutron_api_network}
1239 neutron::rabbit_password: {get_input: rabbit_password}
1240 neutron::rabbit_user: {get_input: rabbit_username}
1241 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1242 neutron::rabbit_port: {get_input: rabbit_client_port}
1243 neutron::debug: {get_input: debug}
1244 neutron::server::auth_uri: {get_input: keystone_auth_uri}
1245 neutron::server::identity_uri: {get_input: keystone_identity_uri}
1246 neutron::server::database_connection: {get_input: neutron_dsn}
1247 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
1248 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
1249 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
1250 neutron::agents::dhcp::enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata}
1251 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
1252 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
1253 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1254 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
1255 neutron_agent_mode: {get_input: neutron_agent_mode}
1256 neutron_router_distributed: {get_input: neutron_router_distributed}
1257 neutron::core_plugin: {get_input: neutron_core_plugin}
1258 neutron::service_plugins: {get_input: neutron_service_plugins}
1259 neutron::enable_dhcp_agent: {get_input: neutron_enable_dhcp_agent}
1260 neutron::enable_l3_agent: {get_input: neutron_enable_l3_agent}
1261 neutron::enable_metadata_agent: {get_input: neutron_enable_metadata_agent}
1262 neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent}
1263 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
1264 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
1265 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
1266 neutron::server::l3_ha: {get_input: neutron_l3_ha}
1267 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
1268 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
1269 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
1270 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
1271 neutron::agents::ml2::ovs:bridge_mappings: {get_input: neutron_bridge_mappings}
1272 neutron_public_interface: {get_input: neutron_public_interface}
1273 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
1274 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
1275 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
1276 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
1277 neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types}
1278 neutron::server::auth_password: {get_input: neutron_password}
1279 neutron::agents::metadata::auth_password: {get_input: neutron_password}
1280 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
1281 neutron_dsn: {get_input: neutron_dsn}
1282 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1283 neutron::db::mysql::password: {get_input: neutron_password}
1284 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
1285 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
1286 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
1287 neutron::keystone::auth::password: {get_input: neutron_password }
1288 neutron::keystone::auth::region: {get_input: keystone_region}
1289 neutron::server::notifications::nova_url: {get_input: nova_internal_url}
1290 neutron::server::notifications::auth_url: {get_input: neutron_admin_auth_url}
1291 neutron::server::notifications::tenant_name: 'service'
1292 neutron::server::notifications::password: {get_input: nova_password}
1295 ceilometer_backend: {get_input: ceilometer_backend}
1296 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1297 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1298 ceilometer::rabbit_userid: {get_input: rabbit_username}
1299 ceilometer::rabbit_password: {get_input: rabbit_password}
1300 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1301 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1302 ceilometer::debug: {get_input: debug}
1303 ceilometer::api::host: {get_input: ceilometer_api_network}
1304 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1305 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1306 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1307 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1308 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
1309 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1310 ceilometer::db::mysql::password: {get_input: ceilometer_password}
1311 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1312 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1315 nova::rabbit_userid: {get_input: rabbit_username}
1316 nova::rabbit_password: {get_input: rabbit_password}
1317 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1318 nova::rabbit_port: {get_input: rabbit_client_port}
1319 nova::debug: {get_input: debug}
1320 nova::api::auth_uri: {get_input: keystone_auth_uri}
1321 nova::api::identity_uri: {get_input: keystone_identity_uri}
1322 nova::api::api_bind_address: {get_input: nova_api_network}
1323 nova::api::metadata_listen: {get_input: nova_metadata_network}
1324 nova::api::admin_password: {get_input: nova_password}
1325 nova::database_connection: {get_input: nova_dsn}
1326 nova::glance_api_servers: {get_input: glance_api_servers}
1327 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1328 nova::api::instance_name_template: {get_input: instance_name_template}
1329 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
1330 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1331 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
1332 nova::vncproxy::host: {get_input: nova_api_network}
1333 nova::db::mysql::password: {get_input: nova_password}
1336 apache::ip: {get_input: horizon_network}
1337 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1338 horizon::django_debug: {get_input: debug}
1339 horizon::secret_key: {get_input: horizon_secret}
1340 horizon::bind_address: {get_input: horizon_network}
1341 horizon::keystone_url: {get_input: keystone_auth_uri}
1344 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1345 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1346 rabbitmq::file_limit: {get_input: rabbit_fd_limit}
1347 rabbitmq::default_user: {get_input: rabbit_username}
1348 rabbitmq::default_pass: {get_input: rabbit_password}
1350 redis::bind: {get_input: redis_network}
1351 redis_vip: {get_input: redis_vip}
1353 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1354 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1356 memcached::listen_ip: {get_input: memcached_network}
1357 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1358 ntp::servers: {get_input: ntp_servers}
1359 control_virtual_interface: {get_input: control_virtual_interface}
1360 public_virtual_interface: {get_input: public_virtual_interface}
1361 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1362 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1363 tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address}
1364 # NOTE(jaosorior): The service certificate configuration for
1365 # HAProxy was left commented because to properly use this, we
1366 # need to be able to set up the keystone endpoints. And
1367 # currently that is not possible, but is being addressed by
1368 # other commits. A subsequent commit will uncomment this.
1369 #tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1370 tripleo::packages::enable_install: {get_input: enable_package_install}
1371 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1373 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1374 ControllerExtraConfigPre:
1375 depends_on: ControllerDeployment
1376 type: OS::TripleO::ControllerExtraConfigPre
1378 server: {get_resource: Controller}
1380 # Hook for site-specific additional pre-deployment config,
1381 # applying to all nodes, e.g node registration/unregistration
1383 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1384 type: OS::TripleO::NodeExtraConfig
1386 server: {get_resource: Controller}
1389 type: OS::TripleO::Tasks::PackageUpdate
1392 type: OS::Heat::SoftwareDeployment
1394 config: {get_resource: UpdateConfig}
1395 server: {get_resource: Controller}
1398 get_param: UpdateIdentifier
1402 description: IP address of the server in the ctlplane network
1403 value: {get_attr: [Controller, networks, ctlplane, 0]}
1404 external_ip_address:
1405 description: IP address of the server in the external network
1406 value: {get_attr: [ExternalPort, ip_address]}
1407 internal_api_ip_address:
1408 description: IP address of the server in the internal_api network
1409 value: {get_attr: [InternalApiPort, ip_address]}
1411 description: IP address of the server in the storage network
1412 value: {get_attr: [StoragePort, ip_address]}
1413 storage_mgmt_ip_address:
1414 description: IP address of the server in the storage_mgmt network
1415 value: {get_attr: [StorageMgmtPort, ip_address]}
1417 description: IP address of the server in the tenant network
1418 value: {get_attr: [TenantPort, ip_address]}
1420 description: Hostname of the server
1421 value: {get_attr: [Controller, name]}
1424 Node object in the format {ip: ..., name: ...} format that the corosync
1427 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1428 name: {get_attr: [Controller, name]}
1431 Server's IP address and hostname in the /etc/hosts format
1434 template: IP HOST.DOMAIN HOST CLOUDNAME
1436 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1437 DOMAIN: {get_param: CloudDomain}
1438 HOST: {get_attr: [Controller, name]}
1439 CLOUDNAME: {get_param: CloudName}
1440 nova_server_resource:
1441 description: Heat resource handle for the Nova compute server
1443 {get_resource: Controller}
1445 description: Swift device formatted for swift-ring-builder
1448 template: 'r1z1-IP:%PORT%/d1'
1450 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1451 swift_proxy_memcache:
1452 description: Swift proxy-memcache value
1455 template: "IP:11211"
1457 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1459 description: identifier which changes if the controller configuration may need re-applying
1463 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1464 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1465 - {get_attr: [NodeTLSData, deploy_stdout]}
1466 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1467 - {get_param: UpdateIdentifier}
1468 tls_key_modulus_md5:
1469 description: MD5 checksum of the TLS Key Modulus
1470 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1471 tls_cert_modulus_md5:
1472 description: MD5 checksum of the TLS Certificate Modulus
1473 value: {get_attr: [NodeTLSData, cert_modulus_md5]}