1 heat_template_version: 2015-10-15
4 OpenStack controller node configured by Puppet.
8 default: 'admin@example.com'
9 description: The email for the keystone admin account.
13 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
17 description: The keystone auth secret and db password.
20 CeilometerApiVirtualIP:
25 description: The ceilometer backend type.
27 CeilometerMeteringSecret:
28 description: Secret shared by the ceilometer services.
32 description: The password for the ceilometer service and db account.
40 description: Number of workers for Ceilometer service.
42 CinderEnableNfsBackend:
44 description: Whether to enable or not the NFS backend for Cinder
46 CinderEnableIscsiBackend:
48 description: Whether to enable or not the Iscsi backend for Cinder
50 CinderEnableRbdBackend:
52 description: Whether to enable or not the Rbd backend for Cinder
56 description: The iSCSI helper to use with cinder.
58 CinderLVMLoopDeviceSize:
60 description: The size of the loopback file used by the cinder LVM driver.
62 CinderNfsMountOptions:
65 Mount options for NFS mounts used by Cinder NFS backend. Effective
66 when CinderEnableNfsBackend is true.
71 NFS servers used by Cinder NFS backend. Effective when
72 CinderEnableNfsBackend is true.
73 type: comma_delimited_list
75 description: The password for the cinder service and db account, used by cinder-api.
80 description: Contains parameters to configure Cinder backends. Typically
81 set via parameter_defaults in the resource registry.
85 description: Number of workers for Cinder service.
89 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
91 ControllerExtraConfig:
94 Controller specific hiera configuration data to inject into the cluster.
99 A network mapped list of IPs to assign to Controllers in the following form:
101 "internal_api": ["a.b.c.d", "e.f.g.h"],
105 ControlVirtualInterface:
107 description: Interface where virtual ip will be assigned.
111 description: Set to True to enable debugging on all services.
115 description: Whether to enable fencing in Pacemaker or not.
119 description: Whether to use Galera instead of regular MariaDB.
123 description: Whether to deploy a LoadBalancer on the Controller
127 description: Whether to deploy Ceph Storage (OSD) on the Controller
131 description: Whether to enable Swift Storage on the Controller
136 Additional hieradata to inject into the cluster, note that
137 ControllerExtraConfig takes precedence over ExtraConfig.
142 Pacemaker fencing configuration. The JSON should have
143 the following structure:
147 "agent": "AGENT_NAME",
148 "host_mac": "HOST_MAC_ADDRESS",
149 "params": {"PARAM_NAME": "PARAM_VALUE"}
157 "agent": "fence_xvm",
158 "host_mac": "52:54:00:aa:bb:cc",
160 "multicast_address": "225.0.0.12",
161 "port": "baremetal_0",
163 "manage_key_file": true,
164 "key_file": "/etc/fence_xvm.key",
165 "key_file_password": "abcdef"
172 description: Flavor for control nodes to request when deploying.
175 - custom_constraint: nova.flavor
176 GlanceNotifierStrategy:
177 description: Strategy to use for Glance notification queue
181 description: The filepath of the file to use for logging messages from Glance.
185 description: The password for the glance service and db account, used by the glance services.
190 description: The short name of the Glance backend to use. Should be one
191 of swift, rbd, or file
194 - allowed_values: ['swift', 'file', 'rbd']
195 GlanceFilePcmkDevice:
198 An exported storage device that should be mounted by Pacemaker
199 as Glance storage. Effective when GlanceFilePcmkManage is true.
201 GlanceFilePcmkFstype:
204 Filesystem type for Pacemaker mount used as Glance storage.
205 Effective when GlanceFilePcmkManage is true.
207 GlanceFilePcmkManage:
210 Whether to make Glance file backend a mount managed by Pacemaker.
211 Effective when GlanceBackend is 'file'.
213 GlanceFilePcmkOptions:
216 Mount options for Pacemaker mount used as Glance storage.
217 Effective when GlanceFilePcmkManage is true.
219 HAProxySyslogAddress:
221 description: Syslog address where HAproxy will send its log
225 description: Number of workers for Glance service.
228 description: The password for the Heat service and db account, used by the Heat services.
231 HeatStackDomainAdminPassword:
232 description: Password for heat_domain_admin user.
235 HeatAuthEncryptionKey:
236 description: Auth encryption key for heat-engine
241 description: A list of IP/Hostname allowed to connect to horizon
242 type: comma_delimited_list
245 description: Number of workers for Heat service.
248 description: Secret key for Django
253 default: overcloud-control
255 - custom_constraint: glance.image
257 default: 'REBUILD_PRESERVE_EPHEMERAL'
258 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
260 InstanceNameTemplate:
261 default: 'instance-%08x'
262 description: Template string to be used to generate instance names
266 description: Name of an existing Nova key pair to enable SSH access to the instances
269 - custom_constraint: nova.keypair
270 KeystoneCACertificate:
272 description: Keystone self-signed certificate authority certificate.
274 KeystoneSigningCertificate:
276 description: Keystone certificate for verifying token validity.
280 description: Keystone key for signing tokens.
283 KeystoneSSLCertificate:
285 description: Keystone certificate for verifying token validity.
287 KeystoneSSLCertificateKey:
289 description: Keystone key for signing tokens.
292 KeystoneNotificationDriver:
293 description: Comma-separated list of Oslo notification drivers used by Keystone
294 default: ['messaging']
295 type: comma_delimited_list
296 KeystoneNotificationFormat:
297 description: The Keystone notification format
301 - allowed_values: [ 'basic', 'cadf' ]
305 description: Keystone region for endpoint
308 description: Whether to manage IPtables rules.
312 description: Whether IPtables rules should be purged before setting up the new ones.
316 description: Number of workers for Keystone service.
318 MysqlClusterUniquePart:
319 description: A unique identifier of the MySQL cluster the controller is in.
321 default: 'unset' # Has to be here because of the ignored empty value bug
322 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
324 # - length: {min: 4, max: 10}
325 MysqlInnodbBufferPoolSize:
327 Specifies the size of the buffer pool in megabytes. Setting to
328 zero should be interpreted as "no value" and will defer to the
333 description: Configures MySQL max_connections config setting
339 default: '' # Has to be here because of the ignored empty value bug
340 NeutronExternalNetworkBridge:
341 description: Name of bridge used for external network traffic.
344 NeutronBridgeMappings:
346 The OVS logical->physical bridge mappings to use. See the Neutron
347 documentation for details. Defaults to mapping br-ex - the external
348 bridge on hosts - to a physical name 'datacentre' which can be used
349 to create provider networks (and we use this for the default floating
350 network) - if changing this either use different post-install network
351 scripts or be sure to keep 'datacentre' as a mapping network name.
352 type: comma_delimited_list
353 default: "datacentre:br-ex"
354 NeutronDnsmasqOptions:
355 default: 'dhcp-option-force=26,1400'
356 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
358 NeutronEnableDHCPAgent:
359 description: Knob to enable/disable DHCP Agent
362 NeutronEnableL3Agent:
363 description: Knob to enable/disable L3 agent
366 NeutronEnableMetadataAgent:
367 description: Knob to enable/disable Metadata agent
370 NeutronEnableOVSAgent:
371 description: Knob to enable/disable OVS Agent
376 description: Agent mode for the neutron-l3-agent on the controller hosts
380 description: Whether to enable l3-agent HA
382 NeutronDhcpAgentsPerNetwork:
385 description: The number of neutron dhcp agents to schedule per network
388 description: Whether to configure Neutron Distributed Virtual Routers
390 NeutronMetadataProxySharedSecret:
391 description: Shared secret to prevent spoofing
397 The core plugin for Neutron. The value should be the entrypoint to be loaded
398 from neutron.core_plugins namespace.
400 NeutronServicePlugins:
401 default: "router,qos"
403 Comma-separated list of service plugin entrypoints to be loaded from the
404 neutron.service_plugins namespace.
405 type: comma_delimited_list
407 default: "vxlan,vlan,flat,gre"
409 Comma-separated list of network type driver entrypoints to be loaded.
410 type: comma_delimited_list
411 NeutronMechanismDrivers:
412 default: 'openvswitch'
414 The mechanism drivers for the Neutron tenant network.
415 type: comma_delimited_list
416 NeutronAllowL3AgentFailover:
418 description: Allow automatic l3-agent failover
420 NeutronEnableIsolatedMetadata:
422 description: If True, DHCP provide metadata route to VM.
424 NeutronEnableTunnelling:
430 Enable/disable the L2 population feature in the Neutron agents.
433 type: comma_delimited_list
434 default: 'datacentre'
435 description: If set, flat networks to configure in neutron plugins.
438 description: Whether to enable l3-agent HA
442 description: The tenant network type for Neutron.
443 type: comma_delimited_list
444 NeutronNetworkVLANRanges:
445 default: 'datacentre:1:1000'
447 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
448 Neutron documentation for permitted values. Defaults to permitting any
449 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
450 type: comma_delimited_list
452 description: The password for the neutron service and db account, used by neutron agents.
455 NeutronPublicInterface:
457 description: What interface to bridge onto br-ex for network nodes.
459 NeutronPublicInterfaceTag:
462 VLAN tag for creating a public VLAN. The tag will be used to
463 create an access port on the exterior bridge for each control plane node,
464 and that port will be given the IP address returned by neutron from the
465 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
466 overcloud.yaml to include the deployment of VLAN ports to the control
469 NeutronPublicInterfaceDefaultRoute:
471 description: A custom default route for the NeutronPublicInterface.
473 NeutronPublicInterfaceIP:
475 description: A custom IP address to put onto the NeutronPublicInterface.
477 NeutronPublicInterfaceRawDevice:
479 description: If set, the public interface is a vlan with this device as the raw device.
484 The tunnel types for the Neutron tenant network.
485 type: comma_delimited_list
486 NeutronTunnelIdRanges:
488 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
489 of GRE tunnel IDs that are available for tenant network allocation
490 default: ["1:1000", ]
491 type: comma_delimited_list
494 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
495 of VXLAN VNI IDs that are available for tenant network allocation
496 default: ["1:1000", ]
497 type: comma_delimited_list
498 NeutronPluginExtensions:
501 Comma-separated list of extensions enabled for the Neutron plugin.
502 type: comma_delimited_list
503 NeutronAgentExtensions:
506 Comma-separated list of extensions enabled for the Neutron agents.
507 type: comma_delimited_list
513 description: Number of workers for Neutron service.
518 Whether to create cron job for purging soft deleted rows in Nova database.
521 description: The password for the nova service and db account, used by nova-api.
526 description: Number of workers for Nova service.
530 description: Should MongoDb journaling be disabled
534 description: Comma-separated list of ntp servers
535 type: comma_delimited_list
538 description: The password for the 'pcsd' user.
540 PublicVirtualInterface:
543 Specifies the interface where the public-facing virtual ip will be assigned.
544 This should be int_public when a VLAN is being used.
548 default: '' # Has to be here because of the ignored empty value bug
551 default: '' # Has to be here because of the ignored empty value bug
555 description: The password for RabbitMQ
560 description: The username for RabbitMQ
565 Rabbit client subscriber parameter to specify
566 an SSL connection to the RabbitMQ host.
570 description: Set rabbit subscriber port, change this if using SSL
574 description: Configures RabbitMQ FD limit
578 default: '' # Has to be here because of the ignored empty value bug
579 SnmpdReadonlyUserName:
580 default: ro_snmp_user
581 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
583 SnmpdReadonlyUserPassword:
584 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
588 description: A random string to be used as a salt when hashing to determine mappings
594 description: Value of mount_check in Swift account/container/object -server.conf
599 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
602 description: Partition Power to use when building Swift rings
605 description: The password for the swift service account, used by the swift proxy
615 description: How many replicas to use in the swift rings.
618 description: Number of workers for Swift service.
622 description: The timezone to be set on controller nodes.
624 VirtualIP: # DEPRECATED: use per service settings instead
626 default: '' # Has to be here because of the ignored empty value bug
633 GlanceRegistryVirtualIP:
639 KeystoneAdminApiVirtualIP:
642 KeystonePublicApiVirtualIP:
648 EnablePackageInstall:
650 description: Set to true to enable package installation via Puppet
654 description: Mapping of service_name -> network name. Typically set
655 via parameter_defaults in the resource registry.
659 description: Mapping of service endpoint -> protocol. Typically set
660 via parameter_defaults in the resource registry.
666 Setting to a previously unused value during stack-update will trigger
667 package update on all nodes
670 default: '' # Defaults to Heat created hostname
671 NetworkDeploymentActions:
672 type: comma_delimited_list
674 Heat action when to apply network configuration changes
679 SoftwareConfigTransport:
680 default: POLL_SERVER_CFN
682 How the server should receive the metadata required for software configuration.
685 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
690 The DNS domain used for the hosts. This should match the dhcp_domain
691 configured in the Undercloud neutron. Defaults to localdomain.
695 Extra properties or metadata passed to Nova for the created nodes in
696 the overcloud. It's accessible via the Nova metadata API.
700 description: Optional scheduler hints to pass to nova
706 type: OS::Nova::Server
708 image: {get_param: Image}
709 image_update_policy: {get_param: ImageUpdatePolicy}
710 flavor: {get_param: Flavor}
711 key_name: {get_param: KeyName}
714 user_data_format: SOFTWARE_CONFIG
715 user_data: {get_resource: UserData}
716 name: {get_param: Hostname}
717 software_config_transport: {get_param: SoftwareConfigTransport}
718 metadata: {get_param: ServerMetadata}
719 scheduler_hints: {get_param: SchedulerHints}
721 # Combine the NodeAdminUserData and NodeUserData mime archives
723 type: OS::Heat::MultipartMime
726 - config: {get_resource: NodeAdminUserData}
728 - config: {get_resource: NodeUserData}
731 # Creates the "heat-admin" user if configured via the environment
732 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
734 type: OS::TripleO::NodeAdminUserData
736 # For optional operator additional userdata
737 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
739 type: OS::TripleO::NodeUserData
742 type: OS::TripleO::Controller::Ports::ExternalPort
744 IPPool: {get_param: ControllerIPs}
745 NodeIndex: {get_param: NodeIndex}
746 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
749 type: OS::TripleO::Controller::Ports::InternalApiPort
751 IPPool: {get_param: ControllerIPs}
752 NodeIndex: {get_param: NodeIndex}
753 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
756 type: OS::TripleO::Controller::Ports::StoragePort
758 IPPool: {get_param: ControllerIPs}
759 NodeIndex: {get_param: NodeIndex}
760 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
763 type: OS::TripleO::Controller::Ports::StorageMgmtPort
765 IPPool: {get_param: ControllerIPs}
766 NodeIndex: {get_param: NodeIndex}
767 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
770 type: OS::TripleO::Controller::Ports::TenantPort
772 IPPool: {get_param: ControllerIPs}
773 NodeIndex: {get_param: NodeIndex}
774 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
777 type: OS::TripleO::Controller::Ports::ManagementPort
779 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
782 type: OS::TripleO::Network::Ports::NetIpMap
784 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
785 ExternalIp: {get_attr: [ExternalPort, ip_address]}
786 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
787 StorageIp: {get_attr: [StoragePort, ip_address]}
788 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
789 TenantIp: {get_attr: [TenantPort, ip_address]}
790 ManagementIp: {get_attr: [ManagementPort, ip_address]}
793 type: OS::TripleO::Network::Ports::NetIpSubnetMap
795 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
796 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
797 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
798 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
799 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
800 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
801 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
804 type: OS::TripleO::Controller::Net::SoftwareConfig
806 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
807 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
808 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
809 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
810 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
811 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
812 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
815 type: OS::TripleO::SoftwareDeployment
817 config: {get_resource: NetworkConfig}
818 server: {get_resource: Controller}
819 actions: {get_param: NetworkDeploymentActions}
822 interface_name: {get_param: NeutronPublicInterface}
824 # Resource for site-specific injection of root certificate
826 depends_on: NetworkDeployment
827 type: OS::TripleO::NodeTLSCAData
829 server: {get_resource: Controller}
831 # Resource for site-specific passing of private keys/certificates
833 depends_on: NodeTLSCAData
834 type: OS::TripleO::NodeTLSData
836 server: {get_resource: Controller}
837 NodeIndex: {get_param: NodeIndex}
839 ControllerDeployment:
840 type: OS::TripleO::SoftwareDeployment
841 depends_on: NetworkDeployment
843 config: {get_resource: ControllerConfig}
844 server: {get_resource: Controller}
846 bootstack_nodeid: {get_attr: [Controller, name]}
847 ceilometer_workers: {get_param: CeilometerWorkers}
848 cinder_workers: {get_param: CinderWorkers}
849 glance_workers: {get_param: GlanceWorkers}
850 heat_workers: {get_param: HeatWorkers}
851 keystone_workers: {get_param: KeystoneWorkers}
852 nova_workers: {get_param: NovaWorkers}
853 neutron_workers: {get_param: NeutronWorkers}
854 swift_workers: {get_param: SwiftWorkers}
855 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
856 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
857 neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
858 haproxy_log_address: {get_param: HAProxySyslogAddress}
859 heat.watch_server_url:
863 - {get_param: HeatApiVirtualIP}
865 heat.metadata_server_url:
869 - {get_param: HeatApiVirtualIP}
871 heat.waitcondition_server_url:
875 - {get_param: HeatApiVirtualIP}
876 - ':8000/v1/waitcondition'
877 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
878 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
879 horizon_secret: {get_param: HorizonSecret}
880 admin_email: {get_param: AdminEmail}
881 admin_password: {get_param: AdminPassword}
882 admin_token: {get_param: AdminToken}
883 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
884 debug: {get_param: Debug}
885 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
886 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
887 cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
892 SERVERS: {get_param: CinderNfsServers}
893 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
894 cinder_password: {get_param: CinderPassword}
895 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
896 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
897 cinder_backend_config: {get_param: CinderBackendConfig}
901 - - 'mysql://cinder:'
902 - {get_param: CinderPassword}
904 - {get_param: MysqlVirtualIP}
906 glance_port: {get_param: [EndpointMap, GlanceInternal, port]}
907 glance_password: {get_param: GlancePassword}
908 glance_backend: {get_param: GlanceBackend}
909 glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice}
910 glance_file_pcmk_fstype: {get_param: GlanceFilePcmkFstype}
911 glance_file_pcmk_manage: {get_param: GlanceFilePcmkManage}
912 glance_file_pcmk_options: {get_param: GlanceFilePcmkOptions}
913 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
914 glance_log_file: {get_param: GlanceLogFile}
918 - - 'mysql://glance:'
919 - {get_param: GlancePassword}
921 - {get_param: MysqlVirtualIP}
923 heat_password: {get_param: HeatPassword}
924 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
929 - {get_param: HeatPassword}
931 - {get_param: MysqlVirtualIP}
933 keystone_ca_certificate: {get_param: KeystoneCACertificate}
934 keystone_signing_key: {get_param: KeystoneSigningKey}
935 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
936 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
937 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
938 keystone_notification_driver: {get_param: KeystoneNotificationDriver}
939 keystone_notification_format: {get_param: KeystoneNotificationFormat}
943 - - 'mysql://keystone:'
944 - {get_param: AdminToken}
946 - {get_param: MysqlVirtualIP}
948 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
949 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
950 keystone_public_url: { get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
951 keystone_internal_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
952 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
953 enable_fencing: {get_param: EnableFencing}
954 enable_galera: {get_param: EnableGalera}
955 enable_load_balancer: {get_param: EnableLoadBalancer}
956 enable_ceph_storage: {get_param: EnableCephStorage}
957 enable_swift_storage: {get_param: EnableSwiftStorage}
958 manage_firewall: {get_param: ManageFirewall}
959 purge_firewall_rules: {get_param: PurgeFirewallRules}
960 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
961 mysql_max_connections: {get_param: MysqlMaxConnections}
962 mysql_root_password: {get_param: MysqlRootPassword}
965 template: tripleo-CLUSTER
967 CLUSTER: {get_param: MysqlClusterUniquePart}
968 neutron_flat_networks:
972 NETWORKS: {get_param: NeutronFlatNetworks}
973 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
974 neutron_agent_mode: {get_param: NeutronAgentMode}
975 neutron_router_distributed: {get_param: NeutronDVR}
976 neutron_core_plugin: {get_param: NeutronCorePlugin}
977 neutron_service_plugins:
981 PLUGINS: {get_param: NeutronServicePlugins}
982 neutron_type_drivers:
986 DRIVERS: {get_param: NeutronTypeDrivers}
987 neutron_enable_dhcp_agent: {get_param: NeutronEnableDHCPAgent}
988 neutron_enable_l3_agent: {get_param: NeutronEnableL3Agent}
989 neutron_enable_metadata_agent: {get_param: NeutronEnableMetadataAgent}
990 neutron_enable_ovs_agent: {get_param: NeutronEnableOVSAgent}
991 neutron_mechanism_drivers:
995 MECHANISMS: {get_param: NeutronMechanismDrivers}
996 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
997 neutron_l3_ha: {get_param: NeutronL3HA}
998 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
999 neutron_network_vlan_ranges:
1003 RANGES: {get_param: NeutronNetworkVLANRanges}
1004 neutron_bridge_mappings:
1008 MAPPINGS: {get_param: NeutronBridgeMappings}
1009 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
1010 neutron_public_interface: {get_param: NeutronPublicInterface}
1011 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
1012 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
1013 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
1014 neutron_tunnel_id_ranges:
1018 RANGES: {get_param: NeutronTunnelIdRanges}
1023 RANGES: {get_param: NeutronVniRanges}
1024 neutron_tenant_network_types:
1028 TYPES: {get_param: NeutronNetworkType}
1029 neutron_tunnel_types:
1033 TYPES: {get_param: NeutronTunnelTypes}
1034 neutron_plugin_extensions:
1036 template: PLUGIN_EXTENSIONS
1038 PLUGIN_EXTENSIONS: {get_param: NeutronPluginExtensions}
1039 neutron_agent_extensions:
1041 template: AGENT_EXTENSIONS
1043 AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
1044 neutron_password: {get_param: NeutronPassword}
1045 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
1049 - - 'mysql://neutron:'
1050 - {get_param: NeutronPassword}
1052 - {get_param: MysqlVirtualIP}
1053 - '/ovs_neutron?charset=utf8'
1054 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
1055 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
1056 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
1057 neutron_admin_auth_url: { get_param: [ EndpointMap, KeystoneAdmin, uri ] }
1058 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
1059 ceilometer_backend: {get_param: CeilometerBackend}
1060 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
1061 ceilometer_password: {get_param: CeilometerPassword}
1062 ceilometer_coordination_url:
1066 - {get_param: RedisVirtualIP}
1071 - - 'mysql://ceilometer:'
1072 - {get_param: CeilometerPassword}
1074 - {get_param: MysqlVirtualIP}
1076 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
1077 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
1078 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
1079 nova_password: {get_param: NovaPassword}
1084 - {get_param: NovaPassword}
1086 - {get_param: MysqlVirtualIP}
1088 instance_name_template: {get_param: InstanceNameTemplate}
1089 fencing_config: {get_param: FencingConfig}
1090 pcsd_password: {get_param: PcsdPassword}
1091 rabbit_username: {get_param: RabbitUserName}
1092 rabbit_password: {get_param: RabbitPassword}
1093 rabbit_cookie: {get_param: RabbitCookie}
1094 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
1095 rabbit_client_port: {get_param: RabbitClientPort}
1096 mongodb_no_journal: {get_param: MongoDbNoJournal}
1097 # We need to force this into quotes or hiera will return integer causing
1098 # the puppet module validation regexp to fail.
1099 # Remove when: https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/401
1104 LIMIT: {get_param: RabbitFDLimit}
1105 ntp_servers: {get_param: NtpServer}
1106 timezone: {get_param: TimeZone}
1107 control_virtual_interface: {get_param: ControlVirtualInterface}
1108 public_virtual_interface: {get_param: PublicVirtualInterface}
1109 swift_hash_suffix: {get_param: SwiftHashSuffix}
1110 swift_password: {get_param: SwiftPassword}
1111 swift_part_power: {get_param: SwiftPartPower}
1112 swift_replicas: {get_param: SwiftReplicas}
1113 swift_min_part_hours: {get_param: SwiftMinPartHours}
1114 swift_mount_check: {get_param: SwiftMountCheck}
1115 enable_package_install: {get_param: EnablePackageInstall}
1116 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
1117 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
1118 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1119 cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
1120 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
1121 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
1122 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
1123 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
1124 glance_registry_host: {get_param: GlanceRegistryVirtualIP}
1125 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
1126 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
1127 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
1128 keystone_region: {get_param: KeystoneRegion}
1129 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
1130 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
1131 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
1132 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
1133 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
1134 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
1135 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
1136 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
1137 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
1138 redis_vip: {get_param: RedisVirtualIP}
1139 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1140 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
1141 mysql_virtual_ip: {get_param: MysqlVirtualIP}
1142 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
1143 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1144 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1146 # Map heat metadata into hiera datafiles
1148 type: OS::Heat::StructuredConfig
1150 group: os-apply-config
1155 - heat_config_%{::deploy_config_name}
1156 - controller_extraconfig
1161 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
1162 - ceph_cluster # provided by CephClusterConfig
1164 - bootstrap_node # provided by BootstrapNodeConfig
1165 - all_nodes # provided by allNodesConfig
1166 - vip_data # provided by vip-config
1169 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
1170 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
1171 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
1172 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
1173 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
1174 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
1175 - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
1176 - midonet_data #Optionally provided by AllNodesExtraConfig
1178 controller_extraconfig:
1179 mapped_data: {get_param: ControllerExtraConfig}
1181 mapped_data: {get_param: ExtraConfig}
1183 raw_data: {get_file: hieradata/common.yaml}
1185 raw_data: {get_file: hieradata/ceph.yaml}
1187 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
1188 ceph::profile::params::public_network: {get_input: ceph_public_network}
1189 ceph::mon::public_addr: {get_input: ceph_public_ip}
1191 raw_data: {get_file: hieradata/database.yaml}
1193 raw_data: {get_file: hieradata/object.yaml}
1195 raw_data: {get_file: hieradata/controller.yaml}
1196 mapped_data: # data supplied directly to this deployment configuration, etc
1197 bootstack_nodeid: {get_input: bootstack_nodeid}
1200 enable_fencing: {get_input: enable_fencing}
1201 enable_load_balancer: {get_input: enable_load_balancer}
1202 hacluster_pwd: {get_input: pcsd_password}
1203 tripleo::fencing::config: {get_input: fencing_config}
1206 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
1207 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
1208 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
1209 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
1210 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
1211 swift::proxy::authtoken::admin_password: {get_input: swift_password}
1212 swift::proxy::workers: {get_input: swift_workers}
1213 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
1214 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
1215 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
1216 swift_mount_check: {get_input: swift_mount_check}
1218 # NOTE(dprince): build_ring support is currently not wired in.
1219 # See: https://review.openstack.org/#/c/109225/
1220 tripleo::ringbuilder::build_ring: True
1223 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
1224 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
1225 cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
1226 cinder_nfs_servers: {get_input: cinder_nfs_servers}
1227 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
1228 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
1229 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
1230 cinder::database_connection: {get_input: cinder_dsn}
1231 cinder::api::keystone_password: {get_input: cinder_password}
1232 cinder::api::auth_uri: {get_input: keystone_auth_uri}
1233 cinder::api::identity_uri: {get_input: keystone_identity_uri}
1234 cinder::api::bind_host: {get_input: cinder_api_network}
1235 cinder::rabbit_userid: {get_input: rabbit_username}
1236 cinder::rabbit_password: {get_input: rabbit_password}
1237 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1238 cinder::rabbit_port: {get_input: rabbit_client_port}
1239 cinder::debug: {get_input: debug}
1240 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
1241 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
1242 cinder_backend_config: {get_input: CinderBackendConfig}
1243 cinder::db::mysql::password: {get_input: cinder_password}
1246 glance::api::bind_port: {get_input: glance_port}
1247 glance::api::bind_host: {get_input: glance_api_network}
1248 glance::api::auth_uri: {get_input: keystone_auth_uri}
1249 glance::api::identity_uri: {get_input: keystone_identity_uri}
1250 glance::api::registry_host: {get_input: glance_registry_host}
1251 glance::api::keystone_password: {get_input: glance_password}
1252 glance::api::debug: {get_input: debug}
1253 glance::api::workers: {get_input: glance_workers}
1254 glance_notifier_strategy: {get_input: glance_notifier_strategy}
1255 glance_log_file: {get_input: glance_log_file}
1256 glance_log_file: {get_input: glance_log_file}
1257 glance::api::database_connection: {get_input: glance_dsn}
1258 glance::registry::keystone_password: {get_input: glance_password}
1259 glance::registry::database_connection: {get_input: glance_dsn}
1260 glance::registry::bind_host: {get_input: glance_registry_network}
1261 glance::registry::auth_uri: {get_input: keystone_auth_uri}
1262 glance::registry::identity_uri: {get_input: keystone_identity_uri}
1263 glance::registry::debug: {get_input: debug}
1264 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_uri}
1265 glance::registry::workers: {get_input: glance_workers}
1266 glance::backend::swift::swift_store_user: service:glance
1267 glance::backend::swift::swift_store_key: {get_input: glance_password}
1268 glance_backend: {get_input: glance_backend}
1269 glance::db::mysql::password: {get_input: glance_password}
1270 glance_file_pcmk_device: {get_input: glance_file_pcmk_device}
1271 glance_file_pcmk_fstype: {get_input: glance_file_pcmk_fstype}
1272 glance_file_pcmk_manage: {get_input: glance_file_pcmk_manage}
1273 glance_file_pcmk_options: {get_input: glance_file_pcmk_options}
1276 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
1277 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
1278 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
1279 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
1280 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
1281 heat::rabbit_userid: {get_input: rabbit_username}
1282 heat::rabbit_password: {get_input: rabbit_password}
1283 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1284 heat::rabbit_port: {get_input: rabbit_client_port}
1285 heat::auth_uri: {get_input: keystone_auth_uri}
1286 heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
1287 heat::identity_uri: {get_input: keystone_identity_uri}
1288 heat::keystone_password: {get_input: heat_password}
1289 heat::api::bind_host: {get_input: heat_api_network}
1290 heat::api::workers: {get_input: heat_workers}
1291 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
1292 heat::api_cloudwatch::workers: {get_input: heat_workers}
1293 heat::api_cfn::bind_host: {get_input: heat_api_network}
1294 heat::api_cfn::workers: {get_input: heat_workers}
1295 heat::database_connection: {get_input: heat_dsn}
1296 heat::debug: {get_input: debug}
1297 heat::db::mysql::password: {get_input: heat_password}
1300 keystone::admin_token: {get_input: admin_token}
1301 keystone_ca_certificate: {get_input: keystone_ca_certificate}
1302 keystone_signing_key: {get_input: keystone_signing_key}
1303 keystone_signing_certificate: {get_input: keystone_signing_certificate}
1304 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
1305 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
1306 keystone::database_connection: {get_input: keystone_dsn}
1307 keystone::public_bind_host: {get_input: keystone_public_api_network}
1308 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
1309 keystone::debug: {get_input: debug}
1310 keystone::db::mysql::password: {get_input: admin_token}
1311 keystone::rabbit_userid: {get_input: rabbit_username}
1312 keystone::rabbit_password: {get_input: rabbit_password}
1313 keystone::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1314 keystone::rabbit_port: {get_input: rabbit_client_port}
1315 keystone::notification_driver: {get_input: keystone_notification_driver}
1316 keystone::notification_format: {get_input: keystone_notification_format}
1317 keystone::roles::admin::email: {get_input: admin_email}
1318 keystone::roles::admin::password: {get_input: admin_password}
1319 keystone::endpoint::public_url: {get_input: keystone_public_url}
1320 keystone::endpoint::internal_url: {get_input: keystone_internal_url}
1321 keystone::endpoint::admin_url: {get_input: keystone_identity_uri}
1322 keystone::endpoint::region: {get_input: keystone_region}
1323 keystone::admin_workers: {get_input: keystone_workers}
1324 keystone::public_workers: {get_input: keystone_workers}
1327 mongodb::server::bind_ip: {get_input: mongo_db_network}
1328 mongodb::server::nojournal: {get_input: mongodb_no_journal}
1330 admin_password: {get_input: admin_password}
1331 enable_galera: {get_input: enable_galera}
1332 enable_ceph_storage: {get_input: enable_ceph_storage}
1333 enable_swift_storage: {get_input: enable_swift_storage}
1334 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
1335 mysql_max_connections: {get_input: mysql_max_connections}
1336 mysql::server::root_password: {get_input: mysql_root_password}
1337 mysql_cluster_name: {get_input: mysql_cluster_name}
1338 mysql_bind_host: {get_input: mysql_network}
1339 mysql_virtual_ip: {get_input: mysql_virtual_ip}
1342 neutron::bind_host: {get_input: neutron_api_network}
1343 neutron::rabbit_password: {get_input: rabbit_password}
1344 neutron::rabbit_user: {get_input: rabbit_username}
1345 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1346 neutron::rabbit_port: {get_input: rabbit_client_port}
1347 neutron::debug: {get_input: debug}
1348 neutron::server::auth_uri: {get_input: keystone_auth_uri}
1349 neutron::server::identity_uri: {get_input: keystone_identity_uri}
1350 neutron::server::database_connection: {get_input: neutron_dsn}
1351 neutron::server::api_workers: {get_input: neutron_workers}
1352 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
1353 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
1354 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
1355 neutron::agents::dhcp::enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata}
1356 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
1357 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
1358 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1359 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
1360 neutron::agents::metadata::metadata_workers: {get_input: neutron_workers}
1361 neutron_agent_mode: {get_input: neutron_agent_mode}
1362 neutron_router_distributed: {get_input: neutron_router_distributed}
1363 neutron::core_plugin: {get_input: neutron_core_plugin}
1364 neutron::service_plugins: {get_input: neutron_service_plugins}
1365 neutron::enable_dhcp_agent: {get_input: neutron_enable_dhcp_agent}
1366 neutron::enable_l3_agent: {get_input: neutron_enable_l3_agent}
1367 neutron::enable_metadata_agent: {get_input: neutron_enable_metadata_agent}
1368 neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent}
1369 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
1370 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
1371 neutron::plugins::ml2::extension_drivers: {get_input: neutron_plugin_extensions}
1372 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
1373 neutron::server::l3_ha: {get_input: neutron_l3_ha}
1374 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
1375 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
1376 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
1377 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
1378 neutron::agents::ml2::ovs:bridge_mappings: {get_input: neutron_bridge_mappings}
1379 neutron_public_interface: {get_input: neutron_public_interface}
1380 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
1381 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
1382 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
1383 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
1384 neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types}
1385 neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions}
1386 neutron::server::auth_password: {get_input: neutron_password}
1387 neutron::agents::metadata::auth_password: {get_input: neutron_password}
1388 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
1389 neutron_dsn: {get_input: neutron_dsn}
1390 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1391 neutron::db::mysql::password: {get_input: neutron_password}
1392 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
1393 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
1394 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
1395 neutron::keystone::auth::password: {get_input: neutron_password }
1396 neutron::keystone::auth::region: {get_input: keystone_region}
1397 neutron::server::notifications::nova_url: {get_input: nova_internal_url}
1398 neutron::server::notifications::auth_url: {get_input: neutron_admin_auth_url}
1399 neutron::server::notifications::tenant_name: 'service'
1400 neutron::server::notifications::password: {get_input: nova_password}
1403 ceilometer_backend: {get_input: ceilometer_backend}
1404 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1405 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1406 ceilometer::rabbit_userid: {get_input: rabbit_username}
1407 ceilometer::rabbit_password: {get_input: rabbit_password}
1408 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1409 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1410 ceilometer::debug: {get_input: debug}
1411 ceilometer::api::host: {get_input: ceilometer_api_network}
1412 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1413 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1414 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1415 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1416 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
1417 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1418 ceilometer::db::mysql::password: {get_input: ceilometer_password}
1419 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1420 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1423 nova::rabbit_userid: {get_input: rabbit_username}
1424 nova::rabbit_password: {get_input: rabbit_password}
1425 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1426 nova::rabbit_port: {get_input: rabbit_client_port}
1427 nova::debug: {get_input: debug}
1428 nova::api::auth_uri: {get_input: keystone_auth_uri}
1429 nova::api::identity_uri: {get_input: keystone_identity_uri}
1430 nova::api::api_bind_address: {get_input: nova_api_network}
1431 nova::api::metadata_listen: {get_input: nova_metadata_network}
1432 nova::api::admin_password: {get_input: nova_password}
1433 nova::api::osapi_compute_workers: {get_input: nova_workers}
1434 nova::api::ec2_workers: {get_input: nova_workers}
1435 nova::api::metadata_workers: {get_input: nova_workers}
1436 nova::database_connection: {get_input: nova_dsn}
1437 nova::glance_api_servers: {get_input: glance_api_servers}
1438 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1439 nova::api::instance_name_template: {get_input: instance_name_template}
1440 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
1441 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1442 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
1443 nova::vncproxy::host: {get_input: nova_api_network}
1444 nova::db::mysql::password: {get_input: nova_password}
1445 nova_enable_db_purge: {get_input: nova_enable_db_purge}
1448 apache::ip: {get_input: horizon_network}
1449 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1450 horizon::django_debug: {get_input: debug}
1451 horizon::secret_key: {get_input: horizon_secret}
1452 horizon::bind_address: {get_input: horizon_network}
1453 horizon::keystone_url: {get_input: keystone_auth_uri}
1456 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1457 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1458 rabbitmq::file_limit: {get_input: rabbit_fd_limit}
1459 rabbitmq::default_user: {get_input: rabbit_username}
1460 rabbitmq::default_pass: {get_input: rabbit_password}
1462 redis::bind: {get_input: redis_network}
1463 redis_vip: {get_input: redis_vip}
1465 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1466 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1468 memcached::listen_ip: {get_input: memcached_network}
1469 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1470 ntp::servers: {get_input: ntp_servers}
1471 timezone::timezone: {get_input: timezone}
1472 control_virtual_interface: {get_input: control_virtual_interface}
1473 public_virtual_interface: {get_input: public_virtual_interface}
1474 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1475 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1476 tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address}
1477 tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1478 tripleo::packages::enable_install: {get_input: enable_package_install}
1479 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1481 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1482 ControllerExtraConfigPre:
1483 depends_on: ControllerDeployment
1484 type: OS::TripleO::ControllerExtraConfigPre
1486 server: {get_resource: Controller}
1488 # Hook for site-specific additional pre-deployment config,
1489 # applying to all nodes, e.g node registration/unregistration
1491 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1492 type: OS::TripleO::NodeExtraConfig
1494 server: {get_resource: Controller}
1497 type: OS::TripleO::Tasks::PackageUpdate
1500 type: OS::Heat::SoftwareDeployment
1502 config: {get_resource: UpdateConfig}
1503 server: {get_resource: Controller}
1506 get_param: UpdateIdentifier
1510 description: IP address of the server in the ctlplane network
1511 value: {get_attr: [Controller, networks, ctlplane, 0]}
1512 external_ip_address:
1513 description: IP address of the server in the external network
1514 value: {get_attr: [ExternalPort, ip_address]}
1515 internal_api_ip_address:
1516 description: IP address of the server in the internal_api network
1517 value: {get_attr: [InternalApiPort, ip_address]}
1519 description: IP address of the server in the storage network
1520 value: {get_attr: [StoragePort, ip_address]}
1521 storage_mgmt_ip_address:
1522 description: IP address of the server in the storage_mgmt network
1523 value: {get_attr: [StorageMgmtPort, ip_address]}
1525 description: IP address of the server in the tenant network
1526 value: {get_attr: [TenantPort, ip_address]}
1527 management_ip_address:
1528 description: IP address of the server in the management network
1529 value: {get_attr: [ManagementPort, ip_address]}
1531 description: Hostname of the server
1532 value: {get_attr: [Controller, name]}
1535 Node object in the format {ip: ..., name: ...} format that the corosync
1538 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1539 name: {get_attr: [Controller, name]}
1542 Server's IP address and hostname in the /etc/hosts format
1545 template: IP HOST.DOMAIN HOST CLOUDNAME
1547 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1548 DOMAIN: {get_param: CloudDomain}
1549 HOST: {get_attr: [Controller, name]}
1550 CLOUDNAME: {get_param: CloudName}
1551 nova_server_resource:
1552 description: Heat resource handle for the Nova compute server
1554 {get_resource: Controller}
1556 description: Swift device formatted for swift-ring-builder
1559 template: 'r1z1-IP:%PORT%/d1'
1561 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1562 swift_proxy_memcache:
1563 description: Swift proxy-memcache value
1566 template: "IP:11211"
1568 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1570 description: identifier which changes if the controller configuration may need re-applying
1574 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1575 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1576 - {get_attr: [NodeTLSData, deploy_stdout]}
1577 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1578 - {get_param: UpdateIdentifier}
1579 tls_key_modulus_md5:
1580 description: MD5 checksum of the TLS Key Modulus
1581 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1582 tls_cert_modulus_md5:
1583 description: MD5 checksum of the TLS Certificate Modulus
1584 value: {get_attr: [NodeTLSData, cert_modulus_md5]}