1 heat_template_version: 2015-10-15
4 OpenStack controller node configured by Puppet.
8 default: 'admin@example.com'
9 description: The email for the keystone admin account.
14 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
19 description: The keystone auth secret and db password.
22 CeilometerApiVirtualIP:
27 description: The ceilometer backend type.
29 CeilometerMeteringSecret:
31 description: Secret shared by the ceilometer services.
36 description: The password for the ceilometer service and db account.
44 description: Number of workers for Ceilometer service.
46 CinderEnableNfsBackend:
48 description: Whether to enable or not the NFS backend for Cinder
50 CinderEnableIscsiBackend:
52 description: Whether to enable or not the Iscsi backend for Cinder
54 CinderEnableRbdBackend:
56 description: Whether to enable or not the Rbd backend for Cinder
60 description: The iSCSI helper to use with cinder.
62 CinderLVMLoopDeviceSize:
64 description: The size of the loopback file used by the cinder LVM driver.
66 CinderNfsMountOptions:
69 Mount options for NFS mounts used by Cinder NFS backend. Effective
70 when CinderEnableNfsBackend is true.
75 NFS servers used by Cinder NFS backend. Effective when
76 CinderEnableNfsBackend is true.
77 type: comma_delimited_list
80 description: The password for the cinder service and db account, used by cinder-api.
85 description: Contains parameters to configure Cinder backends. Typically
86 set via parameter_defaults in the resource registry.
90 description: Number of workers for Cinder service.
94 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
96 ControllerExtraConfig:
99 Controller specific hiera configuration data to inject into the cluster.
101 ControlVirtualInterface:
103 description: Interface where virtual ip will be assigned.
107 description: Set to True to enable debugging on all services.
111 description: Whether to enable fencing in Pacemaker or not.
115 description: Whether to use Galera instead of regular MariaDB.
119 description: Whether to deploy a LoadBalancer on the Controller
123 description: Whether to deploy Ceph Storage (OSD) on the Controller
127 description: Whether to enable Swift Storage on the Controller
132 Additional hieradata to inject into the cluster, note that
133 ControllerExtraConfig takes precedence over ExtraConfig.
138 Pacemaker fencing configuration. The JSON should have
139 the following structure:
143 "agent": "AGENT_NAME",
144 "host_mac": "HOST_MAC_ADDRESS",
145 "params": {"PARAM_NAME": "PARAM_VALUE"}
153 "agent": "fence_xvm",
154 "host_mac": "52:54:00:aa:bb:cc",
156 "multicast_address": "225.0.0.12",
157 "port": "baremetal_0",
159 "manage_key_file": true,
160 "key_file": "/etc/fence_xvm.key",
161 "key_file_password": "abcdef"
168 description: Flavor for control nodes to request when deploying.
171 - custom_constraint: nova.flavor
172 GlanceNotifierStrategy:
173 description: Strategy to use for Glance notification queue
177 description: The filepath of the file to use for logging messages from Glance.
182 description: The password for the glance service and db account, used by the glance services.
187 description: The short name of the Glance backend to use. Should be one
188 of swift, rbd, or file
191 - allowed_values: ['swift', 'file', 'rbd']
192 GlanceFilePcmkDevice:
195 An exported storage device that should be mounted by Pacemaker
196 as Glance storage. Effective when GlanceFilePcmkManage is true.
198 GlanceFilePcmkFstype:
201 Filesystem type for Pacemaker mount used as Glance storage.
202 Effective when GlanceFilePcmkManage is true.
204 GlanceFilePcmkManage:
207 Whether to make Glance file backend a mount managed by Pacemaker.
208 Effective when GlanceBackend is 'file'.
210 GlanceFilePcmkOptions:
213 Mount options for Pacemaker mount used as Glance storage.
214 Effective when GlanceFilePcmkManage is true.
216 HAProxySyslogAddress:
218 description: Syslog address where HAproxy will send its log
222 description: Number of workers for Glance service.
226 description: The password for the Heat service and db account, used by the Heat services.
229 HeatStackDomainAdminPassword:
230 description: Password for heat_domain_admin user.
234 HeatAuthEncryptionKey:
235 description: Auth encryption key for heat-engine
240 description: A list of IP/Hostname allowed to connect to horizon
241 type: comma_delimited_list
244 description: Number of workers for Heat service.
247 description: Secret key for Django
252 default: overcloud-control
254 - custom_constraint: glance.image
256 default: 'REBUILD_PRESERVE_EPHEMERAL'
257 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
259 InstanceNameTemplate:
260 default: 'instance-%08x'
261 description: Template string to be used to generate instance names
265 description: Name of an existing Nova key pair to enable SSH access to the instances
268 - custom_constraint: nova.keypair
269 KeystoneCACertificate:
271 description: Keystone self-signed certificate authority certificate.
273 KeystoneSigningCertificate:
275 description: Keystone certificate for verifying token validity.
279 description: Keystone key for signing tokens.
282 KeystoneSSLCertificate:
284 description: Keystone certificate for verifying token validity.
286 KeystoneSSLCertificateKey:
288 description: Keystone key for signing tokens.
291 KeystoneNotificationDriver:
292 description: Comma-separated list of Oslo notification drivers used by Keystone
293 default: ['messaging']
294 type: comma_delimited_list
295 KeystoneNotificationFormat:
296 description: The Keystone notification format
300 - allowed_values: [ 'basic', 'cadf' ]
304 description: Keystone region for endpoint
307 description: Whether to manage IPtables rules.
311 description: Whether IPtables rules should be purged before setting up the new ones.
315 description: Number of workers for Keystone service.
317 MysqlClusterUniquePart:
318 description: A unique identifier of the MySQL cluster the controller is in.
320 default: 'unset' # Has to be here because of the ignored empty value bug
321 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
323 # - length: {min: 4, max: 10}
324 MysqlInnodbBufferPoolSize:
326 Specifies the size of the buffer pool in megabytes. Setting to
327 zero should be interpreted as "no value" and will defer to the
332 description: Configures MySQL max_connections config setting
338 default: '' # Has to be here because of the ignored empty value bug
339 NeutronExternalNetworkBridge:
340 description: Name of bridge used for external network traffic.
343 NeutronBridgeMappings:
345 The OVS logical->physical bridge mappings to use. See the Neutron
346 documentation for details. Defaults to mapping br-ex - the external
347 bridge on hosts - to a physical name 'datacentre' which can be used
348 to create provider networks (and we use this for the default floating
349 network) - if changing this either use different post-install network
350 scripts or be sure to keep 'datacentre' as a mapping network name.
351 type: comma_delimited_list
352 default: "datacentre:br-ex"
353 NeutronDnsmasqOptions:
354 default: 'dhcp-option-force=26,1400'
355 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
357 NeutronEnableDHCPAgent:
358 description: Knob to enable/disable DHCP Agent
361 NeutronEnableL3Agent:
362 description: Knob to enable/disable L3 agent
365 NeutronEnableMetadataAgent:
366 description: Knob to enable/disable Metadata agent
369 NeutronEnableOVSAgent:
370 description: Knob to enable/disable OVS Agent
375 description: Agent mode for the neutron-l3-agent on the controller hosts
379 description: Whether to enable l3-agent HA
381 NeutronDhcpAgentsPerNetwork:
384 description: The number of neutron dhcp agents to schedule per network
387 description: Whether to configure Neutron Distributed Virtual Routers
389 NeutronMetadataProxySharedSecret:
391 description: Shared secret to prevent spoofing
397 The core plugin for Neutron. The value should be the entrypoint to be loaded
398 from neutron.core_plugins namespace.
400 NeutronServicePlugins:
403 Comma-separated list of service plugin entrypoints to be loaded from the
404 neutron.service_plugins namespace.
405 type: comma_delimited_list
407 default: "vxlan,vlan,flat,gre"
409 Comma-separated list of network type driver entrypoints to be loaded.
410 type: comma_delimited_list
411 NeutronMechanismDrivers:
412 default: 'openvswitch'
414 The mechanism drivers for the Neutron tenant network.
415 type: comma_delimited_list
416 NeutronAllowL3AgentFailover:
418 description: Allow automatic l3-agent failover
420 NeutronEnableIsolatedMetadata:
422 description: If True, DHCP provide metadata route to VM.
424 NeutronEnableTunnelling:
430 Enable/disable the L2 population feature in the Neutron agents.
433 type: comma_delimited_list
434 default: 'datacentre'
435 description: If set, flat networks to configure in neutron plugins.
438 description: Whether to enable l3-agent HA
442 description: The tenant network type for Neutron.
443 type: comma_delimited_list
444 NeutronNetworkVLANRanges:
445 default: 'datacentre'
447 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
448 Neutron documentation for permitted values. Defaults to permitting any
449 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
450 type: comma_delimited_list
453 description: The password for the neutron service and db account, used by neutron agents.
456 NeutronPublicInterface:
458 description: What interface to bridge onto br-ex for network nodes.
460 NeutronPublicInterfaceTag:
463 VLAN tag for creating a public VLAN. The tag will be used to
464 create an access port on the exterior bridge for each control plane node,
465 and that port will be given the IP address returned by neutron from the
466 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
467 overcloud.yaml to include the deployment of VLAN ports to the control
470 NeutronPublicInterfaceDefaultRoute:
472 description: A custom default route for the NeutronPublicInterface.
474 NeutronPublicInterfaceIP:
476 description: A custom IP address to put onto the NeutronPublicInterface.
478 NeutronPublicInterfaceRawDevice:
480 description: If set, the public interface is a vlan with this device as the raw device.
485 The tunnel types for the Neutron tenant network.
486 type: comma_delimited_list
487 NeutronTunnelIdRanges:
489 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
490 of GRE tunnel IDs that are available for tenant network allocation
491 default: ["1:1000", ]
492 type: comma_delimited_list
495 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
496 of VXLAN VNI IDs that are available for tenant network allocation
497 default: ["1:1000", ]
498 type: comma_delimited_list
504 description: Number of workers for Neutron service.
508 description: The password for the nova service and db account, used by nova-api.
513 description: Number of workers for Nova service.
517 description: Should MongoDb journaling be disabled
521 description: Comma-separated list of ntp servers
522 type: comma_delimited_list
525 description: The password for the 'pcsd' user.
527 PublicVirtualInterface:
530 Specifies the interface where the public-facing virtual ip will be assigned.
531 This should be int_public when a VLAN is being used.
535 default: '' # Has to be here because of the ignored empty value bug
538 default: '' # Has to be here because of the ignored empty value bug
542 description: The password for RabbitMQ
547 description: The username for RabbitMQ
552 Rabbit client subscriber parameter to specify
553 an SSL connection to the RabbitMQ host.
557 description: Set rabbit subscriber port, change this if using SSL
561 description: Configures RabbitMQ FD limit
565 default: '' # Has to be here because of the ignored empty value bug
566 SnmpdReadonlyUserName:
567 default: ro_snmp_user
568 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
570 SnmpdReadonlyUserPassword:
572 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
577 description: A random string to be used as a salt when hashing to determine mappings
583 description: Value of mount_check in Swift account/container/object -server.conf
588 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
591 description: Partition Power to use when building Swift rings
595 description: The password for the swift service account, used by the swift proxy
605 description: How many replicas to use in the swift rings.
608 description: Number of workers for Swift service.
610 VirtualIP: # DEPRECATED: use per service settings instead
612 default: '' # Has to be here because of the ignored empty value bug
619 GlanceRegistryVirtualIP:
625 KeystoneAdminApiVirtualIP:
628 KeystonePublicApiVirtualIP:
634 EnablePackageInstall:
636 description: Set to true to enable package installation via Puppet
640 description: Mapping of service_name -> network name. Typically set
641 via parameter_defaults in the resource registry.
645 description: Mapping of service endpoint -> protocol. Typically set
646 via parameter_defaults in the resource registry.
652 Setting to a previously unused value during stack-update will trigger
653 package update on all nodes
656 default: '' # Defaults to Heat created hostname
657 NetworkDeploymentActions:
658 type: comma_delimited_list
660 Heat action when to apply network configuration changes
669 The DNS domain used for the hosts. This should match the dhcp_domain
670 configured in the Undercloud neutron. Defaults to localdomain.
674 Extra properties or metadata passed to Nova for the created nodes in
675 the overcloud. It's accessible via the Nova metadata API.
679 description: Optional scheduler hints to pass to nova
685 type: OS::Nova::Server
687 image: {get_param: Image}
688 image_update_policy: {get_param: ImageUpdatePolicy}
689 flavor: {get_param: Flavor}
690 key_name: {get_param: KeyName}
693 user_data_format: SOFTWARE_CONFIG
694 user_data: {get_resource: UserData}
695 name: {get_param: Hostname}
696 metadata: {get_param: ServerMetadata}
697 scheduler_hints: {get_param: SchedulerHints}
699 # Combine the NodeAdminUserData and NodeUserData mime archives
701 type: OS::Heat::MultipartMime
704 - config: {get_resource: NodeAdminUserData}
706 - config: {get_resource: NodeUserData}
709 # Creates the "heat-admin" user if configured via the environment
710 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
712 type: OS::TripleO::NodeAdminUserData
714 # For optional operator additional userdata
715 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
717 type: OS::TripleO::NodeUserData
720 type: OS::TripleO::Controller::Ports::ExternalPort
722 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
725 type: OS::TripleO::Controller::Ports::InternalApiPort
727 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
730 type: OS::TripleO::Controller::Ports::StoragePort
732 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
735 type: OS::TripleO::Controller::Ports::StorageMgmtPort
737 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
740 type: OS::TripleO::Controller::Ports::TenantPort
742 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
745 type: OS::TripleO::Network::Ports::NetIpMap
747 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
748 ExternalIp: {get_attr: [ExternalPort, ip_address]}
749 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
750 StorageIp: {get_attr: [StoragePort, ip_address]}
751 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
752 TenantIp: {get_attr: [TenantPort, ip_address]}
755 type: OS::TripleO::Network::Ports::NetIpSubnetMap
757 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
758 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
759 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
760 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
761 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
762 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
765 type: OS::TripleO::Controller::Net::SoftwareConfig
767 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
768 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
769 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
770 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
771 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
772 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
775 type: OS::TripleO::SoftwareDeployment
777 config: {get_resource: NetworkConfig}
778 server: {get_resource: Controller}
779 actions: {get_param: NetworkDeploymentActions}
782 interface_name: {get_param: NeutronPublicInterface}
784 # Resource for site-specific injection of root certificate
786 depends_on: NetworkDeployment
787 type: OS::TripleO::NodeTLSCAData
789 server: {get_resource: Controller}
791 # Resource for site-specific passing of private keys/certificates
793 depends_on: NodeTLSCAData
794 type: OS::TripleO::NodeTLSData
796 server: {get_resource: Controller}
797 NodeIndex: {get_param: NodeIndex}
799 ControllerDeployment:
800 type: OS::TripleO::SoftwareDeployment
801 depends_on: NetworkDeployment
803 config: {get_resource: ControllerConfig}
804 server: {get_resource: Controller}
806 bootstack_nodeid: {get_attr: [Controller, name]}
807 ceilometer_workers: {get_param: CeilometerWorkers}
808 cinder_workers: {get_param: CinderWorkers}
809 glance_workers: {get_param: GlanceWorkers}
810 heat_workers: {get_param: HeatWorkers}
811 keystone_workers: {get_param: KeystoneWorkers}
812 nova_workers: {get_param: NovaWorkers}
813 neutron_workers: {get_param: NeutronWorkers}
814 swift_workers: {get_param: SwiftWorkers}
815 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
816 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
817 neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
818 haproxy_log_address: {get_param: HAProxySyslogAddress}
819 heat.watch_server_url:
823 - {get_param: HeatApiVirtualIP}
825 heat.metadata_server_url:
829 - {get_param: HeatApiVirtualIP}
831 heat.waitcondition_server_url:
835 - {get_param: HeatApiVirtualIP}
836 - ':8000/v1/waitcondition'
837 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
838 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
839 horizon_secret: {get_param: HorizonSecret}
840 admin_email: {get_param: AdminEmail}
841 admin_password: {get_param: AdminPassword}
842 admin_token: {get_param: AdminToken}
843 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
844 debug: {get_param: Debug}
845 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
846 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
847 cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
852 SERVERS: {get_param: CinderNfsServers}
853 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
854 cinder_password: {get_param: CinderPassword}
855 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
856 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
857 cinder_backend_config: {get_param: CinderBackendConfig}
861 - - 'mysql://cinder:'
862 - {get_param: CinderPassword}
864 - {get_param: MysqlVirtualIP}
866 glance_port: {get_param: [EndpointMap, GlanceInternal, port]}
867 glance_password: {get_param: GlancePassword}
868 glance_backend: {get_param: GlanceBackend}
869 glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice}
870 glance_file_pcmk_fstype: {get_param: GlanceFilePcmkFstype}
871 glance_file_pcmk_manage: {get_param: GlanceFilePcmkManage}
872 glance_file_pcmk_options: {get_param: GlanceFilePcmkOptions}
873 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
874 glance_log_file: {get_param: GlanceLogFile}
878 - - 'mysql://glance:'
879 - {get_param: GlancePassword}
881 - {get_param: MysqlVirtualIP}
883 heat_password: {get_param: HeatPassword}
884 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
889 - {get_param: HeatPassword}
891 - {get_param: MysqlVirtualIP}
893 keystone_ca_certificate: {get_param: KeystoneCACertificate}
894 keystone_signing_key: {get_param: KeystoneSigningKey}
895 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
896 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
897 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
898 keystone_notification_driver: {get_param: KeystoneNotificationDriver}
899 keystone_notification_format: {get_param: KeystoneNotificationFormat}
903 - - 'mysql://keystone:'
904 - {get_param: AdminToken}
906 - {get_param: MysqlVirtualIP}
908 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
909 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
910 keystone_public_url: { get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
911 keystone_internal_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
912 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
913 enable_fencing: {get_param: EnableFencing}
914 enable_galera: {get_param: EnableGalera}
915 enable_load_balancer: {get_param: EnableLoadBalancer}
916 enable_ceph_storage: {get_param: EnableCephStorage}
917 enable_swift_storage: {get_param: EnableSwiftStorage}
918 manage_firewall: {get_param: ManageFirewall}
919 purge_firewall_rules: {get_param: PurgeFirewallRules}
920 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
921 mysql_max_connections: {get_param: MysqlMaxConnections}
922 mysql_root_password: {get_param: MysqlRootPassword}
925 template: tripleo-CLUSTER
927 CLUSTER: {get_param: MysqlClusterUniquePart}
928 neutron_flat_networks:
932 NETWORKS: {get_param: NeutronFlatNetworks}
933 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
934 neutron_agent_mode: {get_param: NeutronAgentMode}
935 neutron_router_distributed: {get_param: NeutronDVR}
936 neutron_core_plugin: {get_param: NeutronCorePlugin}
937 neutron_service_plugins:
941 PLUGINS: {get_param: NeutronServicePlugins}
942 neutron_type_drivers:
946 DRIVERS: {get_param: NeutronTypeDrivers}
947 neutron_enable_dhcp_agent: {get_param: NeutronEnableDHCPAgent}
948 neutron_enable_l3_agent: {get_param: NeutronEnableL3Agent}
949 neutron_enable_metadata_agent: {get_param: NeutronEnableMetadataAgent}
950 neutron_enable_ovs_agent: {get_param: NeutronEnableOVSAgent}
951 neutron_mechanism_drivers:
955 MECHANISMS: {get_param: NeutronMechanismDrivers}
956 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
957 neutron_l3_ha: {get_param: NeutronL3HA}
958 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
959 neutron_network_vlan_ranges:
963 RANGES: {get_param: NeutronNetworkVLANRanges}
964 neutron_bridge_mappings:
968 MAPPINGS: {get_param: NeutronBridgeMappings}
969 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
970 neutron_public_interface: {get_param: NeutronPublicInterface}
971 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
972 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
973 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
974 neutron_tunnel_id_ranges:
978 RANGES: {get_param: NeutronTunnelIdRanges}
983 RANGES: {get_param: NeutronVniRanges}
984 neutron_tenant_network_types:
988 TYPES: {get_param: NeutronNetworkType}
989 neutron_tunnel_types:
993 TYPES: {get_param: NeutronTunnelTypes}
994 neutron_password: {get_param: NeutronPassword}
995 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
999 - - 'mysql://neutron:'
1000 - {get_param: NeutronPassword}
1002 - {get_param: MysqlVirtualIP}
1003 - '/ovs_neutron?charset=utf8'
1004 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
1005 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
1006 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
1007 neutron_admin_auth_url: { get_param: [ EndpointMap, KeystoneAdmin, uri ] }
1008 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
1009 ceilometer_backend: {get_param: CeilometerBackend}
1010 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
1011 ceilometer_password: {get_param: CeilometerPassword}
1012 ceilometer_coordination_url:
1016 - {get_param: RedisVirtualIP}
1021 - - 'mysql://ceilometer:'
1022 - {get_param: CeilometerPassword}
1024 - {get_param: MysqlVirtualIP}
1026 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
1027 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
1028 nova_password: {get_param: NovaPassword}
1033 - {get_param: NovaPassword}
1035 - {get_param: MysqlVirtualIP}
1037 instance_name_template: {get_param: InstanceNameTemplate}
1038 fencing_config: {get_param: FencingConfig}
1039 pcsd_password: {get_param: PcsdPassword}
1040 rabbit_username: {get_param: RabbitUserName}
1041 rabbit_password: {get_param: RabbitPassword}
1042 rabbit_cookie: {get_param: RabbitCookie}
1043 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
1044 rabbit_client_port: {get_param: RabbitClientPort}
1045 mongodb_no_journal: {get_param: MongoDbNoJournal}
1046 # We need to force this into quotes or hiera will return integer causing
1047 # the puppet module validation regexp to fail.
1048 # Remove when: https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/401
1053 LIMIT: {get_param: RabbitFDLimit}
1054 ntp_servers: {get_param: NtpServer}
1055 control_virtual_interface: {get_param: ControlVirtualInterface}
1056 public_virtual_interface: {get_param: PublicVirtualInterface}
1057 swift_hash_suffix: {get_param: SwiftHashSuffix}
1058 swift_password: {get_param: SwiftPassword}
1059 swift_part_power: {get_param: SwiftPartPower}
1060 swift_replicas: {get_param: SwiftReplicas}
1061 swift_min_part_hours: {get_param: SwiftMinPartHours}
1062 swift_mount_check: {get_param: SwiftMountCheck}
1063 enable_package_install: {get_param: EnablePackageInstall}
1064 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
1065 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
1066 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1067 cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
1068 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
1069 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
1070 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
1071 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
1072 glance_registry_host: {get_param: GlanceRegistryVirtualIP}
1073 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
1074 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
1075 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
1076 keystone_region: {get_param: KeystoneRegion}
1077 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
1078 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
1079 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
1080 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
1081 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
1082 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
1083 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
1084 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
1085 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
1086 redis_vip: {get_param: RedisVirtualIP}
1087 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1088 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
1089 mysql_virtual_ip: {get_param: MysqlVirtualIP}
1090 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
1091 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1092 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1094 # Map heat metadata into hiera datafiles
1096 type: OS::Heat::StructuredConfig
1098 group: os-apply-config
1103 - heat_config_%{::deploy_config_name}
1104 - controller_extraconfig
1109 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
1110 - ceph_cluster # provided by CephClusterConfig
1112 - bootstrap_node # provided by BootstrapNodeConfig
1113 - all_nodes # provided by allNodesConfig
1114 - vip_data # provided by vip-config
1117 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
1118 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
1119 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
1120 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
1121 - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
1123 controller_extraconfig:
1124 mapped_data: {get_param: ControllerExtraConfig}
1126 mapped_data: {get_param: ExtraConfig}
1128 raw_data: {get_file: hieradata/common.yaml}
1130 raw_data: {get_file: hieradata/ceph.yaml}
1132 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
1133 ceph::profile::params::public_network: {get_input: ceph_public_network}
1134 ceph::mon::public_addr: {get_input: ceph_public_ip}
1136 raw_data: {get_file: hieradata/database.yaml}
1138 raw_data: {get_file: hieradata/object.yaml}
1140 raw_data: {get_file: hieradata/controller.yaml}
1141 mapped_data: # data supplied directly to this deployment configuration, etc
1142 bootstack_nodeid: {get_input: bootstack_nodeid}
1145 enable_fencing: {get_input: enable_fencing}
1146 enable_load_balancer: {get_input: enable_load_balancer}
1147 hacluster_pwd: {get_input: pcsd_password}
1148 tripleo::fencing::config: {get_input: fencing_config}
1151 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
1152 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
1153 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
1154 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
1155 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
1156 swift::proxy::authtoken::admin_password: {get_input: swift_password}
1157 swift::proxy::workers: {get_input: swift_workers}
1158 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
1159 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
1160 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
1161 swift_mount_check: {get_input: swift_mount_check}
1163 # NOTE(dprince): build_ring support is currently not wired in.
1164 # See: https://review.openstack.org/#/c/109225/
1165 tripleo::ringbuilder::build_ring: True
1168 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
1169 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
1170 cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
1171 cinder_nfs_servers: {get_input: cinder_nfs_servers}
1172 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
1173 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
1174 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
1175 cinder::database_connection: {get_input: cinder_dsn}
1176 cinder::api::keystone_password: {get_input: cinder_password}
1177 cinder::api::auth_uri: {get_input: keystone_auth_uri}
1178 cinder::api::identity_uri: {get_input: keystone_identity_uri}
1179 cinder::api::bind_host: {get_input: cinder_api_network}
1180 cinder::rabbit_userid: {get_input: rabbit_username}
1181 cinder::rabbit_password: {get_input: rabbit_password}
1182 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1183 cinder::rabbit_port: {get_input: rabbit_client_port}
1184 cinder::debug: {get_input: debug}
1185 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
1186 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
1187 cinder_backend_config: {get_input: CinderBackendConfig}
1188 cinder::db::mysql::password: {get_input: cinder_password}
1191 glance::api::bind_port: {get_input: glance_port}
1192 glance::api::bind_host: {get_input: glance_api_network}
1193 glance::api::auth_uri: {get_input: keystone_auth_uri}
1194 glance::api::identity_uri: {get_input: keystone_identity_uri}
1195 glance::api::registry_host: {get_input: glance_registry_host}
1196 glance::api::keystone_password: {get_input: glance_password}
1197 glance::api::debug: {get_input: debug}
1198 glance::api::workers: {get_input: glance_workers}
1199 glance_notifier_strategy: {get_input: glance_notifier_strategy}
1200 glance_log_file: {get_input: glance_log_file}
1201 glance_log_file: {get_input: glance_log_file}
1202 glance::api::database_connection: {get_input: glance_dsn}
1203 glance::registry::keystone_password: {get_input: glance_password}
1204 glance::registry::database_connection: {get_input: glance_dsn}
1205 glance::registry::bind_host: {get_input: glance_registry_network}
1206 glance::registry::auth_uri: {get_input: keystone_auth_uri}
1207 glance::registry::identity_uri: {get_input: keystone_identity_uri}
1208 glance::registry::debug: {get_input: debug}
1209 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_uri}
1210 glance::registry::workers: {get_input: glance_workers}
1211 glance::backend::swift::swift_store_user: service:glance
1212 glance::backend::swift::swift_store_key: {get_input: glance_password}
1213 glance_backend: {get_input: glance_backend}
1214 glance::db::mysql::password: {get_input: glance_password}
1215 glance_file_pcmk_device: {get_input: glance_file_pcmk_device}
1216 glance_file_pcmk_fstype: {get_input: glance_file_pcmk_fstype}
1217 glance_file_pcmk_manage: {get_input: glance_file_pcmk_manage}
1218 glance_file_pcmk_options: {get_input: glance_file_pcmk_options}
1221 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
1222 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
1223 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
1224 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
1225 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
1226 heat::rabbit_userid: {get_input: rabbit_username}
1227 heat::rabbit_password: {get_input: rabbit_password}
1228 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1229 heat::rabbit_port: {get_input: rabbit_client_port}
1230 heat::auth_uri: {get_input: keystone_auth_uri}
1231 heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
1232 heat::identity_uri: {get_input: keystone_identity_uri}
1233 heat::keystone_password: {get_input: heat_password}
1234 heat::api::bind_host: {get_input: heat_api_network}
1235 heat::api::workers: {get_input: heat_workers}
1236 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
1237 heat::api_cloudwatch::workers: {get_input: heat_workers}
1238 heat::api_cfn::bind_host: {get_input: heat_api_network}
1239 heat::api_cfn::workers: {get_input: heat_workers}
1240 heat::database_connection: {get_input: heat_dsn}
1241 heat::debug: {get_input: debug}
1242 heat::db::mysql::password: {get_input: heat_password}
1245 keystone::admin_token: {get_input: admin_token}
1246 keystone_ca_certificate: {get_input: keystone_ca_certificate}
1247 keystone_signing_key: {get_input: keystone_signing_key}
1248 keystone_signing_certificate: {get_input: keystone_signing_certificate}
1249 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
1250 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
1251 keystone::database_connection: {get_input: keystone_dsn}
1252 keystone::public_bind_host: {get_input: keystone_public_api_network}
1253 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
1254 keystone::debug: {get_input: debug}
1255 keystone::db::mysql::password: {get_input: admin_token}
1256 keystone::rabbit_userid: {get_input: rabbit_username}
1257 keystone::rabbit_password: {get_input: rabbit_password}
1258 keystone::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1259 keystone::rabbit_port: {get_input: rabbit_client_port}
1260 keystone::notification_driver: {get_input: keystone_notification_driver}
1261 keystone::notification_format: {get_input: keystone_notification_format}
1262 keystone::roles::admin::email: {get_input: admin_email}
1263 keystone::roles::admin::password: {get_input: admin_password}
1264 keystone::endpoint::public_url: {get_input: keystone_public_url}
1265 keystone::endpoint::internal_url: {get_input: keystone_internal_url}
1266 keystone::endpoint::admin_url: {get_input: keystone_identity_uri}
1267 keystone::endpoint::region: {get_input: keystone_region}
1268 keystone::admin_workers: {get_input: keystone_workers}
1269 keystone::public_workers: {get_input: keystone_workers}
1272 mongodb::server::bind_ip: {get_input: mongo_db_network}
1273 mongodb::server::nojournal: {get_input: mongodb_no_journal}
1275 admin_password: {get_input: admin_password}
1276 enable_galera: {get_input: enable_galera}
1277 enable_ceph_storage: {get_input: enable_ceph_storage}
1278 enable_swift_storage: {get_input: enable_swift_storage}
1279 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
1280 mysql_max_connections: {get_input: mysql_max_connections}
1281 mysql::server::root_password: {get_input: mysql_root_password}
1282 mysql_cluster_name: {get_input: mysql_cluster_name}
1283 mysql_bind_host: {get_input: mysql_network}
1284 mysql_virtual_ip: {get_input: mysql_virtual_ip}
1287 neutron::bind_host: {get_input: neutron_api_network}
1288 neutron::rabbit_password: {get_input: rabbit_password}
1289 neutron::rabbit_user: {get_input: rabbit_username}
1290 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1291 neutron::rabbit_port: {get_input: rabbit_client_port}
1292 neutron::debug: {get_input: debug}
1293 neutron::server::auth_uri: {get_input: keystone_auth_uri}
1294 neutron::server::identity_uri: {get_input: keystone_identity_uri}
1295 neutron::server::database_connection: {get_input: neutron_dsn}
1296 neutron::server::api_workers: {get_input: neutron_workers}
1297 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
1298 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
1299 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
1300 neutron::agents::dhcp::enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata}
1301 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
1302 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
1303 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1304 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
1305 neutron::agents::metadata::metadata_workers: {get_input: neutron_workers}
1306 neutron_agent_mode: {get_input: neutron_agent_mode}
1307 neutron_router_distributed: {get_input: neutron_router_distributed}
1308 neutron::core_plugin: {get_input: neutron_core_plugin}
1309 neutron::service_plugins: {get_input: neutron_service_plugins}
1310 neutron::enable_dhcp_agent: {get_input: neutron_enable_dhcp_agent}
1311 neutron::enable_l3_agent: {get_input: neutron_enable_l3_agent}
1312 neutron::enable_metadata_agent: {get_input: neutron_enable_metadata_agent}
1313 neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent}
1314 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
1315 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
1316 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
1317 neutron::server::l3_ha: {get_input: neutron_l3_ha}
1318 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
1319 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
1320 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
1321 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
1322 neutron::agents::ml2::ovs:bridge_mappings: {get_input: neutron_bridge_mappings}
1323 neutron_public_interface: {get_input: neutron_public_interface}
1324 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
1325 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
1326 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
1327 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
1328 neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types}
1329 neutron::server::auth_password: {get_input: neutron_password}
1330 neutron::agents::metadata::auth_password: {get_input: neutron_password}
1331 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
1332 neutron_dsn: {get_input: neutron_dsn}
1333 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1334 neutron::db::mysql::password: {get_input: neutron_password}
1335 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
1336 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
1337 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
1338 neutron::keystone::auth::password: {get_input: neutron_password }
1339 neutron::keystone::auth::region: {get_input: keystone_region}
1340 neutron::server::notifications::nova_url: {get_input: nova_internal_url}
1341 neutron::server::notifications::auth_url: {get_input: neutron_admin_auth_url}
1342 neutron::server::notifications::tenant_name: 'service'
1343 neutron::server::notifications::password: {get_input: nova_password}
1346 ceilometer_backend: {get_input: ceilometer_backend}
1347 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1348 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1349 ceilometer::rabbit_userid: {get_input: rabbit_username}
1350 ceilometer::rabbit_password: {get_input: rabbit_password}
1351 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1352 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1353 ceilometer::debug: {get_input: debug}
1354 ceilometer::api::host: {get_input: ceilometer_api_network}
1355 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1356 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1357 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1358 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1359 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
1360 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1361 ceilometer::db::mysql::password: {get_input: ceilometer_password}
1362 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1363 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1366 nova::rabbit_userid: {get_input: rabbit_username}
1367 nova::rabbit_password: {get_input: rabbit_password}
1368 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1369 nova::rabbit_port: {get_input: rabbit_client_port}
1370 nova::debug: {get_input: debug}
1371 nova::api::auth_uri: {get_input: keystone_auth_uri}
1372 nova::api::identity_uri: {get_input: keystone_identity_uri}
1373 nova::api::api_bind_address: {get_input: nova_api_network}
1374 nova::api::metadata_listen: {get_input: nova_metadata_network}
1375 nova::api::admin_password: {get_input: nova_password}
1376 nova::api::osapi_compute_workers: {get_input: nova_workers}
1377 nova::api::ec2_workers: {get_input: nova_workers}
1378 nova::api::metadata_workers: {get_input: nova_workers}
1379 nova::database_connection: {get_input: nova_dsn}
1380 nova::glance_api_servers: {get_input: glance_api_servers}
1381 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1382 nova::api::instance_name_template: {get_input: instance_name_template}
1383 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
1384 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1385 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
1386 nova::vncproxy::host: {get_input: nova_api_network}
1387 nova::db::mysql::password: {get_input: nova_password}
1390 apache::ip: {get_input: horizon_network}
1391 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1392 horizon::django_debug: {get_input: debug}
1393 horizon::secret_key: {get_input: horizon_secret}
1394 horizon::bind_address: {get_input: horizon_network}
1395 horizon::keystone_url: {get_input: keystone_auth_uri}
1398 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1399 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1400 rabbitmq::file_limit: {get_input: rabbit_fd_limit}
1401 rabbitmq::default_user: {get_input: rabbit_username}
1402 rabbitmq::default_pass: {get_input: rabbit_password}
1404 redis::bind: {get_input: redis_network}
1405 redis_vip: {get_input: redis_vip}
1407 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1408 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1410 memcached::listen_ip: {get_input: memcached_network}
1411 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1412 ntp::servers: {get_input: ntp_servers}
1413 control_virtual_interface: {get_input: control_virtual_interface}
1414 public_virtual_interface: {get_input: public_virtual_interface}
1415 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1416 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1417 tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address}
1418 # NOTE(jaosorior): The service certificate configuration for
1419 # HAProxy was left commented because to properly use this, we
1420 # need to be able to set up the keystone endpoints. And
1421 # currently that is not possible, but is being addressed by
1422 # other commits. A subsequent commit will uncomment this.
1423 #tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1424 tripleo::packages::enable_install: {get_input: enable_package_install}
1425 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1427 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1428 ControllerExtraConfigPre:
1429 depends_on: ControllerDeployment
1430 type: OS::TripleO::ControllerExtraConfigPre
1432 server: {get_resource: Controller}
1434 # Hook for site-specific additional pre-deployment config,
1435 # applying to all nodes, e.g node registration/unregistration
1437 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1438 type: OS::TripleO::NodeExtraConfig
1440 server: {get_resource: Controller}
1443 type: OS::TripleO::Tasks::PackageUpdate
1446 type: OS::Heat::SoftwareDeployment
1448 config: {get_resource: UpdateConfig}
1449 server: {get_resource: Controller}
1452 get_param: UpdateIdentifier
1456 description: IP address of the server in the ctlplane network
1457 value: {get_attr: [Controller, networks, ctlplane, 0]}
1458 external_ip_address:
1459 description: IP address of the server in the external network
1460 value: {get_attr: [ExternalPort, ip_address]}
1461 internal_api_ip_address:
1462 description: IP address of the server in the internal_api network
1463 value: {get_attr: [InternalApiPort, ip_address]}
1465 description: IP address of the server in the storage network
1466 value: {get_attr: [StoragePort, ip_address]}
1467 storage_mgmt_ip_address:
1468 description: IP address of the server in the storage_mgmt network
1469 value: {get_attr: [StorageMgmtPort, ip_address]}
1471 description: IP address of the server in the tenant network
1472 value: {get_attr: [TenantPort, ip_address]}
1474 description: Hostname of the server
1475 value: {get_attr: [Controller, name]}
1478 Node object in the format {ip: ..., name: ...} format that the corosync
1481 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1482 name: {get_attr: [Controller, name]}
1485 Server's IP address and hostname in the /etc/hosts format
1488 template: IP HOST.DOMAIN HOST CLOUDNAME
1490 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1491 DOMAIN: {get_param: CloudDomain}
1492 HOST: {get_attr: [Controller, name]}
1493 CLOUDNAME: {get_param: CloudName}
1494 nova_server_resource:
1495 description: Heat resource handle for the Nova compute server
1497 {get_resource: Controller}
1499 description: Swift device formatted for swift-ring-builder
1502 template: 'r1z1-IP:%PORT%/d1'
1504 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1505 swift_proxy_memcache:
1506 description: Swift proxy-memcache value
1509 template: "IP:11211"
1511 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1513 description: identifier which changes if the controller configuration may need re-applying
1517 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1518 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1519 - {get_attr: [NodeTLSData, deploy_stdout]}
1520 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1521 - {get_param: UpdateIdentifier}
1522 tls_key_modulus_md5:
1523 description: MD5 checksum of the TLS Key Modulus
1524 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1525 tls_cert_modulus_md5:
1526 description: MD5 checksum of the TLS Certificate Modulus
1527 value: {get_attr: [NodeTLSData, cert_modulus_md5]}