1 heat_template_version: 2015-10-15
4 OpenStack controller node configured by Puppet.
8 default: 'admin@example.com'
9 description: The email for the keystone admin account.
13 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
17 description: The keystone auth secret and db password.
20 CeilometerApiVirtualIP:
25 description: The ceilometer backend type.
27 CeilometerMeteringSecret:
28 description: Secret shared by the ceilometer services.
32 description: The password for the ceilometer service and db account.
40 description: Number of workers for Ceilometer service.
45 Whether to create cron job for purging soft deleted rows in Cinder database.
47 CinderEnableNfsBackend:
49 description: Whether to enable or not the NFS backend for Cinder
51 CinderEnableIscsiBackend:
53 description: Whether to enable or not the Iscsi backend for Cinder
55 CinderEnableRbdBackend:
57 description: Whether to enable or not the Rbd backend for Cinder
61 description: The iSCSI helper to use with cinder.
63 CinderLVMLoopDeviceSize:
65 description: The size of the loopback file used by the cinder LVM driver.
67 CinderNfsMountOptions:
70 Mount options for NFS mounts used by Cinder NFS backend. Effective
71 when CinderEnableNfsBackend is true.
76 NFS servers used by Cinder NFS backend. Effective when
77 CinderEnableNfsBackend is true.
78 type: comma_delimited_list
80 description: The password for the cinder service and db account, used by cinder-api.
85 description: Contains parameters to configure Cinder backends. Typically
86 set via parameter_defaults in the resource registry.
90 description: Number of workers for Cinder service.
92 ControllerExtraConfig:
95 Controller specific hiera configuration data to inject into the cluster.
100 A network mapped list of IPs to assign to Controllers in the following form:
102 "internal_api": ["a.b.c.d", "e.f.g.h"],
106 ControlVirtualInterface:
108 description: Interface where virtual ip will be assigned.
112 description: Set to True to enable debugging on all services.
116 description: Whether to enable fencing in Pacemaker or not.
120 description: Whether to use Galera instead of regular MariaDB.
124 description: Whether to deploy a LoadBalancer on the Controller
128 description: Whether to deploy Ceph Storage (OSD) on the Controller
132 description: Whether to enable Swift Storage on the Controller
137 Additional hieradata to inject into the cluster, note that
138 ControllerExtraConfig takes precedence over ExtraConfig.
143 Pacemaker fencing configuration. The JSON should have
144 the following structure:
148 "agent": "AGENT_NAME",
149 "host_mac": "HOST_MAC_ADDRESS",
150 "params": {"PARAM_NAME": "PARAM_VALUE"}
158 "agent": "fence_xvm",
159 "host_mac": "52:54:00:aa:bb:cc",
161 "multicast_address": "225.0.0.12",
162 "port": "baremetal_0",
164 "manage_key_file": true,
165 "key_file": "/etc/fence_xvm.key",
166 "key_file_password": "abcdef"
173 description: Flavor for control nodes to request when deploying.
176 - custom_constraint: nova.flavor
177 GlanceNotifierStrategy:
178 description: Strategy to use for Glance notification queue
182 description: The filepath of the file to use for logging messages from Glance.
186 description: The password for the glance service and db account, used by the glance services.
191 description: The short name of the Glance backend to use. Should be one
192 of swift, rbd, or file
195 - allowed_values: ['swift', 'file', 'rbd']
196 GlanceFilePcmkDevice:
199 An exported storage device that should be mounted by Pacemaker
200 as Glance storage. Effective when GlanceFilePcmkManage is true.
202 GlanceFilePcmkFstype:
205 Filesystem type for Pacemaker mount used as Glance storage.
206 Effective when GlanceFilePcmkManage is true.
208 GlanceFilePcmkManage:
211 Whether to make Glance file backend a mount managed by Pacemaker.
212 Effective when GlanceBackend is 'file'.
214 GlanceFilePcmkOptions:
217 Mount options for Pacemaker mount used as Glance storage.
218 Effective when GlanceFilePcmkManage is true.
220 HAProxySyslogAddress:
222 description: Syslog address where HAproxy will send its log
226 description: Number of workers for Glance service.
229 description: The password for the Heat service and db account, used by the Heat services.
232 HeatStackDomainAdminPassword:
233 description: Password for heat_domain_admin user.
236 HeatAuthEncryptionKey:
237 description: Auth encryption key for heat-engine
242 description: A list of IP/Hostname allowed to connect to horizon
243 type: comma_delimited_list
246 description: Number of workers for Heat service.
252 Whether to create cron job for purging soft deleted rows in the Heat database.
254 description: Secret key for Django
259 default: overcloud-control
261 - custom_constraint: glance.image
263 default: 'REBUILD_PRESERVE_EPHEMERAL'
264 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
266 InstanceNameTemplate:
267 default: 'instance-%08x'
268 description: Template string to be used to generate instance names
272 description: Name of an existing Nova key pair to enable SSH access to the instances
275 - custom_constraint: nova.keypair
276 KeystoneCACertificate:
278 description: Keystone self-signed certificate authority certificate.
280 KeystoneEnableDBPurge:
283 Whether to create cron job for purging soft deleted rows in Keystone database.
285 KeystoneSigningCertificate:
287 description: Keystone certificate for verifying token validity.
291 description: Keystone key for signing tokens.
294 KeystoneSSLCertificate:
296 description: Keystone certificate for verifying token validity.
298 KeystoneSSLCertificateKey:
300 description: Keystone key for signing tokens.
303 KeystoneNotificationDriver:
304 description: Comma-separated list of Oslo notification drivers used by Keystone
305 default: ['messaging']
306 type: comma_delimited_list
307 KeystoneNotificationFormat:
308 description: The Keystone notification format
312 - allowed_values: [ 'basic', 'cadf' ]
316 description: Keystone region for endpoint
319 description: Whether to manage IPtables rules.
323 description: Whether IPtables rules should be purged before setting up the new ones.
327 description: Number of workers for Keystone service.
334 description: The password for the sahara service account, used by sahara-api.
337 MysqlClusterUniquePart:
338 description: A unique identifier of the MySQL cluster the controller is in.
340 default: 'unset' # Has to be here because of the ignored empty value bug
341 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
343 # - length: {min: 4, max: 10}
344 MysqlInnodbBufferPoolSize:
346 Specifies the size of the buffer pool in megabytes. Setting to
347 zero should be interpreted as "no value" and will defer to the
352 description: Configures MySQL max_connections config setting
358 default: '' # Has to be here because of the ignored empty value bug
359 NeutronExternalNetworkBridge:
360 description: Name of bridge used for external network traffic.
363 NeutronBridgeMappings:
365 The OVS logical->physical bridge mappings to use. See the Neutron
366 documentation for details. Defaults to mapping br-ex - the external
367 bridge on hosts - to a physical name 'datacentre' which can be used
368 to create provider networks (and we use this for the default floating
369 network) - if changing this either use different post-install network
370 scripts or be sure to keep 'datacentre' as a mapping network name.
371 type: comma_delimited_list
372 default: "datacentre:br-ex"
373 NeutronDnsmasqOptions:
374 default: 'dhcp-option-force=26,1400'
375 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
377 NeutronEnableDHCPAgent:
378 description: Knob to enable/disable DHCP Agent
381 NeutronEnableL3Agent:
382 description: Knob to enable/disable L3 agent
385 NeutronEnableMetadataAgent:
386 description: Knob to enable/disable Metadata agent
389 NeutronEnableOVSAgent:
390 description: Knob to enable/disable OVS Agent
395 description: Agent mode for the neutron-l3-agent on the controller hosts
399 description: Whether to enable l3-agent HA
401 NeutronDhcpAgentsPerNetwork:
404 description: The number of neutron dhcp agents to schedule per network
407 description: Whether to configure Neutron Distributed Virtual Routers
409 NeutronMetadataProxySharedSecret:
410 description: Shared secret to prevent spoofing
416 The core plugin for Neutron. The value should be the entrypoint to be loaded
417 from neutron.core_plugins namespace.
419 NeutronServicePlugins:
420 default: "router,qos"
422 Comma-separated list of service plugin entrypoints to be loaded from the
423 neutron.service_plugins namespace.
424 type: comma_delimited_list
426 default: "vxlan,vlan,flat,gre"
428 Comma-separated list of network type driver entrypoints to be loaded.
429 type: comma_delimited_list
430 NeutronMechanismDrivers:
431 default: 'openvswitch'
433 The mechanism drivers for the Neutron tenant network.
434 type: comma_delimited_list
435 NeutronAllowL3AgentFailover:
437 description: Allow automatic l3-agent failover
439 NeutronEnableIsolatedMetadata:
441 description: If True, DHCP provide metadata route to VM.
443 NeutronEnableTunnelling:
449 Enable/disable the L2 population feature in the Neutron agents.
452 type: comma_delimited_list
453 default: 'datacentre'
454 description: If set, flat networks to configure in neutron plugins.
457 description: Whether to enable l3-agent HA
461 description: The tenant network type for Neutron.
462 type: comma_delimited_list
463 NeutronNetworkVLANRanges:
464 default: 'datacentre:1:1000'
466 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
467 Neutron documentation for permitted values. Defaults to permitting any
468 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
469 type: comma_delimited_list
471 description: The password for the neutron service and db account, used by neutron agents.
474 NeutronPublicInterface:
476 description: What interface to bridge onto br-ex for network nodes.
478 NeutronPublicInterfaceTag:
481 VLAN tag for creating a public VLAN. The tag will be used to
482 create an access port on the exterior bridge for each control plane node,
483 and that port will be given the IP address returned by neutron from the
484 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
485 overcloud.yaml to include the deployment of VLAN ports to the control
488 NeutronPublicInterfaceDefaultRoute:
490 description: A custom default route for the NeutronPublicInterface.
492 NeutronPublicInterfaceIP:
494 description: A custom IP address to put onto the NeutronPublicInterface.
496 NeutronPublicInterfaceRawDevice:
498 description: If set, the public interface is a vlan with this device as the raw device.
503 The tunnel types for the Neutron tenant network.
504 type: comma_delimited_list
505 NeutronTunnelIdRanges:
507 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
508 of GRE tunnel IDs that are available for tenant network allocation
509 default: ["1:4094", ]
510 type: comma_delimited_list
513 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
514 of VXLAN VNI IDs that are available for tenant network allocation
515 default: ["1:4094", ]
516 type: comma_delimited_list
517 NeutronPluginExtensions:
520 Comma-separated list of extensions enabled for the Neutron plugin.
521 type: comma_delimited_list
522 NeutronAgentExtensions:
525 Comma-separated list of extensions enabled for the Neutron agents.
526 type: comma_delimited_list
532 description: Number of workers for Neutron service.
537 Whether to create cron job for purging soft deleted rows in Nova database.
540 description: The password for the nova service and db account, used by nova-api.
545 description: Number of workers for Nova service.
549 description: Should MongoDb journaling be disabled
553 description: Comma-separated list of ntp servers
554 type: comma_delimited_list
557 description: The password for the 'pcsd' user.
559 PublicVirtualInterface:
562 Specifies the interface where the public-facing virtual ip will be assigned.
563 This should be int_public when a VLAN is being used.
567 default: '' # Has to be here because of the ignored empty value bug
570 default: '' # Has to be here because of the ignored empty value bug
574 description: The password for RabbitMQ
579 description: The username for RabbitMQ
584 Rabbit client subscriber parameter to specify
585 an SSL connection to the RabbitMQ host.
589 description: Set rabbit subscriber port, change this if using SSL
593 description: Configures RabbitMQ FD limit
597 default: '' # Has to be here because of the ignored empty value bug
598 SnmpdReadonlyUserName:
599 default: ro_snmp_user
600 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
602 SnmpdReadonlyUserPassword:
603 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
607 description: A random string to be used as a salt when hashing to determine mappings
613 description: Value of mount_check in Swift account/container/object -server.conf
618 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
621 description: Partition Power to use when building Swift rings
624 description: The password for the swift service account, used by the swift proxy
634 description: How many replicas to use in the swift rings.
637 description: Number of workers for Swift service.
641 description: The timezone to be set on controller nodes.
643 VirtualIP: # DEPRECATED: use per service settings instead
645 default: '' # Has to be here because of the ignored empty value bug
652 GlanceRegistryVirtualIP:
658 KeystoneAdminApiVirtualIP:
661 KeystonePublicApiVirtualIP:
667 EnablePackageInstall:
669 description: Set to true to enable package installation via Puppet
673 description: Mapping of service_name -> network name. Typically set
674 via parameter_defaults in the resource registry.
678 description: Mapping of service endpoint -> protocol. Typically set
679 via parameter_defaults in the resource registry.
685 Setting to a previously unused value during stack-update will trigger
686 package update on all nodes
689 default: '' # Defaults to Heat created hostname
690 NetworkDeploymentActions:
691 type: comma_delimited_list
693 Heat action when to apply network configuration changes
698 SoftwareConfigTransport:
699 default: POLL_SERVER_CFN
701 How the server should receive the metadata required for software configuration.
704 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
709 The DNS domain used for the hosts. This should match the dhcp_domain
710 configured in the Undercloud neutron. Defaults to localdomain.
714 Extra properties or metadata passed to Nova for the created nodes in
715 the overcloud. It's accessible via the Nova metadata API.
719 description: Optional scheduler hints to pass to nova
725 type: OS::Nova::Server
727 image: {get_param: Image}
728 image_update_policy: {get_param: ImageUpdatePolicy}
729 flavor: {get_param: Flavor}
730 key_name: {get_param: KeyName}
733 user_data_format: SOFTWARE_CONFIG
734 user_data: {get_resource: UserData}
735 name: {get_param: Hostname}
736 software_config_transport: {get_param: SoftwareConfigTransport}
737 metadata: {get_param: ServerMetadata}
738 scheduler_hints: {get_param: SchedulerHints}
740 # Combine the NodeAdminUserData and NodeUserData mime archives
742 type: OS::Heat::MultipartMime
745 - config: {get_resource: NodeAdminUserData}
747 - config: {get_resource: NodeUserData}
750 # Creates the "heat-admin" user if configured via the environment
751 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
753 type: OS::TripleO::NodeAdminUserData
755 # For optional operator additional userdata
756 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
758 type: OS::TripleO::NodeUserData
761 type: OS::TripleO::Controller::Ports::ExternalPort
763 IPPool: {get_param: ControllerIPs}
764 NodeIndex: {get_param: NodeIndex}
765 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
768 type: OS::TripleO::Controller::Ports::InternalApiPort
770 IPPool: {get_param: ControllerIPs}
771 NodeIndex: {get_param: NodeIndex}
772 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
775 type: OS::TripleO::Controller::Ports::StoragePort
777 IPPool: {get_param: ControllerIPs}
778 NodeIndex: {get_param: NodeIndex}
779 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
782 type: OS::TripleO::Controller::Ports::StorageMgmtPort
784 IPPool: {get_param: ControllerIPs}
785 NodeIndex: {get_param: NodeIndex}
786 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
789 type: OS::TripleO::Controller::Ports::TenantPort
791 IPPool: {get_param: ControllerIPs}
792 NodeIndex: {get_param: NodeIndex}
793 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
796 type: OS::TripleO::Controller::Ports::ManagementPort
798 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
801 type: OS::TripleO::Network::Ports::NetIpMap
803 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
804 ExternalIp: {get_attr: [ExternalPort, ip_address]}
805 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
806 StorageIp: {get_attr: [StoragePort, ip_address]}
807 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
808 TenantIp: {get_attr: [TenantPort, ip_address]}
809 ManagementIp: {get_attr: [ManagementPort, ip_address]}
812 type: OS::TripleO::Network::Ports::NetIpSubnetMap
814 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
815 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
816 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
817 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
818 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
819 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
820 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
823 type: OS::TripleO::Controller::Net::SoftwareConfig
825 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
826 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
827 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
828 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
829 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
830 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
831 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
834 type: OS::TripleO::SoftwareDeployment
836 name: NetworkDeployment
837 config: {get_resource: NetworkConfig}
838 server: {get_resource: Controller}
839 actions: {get_param: NetworkDeploymentActions}
842 interface_name: {get_param: NeutronPublicInterface}
844 # Resource for site-specific injection of root certificate
846 depends_on: NetworkDeployment
847 type: OS::TripleO::NodeTLSCAData
849 server: {get_resource: Controller}
851 # Resource for site-specific passing of private keys/certificates
853 depends_on: NodeTLSCAData
854 type: OS::TripleO::NodeTLSData
856 server: {get_resource: Controller}
857 NodeIndex: {get_param: NodeIndex}
860 ControllerDeployment:
861 type: OS::TripleO::SoftwareDeployment
862 depends_on: NetworkDeployment
864 name: ControllerDeployment
865 config: {get_resource: ControllerConfig}
866 server: {get_resource: Controller}
868 bootstack_nodeid: {get_attr: [Controller, name]}
869 ceilometer_workers: {get_param: CeilometerWorkers}
870 cinder_workers: {get_param: CinderWorkers}
871 glance_workers: {get_param: GlanceWorkers}
872 heat_workers: {get_param: HeatWorkers}
873 keystone_workers: {get_param: KeystoneWorkers}
874 nova_workers: {get_param: NovaWorkers}
875 neutron_workers: {get_param: NeutronWorkers}
876 swift_workers: {get_param: SwiftWorkers}
877 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
878 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
879 neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
880 haproxy_log_address: {get_param: HAProxySyslogAddress}
881 heat.watch_server_url:
885 - {get_param: HeatApiVirtualIP}
887 heat.metadata_server_url:
891 - {get_param: HeatApiVirtualIP}
893 heat.waitcondition_server_url:
897 - {get_param: HeatApiVirtualIP}
898 - ':8000/v1/waitcondition'
899 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
900 heat_enable_db_purge: {get_param: HeatEnableDBPurge}
901 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
902 horizon_secret: {get_param: HorizonSecret}
903 admin_email: {get_param: AdminEmail}
904 admin_password: {get_param: AdminPassword}
905 admin_token: {get_param: AdminToken}
906 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
907 debug: {get_param: Debug}
908 cinder_enable_db_purge: {get_param: CinderEnableDBPurge}
909 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
910 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
911 cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
916 SERVERS: {get_param: CinderNfsServers}
917 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
918 cinder_password: {get_param: CinderPassword}
919 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
920 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
921 cinder_backend_config: {get_param: CinderBackendConfig}
925 - - 'mysql+pymysql://cinder:'
926 - {get_param: CinderPassword}
928 - {get_param: MysqlVirtualIP}
930 glance_port: {get_param: [EndpointMap, GlanceInternal, port]}
931 glance_password: {get_param: GlancePassword}
932 glance_backend: {get_param: GlanceBackend}
933 glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice}
934 glance_file_pcmk_fstype: {get_param: GlanceFilePcmkFstype}
935 glance_file_pcmk_manage: {get_param: GlanceFilePcmkManage}
936 glance_file_pcmk_options: {get_param: GlanceFilePcmkOptions}
937 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
938 glance_log_file: {get_param: GlanceLogFile}
942 - - 'mysql+pymysql://glance:'
943 - {get_param: GlancePassword}
945 - {get_param: MysqlVirtualIP}
947 heat_password: {get_param: HeatPassword}
948 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
952 - - 'mysql+pymysql://heat:'
953 - {get_param: HeatPassword}
955 - {get_param: MysqlVirtualIP}
957 keystone_ca_certificate: {get_param: KeystoneCACertificate}
958 keystone_signing_key: {get_param: KeystoneSigningKey}
959 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
960 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
961 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
962 keystone_notification_driver: {get_param: KeystoneNotificationDriver}
963 keystone_notification_format: {get_param: KeystoneNotificationFormat}
964 keystone_enable_db_purge: {get_param: KeystoneEnableDBPurge}
968 - - 'mysql+pymysql://keystone:'
969 - {get_param: AdminToken}
971 - {get_param: MysqlVirtualIP}
973 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
974 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
975 keystone_public_url: { get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
976 keystone_internal_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
977 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
978 enable_fencing: {get_param: EnableFencing}
979 enable_galera: {get_param: EnableGalera}
980 enable_load_balancer: {get_param: EnableLoadBalancer}
981 enable_ceph_storage: {get_param: EnableCephStorage}
982 enable_swift_storage: {get_param: EnableSwiftStorage}
983 manage_firewall: {get_param: ManageFirewall}
984 purge_firewall_rules: {get_param: PurgeFirewallRules}
985 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
986 mysql_max_connections: {get_param: MysqlMaxConnections}
987 mysql_root_password: {get_param: MysqlRootPassword}
990 template: tripleo-CLUSTER
992 CLUSTER: {get_param: MysqlClusterUniquePart}
993 neutron_flat_networks:
997 NETWORKS: {get_param: NeutronFlatNetworks}
998 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
999 neutron_agent_mode: {get_param: NeutronAgentMode}
1000 neutron_router_distributed: {get_param: NeutronDVR}
1001 neutron_core_plugin: {get_param: NeutronCorePlugin}
1002 neutron_service_plugins:
1006 PLUGINS: {get_param: NeutronServicePlugins}
1007 neutron_type_drivers:
1011 DRIVERS: {get_param: NeutronTypeDrivers}
1012 neutron_enable_dhcp_agent: {get_param: NeutronEnableDHCPAgent}
1013 neutron_enable_l3_agent: {get_param: NeutronEnableL3Agent}
1014 neutron_enable_metadata_agent: {get_param: NeutronEnableMetadataAgent}
1015 neutron_enable_ovs_agent: {get_param: NeutronEnableOVSAgent}
1016 neutron_mechanism_drivers:
1018 template: MECHANISMS
1020 MECHANISMS: {get_param: NeutronMechanismDrivers}
1021 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
1022 neutron_l3_ha: {get_param: NeutronL3HA}
1023 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
1024 neutron_network_vlan_ranges:
1028 RANGES: {get_param: NeutronNetworkVLANRanges}
1029 neutron_bridge_mappings:
1033 MAPPINGS: {get_param: NeutronBridgeMappings}
1034 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
1035 neutron_public_interface: {get_param: NeutronPublicInterface}
1036 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
1037 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
1038 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
1039 neutron_tunnel_id_ranges:
1043 RANGES: {get_param: NeutronTunnelIdRanges}
1048 RANGES: {get_param: NeutronVniRanges}
1049 neutron_tenant_network_types:
1053 TYPES: {get_param: NeutronNetworkType}
1054 neutron_tunnel_types:
1058 TYPES: {get_param: NeutronTunnelTypes}
1059 neutron_plugin_extensions:
1061 template: PLUGIN_EXTENSIONS
1063 PLUGIN_EXTENSIONS: {get_param: NeutronPluginExtensions}
1064 neutron_agent_extensions:
1066 template: AGENT_EXTENSIONS
1068 AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
1069 neutron_password: {get_param: NeutronPassword}
1070 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
1074 - - 'mysql+pymysql://neutron:'
1075 - {get_param: NeutronPassword}
1077 - {get_param: MysqlVirtualIP}
1078 - '/ovs_neutron?charset=utf8'
1079 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
1080 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
1081 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
1082 neutron_admin_auth_url: { get_param: [ EndpointMap, KeystoneAdmin, uri_no_suffix ] }
1083 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
1084 ceilometer_backend: {get_param: CeilometerBackend}
1085 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
1086 ceilometer_password: {get_param: CeilometerPassword}
1087 ceilometer_coordination_url:
1091 - {get_param: RedisVirtualIP}
1096 - - 'mysql+pymysql://ceilometer:'
1097 - {get_param: CeilometerPassword}
1099 - {get_param: MysqlVirtualIP}
1101 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
1102 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
1103 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
1104 nova_password: {get_param: NovaPassword}
1108 - - 'mysql+pymysql://nova:'
1109 - {get_param: NovaPassword}
1111 - {get_param: MysqlVirtualIP}
1113 instance_name_template: {get_param: InstanceNameTemplate}
1114 fencing_config: {get_param: FencingConfig}
1115 pcsd_password: {get_param: PcsdPassword}
1116 rabbit_username: {get_param: RabbitUserName}
1117 rabbit_password: {get_param: RabbitPassword}
1118 rabbit_cookie: {get_param: RabbitCookie}
1119 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
1120 rabbit_client_port: {get_param: RabbitClientPort}
1121 mongodb_no_journal: {get_param: MongoDbNoJournal}
1122 # We need to force this into quotes or hiera will return integer causing
1123 # the puppet module validation regexp to fail.
1124 # Remove when: https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/401
1129 LIMIT: {get_param: RabbitFDLimit}
1130 ntp_servers: {get_param: NtpServer}
1131 timezone: {get_param: TimeZone}
1132 control_virtual_interface: {get_param: ControlVirtualInterface}
1133 public_virtual_interface: {get_param: PublicVirtualInterface}
1134 swift_hash_suffix: {get_param: SwiftHashSuffix}
1135 swift_password: {get_param: SwiftPassword}
1136 swift_part_power: {get_param: SwiftPartPower}
1137 swift_replicas: {get_param: SwiftReplicas}
1138 swift_min_part_hours: {get_param: SwiftMinPartHours}
1139 swift_mount_check: {get_param: SwiftMountCheck}
1140 enable_package_install: {get_param: EnablePackageInstall}
1141 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
1142 sahara_password: {get_param: SaharaPassword}
1146 - - 'mysql://sahara:'
1147 - {get_param: SaharaPassword}
1149 - {get_param: MysqlVirtualIP}
1151 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
1152 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1153 cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
1154 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
1155 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
1156 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
1157 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
1158 glance_registry_host: {get_param: GlanceRegistryVirtualIP}
1159 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
1160 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
1161 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
1162 keystone_region: {get_param: KeystoneRegion}
1163 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
1164 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
1165 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
1166 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
1167 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
1168 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
1169 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
1170 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
1171 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
1172 redis_vip: {get_param: RedisVirtualIP}
1173 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
1174 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1175 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
1176 mysql_virtual_ip: {get_param: MysqlVirtualIP}
1177 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
1178 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1179 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1181 # Map heat metadata into hiera datafiles
1183 type: OS::Heat::StructuredConfig
1185 group: os-apply-config
1190 - heat_config_%{::deploy_config_name}
1191 - controller_extraconfig
1196 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
1197 - ceph_cluster # provided by CephClusterConfig
1199 - bootstrap_node # provided by BootstrapNodeConfig
1200 - all_nodes # provided by allNodesConfig
1201 - vip_data # provided by vip-config
1204 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
1205 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
1206 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
1207 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
1208 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
1209 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
1210 - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
1211 - midonet_data #Optionally provided by AllNodesExtraConfig
1213 controller_extraconfig:
1214 mapped_data: {get_param: ControllerExtraConfig}
1216 mapped_data: {get_param: ExtraConfig}
1218 raw_data: {get_file: hieradata/common.yaml}
1220 raw_data: {get_file: hieradata/ceph.yaml}
1222 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
1223 ceph::profile::params::public_network: {get_input: ceph_public_network}
1224 ceph::mon::public_addr: {get_input: ceph_public_ip}
1226 raw_data: {get_file: hieradata/database.yaml}
1228 raw_data: {get_file: hieradata/object.yaml}
1230 raw_data: {get_file: hieradata/controller.yaml}
1231 mapped_data: # data supplied directly to this deployment configuration, etc
1232 bootstack_nodeid: {get_input: bootstack_nodeid}
1235 enable_fencing: {get_input: enable_fencing}
1236 enable_load_balancer: {get_input: enable_load_balancer}
1237 hacluster_pwd: {get_input: pcsd_password}
1238 tripleo::fencing::config: {get_input: fencing_config}
1241 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
1242 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
1243 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
1244 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
1245 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
1246 swift::proxy::authtoken::admin_password: {get_input: swift_password}
1247 swift::proxy::workers: {get_input: swift_workers}
1248 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
1249 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
1250 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
1251 swift_mount_check: {get_input: swift_mount_check}
1253 # NOTE(dprince): build_ring support is currently not wired in.
1254 # See: https://review.openstack.org/#/c/109225/
1255 tripleo::ringbuilder::build_ring: True
1258 cinder_enable_db_purge: {get_input: cinder_enable_db_purge}
1259 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
1260 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
1261 cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
1262 cinder_nfs_servers: {get_input: cinder_nfs_servers}
1263 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
1264 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
1265 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
1266 cinder::database_connection: {get_input: cinder_dsn}
1267 cinder::api::keystone_password: {get_input: cinder_password}
1268 cinder::api::auth_uri: {get_input: keystone_auth_uri}
1269 cinder::api::identity_uri: {get_input: keystone_identity_uri}
1270 cinder::api::bind_host: {get_input: cinder_api_network}
1271 cinder::rabbit_userid: {get_input: rabbit_username}
1272 cinder::rabbit_password: {get_input: rabbit_password}
1273 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1274 cinder::rabbit_port: {get_input: rabbit_client_port}
1275 cinder::debug: {get_input: debug}
1276 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
1277 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
1278 cinder_backend_config: {get_input: CinderBackendConfig}
1279 cinder::db::mysql::password: {get_input: cinder_password}
1282 glance::api::bind_port: {get_input: glance_port}
1283 glance::api::bind_host: {get_input: glance_api_network}
1284 glance::api::auth_uri: {get_input: keystone_auth_uri}
1285 glance::api::identity_uri: {get_input: keystone_identity_uri}
1286 glance::api::registry_host: {get_input: glance_registry_host}
1287 glance::api::keystone_password: {get_input: glance_password}
1288 glance::api::debug: {get_input: debug}
1289 glance::api::workers: {get_input: glance_workers}
1290 glance_notifier_strategy: {get_input: glance_notifier_strategy}
1291 glance_log_file: {get_input: glance_log_file}
1292 glance_log_file: {get_input: glance_log_file}
1293 glance::api::database_connection: {get_input: glance_dsn}
1294 glance::registry::keystone_password: {get_input: glance_password}
1295 glance::registry::database_connection: {get_input: glance_dsn}
1296 glance::registry::bind_host: {get_input: glance_registry_network}
1297 glance::registry::auth_uri: {get_input: keystone_auth_uri}
1298 glance::registry::identity_uri: {get_input: keystone_identity_uri}
1299 glance::registry::debug: {get_input: debug}
1300 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_uri}
1301 glance::registry::workers: {get_input: glance_workers}
1302 glance::backend::swift::swift_store_user: service:glance
1303 glance::backend::swift::swift_store_key: {get_input: glance_password}
1304 glance_backend: {get_input: glance_backend}
1305 glance::db::mysql::password: {get_input: glance_password}
1306 glance_file_pcmk_device: {get_input: glance_file_pcmk_device}
1307 glance_file_pcmk_fstype: {get_input: glance_file_pcmk_fstype}
1308 glance_file_pcmk_manage: {get_input: glance_file_pcmk_manage}
1309 glance_file_pcmk_options: {get_input: glance_file_pcmk_options}
1312 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
1313 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
1314 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
1315 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
1316 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
1317 heat::rabbit_userid: {get_input: rabbit_username}
1318 heat::rabbit_password: {get_input: rabbit_password}
1319 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1320 heat::rabbit_port: {get_input: rabbit_client_port}
1321 heat::auth_uri: {get_input: keystone_auth_uri}
1322 heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
1323 heat::identity_uri: {get_input: keystone_identity_uri}
1324 heat::keystone_password: {get_input: heat_password}
1325 heat::api::bind_host: {get_input: heat_api_network}
1326 heat::api::workers: {get_input: heat_workers}
1327 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
1328 heat::api_cloudwatch::workers: {get_input: heat_workers}
1329 heat::api_cfn::bind_host: {get_input: heat_api_network}
1330 heat::api_cfn::workers: {get_input: heat_workers}
1331 heat::database_connection: {get_input: heat_dsn}
1332 heat::debug: {get_input: debug}
1333 heat::db::mysql::password: {get_input: heat_password}
1334 heat_enable_db_purge: {get_input: heat_enable_db_purge}
1337 keystone::admin_token: {get_input: admin_token}
1338 keystone_ca_certificate: {get_input: keystone_ca_certificate}
1339 keystone_signing_key: {get_input: keystone_signing_key}
1340 keystone_signing_certificate: {get_input: keystone_signing_certificate}
1341 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
1342 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
1343 keystone::database_connection: {get_input: keystone_dsn}
1344 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
1345 keystone::public_bind_host: {get_input: keystone_public_api_network}
1346 keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
1347 keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
1348 keystone::debug: {get_input: debug}
1349 keystone::db::mysql::password: {get_input: admin_token}
1350 keystone::rabbit_userid: {get_input: rabbit_username}
1351 keystone::rabbit_password: {get_input: rabbit_password}
1352 keystone::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1353 keystone::rabbit_port: {get_input: rabbit_client_port}
1354 keystone::notification_driver: {get_input: keystone_notification_driver}
1355 keystone::notification_format: {get_input: keystone_notification_format}
1356 keystone::roles::admin::email: {get_input: admin_email}
1357 keystone::roles::admin::password: {get_input: admin_password}
1358 keystone::endpoint::public_url: {get_input: keystone_public_url}
1359 keystone::endpoint::internal_url: {get_input: keystone_internal_url}
1360 keystone::endpoint::admin_url: {get_input: keystone_identity_uri}
1361 keystone::endpoint::region: {get_input: keystone_region}
1362 keystone::admin_workers: {get_input: keystone_workers}
1363 keystone::public_workers: {get_input: keystone_workers}
1364 keystone_enable_db_purge: {get_input: keystone_enable_db_purge}
1367 mongodb::server::bind_ip: {get_input: mongo_db_network}
1368 mongodb::server::nojournal: {get_input: mongodb_no_journal}
1370 admin_password: {get_input: admin_password}
1371 enable_galera: {get_input: enable_galera}
1372 enable_ceph_storage: {get_input: enable_ceph_storage}
1373 enable_swift_storage: {get_input: enable_swift_storage}
1374 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
1375 mysql_max_connections: {get_input: mysql_max_connections}
1376 mysql::server::root_password: {get_input: mysql_root_password}
1377 mysql_cluster_name: {get_input: mysql_cluster_name}
1378 mysql_bind_host: {get_input: mysql_network}
1379 mysql_virtual_ip: {get_input: mysql_virtual_ip}
1382 neutron::bind_host: {get_input: neutron_api_network}
1383 neutron::rabbit_password: {get_input: rabbit_password}
1384 neutron::rabbit_user: {get_input: rabbit_username}
1385 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1386 neutron::rabbit_port: {get_input: rabbit_client_port}
1387 neutron::debug: {get_input: debug}
1388 neutron::server::auth_uri: {get_input: keystone_auth_uri}
1389 neutron::server::identity_uri: {get_input: keystone_identity_uri}
1390 neutron::server::database_connection: {get_input: neutron_dsn}
1391 neutron::server::api_workers: {get_input: neutron_workers}
1392 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
1393 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
1394 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
1395 neutron::agents::dhcp::enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata}
1396 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
1397 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
1398 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1399 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
1400 neutron::agents::metadata::metadata_workers: {get_input: neutron_workers}
1401 neutron_agent_mode: {get_input: neutron_agent_mode}
1402 neutron_router_distributed: {get_input: neutron_router_distributed}
1403 neutron::core_plugin: {get_input: neutron_core_plugin}
1404 neutron::service_plugins: {get_input: neutron_service_plugins}
1405 neutron::enable_dhcp_agent: {get_input: neutron_enable_dhcp_agent}
1406 neutron::enable_l3_agent: {get_input: neutron_enable_l3_agent}
1407 neutron::enable_metadata_agent: {get_input: neutron_enable_metadata_agent}
1408 neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent}
1409 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
1410 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
1411 neutron::plugins::ml2::extension_drivers: {get_input: neutron_plugin_extensions}
1412 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
1413 neutron::server::l3_ha: {get_input: neutron_l3_ha}
1414 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
1415 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
1416 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
1417 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
1418 neutron::agents::ml2::ovs:bridge_mappings: {get_input: neutron_bridge_mappings}
1419 neutron_public_interface: {get_input: neutron_public_interface}
1420 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
1421 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
1422 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
1423 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
1424 neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types}
1425 neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions}
1426 neutron::server::auth_password: {get_input: neutron_password}
1427 neutron::agents::metadata::auth_password: {get_input: neutron_password}
1428 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
1429 neutron_dsn: {get_input: neutron_dsn}
1430 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1431 neutron::db::mysql::password: {get_input: neutron_password}
1432 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
1433 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
1434 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
1435 neutron::keystone::auth::password: {get_input: neutron_password }
1436 neutron::keystone::auth::region: {get_input: keystone_region}
1437 neutron::server::notifications::nova_url: {get_input: nova_internal_url}
1438 neutron::server::notifications::auth_url: {get_input: neutron_admin_auth_url}
1439 neutron::server::notifications::tenant_name: 'service'
1440 neutron::server::notifications::project_name: 'service'
1441 neutron::server::notifications::password: {get_input: nova_password}
1444 ceilometer_backend: {get_input: ceilometer_backend}
1445 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1446 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1447 ceilometer::rabbit_userid: {get_input: rabbit_username}
1448 ceilometer::rabbit_password: {get_input: rabbit_password}
1449 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1450 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1451 ceilometer::debug: {get_input: debug}
1452 ceilometer::api::host: {get_input: ceilometer_api_network}
1453 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1454 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1455 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1456 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1457 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
1458 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1459 ceilometer::db::mysql::password: {get_input: ceilometer_password}
1460 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1461 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1464 nova::rabbit_userid: {get_input: rabbit_username}
1465 nova::rabbit_password: {get_input: rabbit_password}
1466 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1467 nova::rabbit_port: {get_input: rabbit_client_port}
1468 nova::debug: {get_input: debug}
1469 nova::api::auth_uri: {get_input: keystone_auth_uri}
1470 nova::api::identity_uri: {get_input: keystone_identity_uri}
1471 nova::api::api_bind_address: {get_input: nova_api_network}
1472 nova::api::metadata_listen: {get_input: nova_metadata_network}
1473 nova::api::admin_password: {get_input: nova_password}
1474 nova::api::osapi_compute_workers: {get_input: nova_workers}
1475 nova::api::ec2_workers: {get_input: nova_workers}
1476 nova::api::metadata_workers: {get_input: nova_workers}
1477 nova::database_connection: {get_input: nova_dsn}
1478 nova::glance_api_servers: {get_input: glance_api_servers}
1479 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1480 nova::api::instance_name_template: {get_input: instance_name_template}
1481 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
1482 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1483 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
1484 nova::vncproxy::host: {get_input: nova_api_network}
1485 nova::db::mysql::password: {get_input: nova_password}
1486 nova_enable_db_purge: {get_input: nova_enable_db_purge}
1489 apache::ip: {get_input: horizon_network}
1490 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1491 horizon::django_debug: {get_input: debug}
1492 horizon::secret_key: {get_input: horizon_secret}
1493 horizon::bind_address: {get_input: horizon_network}
1494 horizon::keystone_url: {get_input: keystone_auth_uri}
1497 sahara::host: {get_input: sahara_api_network}
1505 sahara::admin_password: {get_input: sahara_password}
1506 sahara::auth_uri: {get_input: keystone_auth_uri}
1507 sahara::admin_user: sahara
1508 sahara::identity_uri: {get_input: keystone_identity_uri}
1509 sahara::use_neutron: true
1510 sahara::database_connection: {get_input: sahara_dsn}
1511 sahara::debug: {get_input: debug}
1512 sahara::rpc_backend: rabbit
1513 sahara::rabbit_userid: {get_input: rabbit_username}
1514 sahara::rabbit_password: {get_input: rabbit_password}
1515 sahara::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1516 sahara::rabbit_port: {get_input: rabbit_client_port}
1517 sahara::db::mysql::password: {get_input: sahara_password}
1520 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1521 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1522 rabbitmq::file_limit: {get_input: rabbit_fd_limit}
1523 rabbitmq::default_user: {get_input: rabbit_username}
1524 rabbitmq::default_pass: {get_input: rabbit_password}
1526 redis::bind: {get_input: redis_network}
1527 redis_vip: {get_input: redis_vip}
1529 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1530 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1532 memcached::listen_ip: {get_input: memcached_network}
1533 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1534 ntp::servers: {get_input: ntp_servers}
1535 timezone::timezone: {get_input: timezone}
1536 control_virtual_interface: {get_input: control_virtual_interface}
1537 public_virtual_interface: {get_input: public_virtual_interface}
1538 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1539 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1540 tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address}
1541 tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1542 tripleo::packages::enable_install: {get_input: enable_package_install}
1543 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1545 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1546 ControllerExtraConfigPre:
1547 depends_on: ControllerDeployment
1548 type: OS::TripleO::ControllerExtraConfigPre
1550 server: {get_resource: Controller}
1552 # Hook for site-specific additional pre-deployment config,
1553 # applying to all nodes, e.g node registration/unregistration
1555 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1556 type: OS::TripleO::NodeExtraConfig
1558 server: {get_resource: Controller}
1561 type: OS::TripleO::Tasks::PackageUpdate
1564 type: OS::Heat::SoftwareDeployment
1566 name: UpdateDeployment
1567 config: {get_resource: UpdateConfig}
1568 server: {get_resource: Controller}
1571 get_param: UpdateIdentifier
1575 description: IP address of the server in the ctlplane network
1576 value: {get_attr: [Controller, networks, ctlplane, 0]}
1577 external_ip_address:
1578 description: IP address of the server in the external network
1579 value: {get_attr: [ExternalPort, ip_address]}
1580 internal_api_ip_address:
1581 description: IP address of the server in the internal_api network
1582 value: {get_attr: [InternalApiPort, ip_address]}
1584 description: IP address of the server in the storage network
1585 value: {get_attr: [StoragePort, ip_address]}
1586 storage_mgmt_ip_address:
1587 description: IP address of the server in the storage_mgmt network
1588 value: {get_attr: [StorageMgmtPort, ip_address]}
1590 description: IP address of the server in the tenant network
1591 value: {get_attr: [TenantPort, ip_address]}
1592 management_ip_address:
1593 description: IP address of the server in the management network
1594 value: {get_attr: [ManagementPort, ip_address]}
1596 description: Hostname of the server
1597 value: {get_attr: [Controller, name]}
1600 Node object in the format {ip: ..., name: ...} format that the corosync
1603 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1604 name: {get_attr: [Controller, name]}
1607 Server's IP address and hostname in the /etc/hosts format
1610 template: IP HOST.DOMAIN HOST
1612 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1613 DOMAIN: {get_param: CloudDomain}
1614 HOST: {get_attr: [Controller, name]}
1615 nova_server_resource:
1616 description: Heat resource handle for the Nova compute server
1618 {get_resource: Controller}
1620 description: Swift device formatted for swift-ring-builder
1623 template: 'r1z1-IP:%PORT%/d1'
1625 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1626 swift_proxy_memcache:
1627 description: Swift proxy-memcache value
1630 template: "IP:11211"
1632 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1634 description: identifier which changes if the controller configuration may need re-applying
1638 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1639 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1640 - {get_attr: [NodeTLSData, deploy_stdout]}
1641 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1642 - {get_param: UpdateIdentifier}
1643 tls_key_modulus_md5:
1644 description: MD5 checksum of the TLS Key Modulus
1645 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1646 tls_cert_modulus_md5:
1647 description: MD5 checksum of the TLS Certificate Modulus
1648 value: {get_attr: [NodeTLSData, cert_modulus_md5]}