1 heat_template_version: 2016-04-08
4 OpenStack controller node configured by Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
12 description: The password for the aodh services.
15 #TODO(composable Redis): Remove the Redis password param
16 #As is used by ceilometer
19 description: The ceilometer backend type.
21 CeilometerMeteringSecret:
22 description: Secret shared by the ceilometer services.
26 description: The password for the ceilometer service and db account.
29 CeilometerStoreEvents:
31 description: Whether to store events in ceilometer.
33 CeilometerMeterDispatcher:
35 description: Dispatcher to process meter data
38 - allowed_values: ['gnocchi', 'database']
41 description: Number of workers for Ceilometer service.
43 controllerExtraConfig:
46 Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
48 ControllerExtraConfig:
51 Controller specific hiera configuration data to inject into the cluster.
56 A network mapped list of IPs to assign to Controllers in the following form:
58 "internal_api": ["a.b.c.d", "e.f.g.h"],
62 ControlVirtualInterface:
64 description: Interface where virtual ip will be assigned.
68 description: Enable IPv6 in Corosync
72 description: Set to True to enable debugging on all services.
76 description: Whether to enable fencing in Pacemaker or not.
80 description: Whether to use Galera instead of regular MariaDB.
84 description: Whether to deploy a LoadBalancer on the Controller
88 description: Whether to deploy Ceph Storage (OSD) on the Controller
93 Additional hieradata to inject into the cluster, note that
94 ControllerExtraConfig takes precedence over ExtraConfig.
99 Pacemaker fencing configuration. The JSON should have
100 the following structure:
104 "agent": "AGENT_NAME",
105 "host_mac": "HOST_MAC_ADDRESS",
106 "params": {"PARAM_NAME": "PARAM_VALUE"}
114 "agent": "fence_xvm",
115 "host_mac": "52:54:00:aa:bb:cc",
117 "multicast_address": "225.0.0.12",
118 "port": "baremetal_0",
120 "manage_key_file": true,
121 "key_file": "/etc/fence_xvm.key",
122 "key_file_password": "abcdef"
129 description: Flavor for control nodes to request when deploying.
132 - custom_constraint: nova.flavor
135 description: The short name of the Gnocchi backend to use. Should be one
136 of swift, rbd, or file
139 - allowed_values: ['swift', 'file', 'rbd']
140 GnocchiIndexerBackend:
142 description: The short name of the Gnocchi indexer backend to use.
145 description: The password for the gnocchi service and db account.
148 HAProxyStatsPassword:
149 description: Password for HAProxy stats endpoint
152 description: User for HAProxy stats endpoint
155 HAProxySyslogAddress:
157 description: Syslog address where HAproxy will send its log
159 HeatAuthEncryptionKey:
160 description: Auth encryption key for heat-engine
165 description: A list of IP/Hostname allowed to connect to horizon
166 type: comma_delimited_list
168 description: Secret key for Django
173 default: overcloud-control
175 - custom_constraint: glance.image
177 default: 'REBUILD_PRESERVE_EPHEMERAL'
178 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
180 InstanceNameTemplate:
181 default: 'instance-%08x'
182 description: Template string to be used to generate instance names
186 description: Name of an existing Nova key pair to enable SSH access to the instances
189 - custom_constraint: nova.keypair
193 description: Keystone region for endpoint
196 description: Whether to manage IPtables rules.
200 description: Enable IPv6 features in Memcached.
204 description: Whether IPtables rules should be purged before setting up the new ones.
206 MysqlClusterUniquePart:
207 description: A unique identifier of the MySQL cluster the controller is in.
209 default: 'unset' # Has to be here because of the ignored empty value bug
210 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
212 # - length: {min: 4, max: 10}
213 MysqlInnodbBufferPoolSize:
215 Specifies the size of the buffer pool in megabytes. Setting to
216 zero should be interpreted as "no value" and will defer to the
221 description: Configures MySQL max_connections config setting
224 MysqlClustercheckPassword:
230 default: '' # Has to be here because of the ignored empty value bug
231 NeutronMetadataProxySharedSecret:
232 description: Shared secret to prevent spoofing
236 description: The password for the neutron service and db account, used by neutron agents.
239 NeutronPublicInterface:
241 description: What interface to bridge onto br-ex for network nodes.
245 The default MTU for tenant networks. For VXLAN/GRE tunneling, this should
246 be at least 50 bytes smaller than the MTU on the physical network. This
247 value will be used to set the MTU on the virtual Ethernet device.
248 This number is related to the value of NeutronDnsmasqOptions, since that
249 will determine the MTU that is assigned to the VM host through DHCP.
255 Whether to create cron job for purging soft deleted rows in Nova database.
259 description: Enable IPv6 features in Nova
262 description: The password for the nova service and db account, used by nova-api.
267 description: The password for the 'pcsd' user.
269 PublicVirtualInterface:
272 Specifies the interface where the public-facing virtual ip will be assigned.
273 This should be int_public when a VLAN is being used.
277 default: '' # Has to be here because of the ignored empty value bug
280 description: The password for RabbitMQ
285 description: The username for RabbitMQ
290 Rabbit client subscriber parameter to specify
291 an SSL connection to the RabbitMQ host.
295 description: Set rabbit subscriber port, change this if using SSL
298 description: The password for Redis
303 default: '' # Has to be here because of the ignored empty value bug
306 default: '' # Has to be here because of the ignored empty value bug
307 description: An IP address which is wrapped in brackets in case of IPv6
309 description: A random string to be used as a salt when hashing to determine mappings
316 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
319 description: Partition Power to use when building Swift rings
323 description: Whether to manage Swift rings or not
328 description: How many replicas to use in the swift rings.
331 description: The timezone to be set on controller nodes.
333 UpgradeLevelNovaCompute:
335 description: Nova Compute upgrade level
340 EnablePackageInstall:
342 description: Set to true to enable package installation via Puppet
346 description: Mapping of service_name -> network name. Typically set
347 via parameter_defaults in the resource registry.
351 description: Mapping of service endpoint -> protocol. Typically set
352 via parameter_defaults in the resource registry.
358 Setting to a previously unused value during stack-update will trigger
359 package update on all nodes
362 default: '' # Defaults to Heat created hostname
366 description: Optional mapping to override hostnames
367 NetworkDeploymentActions:
368 type: comma_delimited_list
370 Heat action when to apply network configuration changes
375 SoftwareConfigTransport:
376 default: POLL_SERVER_CFN
378 How the server should receive the metadata required for software configuration.
381 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
386 The DNS domain used for the hosts. This should match the dhcp_domain
387 configured in the Undercloud neutron. Defaults to localdomain.
391 Extra properties or metadata passed to Nova for the created nodes in
392 the overcloud. It's accessible via the Nova metadata API.
396 description: Optional scheduler hints to pass to nova
398 ServiceConfigSettings:
404 description: Do not use deprecated params, they will be removed.
406 - controllerExtraConfig
411 type: OS::Nova::Server
413 image: {get_param: Image}
414 image_update_policy: {get_param: ImageUpdatePolicy}
415 flavor: {get_param: Flavor}
416 key_name: {get_param: KeyName}
419 user_data_format: SOFTWARE_CONFIG
420 user_data: {get_resource: UserData}
423 template: {get_param: Hostname}
424 params: {get_param: HostnameMap}
425 software_config_transport: {get_param: SoftwareConfigTransport}
426 metadata: {get_param: ServerMetadata}
427 scheduler_hints: {get_param: SchedulerHints}
429 # Combine the NodeAdminUserData and NodeUserData mime archives
431 type: OS::Heat::MultipartMime
434 - config: {get_resource: NodeAdminUserData}
436 - config: {get_resource: NodeUserData}
439 # Creates the "heat-admin" user if configured via the environment
440 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
442 type: OS::TripleO::NodeAdminUserData
444 # For optional operator additional userdata
445 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
447 type: OS::TripleO::NodeUserData
450 type: OS::TripleO::Controller::Ports::ExternalPort
452 IPPool: {get_param: ControllerIPs}
453 NodeIndex: {get_param: NodeIndex}
454 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
457 type: OS::TripleO::Controller::Ports::InternalApiPort
459 IPPool: {get_param: ControllerIPs}
460 NodeIndex: {get_param: NodeIndex}
461 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
464 type: OS::TripleO::Controller::Ports::StoragePort
466 IPPool: {get_param: ControllerIPs}
467 NodeIndex: {get_param: NodeIndex}
468 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
471 type: OS::TripleO::Controller::Ports::StorageMgmtPort
473 IPPool: {get_param: ControllerIPs}
474 NodeIndex: {get_param: NodeIndex}
475 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
478 type: OS::TripleO::Controller::Ports::TenantPort
480 IPPool: {get_param: ControllerIPs}
481 NodeIndex: {get_param: NodeIndex}
482 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
485 type: OS::TripleO::Controller::Ports::ManagementPort
487 IPPool: {get_param: ControllerIPs}
488 NodeIndex: {get_param: NodeIndex}
489 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
492 type: OS::TripleO::Network::Ports::NetIpMap
494 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
495 ExternalIp: {get_attr: [ExternalPort, ip_address]}
496 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
497 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
498 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
499 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
500 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
501 StorageIp: {get_attr: [StoragePort, ip_address]}
502 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
503 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
504 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
505 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
506 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
507 TenantIp: {get_attr: [TenantPort, ip_address]}
508 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
509 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
510 ManagementIp: {get_attr: [ManagementPort, ip_address]}
511 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
512 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
515 type: OS::TripleO::Controller::Net::SoftwareConfig
517 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
518 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
519 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
520 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
521 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
522 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
523 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
526 type: OS::TripleO::SoftwareDeployment
528 name: NetworkDeployment
529 config: {get_resource: NetworkConfig}
530 server: {get_resource: Controller}
531 actions: {get_param: NetworkDeploymentActions}
534 interface_name: {get_param: NeutronPublicInterface}
536 # Resource for site-specific injection of root certificate
538 depends_on: NetworkDeployment
539 type: OS::TripleO::NodeTLSCAData
541 server: {get_resource: Controller}
543 # Resource for site-specific passing of private keys/certificates
545 depends_on: NodeTLSCAData
546 type: OS::TripleO::NodeTLSData
548 server: {get_resource: Controller}
549 NodeIndex: {get_param: NodeIndex}
552 ControllerDeployment:
553 type: OS::TripleO::SoftwareDeployment
554 depends_on: NetworkDeployment
556 name: ControllerDeployment
557 config: {get_resource: ControllerConfig}
558 server: {get_resource: Controller}
560 bootstack_nodeid: {get_attr: [Controller, name]}
561 ceilometer_workers: {get_param: CeilometerWorkers}
562 haproxy_log_address: {get_param: HAProxySyslogAddress}
563 haproxy_stats_password: {get_param: HAProxyStatsPassword}
564 haproxy_stats_user: {get_param: HAProxyStatsUser}
565 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
566 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
567 horizon_secret: {get_param: HorizonSecret}
568 admin_password: {get_param: AdminPassword}
569 debug: {get_param: Debug}
570 cinder_public_url: {get_param: [EndpointMap, CinderPublic, uri]}
571 cinder_internal_url: {get_param: [EndpointMap, CinderInternal, uri]}
572 cinder_admin_url: {get_param: [EndpointMap, CinderAdmin, uri]}
573 cinder_public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]}
574 cinder_internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]}
575 cinder_admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]}
576 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
577 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
578 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
579 enable_fencing: {get_param: EnableFencing}
580 enable_galera: {get_param: EnableGalera}
581 enable_load_balancer: {get_param: EnableLoadBalancer}
582 enable_ceph_storage: {get_param: EnableCephStorage}
583 manage_firewall: {get_param: ManageFirewall}
584 purge_firewall_rules: {get_param: PurgeFirewallRules}
585 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
586 mysql_max_connections: {get_param: MysqlMaxConnections}
587 mysql_root_password: {get_param: MysqlRootPassword}
588 mysql_clustercheck_password: {get_param: MysqlClustercheckPassword}
591 template: tripleo-CLUSTER
593 CLUSTER: {get_param: MysqlClusterUniquePart}
594 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
595 neutron_password: {get_param: NeutronPassword}
596 neutron_tenant_mtu: {get_param: NeutronTenantMtu}
597 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
598 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
599 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
600 neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
601 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
602 ceilometer_backend: {get_param: CeilometerBackend}
603 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
604 ceilometer_password: {get_param: CeilometerPassword}
605 ceilometer_store_events: {get_param: CeilometerStoreEvents}
606 aodh_password: {get_param: AodhPassword}
607 aodh_internal_url: { get_param: [ EndpointMap, AodhInternal, uri ] }
608 aodh_public_url: { get_param: [ EndpointMap, AodhPublic, uri ] }
609 aodh_admin_url: { get_param: [ EndpointMap, AodhAdmin, uri ] }
610 ceilometer_meter_dispatcher: {get_param: CeilometerMeterDispatcher}
611 gnocchi_password: {get_param: GnocchiPassword}
612 gnocchi_backend: {get_param: GnocchiBackend}
613 gnocchi_indexer_backend: {get_param: GnocchiIndexerBackend}
614 ceilometer_coordination_url:
618 - {get_param: RedisPassword}
620 - {get_param: RedisVirtualIPUri}
625 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
627 - {get_param: CeilometerPassword}
629 - {get_param: [EndpointMap, MysqlInternal, host]}
634 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
636 - {get_param: GnocchiPassword}
638 - {get_param: [EndpointMap, MysqlInternal, host]}
643 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
645 - {get_param: AodhPassword}
647 - {get_param: [EndpointMap, MysqlInternal, host]}
649 gnocchi_internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]}
650 gnocchi_public_url: { get_param: [ EndpointMap, GnocchiPublic, uri ] }
651 gnocchi_admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] }
652 ceilometer_public_url: {get_param: [EndpointMap, CeilometerPublic, uri]}
653 ceilometer_internal_url: {get_param: [EndpointMap, CeilometerInternal, uri]}
654 ceilometer_admin_url: {get_param: [EndpointMap, CeilometerAdmin, uri]}
655 ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
656 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
657 nova_ipv6: {get_param: NovaIPv6}
658 corosync_ipv6: {get_param: CorosyncIPv6}
659 memcached_ipv6: {get_param: MemcachedIPv6}
660 nova_password: {get_param: NovaPassword}
664 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
666 - {get_param: NovaPassword}
668 - {get_param: [EndpointMap, MysqlInternal, host]}
673 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
675 - {get_param: NovaPassword}
677 - {get_param: [EndpointMap, MysqlInternal, host]}
679 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
680 instance_name_template: {get_param: InstanceNameTemplate}
681 nova_public_url: {get_param: [EndpointMap, NovaPublic, uri]}
682 nova_internal_url: {get_param: [EndpointMap, NovaInternal, uri]}
683 nova_admin_url: {get_param: [EndpointMap, NovaAdmin, uri]}
684 fencing_config: {get_param: FencingConfig}
685 pcsd_password: {get_param: PcsdPassword}
686 rabbit_username: {get_param: RabbitUserName}
687 rabbit_password: {get_param: RabbitPassword}
688 rabbit_cookie: {get_param: RabbitCookie}
689 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
690 rabbit_client_port: {get_param: RabbitClientPort}
691 timezone: {get_param: TimeZone}
692 control_virtual_interface: {get_param: ControlVirtualInterface}
693 public_virtual_interface: {get_param: PublicVirtualInterface}
694 swift_hash_suffix: {get_param: SwiftHashSuffix}
695 swift_part_power: {get_param: SwiftPartPower}
696 swift_ring_build: {get_param: SwiftRingBuild}
697 swift_replicas: {get_param: SwiftReplicas}
698 swift_min_part_hours: {get_param: SwiftMinPartHours}
699 enable_package_install: {get_param: EnablePackageInstall}
700 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
701 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
702 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
703 cinder_iscsi_network:
707 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
708 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
709 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
710 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
711 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
712 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
713 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
714 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
715 keystone_region: {get_param: KeystoneRegion}
716 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
717 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
718 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
719 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
720 aodh_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]}
721 gnocchi_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]}
722 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
723 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
724 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
727 template: "['SUBNET']"
729 SUBNET: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
730 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
731 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
732 redis_vip: {get_param: RedisVirtualIP}
733 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
734 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
735 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
736 mysql_virtual_ip: {get_param: MysqlVirtualIP}
737 ceph_cluster_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
738 ceph_public_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
739 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
741 # Map heat metadata into hiera datafiles
743 type: OS::Heat::StructuredConfig
745 group: os-apply-config
750 - heat_config_%{::deploy_config_name}
751 - controller_extraconfig
757 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
758 - ceph_cluster # provided by CephClusterConfig
760 - bootstrap_node # provided by BootstrapNodeConfig
761 - all_nodes # provided by allNodesConfig
762 - vip_data # provided by vip-config
766 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
767 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
768 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
769 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
770 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
771 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
772 - midonet_data #Optionally provided by AllNodesExtraConfig
773 merge_behavior: deeper
776 mapped_data: {get_param: ServiceConfigSettings}
777 controller_extraconfig:
780 - {get_param: controllerExtraConfig}
781 - {get_param: ControllerExtraConfig}
783 mapped_data: {get_param: ExtraConfig}
785 raw_data: {get_file: hieradata/common.yaml}
788 net_ip_map: {get_attr: [NetIpMap, net_ip_map]}
789 net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]}
790 net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]}
792 raw_data: {get_file: hieradata/ceph.yaml}
794 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
795 ceph::profile::params::public_network: {get_input: ceph_public_network}
796 ceph::profile::params::public_addr: {get_input: ceph_public_ip}
798 raw_data: {get_file: hieradata/database.yaml}
800 raw_data: {get_file: hieradata/object.yaml}
802 raw_data: {get_file: hieradata/controller.yaml}
803 mapped_data: # data supplied directly to this deployment configuration, etc
804 bootstack_nodeid: {get_input: bootstack_nodeid}
807 enable_fencing: {get_input: enable_fencing}
808 enable_load_balancer: {get_input: enable_load_balancer}
809 hacluster_pwd: {get_input: pcsd_password}
810 corosync_ipv6: {get_input: corosync_ipv6}
811 tripleo::fencing::config: {get_input: fencing_config}
814 # FIXME: need to move proxy_local_net_ip into swift-proxy.yaml
815 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
816 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
817 swift::swift_hash_path_suffix: {get_input: swift_hash_suffix}
818 tripleo::ringbuilder::build_ring: { get_input: swift_ring_build }
819 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
820 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
821 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
824 tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: {get_input: cinder_iscsi_network}
825 cinder::api::bind_host: {get_input: cinder_api_network}
826 cinder::keystone::auth::public_url: {get_input: cinder_public_url }
827 cinder::keystone::auth::internal_url: {get_input: cinder_internal_url }
828 cinder::keystone::auth::admin_url: {get_input: cinder_admin_url }
829 cinder::keystone::auth::public_url_v2: {get_input: cinder_public_url_v2 }
830 cinder::keystone::auth::internal_url_v2: {get_input: cinder_internal_url_v2 }
831 cinder::keystone::auth::admin_url_v2: {get_input: cinder_admin_url_v2 }
832 cinder::keystone::auth::password: {get_input: cinder_password }
833 cinder::keystone::auth::region: {get_input: keystone_region}
836 glance::api::bind_host: {get_input: glance_api_network}
837 glance::registry::bind_host: {get_input: glance_registry_network}
838 glance::keystone::auth::region: {get_input: keystone_region}
841 heat::api::bind_host: {get_input: heat_api_network}
842 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
843 heat::api_cfn::bind_host: {get_input: heat_api_network}
844 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
847 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
848 keystone::public_bind_host: {get_input: keystone_public_api_network}
849 keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
850 keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
853 mongodb::server::bind_ip: {get_input: mongo_db_network}
856 admin_password: {get_input: admin_password}
857 enable_galera: {get_input: enable_galera}
858 enable_ceph_storage: {get_input: enable_ceph_storage}
859 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
860 mysql_max_connections: {get_input: mysql_max_connections}
861 mysql::server::root_password: {get_input: mysql_root_password}
862 mysql_clustercheck_password: {get_input: mysql_clustercheck_password}
863 mysql_cluster_name: {get_input: mysql_cluster_name}
864 mysql_bind_host: {get_input: mysql_network}
865 mysql_virtual_ip: {get_input: mysql_virtual_ip}
868 neutron::bind_host: {get_input: neutron_api_network}
869 neutron::network_device_mtu: {get_input: neutron_tenant_mtu}
870 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
871 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
872 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
873 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
874 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
875 neutron::keystone::auth::password: {get_input: neutron_password }
876 neutron::keystone::auth::region: {get_input: keystone_region}
879 ceilometer_backend: {get_input: ceilometer_backend}
880 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
881 ceilometer::telemetry_secret: {get_input: ceilometer_metering_secret}
882 ceilometer::rabbit_userid: {get_input: rabbit_username}
883 ceilometer::rabbit_password: {get_input: rabbit_password}
884 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
885 ceilometer::rabbit_port: {get_input: rabbit_client_port}
886 ceilometer::debug: {get_input: debug}
887 ceilometer::api::host: {get_input: ceilometer_api_network}
888 ceilometer::api::keystone_password: {get_input: ceilometer_password}
889 ceilometer::api::auth_uri: {get_input: keystone_auth_uri}
890 ceilometer::api::identity_uri: {get_input: keystone_identity_uri}
891 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
892 ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url}
893 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
894 ceilometer::agent::notification::store_events: {get_input: ceilometer_store_events}
895 ceilometer::db::mysql::password: {get_input: ceilometer_password}
896 ceilometer::collector::meter_dispatcher: {get_input: ceilometer_meter_dispatcher}
897 ceilometer::dispatcher::gnocchi::url: {get_input: gnocchi_internal_url }
898 ceilometer::dispatcher::gnocchi::filter_project: 'service'
899 ceilometer::dispatcher::gnocchi::archive_policy: 'low'
900 ceilometer::dispatcher::gnocchi::resources_definition_file: 'gnocchi_resources.yaml'
901 ceilometer::keystone::auth::public_url: {get_input: ceilometer_public_url }
902 ceilometer::keystone::auth::internal_url: {get_input: ceilometer_internal_url }
903 ceilometer::keystone::auth::admin_url: {get_input: ceilometer_admin_url }
904 ceilometer::keystone::auth::password: {get_input: ceilometer_password }
905 ceilometer::keystone::auth::region: {get_input: keystone_region}
906 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
907 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
910 aodh_mysql_conn_string: {get_input: aodh_dsn}
911 aodh::rabbit_userid: {get_input: rabbit_username}
912 aodh::rabbit_password: {get_input: rabbit_password}
913 aodh::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
914 aodh::rabbit_port: {get_input: rabbit_client_port}
915 aodh::debug: {get_input: debug}
916 aodh::wsgi::apache::ssl: false
917 aodh::wsgi::apache::bind_host: {get_input: aodh_api_network}
918 aodh::api::service_name: 'httpd'
919 aodh::api::host: {get_input: aodh_api_network}
920 aodh::api::keystone_password: {get_input: aodh_password}
921 aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri}
922 aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri}
923 aodh::auth::auth_url: {get_input: keystone_auth_uri}
924 aodh::auth::auth_password: {get_input: aodh_password}
925 aodh::db::mysql::password: {get_input: aodh_password}
926 # for a migration path from ceilometer-alarm to aodh, we use the same database & coordination
927 aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url}
928 aodh::keystone::auth::public_url: {get_input: aodh_public_url }
929 aodh::keystone::auth::internal_url: {get_input: aodh_internal_url }
930 aodh::keystone::auth::admin_url: {get_input: aodh_admin_url }
931 aodh::keystone::auth::password: {get_input: aodh_password }
932 aodh::keystone::auth::region: {get_input: keystone_region}
935 gnocchi_backend: {get_input: gnocchi_backend}
936 gnocchi_indexer_backend: {get_input: gnocchi_indexer_backend}
937 gnocchi_mysql_conn_string: {get_input: gnocchi_dsn}
938 gnocchi::debug: {get_input: debug}
939 gnocchi::wsgi::apache::ssl: false
940 gnocchi::wsgi::apache::bind_host: {get_input: gnocchi_api_network}
941 gnocchi::api::service_name: 'httpd'
942 gnocchi::api::host: {get_input: gnocchi_api_network}
943 gnocchi::api::keystone_password: {get_input: gnocchi_password}
944 gnocchi::api::keystone_auth_uri: {get_input: keystone_auth_uri}
945 gnocchi::api::keystone_identity_uri: {get_input: keystone_identity_uri}
946 gnocchi::db::mysql::password: {get_input: gnocchi_password}
947 gnocchi::storage::swift::swift_authurl: {get_input: keystone_auth_uri}
948 gnocchi::storage::swift::swift_key: {get_input: gnocchi_password}
949 gnocchi::keystone::auth::public_url: {get_input: gnocchi_public_url }
950 gnocchi::keystone::auth::internal_url: {get_input: gnocchi_internal_url }
951 gnocchi::keystone::auth::admin_url: {get_input: gnocchi_admin_url }
952 gnocchi::keystone::auth::password: {get_input: gnocchi_password }
953 gnocchi::keystone::auth::region: {get_input: keystone_region}
956 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
957 nova::use_ipv6: {get_input: nova_ipv6}
958 nova::api::auth_uri: {get_input: keystone_auth_uri}
959 nova::api::identity_uri: {get_input: keystone_identity_uri}
960 nova::api::api_bind_address: {get_input: nova_api_network}
961 nova::api::metadata_listen: {get_input: nova_metadata_network}
962 nova::api::admin_password: {get_input: nova_password}
963 nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu}
964 nova::database_connection: {get_input: nova_dsn}
965 nova::api_database_connection: {get_input: nova_api_dsn}
966 nova::glance_api_servers: {get_input: glance_api_servers}
967 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
968 nova::api::instance_name_template: {get_input: instance_name_template}
969 nova::network::neutron::neutron_password: {get_input: neutron_password}
970 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
971 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
972 nova::vncproxy::host: {get_input: nova_api_network}
973 nova::db::mysql::password: {get_input: nova_password}
974 nova::db::mysql_api::password: {get_input: nova_password}
975 nova_enable_db_purge: {get_input: nova_enable_db_purge}
976 nova::keystone::auth::public_url: {get_input: nova_public_url}
977 nova::keystone::auth::internal_url: {get_input: nova_internal_url}
978 nova::keystone::auth::admin_url: {get_input: nova_admin_url}
979 nova::keystone::auth::password: {get_input: nova_password }
980 nova::keystone::auth::region: {get_input: keystone_region}
983 apache::mod::remoteip::proxy_ips: {get_input: horizon_subnet}
984 apache::ip: {get_input: horizon_network}
985 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
986 horizon::django_debug: {get_input: debug}
987 horizon::secret_key: {get_input: horizon_secret}
988 horizon::bind_address: {get_input: horizon_network}
989 horizon::keystone_url: {get_input: keystone_auth_uri}
992 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
993 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
995 redis::bind: {get_input: redis_network}
996 redis_vip: {get_input: redis_vip}
998 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
999 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1001 memcached_ipv6: {get_input: memcached_ipv6}
1002 memcached::listen_ip: {get_input: memcached_network}
1003 timezone::timezone: {get_input: timezone}
1004 control_virtual_interface: {get_input: control_virtual_interface}
1005 public_virtual_interface: {get_input: public_virtual_interface}
1006 tripleo::keepalived::control_virtual_interface: {get_input: control_virtual_interface}
1007 tripleo::keepalived::public_virtual_interface: {get_input: public_virtual_interface}
1008 tripleo::haproxy::control_virtual_interface: {get_input: control_virtual_interface}
1009 tripleo::haproxy::public_virtual_interface: {get_input: public_virtual_interface}
1010 tripleo::haproxy::haproxy_log_address: {get_input: haproxy_log_address}
1011 tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1012 tripleo::haproxy::haproxy_stats_user: {get_input: haproxy_stats_user}
1013 tripleo::haproxy::haproxy_stats_password: {get_input: haproxy_stats_password}
1014 tripleo::haproxy::redis_password: {get_input: redis_password}
1015 tripleo::packages::enable_install: {get_input: enable_package_install}
1016 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1018 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1019 ControllerExtraConfigPre:
1020 depends_on: ControllerDeployment
1021 type: OS::TripleO::ControllerExtraConfigPre
1023 server: {get_resource: Controller}
1025 # Hook for site-specific additional pre-deployment config,
1026 # applying to all nodes, e.g node registration/unregistration
1028 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1029 type: OS::TripleO::NodeExtraConfig
1031 server: {get_resource: Controller}
1034 type: OS::TripleO::Tasks::PackageUpdate
1037 type: OS::Heat::SoftwareDeployment
1039 name: UpdateDeployment
1040 config: {get_resource: UpdateConfig}
1041 server: {get_resource: Controller}
1044 get_param: UpdateIdentifier
1048 description: IP address of the server in the ctlplane network
1049 value: {get_attr: [Controller, networks, ctlplane, 0]}
1050 external_ip_address:
1051 description: IP address of the server in the external network
1052 value: {get_attr: [ExternalPort, ip_address]}
1053 internal_api_ip_address:
1054 description: IP address of the server in the internal_api network
1055 value: {get_attr: [InternalApiPort, ip_address]}
1057 description: IP address of the server in the storage network
1058 value: {get_attr: [StoragePort, ip_address]}
1059 storage_mgmt_ip_address:
1060 description: IP address of the server in the storage_mgmt network
1061 value: {get_attr: [StorageMgmtPort, ip_address]}
1063 description: IP address of the server in the tenant network
1064 value: {get_attr: [TenantPort, ip_address]}
1065 management_ip_address:
1066 description: IP address of the server in the management network
1067 value: {get_attr: [ManagementPort, ip_address]}
1069 description: Hostname of the server
1070 value: {get_attr: [Controller, name]}
1073 Server's IP address and hostname in the /etc/hosts format
1077 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
1078 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
1079 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
1080 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
1081 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
1082 TENANTIP TENANTHOST.DOMAIN TENANTHOST
1083 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
1085 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1086 DOMAIN: {get_param: CloudDomain}
1087 PRIMARYHOST: {get_attr: [Controller, name]}
1088 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
1092 - - {get_attr: [Controller, name]}
1094 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
1098 - - {get_attr: [Controller, name]}
1100 STORAGEIP: {get_attr: [StoragePort, ip_address]}
1104 - - {get_attr: [Controller, name]}
1106 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
1110 - - {get_attr: [Controller, name]}
1112 TENANTIP: {get_attr: [TenantPort, ip_address]}
1116 - - {get_attr: [Controller, name]}
1118 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
1122 - - {get_attr: [Controller, name]}
1124 nova_server_resource:
1125 description: Heat resource handle for the Nova compute server
1127 {get_resource: Controller}
1129 description: Swift device formatted for swift-ring-builder
1132 template: 'r1z1-IP:%PORT%/d1'
1134 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1135 swift_proxy_memcache:
1136 description: Swift proxy-memcache value
1139 template: "IP:11211"
1141 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1143 description: identifier which changes if the controller configuration may need re-applying
1147 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1148 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1149 - {get_attr: [NodeTLSData, deploy_stdout]}
1150 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1151 - {get_param: UpdateIdentifier}
1152 tls_key_modulus_md5:
1153 description: MD5 checksum of the TLS Key Modulus
1154 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1155 tls_cert_modulus_md5:
1156 description: MD5 checksum of the TLS Certificate Modulus
1157 value: {get_attr: [NodeTLSData, cert_modulus_md5]}
Code Review / apex-tripleo-heat-templates.git / blob