1 heat_template_version: 2015-10-15
4 OpenStack controller node configured by Puppet.
8 default: 'admin@example.com'
9 description: The email for the keystone admin account.
13 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
17 description: The keystone auth secret and db password.
20 CeilometerApiVirtualIP:
25 description: The ceilometer backend type.
27 CeilometerMeteringSecret:
28 description: Secret shared by the ceilometer services.
32 description: The password for the ceilometer service and db account.
40 description: Number of workers for Ceilometer service.
45 Whether to create cron job for purging soft deleted rows in Cinder database.
47 CinderEnableNfsBackend:
49 description: Whether to enable or not the NFS backend for Cinder
51 CinderEnableIscsiBackend:
53 description: Whether to enable or not the Iscsi backend for Cinder
55 CinderEnableRbdBackend:
57 description: Whether to enable or not the Rbd backend for Cinder
61 description: The iSCSI helper to use with cinder.
63 CinderLVMLoopDeviceSize:
65 description: The size of the loopback file used by the cinder LVM driver.
67 CinderNfsMountOptions:
70 Mount options for NFS mounts used by Cinder NFS backend. Effective
71 when CinderEnableNfsBackend is true.
76 NFS servers used by Cinder NFS backend. Effective when
77 CinderEnableNfsBackend is true.
78 type: comma_delimited_list
80 description: The password for the cinder service and db account, used by cinder-api.
85 description: Contains parameters to configure Cinder backends. Typically
86 set via parameter_defaults in the resource registry.
90 description: Number of workers for Cinder service.
92 ControllerExtraConfig:
95 Controller specific hiera configuration data to inject into the cluster.
100 A network mapped list of IPs to assign to Controllers in the following form:
102 "internal_api": ["a.b.c.d", "e.f.g.h"],
106 ControlVirtualInterface:
108 description: Interface where virtual ip will be assigned.
112 description: Set to True to enable debugging on all services.
116 description: Whether to enable fencing in Pacemaker or not.
120 description: Whether to use Galera instead of regular MariaDB.
124 description: Whether to deploy a LoadBalancer on the Controller
128 description: Whether to deploy Ceph Storage (OSD) on the Controller
132 description: Whether to enable Swift Storage on the Controller
137 Additional hieradata to inject into the cluster, note that
138 ControllerExtraConfig takes precedence over ExtraConfig.
143 Pacemaker fencing configuration. The JSON should have
144 the following structure:
148 "agent": "AGENT_NAME",
149 "host_mac": "HOST_MAC_ADDRESS",
150 "params": {"PARAM_NAME": "PARAM_VALUE"}
158 "agent": "fence_xvm",
159 "host_mac": "52:54:00:aa:bb:cc",
161 "multicast_address": "225.0.0.12",
162 "port": "baremetal_0",
164 "manage_key_file": true,
165 "key_file": "/etc/fence_xvm.key",
166 "key_file_password": "abcdef"
173 description: Flavor for control nodes to request when deploying.
176 - custom_constraint: nova.flavor
177 GlanceNotifierStrategy:
178 description: Strategy to use for Glance notification queue
182 description: The filepath of the file to use for logging messages from Glance.
186 description: The password for the glance service and db account, used by the glance services.
191 description: The short name of the Glance backend to use. Should be one
192 of swift, rbd, or file
195 - allowed_values: ['swift', 'file', 'rbd']
196 GlanceFilePcmkDevice:
199 An exported storage device that should be mounted by Pacemaker
200 as Glance storage. Effective when GlanceFilePcmkManage is true.
202 GlanceFilePcmkFstype:
205 Filesystem type for Pacemaker mount used as Glance storage.
206 Effective when GlanceFilePcmkManage is true.
208 GlanceFilePcmkManage:
211 Whether to make Glance file backend a mount managed by Pacemaker.
212 Effective when GlanceBackend is 'file'.
214 GlanceFilePcmkOptions:
217 Mount options for Pacemaker mount used as Glance storage.
218 Effective when GlanceFilePcmkManage is true.
220 HAProxySyslogAddress:
222 description: Syslog address where HAproxy will send its log
226 description: Number of workers for Glance service.
229 description: The password for the Heat service and db account, used by the Heat services.
232 HeatStackDomainAdminPassword:
233 description: Password for heat_domain_admin user.
236 HeatAuthEncryptionKey:
237 description: Auth encryption key for heat-engine
242 description: A list of IP/Hostname allowed to connect to horizon
243 type: comma_delimited_list
246 description: Number of workers for Heat service.
249 description: Secret key for Django
254 default: overcloud-control
256 - custom_constraint: glance.image
258 default: 'REBUILD_PRESERVE_EPHEMERAL'
259 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
261 InstanceNameTemplate:
262 default: 'instance-%08x'
263 description: Template string to be used to generate instance names
267 description: Name of an existing Nova key pair to enable SSH access to the instances
270 - custom_constraint: nova.keypair
271 KeystoneCACertificate:
273 description: Keystone self-signed certificate authority certificate.
275 KeystoneEnableDBPurge:
278 Whether to create cron job for purging soft deleted rows in Keystone database.
280 KeystoneSigningCertificate:
282 description: Keystone certificate for verifying token validity.
286 description: Keystone key for signing tokens.
289 KeystoneSSLCertificate:
291 description: Keystone certificate for verifying token validity.
293 KeystoneSSLCertificateKey:
295 description: Keystone key for signing tokens.
298 KeystoneNotificationDriver:
299 description: Comma-separated list of Oslo notification drivers used by Keystone
300 default: ['messaging']
301 type: comma_delimited_list
302 KeystoneNotificationFormat:
303 description: The Keystone notification format
307 - allowed_values: [ 'basic', 'cadf' ]
311 description: Keystone region for endpoint
314 description: Whether to manage IPtables rules.
318 description: Whether IPtables rules should be purged before setting up the new ones.
322 description: Number of workers for Keystone service.
329 description: The password for the sahara service account, used by sahara-api.
332 MysqlClusterUniquePart:
333 description: A unique identifier of the MySQL cluster the controller is in.
335 default: 'unset' # Has to be here because of the ignored empty value bug
336 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
338 # - length: {min: 4, max: 10}
339 MysqlInnodbBufferPoolSize:
341 Specifies the size of the buffer pool in megabytes. Setting to
342 zero should be interpreted as "no value" and will defer to the
347 description: Configures MySQL max_connections config setting
353 default: '' # Has to be here because of the ignored empty value bug
354 NeutronExternalNetworkBridge:
355 description: Name of bridge used for external network traffic.
358 NeutronBridgeMappings:
360 The OVS logical->physical bridge mappings to use. See the Neutron
361 documentation for details. Defaults to mapping br-ex - the external
362 bridge on hosts - to a physical name 'datacentre' which can be used
363 to create provider networks (and we use this for the default floating
364 network) - if changing this either use different post-install network
365 scripts or be sure to keep 'datacentre' as a mapping network name.
366 type: comma_delimited_list
367 default: "datacentre:br-ex"
368 NeutronDnsmasqOptions:
369 default: 'dhcp-option-force=26,1400'
370 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
372 NeutronEnableDHCPAgent:
373 description: Knob to enable/disable DHCP Agent
376 NeutronEnableL3Agent:
377 description: Knob to enable/disable L3 agent
380 NeutronEnableMetadataAgent:
381 description: Knob to enable/disable Metadata agent
384 NeutronEnableOVSAgent:
385 description: Knob to enable/disable OVS Agent
390 description: Agent mode for the neutron-l3-agent on the controller hosts
394 description: Whether to enable l3-agent HA
396 NeutronDhcpAgentsPerNetwork:
399 description: The number of neutron dhcp agents to schedule per network
402 description: Whether to configure Neutron Distributed Virtual Routers
404 NeutronMetadataProxySharedSecret:
405 description: Shared secret to prevent spoofing
411 The core plugin for Neutron. The value should be the entrypoint to be loaded
412 from neutron.core_plugins namespace.
414 NeutronServicePlugins:
415 default: "router,qos"
417 Comma-separated list of service plugin entrypoints to be loaded from the
418 neutron.service_plugins namespace.
419 type: comma_delimited_list
421 default: "vxlan,vlan,flat,gre"
423 Comma-separated list of network type driver entrypoints to be loaded.
424 type: comma_delimited_list
425 NeutronMechanismDrivers:
426 default: 'openvswitch'
428 The mechanism drivers for the Neutron tenant network.
429 type: comma_delimited_list
430 NeutronAllowL3AgentFailover:
432 description: Allow automatic l3-agent failover
434 NeutronEnableIsolatedMetadata:
436 description: If True, DHCP provide metadata route to VM.
438 NeutronEnableTunnelling:
444 Enable/disable the L2 population feature in the Neutron agents.
447 type: comma_delimited_list
448 default: 'datacentre'
449 description: If set, flat networks to configure in neutron plugins.
452 description: Whether to enable l3-agent HA
456 description: The tenant network type for Neutron.
457 type: comma_delimited_list
458 NeutronNetworkVLANRanges:
459 default: 'datacentre:1:1000'
461 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
462 Neutron documentation for permitted values. Defaults to permitting any
463 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
464 type: comma_delimited_list
466 description: The password for the neutron service and db account, used by neutron agents.
469 NeutronPublicInterface:
471 description: What interface to bridge onto br-ex for network nodes.
473 NeutronPublicInterfaceTag:
476 VLAN tag for creating a public VLAN. The tag will be used to
477 create an access port on the exterior bridge for each control plane node,
478 and that port will be given the IP address returned by neutron from the
479 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
480 overcloud.yaml to include the deployment of VLAN ports to the control
483 NeutronPublicInterfaceDefaultRoute:
485 description: A custom default route for the NeutronPublicInterface.
487 NeutronPublicInterfaceIP:
489 description: A custom IP address to put onto the NeutronPublicInterface.
491 NeutronPublicInterfaceRawDevice:
493 description: If set, the public interface is a vlan with this device as the raw device.
497 The default MTU for tenant networks. For VXLAN/GRE tunneling, this should
498 be at least 50 bytes smaller than the MTU on the physical network. This
499 value will be used to set the MTU on the virtual Ethernet device.
500 This number is related to the value of NeutronDnsmasqOptions, since that
501 will determine the MTU that is assigned to the VM host through DHCP.
507 The tunnel types for the Neutron tenant network.
508 type: comma_delimited_list
509 NeutronTunnelIdRanges:
511 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
512 of GRE tunnel IDs that are available for tenant network allocation
513 default: ["1:4094", ]
514 type: comma_delimited_list
517 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
518 of VXLAN VNI IDs that are available for tenant network allocation
519 default: ["1:4094", ]
520 type: comma_delimited_list
521 NeutronPluginExtensions:
522 default: "qos,port_security"
524 Comma-separated list of extensions enabled for the Neutron plugin.
525 type: comma_delimited_list
526 NeutronAgentExtensions:
529 Comma-separated list of extensions enabled for the Neutron agents.
530 type: comma_delimited_list
536 description: Number of workers for Neutron service.
541 Whether to create cron job for purging soft deleted rows in Nova database.
544 description: The password for the nova service and db account, used by nova-api.
549 description: Number of workers for Nova service.
553 description: Should MongoDb journaling be disabled
557 description: Comma-separated list of ntp servers
558 type: comma_delimited_list
561 description: The password for the 'pcsd' user.
563 PublicVirtualInterface:
566 Specifies the interface where the public-facing virtual ip will be assigned.
567 This should be int_public when a VLAN is being used.
571 default: '' # Has to be here because of the ignored empty value bug
574 default: '' # Has to be here because of the ignored empty value bug
578 description: The password for RabbitMQ
583 description: The username for RabbitMQ
588 Rabbit client subscriber parameter to specify
589 an SSL connection to the RabbitMQ host.
593 description: Set rabbit subscriber port, change this if using SSL
597 description: Configures RabbitMQ FD limit
601 default: '' # Has to be here because of the ignored empty value bug
602 SnmpdReadonlyUserName:
603 default: ro_snmp_user
604 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
606 SnmpdReadonlyUserPassword:
607 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
611 description: A random string to be used as a salt when hashing to determine mappings
617 description: Value of mount_check in Swift account/container/object -server.conf
622 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
625 description: Partition Power to use when building Swift rings
628 description: The password for the swift service account, used by the swift proxy
638 description: How many replicas to use in the swift rings.
641 description: Number of workers for Swift service.
645 description: The timezone to be set on controller nodes.
647 UpgradeLevelNovaCompute:
649 description: Nova Compute upgrade level
651 VirtualIP: # DEPRECATED: use per service settings instead
653 default: '' # Has to be here because of the ignored empty value bug
660 GlanceRegistryVirtualIP:
666 KeystoneAdminApiVirtualIP:
669 KeystonePublicApiVirtualIP:
675 EnablePackageInstall:
677 description: Set to true to enable package installation via Puppet
681 description: Mapping of service_name -> network name. Typically set
682 via parameter_defaults in the resource registry.
686 description: Mapping of service endpoint -> protocol. Typically set
687 via parameter_defaults in the resource registry.
693 Setting to a previously unused value during stack-update will trigger
694 package update on all nodes
697 default: '' # Defaults to Heat created hostname
698 NetworkDeploymentActions:
699 type: comma_delimited_list
701 Heat action when to apply network configuration changes
706 SoftwareConfigTransport:
707 default: POLL_SERVER_CFN
709 How the server should receive the metadata required for software configuration.
712 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
717 The DNS domain used for the hosts. This should match the dhcp_domain
718 configured in the Undercloud neutron. Defaults to localdomain.
722 Extra properties or metadata passed to Nova for the created nodes in
723 the overcloud. It's accessible via the Nova metadata API.
727 description: Optional scheduler hints to pass to nova
733 type: OS::Nova::Server
735 image: {get_param: Image}
736 image_update_policy: {get_param: ImageUpdatePolicy}
737 flavor: {get_param: Flavor}
738 key_name: {get_param: KeyName}
741 user_data_format: SOFTWARE_CONFIG
742 user_data: {get_resource: UserData}
743 name: {get_param: Hostname}
744 software_config_transport: {get_param: SoftwareConfigTransport}
745 metadata: {get_param: ServerMetadata}
746 scheduler_hints: {get_param: SchedulerHints}
748 # Combine the NodeAdminUserData and NodeUserData mime archives
750 type: OS::Heat::MultipartMime
753 - config: {get_resource: NodeAdminUserData}
755 - config: {get_resource: NodeUserData}
758 # Creates the "heat-admin" user if configured via the environment
759 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
761 type: OS::TripleO::NodeAdminUserData
763 # For optional operator additional userdata
764 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
766 type: OS::TripleO::NodeUserData
769 type: OS::TripleO::Controller::Ports::ExternalPort
771 IPPool: {get_param: ControllerIPs}
772 NodeIndex: {get_param: NodeIndex}
773 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
776 type: OS::TripleO::Controller::Ports::InternalApiPort
778 IPPool: {get_param: ControllerIPs}
779 NodeIndex: {get_param: NodeIndex}
780 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
783 type: OS::TripleO::Controller::Ports::StoragePort
785 IPPool: {get_param: ControllerIPs}
786 NodeIndex: {get_param: NodeIndex}
787 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
790 type: OS::TripleO::Controller::Ports::StorageMgmtPort
792 IPPool: {get_param: ControllerIPs}
793 NodeIndex: {get_param: NodeIndex}
794 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
797 type: OS::TripleO::Controller::Ports::TenantPort
799 IPPool: {get_param: ControllerIPs}
800 NodeIndex: {get_param: NodeIndex}
801 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
804 type: OS::TripleO::Controller::Ports::ManagementPort
806 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
809 type: OS::TripleO::Network::Ports::NetIpMap
811 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
812 ExternalIp: {get_attr: [ExternalPort, ip_address]}
813 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
814 StorageIp: {get_attr: [StoragePort, ip_address]}
815 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
816 TenantIp: {get_attr: [TenantPort, ip_address]}
817 ManagementIp: {get_attr: [ManagementPort, ip_address]}
820 type: OS::TripleO::Network::Ports::NetIpSubnetMap
822 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
823 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
824 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
825 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
826 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
827 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
828 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
831 type: OS::TripleO::Controller::Net::SoftwareConfig
833 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
834 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
835 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
836 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
837 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
838 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
839 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
842 type: OS::TripleO::SoftwareDeployment
844 name: NetworkDeployment
845 config: {get_resource: NetworkConfig}
846 server: {get_resource: Controller}
847 actions: {get_param: NetworkDeploymentActions}
850 interface_name: {get_param: NeutronPublicInterface}
852 # Resource for site-specific injection of root certificate
854 depends_on: NetworkDeployment
855 type: OS::TripleO::NodeTLSCAData
857 server: {get_resource: Controller}
859 # Resource for site-specific passing of private keys/certificates
861 depends_on: NodeTLSCAData
862 type: OS::TripleO::NodeTLSData
864 server: {get_resource: Controller}
865 NodeIndex: {get_param: NodeIndex}
868 ControllerDeployment:
869 type: OS::TripleO::SoftwareDeployment
870 depends_on: NetworkDeployment
872 name: ControllerDeployment
873 config: {get_resource: ControllerConfig}
874 server: {get_resource: Controller}
876 bootstack_nodeid: {get_attr: [Controller, name]}
877 ceilometer_workers: {get_param: CeilometerWorkers}
878 cinder_workers: {get_param: CinderWorkers}
879 glance_workers: {get_param: GlanceWorkers}
880 heat_workers: {get_param: HeatWorkers}
881 keystone_workers: {get_param: KeystoneWorkers}
882 nova_workers: {get_param: NovaWorkers}
883 neutron_workers: {get_param: NeutronWorkers}
884 swift_workers: {get_param: SwiftWorkers}
885 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
886 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
887 neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
888 haproxy_log_address: {get_param: HAProxySyslogAddress}
889 heat.watch_server_url:
893 - {get_param: HeatApiVirtualIP}
895 heat.metadata_server_url:
899 - {get_param: HeatApiVirtualIP}
901 heat.waitcondition_server_url:
905 - {get_param: HeatApiVirtualIP}
906 - ':8000/v1/waitcondition'
907 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
908 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
909 horizon_secret: {get_param: HorizonSecret}
910 admin_email: {get_param: AdminEmail}
911 admin_password: {get_param: AdminPassword}
912 admin_token: {get_param: AdminToken}
913 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
914 debug: {get_param: Debug}
915 cinder_enable_db_purge: {get_param: CinderEnableDBPurge}
916 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
917 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
918 cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
923 SERVERS: {get_param: CinderNfsServers}
924 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
925 cinder_password: {get_param: CinderPassword}
926 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
927 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
928 cinder_backend_config: {get_param: CinderBackendConfig}
932 - - 'mysql+pymysql://cinder:'
933 - {get_param: CinderPassword}
935 - {get_param: MysqlVirtualIP}
937 glance_port: {get_param: [EndpointMap, GlanceInternal, port]}
938 glance_password: {get_param: GlancePassword}
939 glance_backend: {get_param: GlanceBackend}
940 glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice}
941 glance_file_pcmk_fstype: {get_param: GlanceFilePcmkFstype}
942 glance_file_pcmk_manage: {get_param: GlanceFilePcmkManage}
943 glance_file_pcmk_options: {get_param: GlanceFilePcmkOptions}
944 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
945 glance_log_file: {get_param: GlanceLogFile}
949 - - 'mysql+pymysql://glance:'
950 - {get_param: GlancePassword}
952 - {get_param: MysqlVirtualIP}
954 heat_password: {get_param: HeatPassword}
955 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
959 - - 'mysql+pymysql://heat:'
960 - {get_param: HeatPassword}
962 - {get_param: MysqlVirtualIP}
964 keystone_ca_certificate: {get_param: KeystoneCACertificate}
965 keystone_signing_key: {get_param: KeystoneSigningKey}
966 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
967 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
968 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
969 keystone_notification_driver: {get_param: KeystoneNotificationDriver}
970 keystone_notification_format: {get_param: KeystoneNotificationFormat}
971 keystone_enable_db_purge: {get_param: KeystoneEnableDBPurge}
975 - - 'mysql+pymysql://keystone:'
976 - {get_param: AdminToken}
978 - {get_param: MysqlVirtualIP}
980 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
981 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
982 keystone_public_url: { get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
983 keystone_internal_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
984 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
985 enable_fencing: {get_param: EnableFencing}
986 enable_galera: {get_param: EnableGalera}
987 enable_load_balancer: {get_param: EnableLoadBalancer}
988 enable_ceph_storage: {get_param: EnableCephStorage}
989 enable_swift_storage: {get_param: EnableSwiftStorage}
990 manage_firewall: {get_param: ManageFirewall}
991 purge_firewall_rules: {get_param: PurgeFirewallRules}
992 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
993 mysql_max_connections: {get_param: MysqlMaxConnections}
994 mysql_root_password: {get_param: MysqlRootPassword}
997 template: tripleo-CLUSTER
999 CLUSTER: {get_param: MysqlClusterUniquePart}
1000 neutron_flat_networks:
1004 NETWORKS: {get_param: NeutronFlatNetworks}
1005 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
1006 neutron_agent_mode: {get_param: NeutronAgentMode}
1007 neutron_router_distributed: {get_param: NeutronDVR}
1008 neutron_core_plugin: {get_param: NeutronCorePlugin}
1009 neutron_service_plugins:
1013 PLUGINS: {get_param: NeutronServicePlugins}
1014 neutron_type_drivers:
1018 DRIVERS: {get_param: NeutronTypeDrivers}
1019 neutron_enable_dhcp_agent: {get_param: NeutronEnableDHCPAgent}
1020 neutron_enable_l3_agent: {get_param: NeutronEnableL3Agent}
1021 neutron_enable_metadata_agent: {get_param: NeutronEnableMetadataAgent}
1022 neutron_enable_ovs_agent: {get_param: NeutronEnableOVSAgent}
1023 neutron_mechanism_drivers:
1025 template: MECHANISMS
1027 MECHANISMS: {get_param: NeutronMechanismDrivers}
1028 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
1029 neutron_l3_ha: {get_param: NeutronL3HA}
1030 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
1031 neutron_network_vlan_ranges:
1035 RANGES: {get_param: NeutronNetworkVLANRanges}
1036 neutron_bridge_mappings:
1040 MAPPINGS: {get_param: NeutronBridgeMappings}
1041 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
1042 neutron_public_interface: {get_param: NeutronPublicInterface}
1043 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
1044 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
1045 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
1046 neutron_tunnel_id_ranges:
1050 RANGES: {get_param: NeutronTunnelIdRanges}
1055 RANGES: {get_param: NeutronVniRanges}
1056 neutron_tenant_network_types:
1060 TYPES: {get_param: NeutronNetworkType}
1061 neutron_tunnel_types:
1065 TYPES: {get_param: NeutronTunnelTypes}
1066 neutron_plugin_extensions:
1068 template: PLUGIN_EXTENSIONS
1070 PLUGIN_EXTENSIONS: {get_param: NeutronPluginExtensions}
1071 neutron_agent_extensions:
1073 template: AGENT_EXTENSIONS
1075 AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
1076 neutron_password: {get_param: NeutronPassword}
1077 neutron_tenant_mtu: {get_param: NeutronTenantMtu}
1078 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
1082 - - 'mysql+pymysql://neutron:'
1083 - {get_param: NeutronPassword}
1085 - {get_param: MysqlVirtualIP}
1086 - '/ovs_neutron?charset=utf8'
1087 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
1088 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
1089 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
1090 neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
1091 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
1092 ceilometer_backend: {get_param: CeilometerBackend}
1093 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
1094 ceilometer_password: {get_param: CeilometerPassword}
1095 ceilometer_coordination_url:
1099 - {get_param: RedisVirtualIP}
1104 - - 'mysql+pymysql://ceilometer:'
1105 - {get_param: CeilometerPassword}
1107 - {get_param: MysqlVirtualIP}
1109 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
1110 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
1111 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
1112 nova_password: {get_param: NovaPassword}
1116 - - 'mysql+pymysql://nova:'
1117 - {get_param: NovaPassword}
1119 - {get_param: MysqlVirtualIP}
1124 - - 'mysql+pymysql://nova_api:'
1125 - {get_param: NovaPassword}
1127 - {get_param: MysqlVirtualIP}
1129 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
1130 instance_name_template: {get_param: InstanceNameTemplate}
1131 fencing_config: {get_param: FencingConfig}
1132 pcsd_password: {get_param: PcsdPassword}
1133 rabbit_username: {get_param: RabbitUserName}
1134 rabbit_password: {get_param: RabbitPassword}
1135 rabbit_cookie: {get_param: RabbitCookie}
1136 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
1137 rabbit_client_port: {get_param: RabbitClientPort}
1138 mongodb_no_journal: {get_param: MongoDbNoJournal}
1139 # We need to force this into quotes or hiera will return integer causing
1140 # the puppet module validation regexp to fail.
1141 # Remove when: https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/401
1146 LIMIT: {get_param: RabbitFDLimit}
1147 ntp_servers: {get_param: NtpServer}
1148 timezone: {get_param: TimeZone}
1149 control_virtual_interface: {get_param: ControlVirtualInterface}
1150 public_virtual_interface: {get_param: PublicVirtualInterface}
1151 swift_hash_suffix: {get_param: SwiftHashSuffix}
1152 swift_password: {get_param: SwiftPassword}
1153 swift_part_power: {get_param: SwiftPartPower}
1154 swift_replicas: {get_param: SwiftReplicas}
1155 swift_min_part_hours: {get_param: SwiftMinPartHours}
1156 swift_mount_check: {get_param: SwiftMountCheck}
1157 enable_package_install: {get_param: EnablePackageInstall}
1158 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
1159 sahara_password: {get_param: SaharaPassword}
1163 - - 'mysql://sahara:'
1164 - {get_param: SaharaPassword}
1166 - {get_param: MysqlVirtualIP}
1168 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
1169 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1170 cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
1171 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
1172 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
1173 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
1174 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
1175 glance_registry_host: {get_param: GlanceRegistryVirtualIP}
1176 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
1177 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
1178 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
1179 keystone_region: {get_param: KeystoneRegion}
1180 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
1181 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
1182 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
1183 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
1184 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
1185 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
1186 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
1187 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
1188 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
1189 redis_vip: {get_param: RedisVirtualIP}
1190 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
1191 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1192 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
1193 mysql_virtual_ip: {get_param: MysqlVirtualIP}
1194 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
1195 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1196 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1198 # Map heat metadata into hiera datafiles
1200 type: OS::Heat::StructuredConfig
1202 group: os-apply-config
1207 - heat_config_%{::deploy_config_name}
1208 - controller_extraconfig
1213 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
1214 - ceph_cluster # provided by CephClusterConfig
1216 - bootstrap_node # provided by BootstrapNodeConfig
1217 - all_nodes # provided by allNodesConfig
1218 - vip_data # provided by vip-config
1221 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
1222 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
1223 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
1224 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
1225 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
1226 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
1227 - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
1228 - midonet_data #Optionally provided by AllNodesExtraConfig
1229 - neutron_opencontrail_data # Optionally provided by ControllerExtraConfigPre
1231 controller_extraconfig:
1232 mapped_data: {get_param: ControllerExtraConfig}
1234 mapped_data: {get_param: ExtraConfig}
1236 raw_data: {get_file: hieradata/common.yaml}
1238 raw_data: {get_file: hieradata/ceph.yaml}
1240 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
1241 ceph::profile::params::public_network: {get_input: ceph_public_network}
1242 ceph::mon::public_addr: {get_input: ceph_public_ip}
1244 raw_data: {get_file: hieradata/database.yaml}
1246 raw_data: {get_file: hieradata/object.yaml}
1248 raw_data: {get_file: hieradata/controller.yaml}
1249 mapped_data: # data supplied directly to this deployment configuration, etc
1250 bootstack_nodeid: {get_input: bootstack_nodeid}
1253 enable_fencing: {get_input: enable_fencing}
1254 enable_load_balancer: {get_input: enable_load_balancer}
1255 hacluster_pwd: {get_input: pcsd_password}
1256 tripleo::fencing::config: {get_input: fencing_config}
1259 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
1260 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
1261 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
1262 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
1263 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
1264 swift::proxy::authtoken::admin_password: {get_input: swift_password}
1265 swift::proxy::workers: {get_input: swift_workers}
1266 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
1267 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
1268 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
1269 swift_mount_check: {get_input: swift_mount_check}
1271 # NOTE(dprince): build_ring support is currently not wired in.
1272 # See: https://review.openstack.org/#/c/109225/
1273 tripleo::ringbuilder::build_ring: True
1276 cinder_enable_db_purge: {get_input: cinder_enable_db_purge}
1277 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
1278 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
1279 cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
1280 cinder_nfs_servers: {get_input: cinder_nfs_servers}
1281 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
1282 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
1283 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
1284 cinder::database_connection: {get_input: cinder_dsn}
1285 cinder::api::keystone_password: {get_input: cinder_password}
1286 cinder::api::auth_uri: {get_input: keystone_auth_uri}
1287 cinder::api::identity_uri: {get_input: keystone_identity_uri}
1288 cinder::api::bind_host: {get_input: cinder_api_network}
1289 cinder::rabbit_userid: {get_input: rabbit_username}
1290 cinder::rabbit_password: {get_input: rabbit_password}
1291 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1292 cinder::rabbit_port: {get_input: rabbit_client_port}
1293 cinder::debug: {get_input: debug}
1294 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
1295 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
1296 cinder_backend_config: {get_input: CinderBackendConfig}
1297 cinder::db::mysql::password: {get_input: cinder_password}
1300 glance::api::bind_port: {get_input: glance_port}
1301 glance::api::bind_host: {get_input: glance_api_network}
1302 glance::api::auth_uri: {get_input: keystone_auth_uri}
1303 glance::api::identity_uri: {get_input: keystone_identity_uri}
1304 glance::api::registry_host: {get_input: glance_registry_host}
1305 glance::api::keystone_password: {get_input: glance_password}
1306 glance::api::debug: {get_input: debug}
1307 glance::api::workers: {get_input: glance_workers}
1308 glance_notifier_strategy: {get_input: glance_notifier_strategy}
1309 glance_log_file: {get_input: glance_log_file}
1310 glance_log_file: {get_input: glance_log_file}
1311 glance::api::database_connection: {get_input: glance_dsn}
1312 glance::registry::keystone_password: {get_input: glance_password}
1313 glance::registry::database_connection: {get_input: glance_dsn}
1314 glance::registry::bind_host: {get_input: glance_registry_network}
1315 glance::registry::auth_uri: {get_input: keystone_auth_uri}
1316 glance::registry::identity_uri: {get_input: keystone_identity_uri}
1317 glance::registry::debug: {get_input: debug}
1318 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_uri}
1319 glance::registry::workers: {get_input: glance_workers}
1320 glance::backend::swift::swift_store_user: service:glance
1321 glance::backend::swift::swift_store_key: {get_input: glance_password}
1322 glance_backend: {get_input: glance_backend}
1323 glance::db::mysql::password: {get_input: glance_password}
1324 glance_file_pcmk_device: {get_input: glance_file_pcmk_device}
1325 glance_file_pcmk_fstype: {get_input: glance_file_pcmk_fstype}
1326 glance_file_pcmk_manage: {get_input: glance_file_pcmk_manage}
1327 glance_file_pcmk_options: {get_input: glance_file_pcmk_options}
1328 glance::notify::rabbitmq::rabbit_userid: {get_input: rabbit_username}
1329 glance::notify::rabbitmq::rabbit_password: {get_input: rabbit_password}
1330 glance::notify::rabbitmq::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1333 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
1334 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
1335 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
1336 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
1337 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
1338 heat::rabbit_userid: {get_input: rabbit_username}
1339 heat::rabbit_password: {get_input: rabbit_password}
1340 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1341 heat::rabbit_port: {get_input: rabbit_client_port}
1342 heat::auth_uri: {get_input: keystone_auth_uri}
1343 heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
1344 heat::identity_uri: {get_input: keystone_identity_uri}
1345 heat::keystone_password: {get_input: heat_password}
1346 heat::api::bind_host: {get_input: heat_api_network}
1347 heat::api::workers: {get_input: heat_workers}
1348 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
1349 heat::api_cloudwatch::workers: {get_input: heat_workers}
1350 heat::api_cfn::bind_host: {get_input: heat_api_network}
1351 heat::api_cfn::workers: {get_input: heat_workers}
1352 heat::database_connection: {get_input: heat_dsn}
1353 heat::debug: {get_input: debug}
1354 heat::db::mysql::password: {get_input: heat_password}
1357 keystone::admin_token: {get_input: admin_token}
1358 keystone_ca_certificate: {get_input: keystone_ca_certificate}
1359 keystone_signing_key: {get_input: keystone_signing_key}
1360 keystone_signing_certificate: {get_input: keystone_signing_certificate}
1361 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
1362 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
1363 keystone::database_connection: {get_input: keystone_dsn}
1364 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
1365 keystone::public_bind_host: {get_input: keystone_public_api_network}
1366 keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
1367 keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
1368 keystone::debug: {get_input: debug}
1369 keystone::db::mysql::password: {get_input: admin_token}
1370 keystone::rabbit_userid: {get_input: rabbit_username}
1371 keystone::rabbit_password: {get_input: rabbit_password}
1372 keystone::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1373 keystone::rabbit_port: {get_input: rabbit_client_port}
1374 keystone::notification_driver: {get_input: keystone_notification_driver}
1375 keystone::notification_format: {get_input: keystone_notification_format}
1376 keystone::roles::admin::email: {get_input: admin_email}
1377 keystone::roles::admin::password: {get_input: admin_password}
1378 keystone::endpoint::public_url: {get_input: keystone_public_url}
1379 keystone::endpoint::internal_url: {get_input: keystone_internal_url}
1380 keystone::endpoint::admin_url: {get_input: keystone_identity_uri}
1381 keystone::endpoint::region: {get_input: keystone_region}
1382 keystone::admin_workers: {get_input: keystone_workers}
1383 keystone::public_workers: {get_input: keystone_workers}
1384 keystone_enable_db_purge: {get_input: keystone_enable_db_purge}
1385 keystone::public_endpoint: {get_input: keystone_public_url}
1387 mongodb::server::bind_ip: {get_input: mongo_db_network}
1388 mongodb::server::nojournal: {get_input: mongodb_no_journal}
1390 admin_password: {get_input: admin_password}
1391 enable_galera: {get_input: enable_galera}
1392 enable_ceph_storage: {get_input: enable_ceph_storage}
1393 enable_swift_storage: {get_input: enable_swift_storage}
1394 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
1395 mysql_max_connections: {get_input: mysql_max_connections}
1396 mysql::server::root_password: {get_input: mysql_root_password}
1397 mysql_cluster_name: {get_input: mysql_cluster_name}
1398 mysql_bind_host: {get_input: mysql_network}
1399 mysql_virtual_ip: {get_input: mysql_virtual_ip}
1402 neutron::bind_host: {get_input: neutron_api_network}
1403 neutron::rabbit_password: {get_input: rabbit_password}
1404 neutron::rabbit_user: {get_input: rabbit_username}
1405 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1406 neutron::rabbit_port: {get_input: rabbit_client_port}
1407 neutron::debug: {get_input: debug}
1408 neutron::server::auth_uri: {get_input: keystone_auth_uri}
1409 neutron::server::identity_uri: {get_input: keystone_identity_uri}
1410 neutron::server::database_connection: {get_input: neutron_dsn}
1411 neutron::server::api_workers: {get_input: neutron_workers}
1412 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
1413 neutron::network_device_mtu: {get_input: neutron_tenant_mtu}
1414 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
1415 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
1416 neutron::agents::dhcp::enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata}
1417 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
1418 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
1419 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1420 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
1421 neutron::agents::metadata::metadata_workers: {get_input: neutron_workers}
1422 neutron_agent_mode: {get_input: neutron_agent_mode}
1423 neutron_router_distributed: {get_input: neutron_router_distributed}
1424 neutron::core_plugin: {get_input: neutron_core_plugin}
1425 neutron::service_plugins: {get_input: neutron_service_plugins}
1426 neutron::enable_dhcp_agent: {get_input: neutron_enable_dhcp_agent}
1427 neutron::enable_l3_agent: {get_input: neutron_enable_l3_agent}
1428 neutron::enable_metadata_agent: {get_input: neutron_enable_metadata_agent}
1429 neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent}
1430 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
1431 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
1432 neutron::plugins::ml2::extension_drivers: {get_input: neutron_plugin_extensions}
1433 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
1434 neutron::server::l3_ha: {get_input: neutron_l3_ha}
1435 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
1436 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
1437 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
1438 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
1439 neutron::agents::ml2::ovs::bridge_mappings: {get_input: neutron_bridge_mappings}
1440 neutron_public_interface: {get_input: neutron_public_interface}
1441 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
1442 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
1443 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
1444 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
1445 neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types}
1446 neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions}
1447 neutron::server::auth_password: {get_input: neutron_password}
1448 neutron::agents::metadata::auth_password: {get_input: neutron_password}
1449 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
1450 neutron_dsn: {get_input: neutron_dsn}
1451 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1452 neutron::db::mysql::password: {get_input: neutron_password}
1453 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
1454 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
1455 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
1456 neutron::keystone::auth::password: {get_input: neutron_password }
1457 neutron::keystone::auth::region: {get_input: keystone_region}
1458 neutron::server::notifications::nova_url: {get_input: nova_internal_url}
1459 neutron::server::notifications::auth_url: {get_input: neutron_auth_url}
1460 neutron::server::notifications::tenant_name: 'service'
1461 neutron::server::notifications::project_name: 'service'
1462 neutron::server::notifications::password: {get_input: nova_password}
1465 ceilometer_backend: {get_input: ceilometer_backend}
1466 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1467 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1468 ceilometer::rabbit_userid: {get_input: rabbit_username}
1469 ceilometer::rabbit_password: {get_input: rabbit_password}
1470 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1471 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1472 ceilometer::debug: {get_input: debug}
1473 ceilometer::api::host: {get_input: ceilometer_api_network}
1474 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1475 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1476 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1477 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1478 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
1479 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1480 ceilometer::db::mysql::password: {get_input: ceilometer_password}
1481 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1482 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1485 nova::rabbit_userid: {get_input: rabbit_username}
1486 nova::rabbit_password: {get_input: rabbit_password}
1487 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1488 nova::rabbit_port: {get_input: rabbit_client_port}
1489 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
1490 nova::debug: {get_input: debug}
1491 nova::api::auth_uri: {get_input: keystone_auth_uri}
1492 nova::api::identity_uri: {get_input: keystone_identity_uri}
1493 nova::api::api_bind_address: {get_input: nova_api_network}
1494 nova::api::metadata_listen: {get_input: nova_metadata_network}
1495 nova::api::admin_password: {get_input: nova_password}
1496 nova::api::osapi_compute_workers: {get_input: nova_workers}
1497 nova::api::ec2_workers: {get_input: nova_workers}
1498 nova::api::metadata_workers: {get_input: nova_workers}
1499 nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu}
1500 nova::database_connection: {get_input: nova_dsn}
1501 nova::api_database_connection: {get_input: nova_api_dsn}
1502 nova::glance_api_servers: {get_input: glance_api_servers}
1503 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1504 nova::api::instance_name_template: {get_input: instance_name_template}
1505 nova::network::neutron::neutron_password: {get_input: neutron_password}
1506 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1507 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
1508 nova::vncproxy::host: {get_input: nova_api_network}
1509 nova::db::mysql::password: {get_input: nova_password}
1510 nova::db::mysql_api::password: {get_input: nova_password}
1511 nova_enable_db_purge: {get_input: nova_enable_db_purge}
1514 apache::ip: {get_input: horizon_network}
1515 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1516 horizon::django_debug: {get_input: debug}
1517 horizon::secret_key: {get_input: horizon_secret}
1518 horizon::bind_address: {get_input: horizon_network}
1519 horizon::keystone_url: {get_input: keystone_auth_uri}
1522 sahara::host: {get_input: sahara_api_network}
1530 sahara::admin_password: {get_input: sahara_password}
1531 sahara::auth_uri: {get_input: keystone_auth_uri}
1532 sahara::admin_user: sahara
1533 sahara::identity_uri: {get_input: keystone_identity_uri}
1534 sahara::use_neutron: true
1535 sahara::database_connection: {get_input: sahara_dsn}
1536 sahara::debug: {get_input: debug}
1537 sahara::rpc_backend: rabbit
1538 sahara::rabbit_userid: {get_input: rabbit_username}
1539 sahara::rabbit_password: {get_input: rabbit_password}
1540 sahara::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1541 sahara::rabbit_port: {get_input: rabbit_client_port}
1542 sahara::db::mysql::password: {get_input: sahara_password}
1545 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1546 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1547 rabbitmq::file_limit: {get_input: rabbit_fd_limit}
1548 rabbitmq::default_user: {get_input: rabbit_username}
1549 rabbitmq::default_pass: {get_input: rabbit_password}
1551 redis::bind: {get_input: redis_network}
1552 redis_vip: {get_input: redis_vip}
1554 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1555 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1557 memcached::listen_ip: {get_input: memcached_network}
1558 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1559 ntp::servers: {get_input: ntp_servers}
1560 timezone::timezone: {get_input: timezone}
1561 control_virtual_interface: {get_input: control_virtual_interface}
1562 public_virtual_interface: {get_input: public_virtual_interface}
1563 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1564 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1565 tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address}
1566 tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1567 tripleo::packages::enable_install: {get_input: enable_package_install}
1568 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1570 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1571 ControllerExtraConfigPre:
1572 depends_on: ControllerDeployment
1573 type: OS::TripleO::ControllerExtraConfigPre
1575 server: {get_resource: Controller}
1577 # Hook for site-specific additional pre-deployment config,
1578 # applying to all nodes, e.g node registration/unregistration
1580 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1581 type: OS::TripleO::NodeExtraConfig
1583 server: {get_resource: Controller}
1586 type: OS::TripleO::Tasks::PackageUpdate
1589 type: OS::Heat::SoftwareDeployment
1591 name: UpdateDeployment
1592 config: {get_resource: UpdateConfig}
1593 server: {get_resource: Controller}
1596 get_param: UpdateIdentifier
1600 description: IP address of the server in the ctlplane network
1601 value: {get_attr: [Controller, networks, ctlplane, 0]}
1602 external_ip_address:
1603 description: IP address of the server in the external network
1604 value: {get_attr: [ExternalPort, ip_address]}
1605 internal_api_ip_address:
1606 description: IP address of the server in the internal_api network
1607 value: {get_attr: [InternalApiPort, ip_address]}
1609 description: IP address of the server in the storage network
1610 value: {get_attr: [StoragePort, ip_address]}
1611 storage_mgmt_ip_address:
1612 description: IP address of the server in the storage_mgmt network
1613 value: {get_attr: [StorageMgmtPort, ip_address]}
1615 description: IP address of the server in the tenant network
1616 value: {get_attr: [TenantPort, ip_address]}
1617 management_ip_address:
1618 description: IP address of the server in the management network
1619 value: {get_attr: [ManagementPort, ip_address]}
1621 description: Hostname of the server
1622 value: {get_attr: [Controller, name]}
1625 Node object in the format {ip: ..., name: ...} format that the corosync
1628 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1629 name: {get_attr: [Controller, name]}
1632 Server's IP address and hostname in the /etc/hosts format
1636 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
1637 EXTERNALIP EXTERNALHOST
1638 INTERNAL_APIIP INTERNAL_APIHOST
1639 STORAGEIP STORAGEHOST
1640 STORAGE_MGMTIP STORAGE_MGMTHOST
1642 MANAGEMENTIP MANAGEMENTHOST
1644 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1645 DOMAIN: {get_param: CloudDomain}
1646 PRIMARYHOST: {get_attr: [Controller, name]}
1647 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
1651 - - {get_attr: [Controller, name]}
1653 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
1657 - - {get_attr: [Controller, name]}
1659 STORAGEIP: {get_attr: [StoragePort, ip_address]}
1663 - - {get_attr: [Controller, name]}
1665 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
1669 - - {get_attr: [Controller, name]}
1671 TENANTIP: {get_attr: [TenantPort, ip_address]}
1675 - - {get_attr: [Controller, name]}
1677 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
1681 - - {get_attr: [Controller, name]}
1683 nova_server_resource:
1684 description: Heat resource handle for the Nova compute server
1686 {get_resource: Controller}
1688 description: Swift device formatted for swift-ring-builder
1691 template: 'r1z1-IP:%PORT%/d1'
1693 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1694 swift_proxy_memcache:
1695 description: Swift proxy-memcache value
1698 template: "IP:11211"
1700 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1702 description: identifier which changes if the controller configuration may need re-applying
1706 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1707 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1708 - {get_attr: [NodeTLSData, deploy_stdout]}
1709 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1710 - {get_param: UpdateIdentifier}
1711 tls_key_modulus_md5:
1712 description: MD5 checksum of the TLS Key Modulus
1713 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1714 tls_cert_modulus_md5:
1715 description: MD5 checksum of the TLS Certificate Modulus
1716 value: {get_attr: [NodeTLSData, cert_modulus_md5]}