1 heat_template_version: 2016-04-08
4 OpenStack controller node configured by Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
12 description: The password for the aodh services.
15 controllerExtraConfig:
18 Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
20 ControllerExtraConfig:
23 Controller specific hiera configuration data to inject into the cluster.
28 A network mapped list of IPs to assign to Controllers in the following form:
30 "internal_api": ["a.b.c.d", "e.f.g.h"],
34 ControlVirtualInterface:
36 description: Interface where virtual ip will be assigned.
40 description: Enable IPv6 in Corosync
44 description: Set to True to enable debugging on all services.
48 description: Whether to enable fencing in Pacemaker or not.
52 description: Whether to use Galera instead of regular MariaDB.
56 description: Whether to deploy a LoadBalancer on the Controller
61 Additional hieradata to inject into the cluster, note that
62 ControllerExtraConfig takes precedence over ExtraConfig.
67 Pacemaker fencing configuration. The JSON should have
68 the following structure:
72 "agent": "AGENT_NAME",
73 "host_mac": "HOST_MAC_ADDRESS",
74 "params": {"PARAM_NAME": "PARAM_VALUE"}
83 "host_mac": "52:54:00:aa:bb:cc",
85 "multicast_address": "225.0.0.12",
86 "port": "baremetal_0",
88 "manage_key_file": true,
89 "key_file": "/etc/fence_xvm.key",
90 "key_file_password": "abcdef"
96 OvercloudControlFlavor:
97 description: Flavor for control nodes to request when deploying.
101 - custom_constraint: nova.flavor
102 HAProxyStatsPassword:
103 description: Password for HAProxy stats endpoint
106 description: User for HAProxy stats endpoint
109 HAProxySyslogAddress:
111 description: Syslog address where HAproxy will send its log
113 HeatAuthEncryptionKey:
114 description: Auth encryption key for heat-engine
118 description: Secret key for Django
123 default: overcloud-full
125 - custom_constraint: glance.image
127 default: 'REBUILD_PRESERVE_EPHEMERAL'
128 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
130 InstanceNameTemplate:
131 default: 'instance-%08x'
132 description: Template string to be used to generate instance names
136 description: Name of an existing Nova key pair to enable SSH access to the instances
139 - custom_constraint: nova.keypair
143 description: Keystone region for endpoint
146 description: Whether to manage IPtables rules.
150 description: Enable IPv6 features in Memcached.
154 description: Whether IPtables rules should be purged before setting up the new ones.
156 MysqlClusterUniquePart:
157 description: A unique identifier of the MySQL cluster the controller is in.
159 default: 'unset' # Has to be here because of the ignored empty value bug
160 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
162 # - length: {min: 4, max: 10}
163 MysqlInnodbBufferPoolSize:
165 Specifies the size of the buffer pool in megabytes. Setting to
166 zero should be interpreted as "no value" and will defer to the
171 description: Configures MySQL max_connections config setting
174 MysqlClustercheckPassword:
180 default: '' # Has to be here because of the ignored empty value bug
181 NeutronMetadataProxySharedSecret:
182 description: Shared secret to prevent spoofing
186 description: The password for the neutron service and db account, used by neutron agents.
189 NeutronPublicInterface:
191 description: What interface to bridge onto br-ex for network nodes.
196 Whether to create cron job for purging soft deleted rows in Nova database.
200 description: Enable IPv6 features in Nova
203 description: The password for the nova service and db account, used by nova-api.
208 description: The password for the 'pcsd' user.
210 PublicVirtualInterface:
213 Specifies the interface where the public-facing virtual ip will be assigned.
214 This should be int_public when a VLAN is being used.
218 default: '' # Has to be here because of the ignored empty value bug
221 description: The password for RabbitMQ
226 description: The username for RabbitMQ
231 Rabbit client subscriber parameter to specify
232 an SSL connection to the RabbitMQ host.
236 description: Set rabbit subscriber port, change this if using SSL
239 description: The password for Redis
244 default: '' # Has to be here because of the ignored empty value bug
247 default: '' # Has to be here because of the ignored empty value bug
248 description: An IP address which is wrapped in brackets in case of IPv6
250 description: A random string to be used as a salt when hashing to determine mappings
254 UpgradeLevelNovaCompute:
256 description: Nova Compute upgrade level
261 EnablePackageInstall:
263 description: Set to true to enable package installation via Puppet
267 description: Mapping of service_name -> network name. Typically set
268 via parameter_defaults in the resource registry.
272 description: Mapping of service endpoint -> protocol. Typically set
273 via parameter_defaults in the resource registry.
279 Setting to a previously unused value during stack-update will trigger
280 package update on all nodes
283 default: '' # Defaults to Heat created hostname
287 description: Optional mapping to override hostnames
288 NetworkDeploymentActions:
289 type: comma_delimited_list
291 Heat action when to apply network configuration changes
296 SoftwareConfigTransport:
297 default: POLL_SERVER_CFN
299 How the server should receive the metadata required for software configuration.
302 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
307 The DNS domain used for the hosts. This should match the dhcp_domain
308 configured in the Undercloud neutron. Defaults to localdomain.
312 Extra properties or metadata passed to Nova for the created nodes in
313 the overcloud. It's accessible via the Nova metadata API.
315 ControllerSchedulerHints:
317 description: Optional scheduler hints to pass to nova
319 ServiceConfigSettings:
323 type: comma_delimited_list
327 description: Command which will be run whenever configuration data changes
328 default: os-refresh-config --timeout 14400
332 description: Do not use deprecated params, they will be removed.
334 - controllerExtraConfig
339 type: OS::TripleO::Server
342 command: {get_param: ConfigCommand}
344 image: {get_param: controllerImage}
345 image_update_policy: {get_param: ImageUpdatePolicy}
346 flavor: {get_param: OvercloudControlFlavor}
347 key_name: {get_param: KeyName}
350 user_data_format: SOFTWARE_CONFIG
351 user_data: {get_resource: UserData}
354 template: {get_param: Hostname}
355 params: {get_param: HostnameMap}
356 software_config_transport: {get_param: SoftwareConfigTransport}
357 metadata: {get_param: ServerMetadata}
358 scheduler_hints: {get_param: ControllerSchedulerHints}
360 # Combine the NodeAdminUserData and NodeUserData mime archives
362 type: OS::Heat::MultipartMime
365 - config: {get_resource: NodeAdminUserData}
367 - config: {get_resource: NodeUserData}
370 # Creates the "heat-admin" user if configured via the environment
371 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
373 type: OS::TripleO::NodeAdminUserData
375 # For optional operator additional userdata
376 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
378 type: OS::TripleO::NodeUserData
381 type: OS::TripleO::Controller::Ports::ExternalPort
383 IPPool: {get_param: ControllerIPs}
384 NodeIndex: {get_param: NodeIndex}
385 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
388 type: OS::TripleO::Controller::Ports::InternalApiPort
390 IPPool: {get_param: ControllerIPs}
391 NodeIndex: {get_param: NodeIndex}
392 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
395 type: OS::TripleO::Controller::Ports::StoragePort
397 IPPool: {get_param: ControllerIPs}
398 NodeIndex: {get_param: NodeIndex}
399 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
402 type: OS::TripleO::Controller::Ports::StorageMgmtPort
404 IPPool: {get_param: ControllerIPs}
405 NodeIndex: {get_param: NodeIndex}
406 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
409 type: OS::TripleO::Controller::Ports::TenantPort
411 IPPool: {get_param: ControllerIPs}
412 NodeIndex: {get_param: NodeIndex}
413 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
416 type: OS::TripleO::Controller::Ports::ManagementPort
418 IPPool: {get_param: ControllerIPs}
419 NodeIndex: {get_param: NodeIndex}
420 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
423 type: OS::TripleO::Network::Ports::NetIpMap
425 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
426 ExternalIp: {get_attr: [ExternalPort, ip_address]}
427 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
428 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
429 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
430 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
431 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
432 StorageIp: {get_attr: [StoragePort, ip_address]}
433 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
434 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
435 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
436 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
437 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
438 TenantIp: {get_attr: [TenantPort, ip_address]}
439 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
440 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
441 ManagementIp: {get_attr: [ManagementPort, ip_address]}
442 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
443 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
446 type: OS::TripleO::Controller::Net::SoftwareConfig
448 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
449 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
450 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
451 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
452 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
453 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
454 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
457 type: OS::TripleO::SoftwareDeployment
459 name: NetworkDeployment
460 config: {get_resource: NetworkConfig}
461 server: {get_resource: Controller}
462 actions: {get_param: NetworkDeploymentActions}
465 interface_name: {get_param: NeutronPublicInterface}
467 # Resource for site-specific injection of root certificate
469 depends_on: NetworkDeployment
470 type: OS::TripleO::NodeTLSCAData
472 server: {get_resource: Controller}
474 # Resource for site-specific passing of private keys/certificates
476 depends_on: NodeTLSCAData
477 type: OS::TripleO::NodeTLSData
479 server: {get_resource: Controller}
480 NodeIndex: {get_param: NodeIndex}
483 ControllerDeployment:
484 type: OS::TripleO::SoftwareDeployment
485 depends_on: NetworkDeployment
487 name: ControllerDeployment
488 config: {get_resource: ControllerConfig}
489 server: {get_resource: Controller}
491 bootstack_nodeid: {get_attr: [Controller, name]}
492 haproxy_log_address: {get_param: HAProxySyslogAddress}
493 haproxy_stats_password: {get_param: HAProxyStatsPassword}
494 haproxy_stats_user: {get_param: HAProxyStatsUser}
495 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
496 horizon_secret: {get_param: HorizonSecret}
497 admin_password: {get_param: AdminPassword}
498 debug: {get_param: Debug}
499 cinder_public_url: {get_param: [EndpointMap, CinderPublic, uri]}
500 cinder_internal_url: {get_param: [EndpointMap, CinderInternal, uri]}
501 cinder_admin_url: {get_param: [EndpointMap, CinderAdmin, uri]}
502 cinder_public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]}
503 cinder_internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]}
504 cinder_admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]}
505 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
506 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
507 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
508 enable_fencing: {get_param: EnableFencing}
509 enable_galera: {get_param: EnableGalera}
510 enable_load_balancer: {get_param: EnableLoadBalancer}
511 manage_firewall: {get_param: ManageFirewall}
512 purge_firewall_rules: {get_param: PurgeFirewallRules}
513 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
514 mysql_max_connections: {get_param: MysqlMaxConnections}
515 mysql_root_password: {get_param: MysqlRootPassword}
516 mysql_clustercheck_password: {get_param: MysqlClustercheckPassword}
519 template: tripleo-CLUSTER
521 CLUSTER: {get_param: MysqlClusterUniquePart}
522 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
523 neutron_password: {get_param: NeutronPassword}
524 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
525 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
526 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
527 neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
528 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
529 aodh_password: {get_param: AodhPassword}
530 aodh_internal_url: { get_param: [ EndpointMap, AodhInternal, uri ] }
531 aodh_public_url: { get_param: [ EndpointMap, AodhPublic, uri ] }
532 aodh_admin_url: { get_param: [ EndpointMap, AodhAdmin, uri ] }
533 ceilometer_coordination_url:
537 - {get_param: RedisPassword}
539 - {get_param: RedisVirtualIPUri}
544 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
546 - {get_param: AodhPassword}
548 - {get_param: [EndpointMap, MysqlInternal, host]}
550 gnocchi_internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]}
551 gnocchi_public_url: { get_param: [ EndpointMap, GnocchiPublic, uri ] }
552 gnocchi_admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] }
553 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
554 nova_ipv6: {get_param: NovaIPv6}
555 corosync_ipv6: {get_param: CorosyncIPv6}
556 memcached_ipv6: {get_param: MemcachedIPv6}
557 nova_password: {get_param: NovaPassword}
558 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
559 instance_name_template: {get_param: InstanceNameTemplate}
560 nova_public_url: {get_param: [EndpointMap, NovaPublic, uri]}
561 nova_internal_url: {get_param: [EndpointMap, NovaInternal, uri]}
562 nova_admin_url: {get_param: [EndpointMap, NovaAdmin, uri]}
563 fencing_config: {get_param: FencingConfig}
564 pcsd_password: {get_param: PcsdPassword}
565 rabbit_username: {get_param: RabbitUserName}
566 rabbit_password: {get_param: RabbitPassword}
567 rabbit_cookie: {get_param: RabbitCookie}
568 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
569 rabbit_client_port: {get_param: RabbitClientPort}
570 control_virtual_interface: {get_param: ControlVirtualInterface}
571 public_virtual_interface: {get_param: PublicVirtualInterface}
572 swift_hash_suffix: {get_param: SwiftHashSuffix}
573 enable_package_install: {get_param: EnablePackageInstall}
574 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
575 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
576 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
577 cinder_iscsi_network:
581 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
582 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
583 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
584 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
585 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
586 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
587 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
588 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
589 keystone_region: {get_param: KeystoneRegion}
590 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
591 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
592 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
593 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
594 aodh_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]}
595 gnocchi_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]}
596 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
597 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
598 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
601 template: "['SUBNET']"
603 SUBNET: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
604 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
605 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
606 redis_vip: {get_param: RedisVirtualIP}
607 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
608 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
609 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
610 mysql_virtual_ip: {get_param: MysqlVirtualIP}
611 ceph_cluster_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
612 ceph_public_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
613 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
614 ironic_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]}
616 # Map heat metadata into hiera datafiles
618 type: OS::Heat::StructuredConfig
620 group: os-apply-config
625 - heat_config_%{::deploy_config_name}
626 - controller_extraconfig
633 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
634 - ceph_cluster # provided by CephClusterConfig
636 - bootstrap_node # provided by BootstrapNodeConfig
637 - all_nodes # provided by allNodesConfig
638 - vip_data # provided by vip-config
642 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
643 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
644 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
645 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
646 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
647 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
648 - midonet_data #Optionally provided by AllNodesExtraConfig
649 merge_behavior: deeper
653 service_names: {get_param: ServiceNames}
655 mapped_data: {get_param: ServiceConfigSettings}
656 controller_extraconfig:
659 - {get_param: controllerExtraConfig}
660 - {get_param: ControllerExtraConfig}
662 mapped_data: {get_param: ExtraConfig}
664 raw_data: {get_file: hieradata/common.yaml}
667 net_ip_map: {get_attr: [NetIpMap, net_ip_map]}
668 net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]}
669 net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]}
671 raw_data: {get_file: hieradata/ceph.yaml}
673 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
674 ceph::profile::params::public_network: {get_input: ceph_public_network}
675 ceph::profile::params::public_addr: {get_input: ceph_public_ip}
677 raw_data: {get_file: hieradata/database.yaml}
679 raw_data: {get_file: hieradata/object.yaml}
681 raw_data: {get_file: hieradata/controller.yaml}
682 mapped_data: # data supplied directly to this deployment configuration, etc
683 bootstack_nodeid: {get_input: bootstack_nodeid}
686 enable_fencing: {get_input: enable_fencing}
687 enable_load_balancer: {get_input: enable_load_balancer}
688 hacluster_pwd: {get_input: pcsd_password}
689 corosync_ipv6: {get_input: corosync_ipv6}
690 tripleo::fencing::config: {get_input: fencing_config}
693 # FIXME: need to move proxy_local_net_ip into swift-proxy.yaml
694 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
695 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
696 swift::swift_hash_path_suffix: {get_input: swift_hash_suffix}
699 tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: {get_input: cinder_iscsi_network}
700 cinder::api::bind_host: {get_input: cinder_api_network}
701 cinder::keystone::auth::public_url: {get_input: cinder_public_url }
702 cinder::keystone::auth::internal_url: {get_input: cinder_internal_url }
703 cinder::keystone::auth::admin_url: {get_input: cinder_admin_url }
704 cinder::keystone::auth::public_url_v2: {get_input: cinder_public_url_v2 }
705 cinder::keystone::auth::internal_url_v2: {get_input: cinder_internal_url_v2 }
706 cinder::keystone::auth::admin_url_v2: {get_input: cinder_admin_url_v2 }
707 cinder::keystone::auth::password: {get_input: cinder_password }
708 cinder::keystone::auth::region: {get_input: keystone_region}
711 glance::api::bind_host: {get_input: glance_api_network}
712 glance::registry::bind_host: {get_input: glance_registry_network}
713 glance::keystone::auth::region: {get_input: keystone_region}
716 heat::api::bind_host: {get_input: heat_api_network}
717 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
718 heat::api_cfn::bind_host: {get_input: heat_api_network}
719 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
722 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
723 keystone::public_bind_host: {get_input: keystone_public_api_network}
724 keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
725 keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
728 mongodb::server::bind_ip: {get_input: mongo_db_network}
731 admin_password: {get_input: admin_password}
732 enable_galera: {get_input: enable_galera}
733 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
734 mysql_max_connections: {get_input: mysql_max_connections}
735 mysql::server::root_password: {get_input: mysql_root_password}
736 mysql_clustercheck_password: {get_input: mysql_clustercheck_password}
737 mysql_cluster_name: {get_input: mysql_cluster_name}
738 mysql_bind_host: {get_input: mysql_network}
739 mysql_virtual_ip: {get_input: mysql_virtual_ip}
742 neutron::bind_host: {get_input: neutron_api_network}
743 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
744 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
745 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
746 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
747 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
748 neutron::keystone::auth::password: {get_input: neutron_password }
749 neutron::keystone::auth::region: {get_input: keystone_region}
752 ceilometer::api::host: {get_input: ceilometer_api_network}
753 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
754 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
757 aodh_mysql_conn_string: {get_input: aodh_dsn}
758 aodh::rabbit_userid: {get_input: rabbit_username}
759 aodh::rabbit_password: {get_input: rabbit_password}
760 aodh::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
761 aodh::rabbit_port: {get_input: rabbit_client_port}
762 aodh::debug: {get_input: debug}
763 aodh::wsgi::apache::ssl: false
764 aodh::wsgi::apache::bind_host: {get_input: aodh_api_network}
765 aodh::api::service_name: 'httpd'
766 aodh::api::host: {get_input: aodh_api_network}
767 aodh::api::keystone_password: {get_input: aodh_password}
768 aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri}
769 aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri}
770 aodh::auth::auth_url: {get_input: keystone_auth_uri}
771 aodh::auth::auth_password: {get_input: aodh_password}
772 aodh::db::mysql::password: {get_input: aodh_password}
773 # for a migration path from ceilometer-alarm to aodh, we use the same database & coordination
774 aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url}
775 aodh::keystone::auth::public_url: {get_input: aodh_public_url }
776 aodh::keystone::auth::internal_url: {get_input: aodh_internal_url }
777 aodh::keystone::auth::admin_url: {get_input: aodh_admin_url }
778 aodh::keystone::auth::password: {get_input: aodh_password }
779 aodh::keystone::auth::region: {get_input: keystone_region}
782 gnocchi::wsgi::apache::bind_host: {get_input: gnocchi_api_network}
783 gnocchi::api::host: {get_input: gnocchi_api_network}
784 gnocchi::api::keystone_auth_uri: {get_input: keystone_auth_uri}
785 gnocchi::api::keystone_identity_uri: {get_input: keystone_identity_uri}
786 gnocchi::storage::swift::swift_authurl: {get_input: keystone_auth_uri}
787 gnocchi::keystone::auth::public_url: {get_input: gnocchi_public_url }
788 gnocchi::keystone::auth::internal_url: {get_input: gnocchi_internal_url }
789 gnocchi::keystone::auth::admin_url: {get_input: gnocchi_admin_url }
790 gnocchi::keystone::auth::region: {get_input: keystone_region}
793 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
794 nova::use_ipv6: {get_input: nova_ipv6}
795 nova::api::auth_uri: {get_input: keystone_auth_uri}
796 nova::api::identity_uri: {get_input: keystone_identity_uri}
797 nova::api::api_bind_address: {get_input: nova_api_network}
798 nova::api::metadata_listen: {get_input: nova_metadata_network}
799 nova::api::admin_password: {get_input: nova_password}
800 nova::glance_api_servers: {get_input: glance_api_servers}
801 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
802 nova::api::instance_name_template: {get_input: instance_name_template}
803 nova::network::neutron::neutron_password: {get_input: neutron_password}
804 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
805 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
806 nova::vncproxy::host: {get_input: nova_api_network}
807 nova_enable_db_purge: {get_input: nova_enable_db_purge}
808 nova::keystone::auth::public_url: {get_input: nova_public_url}
809 nova::keystone::auth::internal_url: {get_input: nova_internal_url}
810 nova::keystone::auth::admin_url: {get_input: nova_admin_url}
811 nova::keystone::auth::password: {get_input: nova_password }
812 nova::keystone::auth::region: {get_input: keystone_region}
815 apache::mod::remoteip::proxy_ips: {get_input: horizon_subnet}
816 apache::ip: {get_input: horizon_network}
817 horizon::django_debug: {get_input: debug}
818 horizon::secret_key: {get_input: horizon_secret}
819 horizon::bind_address: {get_input: horizon_network}
820 horizon::keystone_url: {get_input: keystone_auth_uri}
823 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
824 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
826 redis::bind: {get_input: redis_network}
827 redis_vip: {get_input: redis_vip}
829 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
830 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
832 memcached_ipv6: {get_input: memcached_ipv6}
833 memcached::listen_ip: {get_input: memcached_network}
834 control_virtual_interface: {get_input: control_virtual_interface}
835 public_virtual_interface: {get_input: public_virtual_interface}
836 tripleo::keepalived::control_virtual_interface: {get_input: control_virtual_interface}
837 tripleo::keepalived::public_virtual_interface: {get_input: public_virtual_interface}
838 tripleo::haproxy::control_virtual_interface: {get_input: control_virtual_interface}
839 tripleo::haproxy::public_virtual_interface: {get_input: public_virtual_interface}
840 tripleo::haproxy::haproxy_log_address: {get_input: haproxy_log_address}
841 tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
842 tripleo::haproxy::haproxy_stats_user: {get_input: haproxy_stats_user}
843 tripleo::haproxy::haproxy_stats_password: {get_input: haproxy_stats_password}
844 tripleo::haproxy::redis_password: {get_input: redis_password}
845 tripleo::packages::enable_install: {get_input: enable_package_install}
846 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
848 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
849 ControllerExtraConfigPre:
850 depends_on: ControllerDeployment
851 type: OS::TripleO::ControllerExtraConfigPre
853 server: {get_resource: Controller}
855 # Hook for site-specific additional pre-deployment config,
856 # applying to all nodes, e.g node registration/unregistration
858 depends_on: [ControllerExtraConfigPre, NodeTLSData]
859 type: OS::TripleO::NodeExtraConfig
861 server: {get_resource: Controller}
864 type: OS::TripleO::Tasks::PackageUpdate
867 type: OS::Heat::SoftwareDeployment
869 name: UpdateDeployment
870 config: {get_resource: UpdateConfig}
871 server: {get_resource: Controller}
874 get_param: UpdateIdentifier
878 description: IP address of the server in the ctlplane network
879 value: {get_attr: [Controller, networks, ctlplane, 0]}
881 description: IP address of the server in the external network
882 value: {get_attr: [ExternalPort, ip_address]}
883 internal_api_ip_address:
884 description: IP address of the server in the internal_api network
885 value: {get_attr: [InternalApiPort, ip_address]}
887 description: IP address of the server in the storage network
888 value: {get_attr: [StoragePort, ip_address]}
889 storage_mgmt_ip_address:
890 description: IP address of the server in the storage_mgmt network
891 value: {get_attr: [StorageMgmtPort, ip_address]}
893 description: IP address of the server in the tenant network
894 value: {get_attr: [TenantPort, ip_address]}
895 management_ip_address:
896 description: IP address of the server in the management network
897 value: {get_attr: [ManagementPort, ip_address]}
899 description: Hostname of the server
900 value: {get_attr: [Controller, name]}
903 Server's IP address and hostname in the /etc/hosts format
907 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
908 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
909 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
910 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
911 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
912 TENANTIP TENANTHOST.DOMAIN TENANTHOST
913 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
915 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
916 DOMAIN: {get_param: CloudDomain}
917 PRIMARYHOST: {get_attr: [Controller, name]}
918 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
922 - - {get_attr: [Controller, name]}
924 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
928 - - {get_attr: [Controller, name]}
930 STORAGEIP: {get_attr: [StoragePort, ip_address]}
934 - - {get_attr: [Controller, name]}
936 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
940 - - {get_attr: [Controller, name]}
942 TENANTIP: {get_attr: [TenantPort, ip_address]}
946 - - {get_attr: [Controller, name]}
948 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
952 - - {get_attr: [Controller, name]}
954 nova_server_resource:
955 description: Heat resource handle for the Nova compute server
957 {get_resource: Controller}
959 description: Swift device formatted for swift-ring-builder
962 template: 'r1z1-IP:%PORT%/d1'
964 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
965 swift_proxy_memcache:
966 description: Swift proxy-memcache value
971 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
973 description: MD5 checksum of the TLS Key Modulus
974 value: {get_attr: [NodeTLSData, key_modulus_md5]}
975 tls_cert_modulus_md5:
976 description: MD5 checksum of the TLS Certificate Modulus
977 value: {get_attr: [NodeTLSData, cert_modulus_md5]}