1 heat_template_version: 2015-10-15
4 OpenStack controller node configured by Puppet.
8 default: 'admin@example.com'
9 description: The email for the keystone admin account.
13 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
17 description: The keystone auth secret and db password.
25 description: The password for the aodh services.
28 CeilometerApiVirtualIP:
33 description: The ceilometer backend type.
35 CeilometerMeteringSecret:
36 description: Secret shared by the ceilometer services.
40 description: The password for the ceilometer service and db account.
43 CeilometerStoreEvents:
45 description: Whether to store events in ceilometer.
52 description: Number of workers for Ceilometer service.
57 Whether to create cron job for purging soft deleted rows in Cinder database.
59 CinderEnableNfsBackend:
61 description: Whether to enable or not the NFS backend for Cinder
63 CinderEnableIscsiBackend:
65 description: Whether to enable or not the Iscsi backend for Cinder
67 CinderEnableRbdBackend:
69 description: Whether to enable or not the Rbd backend for Cinder
73 description: The iSCSI helper to use with cinder.
75 CinderLVMLoopDeviceSize:
77 description: The size of the loopback file used by the cinder LVM driver.
79 CinderNfsMountOptions:
82 Mount options for NFS mounts used by Cinder NFS backend. Effective
83 when CinderEnableNfsBackend is true.
88 NFS servers used by Cinder NFS backend. Effective when
89 CinderEnableNfsBackend is true.
90 type: comma_delimited_list
92 description: The password for the cinder service and db account, used by cinder-api.
97 description: Contains parameters to configure Cinder backends. Typically
98 set via parameter_defaults in the resource registry.
102 description: Number of workers for Cinder service.
104 ControllerExtraConfig:
107 Controller specific hiera configuration data to inject into the cluster.
112 A network mapped list of IPs to assign to Controllers in the following form:
114 "internal_api": ["a.b.c.d", "e.f.g.h"],
118 ControlVirtualInterface:
120 description: Interface where virtual ip will be assigned.
124 description: Enable IPv6 in Corosync
128 description: Set to True to enable debugging on all services.
132 description: Whether to enable fencing in Pacemaker or not.
136 description: Whether to use Galera instead of regular MariaDB.
140 description: Whether to deploy a LoadBalancer on the Controller
144 description: Whether to deploy Ceph Storage (OSD) on the Controller
148 description: Whether to enable Swift Storage on the Controller
153 Additional hieradata to inject into the cluster, note that
154 ControllerExtraConfig takes precedence over ExtraConfig.
159 Pacemaker fencing configuration. The JSON should have
160 the following structure:
164 "agent": "AGENT_NAME",
165 "host_mac": "HOST_MAC_ADDRESS",
166 "params": {"PARAM_NAME": "PARAM_VALUE"}
174 "agent": "fence_xvm",
175 "host_mac": "52:54:00:aa:bb:cc",
177 "multicast_address": "225.0.0.12",
178 "port": "baremetal_0",
180 "manage_key_file": true,
181 "key_file": "/etc/fence_xvm.key",
182 "key_file_password": "abcdef"
189 description: Flavor for control nodes to request when deploying.
192 - custom_constraint: nova.flavor
193 GlanceNotifierStrategy:
194 description: Strategy to use for Glance notification queue
198 description: The filepath of the file to use for logging messages from Glance.
202 description: The password for the glance service and db account, used by the glance services.
207 description: The short name of the Glance backend to use. Should be one
208 of swift, rbd, or file
211 - allowed_values: ['swift', 'file', 'rbd']
212 GlanceFilePcmkDevice:
215 An exported storage device that should be mounted by Pacemaker
216 as Glance storage. Effective when GlanceFilePcmkManage is true.
218 GlanceFilePcmkFstype:
221 Filesystem type for Pacemaker mount used as Glance storage.
222 Effective when GlanceFilePcmkManage is true.
224 GlanceFilePcmkManage:
227 Whether to make Glance file backend a mount managed by Pacemaker.
228 Effective when GlanceBackend is 'file'.
230 GlanceFilePcmkOptions:
233 Mount options for Pacemaker mount used as Glance storage.
234 Effective when GlanceFilePcmkManage is true.
236 HAProxySyslogAddress:
238 description: Syslog address where HAproxy will send its log
242 description: Number of workers for Glance service.
245 description: The password for the Heat service and db account, used by the Heat services.
248 HeatStackDomainAdminPassword:
249 description: Password for heat_domain_admin user.
252 HeatAuthEncryptionKey:
253 description: Auth encryption key for heat-engine
258 description: A list of IP/Hostname allowed to connect to horizon
259 type: comma_delimited_list
262 description: Number of workers for Heat service.
268 Whether to create cron job for purging soft deleted rows in the Heat database.
270 description: Secret key for Django
275 default: overcloud-control
277 - custom_constraint: glance.image
279 default: 'REBUILD_PRESERVE_EPHEMERAL'
280 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
282 InstanceNameTemplate:
283 default: 'instance-%08x'
284 description: Template string to be used to generate instance names
288 description: Name of an existing Nova key pair to enable SSH access to the instances
291 - custom_constraint: nova.keypair
292 KeystoneCACertificate:
294 description: Keystone self-signed certificate authority certificate.
296 KeystoneEnableDBPurge:
299 Whether to create cron job for purging soft deleted rows in Keystone database.
301 KeystoneSigningCertificate:
303 description: Keystone certificate for verifying token validity.
307 description: Keystone key for signing tokens.
310 KeystoneSSLCertificate:
312 description: Keystone certificate for verifying token validity.
314 KeystoneSSLCertificateKey:
316 description: Keystone key for signing tokens.
319 KeystoneNotificationDriver:
320 description: Comma-separated list of Oslo notification drivers used by Keystone
321 default: ['messaging']
322 type: comma_delimited_list
323 KeystoneNotificationFormat:
324 description: The Keystone notification format
328 - allowed_values: [ 'basic', 'cadf' ]
332 description: Keystone region for endpoint
335 description: Whether to manage IPtables rules.
339 description: Whether IPtables rules should be purged before setting up the new ones.
343 description: Number of workers for Keystone service.
350 description: The password for the sahara service account, used by sahara-api.
353 MysqlClusterUniquePart:
354 description: A unique identifier of the MySQL cluster the controller is in.
356 default: 'unset' # Has to be here because of the ignored empty value bug
357 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
359 # - length: {min: 4, max: 10}
360 MysqlInnodbBufferPoolSize:
362 Specifies the size of the buffer pool in megabytes. Setting to
363 zero should be interpreted as "no value" and will defer to the
368 description: Configures MySQL max_connections config setting
374 default: '' # Has to be here because of the ignored empty value bug
375 NeutronExternalNetworkBridge:
376 description: Name of bridge used for external network traffic.
379 NeutronBridgeMappings:
381 The OVS logical->physical bridge mappings to use. See the Neutron
382 documentation for details. Defaults to mapping br-ex - the external
383 bridge on hosts - to a physical name 'datacentre' which can be used
384 to create provider networks (and we use this for the default floating
385 network) - if changing this either use different post-install network
386 scripts or be sure to keep 'datacentre' as a mapping network name.
387 type: comma_delimited_list
388 default: "datacentre:br-ex"
389 NeutronDnsmasqOptions:
390 default: 'dhcp-option-force=26,1400'
391 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
393 NeutronEnableDHCPAgent:
394 description: Knob to enable/disable DHCP Agent
397 NeutronEnableL3Agent:
398 description: Knob to enable/disable L3 agent
401 NeutronEnableMetadataAgent:
402 description: Knob to enable/disable Metadata agent
405 NeutronEnableOVSAgent:
406 description: Knob to enable/disable OVS Agent
411 description: Agent mode for the neutron-l3-agent on the controller hosts
415 description: Whether to enable l3-agent HA
417 NeutronDhcpAgentsPerNetwork:
420 description: The number of neutron dhcp agents to schedule per network
423 description: Whether to configure Neutron Distributed Virtual Routers
425 NeutronMetadataProxySharedSecret:
426 description: Shared secret to prevent spoofing
432 The core plugin for Neutron. The value should be the entrypoint to be loaded
433 from neutron.core_plugins namespace.
435 NeutronServicePlugins:
436 default: "router,qos"
438 Comma-separated list of service plugin entrypoints to be loaded from the
439 neutron.service_plugins namespace.
440 type: comma_delimited_list
442 default: "vxlan,vlan,flat,gre"
444 Comma-separated list of network type driver entrypoints to be loaded.
445 type: comma_delimited_list
446 NeutronMechanismDrivers:
447 default: 'openvswitch'
449 The mechanism drivers for the Neutron tenant network.
450 type: comma_delimited_list
451 NeutronAllowL3AgentFailover:
453 description: Allow automatic l3-agent failover
455 NeutronEnableIsolatedMetadata:
457 description: If True, DHCP provide metadata route to VM.
459 NeutronEnableTunnelling:
465 Enable/disable the L2 population feature in the Neutron agents.
468 type: comma_delimited_list
469 default: 'datacentre'
470 description: If set, flat networks to configure in neutron plugins.
473 description: Whether to enable l3-agent HA
477 description: The tenant network type for Neutron.
478 type: comma_delimited_list
479 NeutronNetworkVLANRanges:
480 default: 'datacentre:1:1000'
482 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
483 Neutron documentation for permitted values. Defaults to permitting any
484 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
485 type: comma_delimited_list
487 description: The password for the neutron service and db account, used by neutron agents.
490 NeutronPublicInterface:
492 description: What interface to bridge onto br-ex for network nodes.
494 NeutronPublicInterfaceTag:
497 VLAN tag for creating a public VLAN. The tag will be used to
498 create an access port on the exterior bridge for each control plane node,
499 and that port will be given the IP address returned by neutron from the
500 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
501 overcloud.yaml to include the deployment of VLAN ports to the control
504 NeutronPublicInterfaceDefaultRoute:
506 description: A custom default route for the NeutronPublicInterface.
508 NeutronPublicInterfaceIP:
510 description: A custom IP address to put onto the NeutronPublicInterface.
512 NeutronPublicInterfaceRawDevice:
514 description: If set, the public interface is a vlan with this device as the raw device.
518 The default MTU for tenant networks. For VXLAN/GRE tunneling, this should
519 be at least 50 bytes smaller than the MTU on the physical network. This
520 value will be used to set the MTU on the virtual Ethernet device.
521 This number is related to the value of NeutronDnsmasqOptions, since that
522 will determine the MTU that is assigned to the VM host through DHCP.
528 The tunnel types for the Neutron tenant network.
529 type: comma_delimited_list
530 NeutronTunnelIdRanges:
532 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
533 of GRE tunnel IDs that are available for tenant network allocation
534 default: ["1:4094", ]
535 type: comma_delimited_list
538 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
539 of VXLAN VNI IDs that are available for tenant network allocation
540 default: ["1:4094", ]
541 type: comma_delimited_list
542 NeutronPluginExtensions:
543 default: "qos,port_security"
545 Comma-separated list of extensions enabled for the Neutron plugin.
546 type: comma_delimited_list
547 NeutronAgentExtensions:
550 Comma-separated list of extensions enabled for the Neutron agents.
551 type: comma_delimited_list
557 description: Number of workers for Neutron service.
562 Whether to create cron job for purging soft deleted rows in Nova database.
566 description: Enable IPv6 features in Nova
569 description: The password for the nova service and db account, used by nova-api.
574 description: Number of workers for Nova service.
578 description: Should MongoDb journaling be disabled
582 description: Enable IPv6 if Mongo DB VIP is IPv6
586 description: Comma-separated list of ntp servers
587 type: comma_delimited_list
590 description: The password for the 'pcsd' user.
592 PublicVirtualInterface:
595 Specifies the interface where the public-facing virtual ip will be assigned.
596 This should be int_public when a VLAN is being used.
600 default: '' # Has to be here because of the ignored empty value bug
603 default: '' # Has to be here because of the ignored empty value bug
607 description: The password for RabbitMQ
612 description: The username for RabbitMQ
617 Rabbit client subscriber parameter to specify
618 an SSL connection to the RabbitMQ host.
622 description: Set rabbit subscriber port, change this if using SSL
626 description: Configures RabbitMQ FD limit
630 default: '' # Has to be here because of the ignored empty value bug
633 default: '' # Has to be here because of the ignored empty value bug
634 description: An IP address which is wrapped in brackets in case of IPv6
635 SnmpdReadonlyUserName:
636 default: ro_snmp_user
637 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
639 SnmpdReadonlyUserPassword:
640 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
644 description: A random string to be used as a salt when hashing to determine mappings
650 description: Value of mount_check in Swift account/container/object -server.conf
655 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
658 description: Partition Power to use when building Swift rings
661 description: The password for the swift service account, used by the swift proxy
671 description: How many replicas to use in the swift rings.
674 description: Number of workers for Swift service.
678 description: The timezone to be set on controller nodes.
680 UpgradeLevelNovaCompute:
682 description: Nova Compute upgrade level
684 VirtualIP: # DEPRECATED: use per service settings instead
686 default: '' # Has to be here because of the ignored empty value bug
696 GlanceRegistryVirtualIP:
705 KeystoneAdminApiVirtualIP:
708 KeystonePublicApiVirtualIP:
714 EnablePackageInstall:
716 description: Set to true to enable package installation via Puppet
720 description: Mapping of service_name -> network name. Typically set
721 via parameter_defaults in the resource registry.
725 description: Mapping of service endpoint -> protocol. Typically set
726 via parameter_defaults in the resource registry.
732 Setting to a previously unused value during stack-update will trigger
733 package update on all nodes
736 default: '' # Defaults to Heat created hostname
740 description: Optional mapping to override hostnames
741 NetworkDeploymentActions:
742 type: comma_delimited_list
744 Heat action when to apply network configuration changes
749 SoftwareConfigTransport:
750 default: POLL_SERVER_CFN
752 How the server should receive the metadata required for software configuration.
755 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
760 The DNS domain used for the hosts. This should match the dhcp_domain
761 configured in the Undercloud neutron. Defaults to localdomain.
765 Extra properties or metadata passed to Nova for the created nodes in
766 the overcloud. It's accessible via the Nova metadata API.
770 description: Optional scheduler hints to pass to nova
776 type: OS::Nova::Server
778 image: {get_param: Image}
779 image_update_policy: {get_param: ImageUpdatePolicy}
780 flavor: {get_param: Flavor}
781 key_name: {get_param: KeyName}
784 user_data_format: SOFTWARE_CONFIG
785 user_data: {get_resource: UserData}
788 template: {get_param: Hostname}
789 params: {get_param: HostnameMap}
790 software_config_transport: {get_param: SoftwareConfigTransport}
791 metadata: {get_param: ServerMetadata}
792 scheduler_hints: {get_param: SchedulerHints}
794 # Combine the NodeAdminUserData and NodeUserData mime archives
796 type: OS::Heat::MultipartMime
799 - config: {get_resource: NodeAdminUserData}
801 - config: {get_resource: NodeUserData}
804 # Creates the "heat-admin" user if configured via the environment
805 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
807 type: OS::TripleO::NodeAdminUserData
809 # For optional operator additional userdata
810 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
812 type: OS::TripleO::NodeUserData
815 type: OS::TripleO::Controller::Ports::ExternalPort
817 IPPool: {get_param: ControllerIPs}
818 NodeIndex: {get_param: NodeIndex}
819 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
822 type: OS::TripleO::Controller::Ports::InternalApiPort
824 IPPool: {get_param: ControllerIPs}
825 NodeIndex: {get_param: NodeIndex}
826 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
829 type: OS::TripleO::Controller::Ports::StoragePort
831 IPPool: {get_param: ControllerIPs}
832 NodeIndex: {get_param: NodeIndex}
833 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
836 type: OS::TripleO::Controller::Ports::StorageMgmtPort
838 IPPool: {get_param: ControllerIPs}
839 NodeIndex: {get_param: NodeIndex}
840 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
843 type: OS::TripleO::Controller::Ports::TenantPort
845 IPPool: {get_param: ControllerIPs}
846 NodeIndex: {get_param: NodeIndex}
847 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
850 type: OS::TripleO::Controller::Ports::ManagementPort
852 IPPool: {get_param: ControllerIPs}
853 NodeIndex: {get_param: NodeIndex}
854 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
857 type: OS::TripleO::Network::Ports::NetIpMap
859 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
860 ExternalIp: {get_attr: [ExternalPort, ip_address]}
861 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
862 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
863 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
864 StorageIp: {get_attr: [StoragePort, ip_address]}
865 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
866 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
867 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
868 TenantIp: {get_attr: [TenantPort, ip_address]}
869 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
870 ManagementIp: {get_attr: [ManagementPort, ip_address]}
871 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
874 type: OS::TripleO::Network::Ports::NetIpSubnetMap
876 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
877 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
878 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
879 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
880 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
881 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
882 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
885 type: OS::TripleO::Controller::Net::SoftwareConfig
887 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
888 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
889 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
890 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
891 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
892 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
893 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
896 type: OS::TripleO::SoftwareDeployment
898 name: NetworkDeployment
899 config: {get_resource: NetworkConfig}
900 server: {get_resource: Controller}
901 actions: {get_param: NetworkDeploymentActions}
904 interface_name: {get_param: NeutronPublicInterface}
906 # Resource for site-specific injection of root certificate
908 depends_on: NetworkDeployment
909 type: OS::TripleO::NodeTLSCAData
911 server: {get_resource: Controller}
913 # Resource for site-specific passing of private keys/certificates
915 depends_on: NodeTLSCAData
916 type: OS::TripleO::NodeTLSData
918 server: {get_resource: Controller}
919 NodeIndex: {get_param: NodeIndex}
922 ControllerDeployment:
923 type: OS::TripleO::SoftwareDeployment
924 depends_on: NetworkDeployment
926 name: ControllerDeployment
927 config: {get_resource: ControllerConfig}
928 server: {get_resource: Controller}
930 bootstack_nodeid: {get_attr: [Controller, name]}
931 ceilometer_workers: {get_param: CeilometerWorkers}
932 cinder_workers: {get_param: CinderWorkers}
933 glance_workers: {get_param: GlanceWorkers}
934 heat_workers: {get_param: HeatWorkers}
935 keystone_workers: {get_param: KeystoneWorkers}
936 nova_workers: {get_param: NovaWorkers}
937 neutron_workers: {get_param: NeutronWorkers}
938 swift_workers: {get_param: SwiftWorkers}
939 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
940 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
941 neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
942 haproxy_log_address: {get_param: HAProxySyslogAddress}
943 heat.watch_server_url:
947 - {get_param: HeatApiVirtualIPUri}
949 heat.metadata_server_url:
953 - {get_param: HeatApiVirtualIPUri}
955 heat.waitcondition_server_url:
959 - {get_param: HeatApiVirtualIPUri}
960 - ':8000/v1/waitcondition'
961 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
962 heat_enable_db_purge: {get_param: HeatEnableDBPurge}
963 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
964 horizon_secret: {get_param: HorizonSecret}
965 admin_email: {get_param: AdminEmail}
966 admin_password: {get_param: AdminPassword}
967 admin_token: {get_param: AdminToken}
968 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
969 debug: {get_param: Debug}
970 cinder_enable_db_purge: {get_param: CinderEnableDBPurge}
971 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
972 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
973 cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
978 SERVERS: {get_param: CinderNfsServers}
979 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
980 cinder_password: {get_param: CinderPassword}
981 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
982 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
983 cinder_backend_config: {get_param: CinderBackendConfig}
987 - - 'mysql+pymysql://cinder:'
988 - {get_param: CinderPassword}
990 - {get_param: MysqlVirtualIPUri}
992 glance_port: {get_param: [EndpointMap, GlanceInternal, port]}
993 glance_password: {get_param: GlancePassword}
994 glance_backend: {get_param: GlanceBackend}
995 glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice}
996 glance_file_pcmk_fstype: {get_param: GlanceFilePcmkFstype}
997 glance_file_pcmk_manage: {get_param: GlanceFilePcmkManage}
998 glance_file_pcmk_options: {get_param: GlanceFilePcmkOptions}
999 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
1000 glance_log_file: {get_param: GlanceLogFile}
1004 - - 'mysql+pymysql://glance:'
1005 - {get_param: GlancePassword}
1007 - {get_param: MysqlVirtualIPUri}
1009 heat_password: {get_param: HeatPassword}
1010 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
1014 - - 'mysql+pymysql://heat:'
1015 - {get_param: HeatPassword}
1017 - {get_param: MysqlVirtualIPUri}
1019 keystone_ca_certificate: {get_param: KeystoneCACertificate}
1020 keystone_signing_key: {get_param: KeystoneSigningKey}
1021 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
1022 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
1023 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
1024 keystone_notification_driver: {get_param: KeystoneNotificationDriver}
1025 keystone_notification_format: {get_param: KeystoneNotificationFormat}
1026 keystone_enable_db_purge: {get_param: KeystoneEnableDBPurge}
1030 - - 'mysql+pymysql://keystone:'
1031 - {get_param: AdminToken}
1033 - {get_param: MysqlVirtualIPUri}
1035 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
1036 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
1037 keystone_public_url: { get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
1038 keystone_internal_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
1039 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
1040 enable_fencing: {get_param: EnableFencing}
1041 enable_galera: {get_param: EnableGalera}
1042 enable_load_balancer: {get_param: EnableLoadBalancer}
1043 enable_ceph_storage: {get_param: EnableCephStorage}
1044 enable_swift_storage: {get_param: EnableSwiftStorage}
1045 manage_firewall: {get_param: ManageFirewall}
1046 purge_firewall_rules: {get_param: PurgeFirewallRules}
1047 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
1048 mysql_max_connections: {get_param: MysqlMaxConnections}
1049 mysql_root_password: {get_param: MysqlRootPassword}
1052 template: tripleo-CLUSTER
1054 CLUSTER: {get_param: MysqlClusterUniquePart}
1055 neutron_flat_networks:
1059 NETWORKS: {get_param: NeutronFlatNetworks}
1060 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
1061 neutron_agent_mode: {get_param: NeutronAgentMode}
1062 neutron_router_distributed: {get_param: NeutronDVR}
1063 neutron_core_plugin: {get_param: NeutronCorePlugin}
1064 neutron_service_plugins:
1068 PLUGINS: {get_param: NeutronServicePlugins}
1069 neutron_type_drivers:
1073 DRIVERS: {get_param: NeutronTypeDrivers}
1074 neutron_enable_dhcp_agent: {get_param: NeutronEnableDHCPAgent}
1075 neutron_enable_l3_agent: {get_param: NeutronEnableL3Agent}
1076 neutron_enable_metadata_agent: {get_param: NeutronEnableMetadataAgent}
1077 neutron_enable_ovs_agent: {get_param: NeutronEnableOVSAgent}
1078 neutron_mechanism_drivers:
1080 template: MECHANISMS
1082 MECHANISMS: {get_param: NeutronMechanismDrivers}
1083 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
1084 neutron_l3_ha: {get_param: NeutronL3HA}
1085 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
1086 neutron_network_vlan_ranges:
1090 RANGES: {get_param: NeutronNetworkVLANRanges}
1091 neutron_bridge_mappings:
1095 MAPPINGS: {get_param: NeutronBridgeMappings}
1096 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
1097 neutron_public_interface: {get_param: NeutronPublicInterface}
1098 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
1099 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
1100 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
1101 neutron_tunnel_id_ranges:
1105 RANGES: {get_param: NeutronTunnelIdRanges}
1110 RANGES: {get_param: NeutronVniRanges}
1111 neutron_tenant_network_types:
1115 TYPES: {get_param: NeutronNetworkType}
1116 neutron_tunnel_types:
1120 TYPES: {get_param: NeutronTunnelTypes}
1121 neutron_plugin_extensions:
1123 template: PLUGIN_EXTENSIONS
1125 PLUGIN_EXTENSIONS: {get_param: NeutronPluginExtensions}
1126 neutron_agent_extensions:
1128 template: AGENT_EXTENSIONS
1130 AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
1131 neutron_password: {get_param: NeutronPassword}
1132 neutron_tenant_mtu: {get_param: NeutronTenantMtu}
1133 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
1137 - - 'mysql+pymysql://neutron:'
1138 - {get_param: NeutronPassword}
1140 - {get_param: MysqlVirtualIPUri}
1141 - '/ovs_neutron?charset=utf8'
1142 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
1143 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
1144 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
1145 neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
1146 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
1147 ceilometer_backend: {get_param: CeilometerBackend}
1148 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
1149 ceilometer_password: {get_param: CeilometerPassword}
1150 ceilometer_store_events: {get_param: CeilometerStoreEvents}
1151 aodh_password: {get_param: AodhPassword}
1152 ceilometer_coordination_url:
1156 - {get_param: RedisVirtualIPUri}
1161 - - 'mysql+pymysql://ceilometer:'
1162 - {get_param: CeilometerPassword}
1164 - {get_param: MysqlVirtualIPUri}
1166 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
1167 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
1168 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
1169 nova_ipv6: {get_param: NovaIPv6}
1170 corosync_ipv6: {get_param: CorosyncIPv6}
1171 nova_password: {get_param: NovaPassword}
1175 - - 'mysql+pymysql://nova:'
1176 - {get_param: NovaPassword}
1178 - {get_param: MysqlVirtualIPUri}
1183 - - 'mysql+pymysql://nova_api:'
1184 - {get_param: NovaPassword}
1186 - {get_param: MysqlVirtualIPUri}
1188 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
1189 instance_name_template: {get_param: InstanceNameTemplate}
1190 fencing_config: {get_param: FencingConfig}
1191 pcsd_password: {get_param: PcsdPassword}
1192 rabbit_username: {get_param: RabbitUserName}
1193 rabbit_password: {get_param: RabbitPassword}
1194 rabbit_cookie: {get_param: RabbitCookie}
1195 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
1196 rabbit_client_port: {get_param: RabbitClientPort}
1197 mongodb_no_journal: {get_param: MongoDbNoJournal}
1198 mongodb_ipv6: {get_param: MongoDbIPv6}
1199 # We need to force this into quotes or hiera will return integer causing
1200 # the puppet module validation regexp to fail.
1201 # Remove when: https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/401
1206 LIMIT: {get_param: RabbitFDLimit}
1207 ntp_servers: {get_param: NtpServer}
1208 timezone: {get_param: TimeZone}
1209 control_virtual_interface: {get_param: ControlVirtualInterface}
1210 public_virtual_interface: {get_param: PublicVirtualInterface}
1211 swift_hash_suffix: {get_param: SwiftHashSuffix}
1212 swift_password: {get_param: SwiftPassword}
1213 swift_part_power: {get_param: SwiftPartPower}
1214 swift_replicas: {get_param: SwiftReplicas}
1215 swift_min_part_hours: {get_param: SwiftMinPartHours}
1216 swift_mount_check: {get_param: SwiftMountCheck}
1217 enable_package_install: {get_param: EnablePackageInstall}
1218 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
1219 sahara_password: {get_param: SaharaPassword}
1223 - - 'mysql://sahara:'
1224 - {get_param: SaharaPassword}
1226 - {get_param: MysqlVirtualIPUri}
1228 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
1229 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1230 cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
1231 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
1232 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
1233 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
1234 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
1235 glance_registry_host: {get_param: GlanceRegistryVirtualIP}
1236 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
1237 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
1238 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
1239 keystone_region: {get_param: KeystoneRegion}
1240 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
1241 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
1242 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
1243 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
1244 aodh_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]}
1245 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
1246 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
1247 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
1248 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
1249 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
1250 redis_vip: {get_param: RedisVirtualIP}
1251 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
1252 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1253 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
1254 mysql_virtual_ip: {get_param: MysqlVirtualIP}
1255 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
1256 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1257 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1259 # Map heat metadata into hiera datafiles
1261 type: OS::Heat::StructuredConfig
1263 group: os-apply-config
1268 - heat_config_%{::deploy_config_name}
1269 - controller_extraconfig
1274 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
1275 - ceph_cluster # provided by CephClusterConfig
1277 - bootstrap_node # provided by BootstrapNodeConfig
1278 - all_nodes # provided by allNodesConfig
1279 - vip_data # provided by vip-config
1282 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
1283 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
1284 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
1285 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
1286 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
1287 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
1288 - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
1289 - midonet_data #Optionally provided by AllNodesExtraConfig
1290 - neutron_opencontrail_data # Optionally provided by ControllerExtraConfigPre
1292 controller_extraconfig:
1293 mapped_data: {get_param: ControllerExtraConfig}
1295 mapped_data: {get_param: ExtraConfig}
1297 raw_data: {get_file: hieradata/common.yaml}
1299 raw_data: {get_file: hieradata/ceph.yaml}
1301 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
1302 ceph::profile::params::public_network: {get_input: ceph_public_network}
1303 ceph::mon::public_addr: {get_input: ceph_public_ip}
1305 raw_data: {get_file: hieradata/database.yaml}
1307 raw_data: {get_file: hieradata/object.yaml}
1309 raw_data: {get_file: hieradata/controller.yaml}
1310 mapped_data: # data supplied directly to this deployment configuration, etc
1311 bootstack_nodeid: {get_input: bootstack_nodeid}
1314 enable_fencing: {get_input: enable_fencing}
1315 enable_load_balancer: {get_input: enable_load_balancer}
1316 hacluster_pwd: {get_input: pcsd_password}
1317 corosync_ipv6: {get_input: corosync_ipv6}
1318 tripleo::fencing::config: {get_input: fencing_config}
1321 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
1322 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
1323 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
1324 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
1325 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
1326 swift::proxy::authtoken::admin_password: {get_input: swift_password}
1327 swift::proxy::workers: {get_input: swift_workers}
1328 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
1329 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
1330 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
1331 swift_mount_check: {get_input: swift_mount_check}
1333 # NOTE(dprince): build_ring support is currently not wired in.
1334 # See: https://review.openstack.org/#/c/109225/
1335 tripleo::ringbuilder::build_ring: True
1338 cinder_enable_db_purge: {get_input: cinder_enable_db_purge}
1339 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
1340 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
1341 cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
1342 cinder_nfs_servers: {get_input: cinder_nfs_servers}
1343 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
1344 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
1345 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
1346 cinder::database_connection: {get_input: cinder_dsn}
1347 cinder::api::keystone_password: {get_input: cinder_password}
1348 cinder::api::auth_uri: {get_input: keystone_auth_uri}
1349 cinder::api::identity_uri: {get_input: keystone_identity_uri}
1350 cinder::api::bind_host: {get_input: cinder_api_network}
1351 cinder::rabbit_userid: {get_input: rabbit_username}
1352 cinder::rabbit_password: {get_input: rabbit_password}
1353 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1354 cinder::rabbit_port: {get_input: rabbit_client_port}
1355 cinder::debug: {get_input: debug}
1356 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
1357 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
1358 cinder_backend_config: {get_input: CinderBackendConfig}
1359 cinder::db::mysql::password: {get_input: cinder_password}
1362 glance::api::bind_port: {get_input: glance_port}
1363 glance::api::bind_host: {get_input: glance_api_network}
1364 glance::api::auth_uri: {get_input: keystone_auth_uri}
1365 glance::api::identity_uri: {get_input: keystone_identity_uri}
1366 glance::api::registry_host: {get_input: glance_registry_host}
1367 glance::api::keystone_password: {get_input: glance_password}
1368 glance::api::debug: {get_input: debug}
1369 glance::api::workers: {get_input: glance_workers}
1370 glance_notifier_strategy: {get_input: glance_notifier_strategy}
1371 glance_log_file: {get_input: glance_log_file}
1372 glance_log_file: {get_input: glance_log_file}
1373 glance::api::database_connection: {get_input: glance_dsn}
1374 glance::registry::keystone_password: {get_input: glance_password}
1375 glance::registry::database_connection: {get_input: glance_dsn}
1376 glance::registry::bind_host: {get_input: glance_registry_network}
1377 glance::registry::auth_uri: {get_input: keystone_auth_uri}
1378 glance::registry::identity_uri: {get_input: keystone_identity_uri}
1379 glance::registry::debug: {get_input: debug}
1380 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_uri}
1381 glance::registry::workers: {get_input: glance_workers}
1382 glance::backend::swift::swift_store_user: service:glance
1383 glance::backend::swift::swift_store_key: {get_input: glance_password}
1384 glance_backend: {get_input: glance_backend}
1385 glance::db::mysql::password: {get_input: glance_password}
1386 glance_file_pcmk_device: {get_input: glance_file_pcmk_device}
1387 glance_file_pcmk_fstype: {get_input: glance_file_pcmk_fstype}
1388 glance_file_pcmk_manage: {get_input: glance_file_pcmk_manage}
1389 glance_file_pcmk_options: {get_input: glance_file_pcmk_options}
1390 glance::notify::rabbitmq::rabbit_userid: {get_input: rabbit_username}
1391 glance::notify::rabbitmq::rabbit_password: {get_input: rabbit_password}
1392 glance::notify::rabbitmq::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1395 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
1396 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
1397 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
1398 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
1399 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
1400 heat::rabbit_userid: {get_input: rabbit_username}
1401 heat::rabbit_password: {get_input: rabbit_password}
1402 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1403 heat::rabbit_port: {get_input: rabbit_client_port}
1404 heat::auth_uri: {get_input: keystone_auth_uri}
1405 heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
1406 heat::identity_uri: {get_input: keystone_identity_uri}
1407 heat::keystone_password: {get_input: heat_password}
1408 heat::api::bind_host: {get_input: heat_api_network}
1409 heat::api::workers: {get_input: heat_workers}
1410 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
1411 heat::api_cloudwatch::workers: {get_input: heat_workers}
1412 heat::api_cfn::bind_host: {get_input: heat_api_network}
1413 heat::api_cfn::workers: {get_input: heat_workers}
1414 heat::database_connection: {get_input: heat_dsn}
1415 heat::debug: {get_input: debug}
1416 heat::db::mysql::password: {get_input: heat_password}
1417 heat_enable_db_purge: {get_input: heat_enable_db_purge}
1420 keystone::admin_token: {get_input: admin_token}
1421 keystone_ca_certificate: {get_input: keystone_ca_certificate}
1422 keystone_signing_key: {get_input: keystone_signing_key}
1423 keystone_signing_certificate: {get_input: keystone_signing_certificate}
1424 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
1425 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
1426 keystone::database_connection: {get_input: keystone_dsn}
1427 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
1428 keystone::public_bind_host: {get_input: keystone_public_api_network}
1429 keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
1430 keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
1431 keystone::debug: {get_input: debug}
1432 keystone::db::mysql::password: {get_input: admin_token}
1433 keystone::rabbit_userid: {get_input: rabbit_username}
1434 keystone::rabbit_password: {get_input: rabbit_password}
1435 keystone::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1436 keystone::rabbit_port: {get_input: rabbit_client_port}
1437 keystone::notification_driver: {get_input: keystone_notification_driver}
1438 keystone::notification_format: {get_input: keystone_notification_format}
1439 keystone::roles::admin::email: {get_input: admin_email}
1440 keystone::roles::admin::password: {get_input: admin_password}
1441 keystone::endpoint::public_url: {get_input: keystone_public_url}
1442 keystone::endpoint::internal_url: {get_input: keystone_internal_url}
1443 keystone::endpoint::admin_url: {get_input: keystone_identity_uri}
1444 keystone::endpoint::region: {get_input: keystone_region}
1445 keystone::admin_workers: {get_input: keystone_workers}
1446 keystone::public_workers: {get_input: keystone_workers}
1447 keystone_enable_db_purge: {get_input: keystone_enable_db_purge}
1448 keystone::public_endpoint: {get_input: keystone_public_url}
1450 mongodb::server::bind_ip: {get_input: mongo_db_network}
1451 mongodb::server::nojournal: {get_input: mongodb_no_journal}
1452 mongodb::server::ipv6: {get_input: mongodb_ipv6}
1454 admin_password: {get_input: admin_password}
1455 enable_galera: {get_input: enable_galera}
1456 enable_ceph_storage: {get_input: enable_ceph_storage}
1457 enable_swift_storage: {get_input: enable_swift_storage}
1458 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
1459 mysql_max_connections: {get_input: mysql_max_connections}
1460 mysql::server::root_password: {get_input: mysql_root_password}
1461 mysql_cluster_name: {get_input: mysql_cluster_name}
1462 mysql_bind_host: {get_input: mysql_network}
1463 mysql_virtual_ip: {get_input: mysql_virtual_ip}
1466 neutron::bind_host: {get_input: neutron_api_network}
1467 neutron::rabbit_password: {get_input: rabbit_password}
1468 neutron::rabbit_user: {get_input: rabbit_username}
1469 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1470 neutron::rabbit_port: {get_input: rabbit_client_port}
1471 neutron::debug: {get_input: debug}
1472 neutron::server::auth_uri: {get_input: keystone_auth_uri}
1473 neutron::server::identity_uri: {get_input: keystone_identity_uri}
1474 neutron::server::database_connection: {get_input: neutron_dsn}
1475 neutron::server::api_workers: {get_input: neutron_workers}
1476 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
1477 neutron::network_device_mtu: {get_input: neutron_tenant_mtu}
1478 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
1479 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
1480 neutron::agents::dhcp::enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata}
1481 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
1482 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
1483 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1484 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
1485 neutron::agents::metadata::metadata_workers: {get_input: neutron_workers}
1486 neutron_agent_mode: {get_input: neutron_agent_mode}
1487 neutron_router_distributed: {get_input: neutron_router_distributed}
1488 neutron::core_plugin: {get_input: neutron_core_plugin}
1489 neutron::service_plugins: {get_input: neutron_service_plugins}
1490 neutron::enable_dhcp_agent: {get_input: neutron_enable_dhcp_agent}
1491 neutron::enable_l3_agent: {get_input: neutron_enable_l3_agent}
1492 neutron::enable_metadata_agent: {get_input: neutron_enable_metadata_agent}
1493 neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent}
1494 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
1495 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
1496 neutron::plugins::ml2::extension_drivers: {get_input: neutron_plugin_extensions}
1497 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
1498 neutron::server::l3_ha: {get_input: neutron_l3_ha}
1499 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
1500 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
1501 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
1502 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
1503 neutron::agents::ml2::ovs::bridge_mappings: {get_input: neutron_bridge_mappings}
1504 neutron_public_interface: {get_input: neutron_public_interface}
1505 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
1506 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
1507 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
1508 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
1509 neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types}
1510 neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions}
1511 neutron::server::auth_password: {get_input: neutron_password}
1512 neutron::agents::metadata::auth_password: {get_input: neutron_password}
1513 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
1514 neutron_dsn: {get_input: neutron_dsn}
1515 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1516 neutron::db::mysql::password: {get_input: neutron_password}
1517 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
1518 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
1519 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
1520 neutron::keystone::auth::password: {get_input: neutron_password }
1521 neutron::keystone::auth::region: {get_input: keystone_region}
1522 neutron::server::notifications::nova_url: {get_input: nova_internal_url}
1523 neutron::server::notifications::auth_url: {get_input: neutron_auth_url}
1524 neutron::server::notifications::tenant_name: 'service'
1525 neutron::server::notifications::project_name: 'service'
1526 neutron::server::notifications::password: {get_input: nova_password}
1529 ceilometer_backend: {get_input: ceilometer_backend}
1530 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1531 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1532 ceilometer::rabbit_userid: {get_input: rabbit_username}
1533 ceilometer::rabbit_password: {get_input: rabbit_password}
1534 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1535 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1536 ceilometer::debug: {get_input: debug}
1537 ceilometer::api::host: {get_input: ceilometer_api_network}
1538 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1539 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1540 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1541 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1542 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
1543 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1544 ceilometer::agent::notification::store_events: {get_input: ceilometer_store_events}
1545 ceilometer::db::mysql::password: {get_input: ceilometer_password}
1546 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1547 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1550 aodh::rabbit_userid: {get_input: rabbit_username}
1551 aodh::rabbit_password: {get_input: rabbit_password}
1552 aodh::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1553 aodh::rabbit_port: {get_input: rabbit_client_port}
1554 aodh::debug: {get_input: debug}
1555 aodh::wsgi::apache::ssl: false
1556 aodh::wsgi::apache::bind_host: {get_input: aodh_api_network}
1557 aodh::api::service_name: 'httpd'
1558 aodh::api::host: {get_input: aodh_api_network}
1559 aodh::api::keystone_password: {get_input: aodh_password}
1560 aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1561 aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1562 aodh::auth::auth_password: {get_input: aodh_password}
1563 aodh::db::mysql::password: {get_input: aodh_password}
1564 # for a migration path from ceilometer-alarm to aodh, we use the same database & coordination
1565 aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url}
1568 nova::rabbit_userid: {get_input: rabbit_username}
1569 nova::rabbit_password: {get_input: rabbit_password}
1570 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1571 nova::rabbit_port: {get_input: rabbit_client_port}
1572 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
1573 nova::debug: {get_input: debug}
1574 nova::use_ipv6: {get_input: nova_ipv6}
1575 nova::api::auth_uri: {get_input: keystone_auth_uri}
1576 nova::api::identity_uri: {get_input: keystone_identity_uri}
1577 nova::api::api_bind_address: {get_input: nova_api_network}
1578 nova::api::metadata_listen: {get_input: nova_metadata_network}
1579 nova::api::admin_password: {get_input: nova_password}
1580 nova::api::osapi_compute_workers: {get_input: nova_workers}
1581 nova::api::ec2_workers: {get_input: nova_workers}
1582 nova::api::metadata_workers: {get_input: nova_workers}
1583 nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu}
1584 nova::database_connection: {get_input: nova_dsn}
1585 nova::api_database_connection: {get_input: nova_api_dsn}
1586 nova::glance_api_servers: {get_input: glance_api_servers}
1587 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1588 nova::api::instance_name_template: {get_input: instance_name_template}
1589 nova::network::neutron::neutron_password: {get_input: neutron_password}
1590 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1591 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
1592 nova::vncproxy::host: {get_input: nova_api_network}
1593 nova::db::mysql::password: {get_input: nova_password}
1594 nova::db::mysql_api::password: {get_input: nova_password}
1595 nova_enable_db_purge: {get_input: nova_enable_db_purge}
1598 apache::ip: {get_input: horizon_network}
1599 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1600 horizon::django_debug: {get_input: debug}
1601 horizon::secret_key: {get_input: horizon_secret}
1602 horizon::bind_address: {get_input: horizon_network}
1603 horizon::keystone_url: {get_input: keystone_auth_uri}
1606 sahara::host: {get_input: sahara_api_network}
1614 sahara::admin_password: {get_input: sahara_password}
1615 sahara::auth_uri: {get_input: keystone_auth_uri}
1616 sahara::admin_user: sahara
1617 sahara::identity_uri: {get_input: keystone_identity_uri}
1618 sahara::use_neutron: true
1619 sahara::database_connection: {get_input: sahara_dsn}
1620 sahara::debug: {get_input: debug}
1621 sahara::rpc_backend: rabbit
1622 sahara::rabbit_userid: {get_input: rabbit_username}
1623 sahara::rabbit_password: {get_input: rabbit_password}
1624 sahara::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1625 sahara::rabbit_port: {get_input: rabbit_client_port}
1626 sahara::db::mysql::password: {get_input: sahara_password}
1629 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1630 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1631 rabbitmq::file_limit: {get_input: rabbit_fd_limit}
1632 rabbitmq::default_user: {get_input: rabbit_username}
1633 rabbitmq::default_pass: {get_input: rabbit_password}
1635 redis::bind: {get_input: redis_network}
1636 redis_vip: {get_input: redis_vip}
1638 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1639 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1641 memcached::listen_ip: {get_input: memcached_network}
1642 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1643 ntp::servers: {get_input: ntp_servers}
1644 timezone::timezone: {get_input: timezone}
1645 control_virtual_interface: {get_input: control_virtual_interface}
1646 public_virtual_interface: {get_input: public_virtual_interface}
1647 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1648 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1649 tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address}
1650 tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1651 tripleo::packages::enable_install: {get_input: enable_package_install}
1652 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1654 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1655 ControllerExtraConfigPre:
1656 depends_on: ControllerDeployment
1657 type: OS::TripleO::ControllerExtraConfigPre
1659 server: {get_resource: Controller}
1661 # Hook for site-specific additional pre-deployment config,
1662 # applying to all nodes, e.g node registration/unregistration
1664 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1665 type: OS::TripleO::NodeExtraConfig
1667 server: {get_resource: Controller}
1670 type: OS::TripleO::Tasks::PackageUpdate
1673 type: OS::Heat::SoftwareDeployment
1675 name: UpdateDeployment
1676 config: {get_resource: UpdateConfig}
1677 server: {get_resource: Controller}
1680 get_param: UpdateIdentifier
1684 description: IP address of the server in the ctlplane network
1685 value: {get_attr: [Controller, networks, ctlplane, 0]}
1686 external_ip_address:
1687 description: IP address of the server in the external network
1688 value: {get_attr: [ExternalPort, ip_address]}
1689 internal_api_ip_address:
1690 description: IP address of the server in the internal_api network
1691 value: {get_attr: [InternalApiPort, ip_address]}
1693 description: IP address of the server in the storage network
1694 value: {get_attr: [StoragePort, ip_address]}
1695 storage_mgmt_ip_address:
1696 description: IP address of the server in the storage_mgmt network
1697 value: {get_attr: [StorageMgmtPort, ip_address]}
1699 description: IP address of the server in the tenant network
1700 value: {get_attr: [TenantPort, ip_address]}
1701 management_ip_address:
1702 description: IP address of the server in the management network
1703 value: {get_attr: [ManagementPort, ip_address]}
1705 description: Hostname of the server
1706 value: {get_attr: [Controller, name]}
1709 Node object in the format {ip: ..., name: ...} format that the corosync
1712 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1713 name: {get_attr: [Controller, name]}
1716 Server's IP address and hostname in the /etc/hosts format
1720 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
1721 EXTERNALIP EXTERNALHOST
1722 INTERNAL_APIIP INTERNAL_APIHOST
1723 STORAGEIP STORAGEHOST
1724 STORAGE_MGMTIP STORAGE_MGMTHOST
1726 MANAGEMENTIP MANAGEMENTHOST
1728 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1729 DOMAIN: {get_param: CloudDomain}
1730 PRIMARYHOST: {get_attr: [Controller, name]}
1731 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
1735 - - {get_attr: [Controller, name]}
1737 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
1741 - - {get_attr: [Controller, name]}
1743 STORAGEIP: {get_attr: [StoragePort, ip_address]}
1747 - - {get_attr: [Controller, name]}
1749 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
1753 - - {get_attr: [Controller, name]}
1755 TENANTIP: {get_attr: [TenantPort, ip_address]}
1759 - - {get_attr: [Controller, name]}
1761 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
1765 - - {get_attr: [Controller, name]}
1767 nova_server_resource:
1768 description: Heat resource handle for the Nova compute server
1770 {get_resource: Controller}
1772 description: Swift device formatted for swift-ring-builder
1775 template: 'r1z1-IP:%PORT%/d1'
1777 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1778 swift_proxy_memcache:
1779 description: Swift proxy-memcache value
1782 template: "IP:11211"
1784 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1786 description: identifier which changes if the controller configuration may need re-applying
1790 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1791 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1792 - {get_attr: [NodeTLSData, deploy_stdout]}
1793 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1794 - {get_param: UpdateIdentifier}
1795 tls_key_modulus_md5:
1796 description: MD5 checksum of the TLS Key Modulus
1797 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1798 tls_cert_modulus_md5:
1799 description: MD5 checksum of the TLS Certificate Modulus
1800 value: {get_attr: [NodeTLSData, cert_modulus_md5]}