1 heat_template_version: 2016-04-08
4 OpenStack controller node configured by Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
12 description: The password for the aodh services.
15 #TODO(composable Redis): Remove the Redis password param
16 #As is used by ceilometer
19 description: The ceilometer backend type.
21 CeilometerMeteringSecret:
22 description: Secret shared by the ceilometer services.
26 description: The password for the ceilometer service and db account.
29 CeilometerStoreEvents:
31 description: Whether to store events in ceilometer.
33 CeilometerMeterDispatcher:
35 description: Dispatcher to process meter data
38 - allowed_values: ['gnocchi', 'database']
41 description: Number of workers for Ceilometer service.
43 controllerExtraConfig:
46 Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
48 ControllerExtraConfig:
51 Controller specific hiera configuration data to inject into the cluster.
56 A network mapped list of IPs to assign to Controllers in the following form:
58 "internal_api": ["a.b.c.d", "e.f.g.h"],
62 ControlVirtualInterface:
64 description: Interface where virtual ip will be assigned.
68 description: Enable IPv6 in Corosync
72 description: Set to True to enable debugging on all services.
76 description: Whether to enable fencing in Pacemaker or not.
80 description: Whether to use Galera instead of regular MariaDB.
84 description: Whether to deploy a LoadBalancer on the Controller
89 Additional hieradata to inject into the cluster, note that
90 ControllerExtraConfig takes precedence over ExtraConfig.
95 Pacemaker fencing configuration. The JSON should have
96 the following structure:
100 "agent": "AGENT_NAME",
101 "host_mac": "HOST_MAC_ADDRESS",
102 "params": {"PARAM_NAME": "PARAM_VALUE"}
110 "agent": "fence_xvm",
111 "host_mac": "52:54:00:aa:bb:cc",
113 "multicast_address": "225.0.0.12",
114 "port": "baremetal_0",
116 "manage_key_file": true,
117 "key_file": "/etc/fence_xvm.key",
118 "key_file_password": "abcdef"
125 description: Flavor for control nodes to request when deploying.
128 - custom_constraint: nova.flavor
131 description: The short name of the Gnocchi backend to use. Should be one
132 of swift, rbd, or file
135 - allowed_values: ['swift', 'file', 'rbd']
136 GnocchiIndexerBackend:
138 description: The short name of the Gnocchi indexer backend to use.
141 description: The password for the gnocchi service and db account.
144 HAProxyStatsPassword:
145 description: Password for HAProxy stats endpoint
148 description: User for HAProxy stats endpoint
151 HAProxySyslogAddress:
153 description: Syslog address where HAproxy will send its log
155 HeatAuthEncryptionKey:
156 description: Auth encryption key for heat-engine
161 description: A list of IP/Hostname allowed to connect to horizon
162 type: comma_delimited_list
164 description: Secret key for Django
169 default: overcloud-control
171 - custom_constraint: glance.image
173 default: 'REBUILD_PRESERVE_EPHEMERAL'
174 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
176 InstanceNameTemplate:
177 default: 'instance-%08x'
178 description: Template string to be used to generate instance names
182 description: Name of an existing Nova key pair to enable SSH access to the instances
185 - custom_constraint: nova.keypair
189 description: Keystone region for endpoint
192 description: Whether to manage IPtables rules.
196 description: Enable IPv6 features in Memcached.
200 description: Whether IPtables rules should be purged before setting up the new ones.
202 MysqlClusterUniquePart:
203 description: A unique identifier of the MySQL cluster the controller is in.
205 default: 'unset' # Has to be here because of the ignored empty value bug
206 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
208 # - length: {min: 4, max: 10}
209 MysqlInnodbBufferPoolSize:
211 Specifies the size of the buffer pool in megabytes. Setting to
212 zero should be interpreted as "no value" and will defer to the
217 description: Configures MySQL max_connections config setting
220 MysqlClustercheckPassword:
226 default: '' # Has to be here because of the ignored empty value bug
227 NeutronMetadataProxySharedSecret:
228 description: Shared secret to prevent spoofing
232 description: The password for the neutron service and db account, used by neutron agents.
235 NeutronPublicInterface:
237 description: What interface to bridge onto br-ex for network nodes.
241 The default MTU for tenant networks. For VXLAN/GRE tunneling, this should
242 be at least 50 bytes smaller than the MTU on the physical network. This
243 value will be used to set the MTU on the virtual Ethernet device.
244 This number is related to the value of NeutronDnsmasqOptions, since that
245 will determine the MTU that is assigned to the VM host through DHCP.
251 Whether to create cron job for purging soft deleted rows in Nova database.
255 description: Enable IPv6 features in Nova
258 description: The password for the nova service and db account, used by nova-api.
263 description: The password for the 'pcsd' user.
265 PublicVirtualInterface:
268 Specifies the interface where the public-facing virtual ip will be assigned.
269 This should be int_public when a VLAN is being used.
273 default: '' # Has to be here because of the ignored empty value bug
276 description: The password for RabbitMQ
281 description: The username for RabbitMQ
286 Rabbit client subscriber parameter to specify
287 an SSL connection to the RabbitMQ host.
291 description: Set rabbit subscriber port, change this if using SSL
294 description: The password for Redis
299 default: '' # Has to be here because of the ignored empty value bug
302 default: '' # Has to be here because of the ignored empty value bug
303 description: An IP address which is wrapped in brackets in case of IPv6
305 description: A random string to be used as a salt when hashing to determine mappings
312 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
315 description: Partition Power to use when building Swift rings
319 description: Whether to manage Swift rings or not
324 description: How many replicas to use in the swift rings.
325 UpgradeLevelNovaCompute:
327 description: Nova Compute upgrade level
332 EnablePackageInstall:
334 description: Set to true to enable package installation via Puppet
338 description: Mapping of service_name -> network name. Typically set
339 via parameter_defaults in the resource registry.
343 description: Mapping of service endpoint -> protocol. Typically set
344 via parameter_defaults in the resource registry.
350 Setting to a previously unused value during stack-update will trigger
351 package update on all nodes
354 default: '' # Defaults to Heat created hostname
358 description: Optional mapping to override hostnames
359 NetworkDeploymentActions:
360 type: comma_delimited_list
362 Heat action when to apply network configuration changes
367 SoftwareConfigTransport:
368 default: POLL_SERVER_CFN
370 How the server should receive the metadata required for software configuration.
373 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
378 The DNS domain used for the hosts. This should match the dhcp_domain
379 configured in the Undercloud neutron. Defaults to localdomain.
383 Extra properties or metadata passed to Nova for the created nodes in
384 the overcloud. It's accessible via the Nova metadata API.
388 description: Optional scheduler hints to pass to nova
390 ServiceConfigSettings:
396 description: Do not use deprecated params, they will be removed.
398 - controllerExtraConfig
403 type: OS::Nova::Server
405 image: {get_param: Image}
406 image_update_policy: {get_param: ImageUpdatePolicy}
407 flavor: {get_param: Flavor}
408 key_name: {get_param: KeyName}
411 user_data_format: SOFTWARE_CONFIG
412 user_data: {get_resource: UserData}
415 template: {get_param: Hostname}
416 params: {get_param: HostnameMap}
417 software_config_transport: {get_param: SoftwareConfigTransport}
418 metadata: {get_param: ServerMetadata}
419 scheduler_hints: {get_param: SchedulerHints}
421 # Combine the NodeAdminUserData and NodeUserData mime archives
423 type: OS::Heat::MultipartMime
426 - config: {get_resource: NodeAdminUserData}
428 - config: {get_resource: NodeUserData}
431 # Creates the "heat-admin" user if configured via the environment
432 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
434 type: OS::TripleO::NodeAdminUserData
436 # For optional operator additional userdata
437 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
439 type: OS::TripleO::NodeUserData
442 type: OS::TripleO::Controller::Ports::ExternalPort
444 IPPool: {get_param: ControllerIPs}
445 NodeIndex: {get_param: NodeIndex}
446 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
449 type: OS::TripleO::Controller::Ports::InternalApiPort
451 IPPool: {get_param: ControllerIPs}
452 NodeIndex: {get_param: NodeIndex}
453 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
456 type: OS::TripleO::Controller::Ports::StoragePort
458 IPPool: {get_param: ControllerIPs}
459 NodeIndex: {get_param: NodeIndex}
460 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
463 type: OS::TripleO::Controller::Ports::StorageMgmtPort
465 IPPool: {get_param: ControllerIPs}
466 NodeIndex: {get_param: NodeIndex}
467 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
470 type: OS::TripleO::Controller::Ports::TenantPort
472 IPPool: {get_param: ControllerIPs}
473 NodeIndex: {get_param: NodeIndex}
474 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
477 type: OS::TripleO::Controller::Ports::ManagementPort
479 IPPool: {get_param: ControllerIPs}
480 NodeIndex: {get_param: NodeIndex}
481 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
484 type: OS::TripleO::Network::Ports::NetIpMap
486 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
487 ExternalIp: {get_attr: [ExternalPort, ip_address]}
488 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
489 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
490 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
491 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
492 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
493 StorageIp: {get_attr: [StoragePort, ip_address]}
494 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
495 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
496 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
497 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
498 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
499 TenantIp: {get_attr: [TenantPort, ip_address]}
500 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
501 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
502 ManagementIp: {get_attr: [ManagementPort, ip_address]}
503 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
504 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
507 type: OS::TripleO::Controller::Net::SoftwareConfig
509 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
510 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
511 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
512 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
513 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
514 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
515 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
518 type: OS::TripleO::SoftwareDeployment
520 name: NetworkDeployment
521 config: {get_resource: NetworkConfig}
522 server: {get_resource: Controller}
523 actions: {get_param: NetworkDeploymentActions}
526 interface_name: {get_param: NeutronPublicInterface}
528 # Resource for site-specific injection of root certificate
530 depends_on: NetworkDeployment
531 type: OS::TripleO::NodeTLSCAData
533 server: {get_resource: Controller}
535 # Resource for site-specific passing of private keys/certificates
537 depends_on: NodeTLSCAData
538 type: OS::TripleO::NodeTLSData
540 server: {get_resource: Controller}
541 NodeIndex: {get_param: NodeIndex}
544 ControllerDeployment:
545 type: OS::TripleO::SoftwareDeployment
546 depends_on: NetworkDeployment
548 name: ControllerDeployment
549 config: {get_resource: ControllerConfig}
550 server: {get_resource: Controller}
552 bootstack_nodeid: {get_attr: [Controller, name]}
553 ceilometer_workers: {get_param: CeilometerWorkers}
554 haproxy_log_address: {get_param: HAProxySyslogAddress}
555 haproxy_stats_password: {get_param: HAProxyStatsPassword}
556 haproxy_stats_user: {get_param: HAProxyStatsUser}
557 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
558 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
559 horizon_secret: {get_param: HorizonSecret}
560 admin_password: {get_param: AdminPassword}
561 debug: {get_param: Debug}
562 cinder_public_url: {get_param: [EndpointMap, CinderPublic, uri]}
563 cinder_internal_url: {get_param: [EndpointMap, CinderInternal, uri]}
564 cinder_admin_url: {get_param: [EndpointMap, CinderAdmin, uri]}
565 cinder_public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]}
566 cinder_internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]}
567 cinder_admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]}
568 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
569 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
570 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
571 enable_fencing: {get_param: EnableFencing}
572 enable_galera: {get_param: EnableGalera}
573 enable_load_balancer: {get_param: EnableLoadBalancer}
574 manage_firewall: {get_param: ManageFirewall}
575 purge_firewall_rules: {get_param: PurgeFirewallRules}
576 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
577 mysql_max_connections: {get_param: MysqlMaxConnections}
578 mysql_root_password: {get_param: MysqlRootPassword}
579 mysql_clustercheck_password: {get_param: MysqlClustercheckPassword}
582 template: tripleo-CLUSTER
584 CLUSTER: {get_param: MysqlClusterUniquePart}
585 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
586 neutron_password: {get_param: NeutronPassword}
587 neutron_tenant_mtu: {get_param: NeutronTenantMtu}
588 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
589 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
590 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
591 neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
592 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
593 ceilometer_backend: {get_param: CeilometerBackend}
594 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
595 ceilometer_password: {get_param: CeilometerPassword}
596 ceilometer_store_events: {get_param: CeilometerStoreEvents}
597 aodh_password: {get_param: AodhPassword}
598 aodh_internal_url: { get_param: [ EndpointMap, AodhInternal, uri ] }
599 aodh_public_url: { get_param: [ EndpointMap, AodhPublic, uri ] }
600 aodh_admin_url: { get_param: [ EndpointMap, AodhAdmin, uri ] }
601 ceilometer_meter_dispatcher: {get_param: CeilometerMeterDispatcher}
602 gnocchi_password: {get_param: GnocchiPassword}
603 gnocchi_backend: {get_param: GnocchiBackend}
604 gnocchi_indexer_backend: {get_param: GnocchiIndexerBackend}
605 ceilometer_coordination_url:
609 - {get_param: RedisPassword}
611 - {get_param: RedisVirtualIPUri}
616 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
618 - {get_param: CeilometerPassword}
620 - {get_param: [EndpointMap, MysqlInternal, host]}
625 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
627 - {get_param: GnocchiPassword}
629 - {get_param: [EndpointMap, MysqlInternal, host]}
634 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
636 - {get_param: AodhPassword}
638 - {get_param: [EndpointMap, MysqlInternal, host]}
640 gnocchi_internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]}
641 gnocchi_public_url: { get_param: [ EndpointMap, GnocchiPublic, uri ] }
642 gnocchi_admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] }
643 ceilometer_public_url: {get_param: [EndpointMap, CeilometerPublic, uri]}
644 ceilometer_internal_url: {get_param: [EndpointMap, CeilometerInternal, uri]}
645 ceilometer_admin_url: {get_param: [EndpointMap, CeilometerAdmin, uri]}
646 ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
647 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
648 nova_ipv6: {get_param: NovaIPv6}
649 corosync_ipv6: {get_param: CorosyncIPv6}
650 memcached_ipv6: {get_param: MemcachedIPv6}
651 nova_password: {get_param: NovaPassword}
655 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
657 - {get_param: NovaPassword}
659 - {get_param: [EndpointMap, MysqlInternal, host]}
664 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
666 - {get_param: NovaPassword}
668 - {get_param: [EndpointMap, MysqlInternal, host]}
670 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
671 instance_name_template: {get_param: InstanceNameTemplate}
672 nova_public_url: {get_param: [EndpointMap, NovaPublic, uri]}
673 nova_internal_url: {get_param: [EndpointMap, NovaInternal, uri]}
674 nova_admin_url: {get_param: [EndpointMap, NovaAdmin, uri]}
675 fencing_config: {get_param: FencingConfig}
676 pcsd_password: {get_param: PcsdPassword}
677 rabbit_username: {get_param: RabbitUserName}
678 rabbit_password: {get_param: RabbitPassword}
679 rabbit_cookie: {get_param: RabbitCookie}
680 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
681 rabbit_client_port: {get_param: RabbitClientPort}
682 control_virtual_interface: {get_param: ControlVirtualInterface}
683 public_virtual_interface: {get_param: PublicVirtualInterface}
684 swift_hash_suffix: {get_param: SwiftHashSuffix}
685 swift_part_power: {get_param: SwiftPartPower}
686 swift_ring_build: {get_param: SwiftRingBuild}
687 swift_replicas: {get_param: SwiftReplicas}
688 swift_min_part_hours: {get_param: SwiftMinPartHours}
689 enable_package_install: {get_param: EnablePackageInstall}
690 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
691 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
692 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
693 cinder_iscsi_network:
697 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
698 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
699 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
700 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
701 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
702 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
703 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
704 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
705 keystone_region: {get_param: KeystoneRegion}
706 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
707 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
708 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
709 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
710 aodh_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]}
711 gnocchi_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]}
712 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
713 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
714 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
717 template: "['SUBNET']"
719 SUBNET: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
720 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
721 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
722 redis_vip: {get_param: RedisVirtualIP}
723 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
724 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
725 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
726 mysql_virtual_ip: {get_param: MysqlVirtualIP}
727 ceph_cluster_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
728 ceph_public_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
729 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
730 ironic_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]}
732 # Map heat metadata into hiera datafiles
734 type: OS::Heat::StructuredConfig
736 group: os-apply-config
741 - heat_config_%{::deploy_config_name}
742 - controller_extraconfig
748 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
749 - ceph_cluster # provided by CephClusterConfig
751 - bootstrap_node # provided by BootstrapNodeConfig
752 - all_nodes # provided by allNodesConfig
753 - vip_data # provided by vip-config
757 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
758 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
759 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
760 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
761 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
762 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
763 - midonet_data #Optionally provided by AllNodesExtraConfig
764 merge_behavior: deeper
767 mapped_data: {get_param: ServiceConfigSettings}
768 controller_extraconfig:
771 - {get_param: controllerExtraConfig}
772 - {get_param: ControllerExtraConfig}
774 mapped_data: {get_param: ExtraConfig}
776 raw_data: {get_file: hieradata/common.yaml}
779 net_ip_map: {get_attr: [NetIpMap, net_ip_map]}
780 net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]}
781 net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]}
783 raw_data: {get_file: hieradata/ceph.yaml}
785 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
786 ceph::profile::params::public_network: {get_input: ceph_public_network}
787 ceph::profile::params::public_addr: {get_input: ceph_public_ip}
789 raw_data: {get_file: hieradata/database.yaml}
791 raw_data: {get_file: hieradata/object.yaml}
793 raw_data: {get_file: hieradata/controller.yaml}
794 mapped_data: # data supplied directly to this deployment configuration, etc
795 bootstack_nodeid: {get_input: bootstack_nodeid}
798 enable_fencing: {get_input: enable_fencing}
799 enable_load_balancer: {get_input: enable_load_balancer}
800 hacluster_pwd: {get_input: pcsd_password}
801 corosync_ipv6: {get_input: corosync_ipv6}
802 tripleo::fencing::config: {get_input: fencing_config}
805 # FIXME: need to move proxy_local_net_ip into swift-proxy.yaml
806 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
807 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
808 swift::swift_hash_path_suffix: {get_input: swift_hash_suffix}
809 tripleo::ringbuilder::build_ring: { get_input: swift_ring_build }
810 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
811 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
812 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
815 tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: {get_input: cinder_iscsi_network}
816 cinder::api::bind_host: {get_input: cinder_api_network}
817 cinder::keystone::auth::public_url: {get_input: cinder_public_url }
818 cinder::keystone::auth::internal_url: {get_input: cinder_internal_url }
819 cinder::keystone::auth::admin_url: {get_input: cinder_admin_url }
820 cinder::keystone::auth::public_url_v2: {get_input: cinder_public_url_v2 }
821 cinder::keystone::auth::internal_url_v2: {get_input: cinder_internal_url_v2 }
822 cinder::keystone::auth::admin_url_v2: {get_input: cinder_admin_url_v2 }
823 cinder::keystone::auth::password: {get_input: cinder_password }
824 cinder::keystone::auth::region: {get_input: keystone_region}
827 glance::api::bind_host: {get_input: glance_api_network}
828 glance::registry::bind_host: {get_input: glance_registry_network}
829 glance::keystone::auth::region: {get_input: keystone_region}
832 heat::api::bind_host: {get_input: heat_api_network}
833 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
834 heat::api_cfn::bind_host: {get_input: heat_api_network}
835 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
838 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
839 keystone::public_bind_host: {get_input: keystone_public_api_network}
840 keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
841 keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
844 mongodb::server::bind_ip: {get_input: mongo_db_network}
847 admin_password: {get_input: admin_password}
848 enable_galera: {get_input: enable_galera}
849 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
850 mysql_max_connections: {get_input: mysql_max_connections}
851 mysql::server::root_password: {get_input: mysql_root_password}
852 mysql_clustercheck_password: {get_input: mysql_clustercheck_password}
853 mysql_cluster_name: {get_input: mysql_cluster_name}
854 mysql_bind_host: {get_input: mysql_network}
855 mysql_virtual_ip: {get_input: mysql_virtual_ip}
858 neutron::bind_host: {get_input: neutron_api_network}
859 neutron::network_device_mtu: {get_input: neutron_tenant_mtu}
860 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
861 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
862 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
863 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
864 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
865 neutron::keystone::auth::password: {get_input: neutron_password }
866 neutron::keystone::auth::region: {get_input: keystone_region}
869 ceilometer_backend: {get_input: ceilometer_backend}
870 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
871 ceilometer::telemetry_secret: {get_input: ceilometer_metering_secret}
872 ceilometer::rabbit_userid: {get_input: rabbit_username}
873 ceilometer::rabbit_password: {get_input: rabbit_password}
874 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
875 ceilometer::rabbit_port: {get_input: rabbit_client_port}
876 ceilometer::debug: {get_input: debug}
877 ceilometer::api::host: {get_input: ceilometer_api_network}
878 ceilometer::api::keystone_password: {get_input: ceilometer_password}
879 ceilometer::api::auth_uri: {get_input: keystone_auth_uri}
880 ceilometer::api::identity_uri: {get_input: keystone_identity_uri}
881 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
882 ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url}
883 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
884 ceilometer::agent::notification::store_events: {get_input: ceilometer_store_events}
885 ceilometer::db::mysql::password: {get_input: ceilometer_password}
886 ceilometer::collector::meter_dispatcher: {get_input: ceilometer_meter_dispatcher}
887 ceilometer::dispatcher::gnocchi::url: {get_input: gnocchi_internal_url }
888 ceilometer::dispatcher::gnocchi::filter_project: 'service'
889 ceilometer::dispatcher::gnocchi::archive_policy: 'low'
890 ceilometer::dispatcher::gnocchi::resources_definition_file: 'gnocchi_resources.yaml'
891 ceilometer::keystone::auth::public_url: {get_input: ceilometer_public_url }
892 ceilometer::keystone::auth::internal_url: {get_input: ceilometer_internal_url }
893 ceilometer::keystone::auth::admin_url: {get_input: ceilometer_admin_url }
894 ceilometer::keystone::auth::password: {get_input: ceilometer_password }
895 ceilometer::keystone::auth::region: {get_input: keystone_region}
896 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
897 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
900 aodh_mysql_conn_string: {get_input: aodh_dsn}
901 aodh::rabbit_userid: {get_input: rabbit_username}
902 aodh::rabbit_password: {get_input: rabbit_password}
903 aodh::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
904 aodh::rabbit_port: {get_input: rabbit_client_port}
905 aodh::debug: {get_input: debug}
906 aodh::wsgi::apache::ssl: false
907 aodh::wsgi::apache::bind_host: {get_input: aodh_api_network}
908 aodh::api::service_name: 'httpd'
909 aodh::api::host: {get_input: aodh_api_network}
910 aodh::api::keystone_password: {get_input: aodh_password}
911 aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri}
912 aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri}
913 aodh::auth::auth_url: {get_input: keystone_auth_uri}
914 aodh::auth::auth_password: {get_input: aodh_password}
915 aodh::db::mysql::password: {get_input: aodh_password}
916 # for a migration path from ceilometer-alarm to aodh, we use the same database & coordination
917 aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url}
918 aodh::keystone::auth::public_url: {get_input: aodh_public_url }
919 aodh::keystone::auth::internal_url: {get_input: aodh_internal_url }
920 aodh::keystone::auth::admin_url: {get_input: aodh_admin_url }
921 aodh::keystone::auth::password: {get_input: aodh_password }
922 aodh::keystone::auth::region: {get_input: keystone_region}
925 gnocchi_backend: {get_input: gnocchi_backend}
926 gnocchi_indexer_backend: {get_input: gnocchi_indexer_backend}
927 gnocchi_mysql_conn_string: {get_input: gnocchi_dsn}
928 gnocchi::debug: {get_input: debug}
929 gnocchi::wsgi::apache::ssl: false
930 gnocchi::wsgi::apache::bind_host: {get_input: gnocchi_api_network}
931 gnocchi::api::service_name: 'httpd'
932 gnocchi::api::host: {get_input: gnocchi_api_network}
933 gnocchi::api::keystone_password: {get_input: gnocchi_password}
934 gnocchi::api::keystone_auth_uri: {get_input: keystone_auth_uri}
935 gnocchi::api::keystone_identity_uri: {get_input: keystone_identity_uri}
936 gnocchi::db::mysql::password: {get_input: gnocchi_password}
937 gnocchi::storage::swift::swift_authurl: {get_input: keystone_auth_uri}
938 gnocchi::storage::swift::swift_key: {get_input: gnocchi_password}
939 gnocchi::keystone::auth::public_url: {get_input: gnocchi_public_url }
940 gnocchi::keystone::auth::internal_url: {get_input: gnocchi_internal_url }
941 gnocchi::keystone::auth::admin_url: {get_input: gnocchi_admin_url }
942 gnocchi::keystone::auth::password: {get_input: gnocchi_password }
943 gnocchi::keystone::auth::region: {get_input: keystone_region}
946 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
947 nova::use_ipv6: {get_input: nova_ipv6}
948 nova::api::auth_uri: {get_input: keystone_auth_uri}
949 nova::api::identity_uri: {get_input: keystone_identity_uri}
950 nova::api::api_bind_address: {get_input: nova_api_network}
951 nova::api::metadata_listen: {get_input: nova_metadata_network}
952 nova::api::admin_password: {get_input: nova_password}
953 nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu}
954 nova::database_connection: {get_input: nova_dsn}
955 nova::api_database_connection: {get_input: nova_api_dsn}
956 nova::glance_api_servers: {get_input: glance_api_servers}
957 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
958 nova::api::instance_name_template: {get_input: instance_name_template}
959 nova::network::neutron::neutron_password: {get_input: neutron_password}
960 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
961 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
962 nova::vncproxy::host: {get_input: nova_api_network}
963 nova::db::mysql::password: {get_input: nova_password}
964 nova::db::mysql_api::password: {get_input: nova_password}
965 nova_enable_db_purge: {get_input: nova_enable_db_purge}
966 nova::keystone::auth::public_url: {get_input: nova_public_url}
967 nova::keystone::auth::internal_url: {get_input: nova_internal_url}
968 nova::keystone::auth::admin_url: {get_input: nova_admin_url}
969 nova::keystone::auth::password: {get_input: nova_password }
970 nova::keystone::auth::region: {get_input: keystone_region}
973 apache::mod::remoteip::proxy_ips: {get_input: horizon_subnet}
974 apache::ip: {get_input: horizon_network}
975 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
976 horizon::django_debug: {get_input: debug}
977 horizon::secret_key: {get_input: horizon_secret}
978 horizon::bind_address: {get_input: horizon_network}
979 horizon::keystone_url: {get_input: keystone_auth_uri}
982 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
983 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
985 redis::bind: {get_input: redis_network}
986 redis_vip: {get_input: redis_vip}
988 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
989 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
991 memcached_ipv6: {get_input: memcached_ipv6}
992 memcached::listen_ip: {get_input: memcached_network}
993 control_virtual_interface: {get_input: control_virtual_interface}
994 public_virtual_interface: {get_input: public_virtual_interface}
995 tripleo::keepalived::control_virtual_interface: {get_input: control_virtual_interface}
996 tripleo::keepalived::public_virtual_interface: {get_input: public_virtual_interface}
997 tripleo::haproxy::control_virtual_interface: {get_input: control_virtual_interface}
998 tripleo::haproxy::public_virtual_interface: {get_input: public_virtual_interface}
999 tripleo::haproxy::haproxy_log_address: {get_input: haproxy_log_address}
1000 tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1001 tripleo::haproxy::haproxy_stats_user: {get_input: haproxy_stats_user}
1002 tripleo::haproxy::haproxy_stats_password: {get_input: haproxy_stats_password}
1003 tripleo::haproxy::redis_password: {get_input: redis_password}
1004 tripleo::packages::enable_install: {get_input: enable_package_install}
1005 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1007 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1008 ControllerExtraConfigPre:
1009 depends_on: ControllerDeployment
1010 type: OS::TripleO::ControllerExtraConfigPre
1012 server: {get_resource: Controller}
1014 # Hook for site-specific additional pre-deployment config,
1015 # applying to all nodes, e.g node registration/unregistration
1017 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1018 type: OS::TripleO::NodeExtraConfig
1020 server: {get_resource: Controller}
1023 type: OS::TripleO::Tasks::PackageUpdate
1026 type: OS::Heat::SoftwareDeployment
1028 name: UpdateDeployment
1029 config: {get_resource: UpdateConfig}
1030 server: {get_resource: Controller}
1033 get_param: UpdateIdentifier
1037 description: IP address of the server in the ctlplane network
1038 value: {get_attr: [Controller, networks, ctlplane, 0]}
1039 external_ip_address:
1040 description: IP address of the server in the external network
1041 value: {get_attr: [ExternalPort, ip_address]}
1042 internal_api_ip_address:
1043 description: IP address of the server in the internal_api network
1044 value: {get_attr: [InternalApiPort, ip_address]}
1046 description: IP address of the server in the storage network
1047 value: {get_attr: [StoragePort, ip_address]}
1048 storage_mgmt_ip_address:
1049 description: IP address of the server in the storage_mgmt network
1050 value: {get_attr: [StorageMgmtPort, ip_address]}
1052 description: IP address of the server in the tenant network
1053 value: {get_attr: [TenantPort, ip_address]}
1054 management_ip_address:
1055 description: IP address of the server in the management network
1056 value: {get_attr: [ManagementPort, ip_address]}
1058 description: Hostname of the server
1059 value: {get_attr: [Controller, name]}
1062 Server's IP address and hostname in the /etc/hosts format
1066 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
1067 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
1068 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
1069 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
1070 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
1071 TENANTIP TENANTHOST.DOMAIN TENANTHOST
1072 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
1074 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1075 DOMAIN: {get_param: CloudDomain}
1076 PRIMARYHOST: {get_attr: [Controller, name]}
1077 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
1081 - - {get_attr: [Controller, name]}
1083 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
1087 - - {get_attr: [Controller, name]}
1089 STORAGEIP: {get_attr: [StoragePort, ip_address]}
1093 - - {get_attr: [Controller, name]}
1095 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
1099 - - {get_attr: [Controller, name]}
1101 TENANTIP: {get_attr: [TenantPort, ip_address]}
1105 - - {get_attr: [Controller, name]}
1107 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
1111 - - {get_attr: [Controller, name]}
1113 nova_server_resource:
1114 description: Heat resource handle for the Nova compute server
1116 {get_resource: Controller}
1118 description: Swift device formatted for swift-ring-builder
1121 template: 'r1z1-IP:%PORT%/d1'
1123 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1124 swift_proxy_memcache:
1125 description: Swift proxy-memcache value
1128 template: "IP:11211"
1130 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1131 tls_key_modulus_md5:
1132 description: MD5 checksum of the TLS Key Modulus
1133 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1134 tls_cert_modulus_md5:
1135 description: MD5 checksum of the TLS Certificate Modulus
1136 value: {get_attr: [NodeTLSData, cert_modulus_md5]}