1 heat_template_version: 2015-10-15
4 OpenStack controller node configured by Puppet.
8 default: 'admin@example.com'
9 description: The email for the keystone admin account.
13 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
17 description: The keystone auth secret and db password.
20 CeilometerApiVirtualIP:
25 description: The ceilometer backend type.
27 CeilometerMeteringSecret:
28 description: Secret shared by the ceilometer services.
32 description: The password for the ceilometer service and db account.
40 description: Number of workers for Ceilometer service.
45 Whether to create cron job for purging soft deleted rows in Cinder database.
47 CinderEnableNfsBackend:
49 description: Whether to enable or not the NFS backend for Cinder
51 CinderEnableIscsiBackend:
53 description: Whether to enable or not the Iscsi backend for Cinder
55 CinderEnableRbdBackend:
57 description: Whether to enable or not the Rbd backend for Cinder
61 description: The iSCSI helper to use with cinder.
63 CinderLVMLoopDeviceSize:
65 description: The size of the loopback file used by the cinder LVM driver.
67 CinderNfsMountOptions:
70 Mount options for NFS mounts used by Cinder NFS backend. Effective
71 when CinderEnableNfsBackend is true.
76 NFS servers used by Cinder NFS backend. Effective when
77 CinderEnableNfsBackend is true.
78 type: comma_delimited_list
80 description: The password for the cinder service and db account, used by cinder-api.
85 description: Contains parameters to configure Cinder backends. Typically
86 set via parameter_defaults in the resource registry.
90 description: Number of workers for Cinder service.
92 ControllerExtraConfig:
95 Controller specific hiera configuration data to inject into the cluster.
100 A network mapped list of IPs to assign to Controllers in the following form:
102 "internal_api": ["a.b.c.d", "e.f.g.h"],
106 ControlVirtualInterface:
108 description: Interface where virtual ip will be assigned.
112 description: Set to True to enable debugging on all services.
116 description: Whether to enable fencing in Pacemaker or not.
120 description: Whether to use Galera instead of regular MariaDB.
124 description: Whether to deploy a LoadBalancer on the Controller
128 description: Whether to deploy Ceph Storage (OSD) on the Controller
132 description: Whether to enable Swift Storage on the Controller
137 Additional hieradata to inject into the cluster, note that
138 ControllerExtraConfig takes precedence over ExtraConfig.
143 Pacemaker fencing configuration. The JSON should have
144 the following structure:
148 "agent": "AGENT_NAME",
149 "host_mac": "HOST_MAC_ADDRESS",
150 "params": {"PARAM_NAME": "PARAM_VALUE"}
158 "agent": "fence_xvm",
159 "host_mac": "52:54:00:aa:bb:cc",
161 "multicast_address": "225.0.0.12",
162 "port": "baremetal_0",
164 "manage_key_file": true,
165 "key_file": "/etc/fence_xvm.key",
166 "key_file_password": "abcdef"
173 description: Flavor for control nodes to request when deploying.
176 - custom_constraint: nova.flavor
177 GlanceNotifierStrategy:
178 description: Strategy to use for Glance notification queue
182 description: The filepath of the file to use for logging messages from Glance.
186 description: The password for the glance service and db account, used by the glance services.
191 description: The short name of the Glance backend to use. Should be one
192 of swift, rbd, or file
195 - allowed_values: ['swift', 'file', 'rbd']
196 GlanceFilePcmkDevice:
199 An exported storage device that should be mounted by Pacemaker
200 as Glance storage. Effective when GlanceFilePcmkManage is true.
202 GlanceFilePcmkFstype:
205 Filesystem type for Pacemaker mount used as Glance storage.
206 Effective when GlanceFilePcmkManage is true.
208 GlanceFilePcmkManage:
211 Whether to make Glance file backend a mount managed by Pacemaker.
212 Effective when GlanceBackend is 'file'.
214 GlanceFilePcmkOptions:
217 Mount options for Pacemaker mount used as Glance storage.
218 Effective when GlanceFilePcmkManage is true.
220 HAProxySyslogAddress:
222 description: Syslog address where HAproxy will send its log
226 description: Number of workers for Glance service.
229 description: The password for the Heat service and db account, used by the Heat services.
232 HeatStackDomainAdminPassword:
233 description: Password for heat_domain_admin user.
236 HeatAuthEncryptionKey:
237 description: Auth encryption key for heat-engine
242 description: A list of IP/Hostname allowed to connect to horizon
243 type: comma_delimited_list
246 description: Number of workers for Heat service.
252 Whether to create cron job for purging soft deleted rows in the Heat database.
254 description: Secret key for Django
259 default: overcloud-control
261 - custom_constraint: glance.image
263 default: 'REBUILD_PRESERVE_EPHEMERAL'
264 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
266 InstanceNameTemplate:
267 default: 'instance-%08x'
268 description: Template string to be used to generate instance names
272 description: Name of an existing Nova key pair to enable SSH access to the instances
275 - custom_constraint: nova.keypair
276 KeystoneCACertificate:
278 description: Keystone self-signed certificate authority certificate.
280 KeystoneEnableDBPurge:
283 Whether to create cron job for purging soft deleted rows in Keystone database.
285 KeystoneSigningCertificate:
287 description: Keystone certificate for verifying token validity.
291 description: Keystone key for signing tokens.
294 KeystoneSSLCertificate:
296 description: Keystone certificate for verifying token validity.
298 KeystoneSSLCertificateKey:
300 description: Keystone key for signing tokens.
303 KeystoneNotificationDriver:
304 description: Comma-separated list of Oslo notification drivers used by Keystone
305 default: ['messaging']
306 type: comma_delimited_list
307 KeystoneNotificationFormat:
308 description: The Keystone notification format
312 - allowed_values: [ 'basic', 'cadf' ]
316 description: Keystone region for endpoint
319 description: Whether to manage IPtables rules.
323 description: Whether IPtables rules should be purged before setting up the new ones.
327 description: Number of workers for Keystone service.
334 description: The password for the sahara service account, used by sahara-api.
337 MysqlClusterUniquePart:
338 description: A unique identifier of the MySQL cluster the controller is in.
340 default: 'unset' # Has to be here because of the ignored empty value bug
341 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
343 # - length: {min: 4, max: 10}
344 MysqlInnodbBufferPoolSize:
346 Specifies the size of the buffer pool in megabytes. Setting to
347 zero should be interpreted as "no value" and will defer to the
352 description: Configures MySQL max_connections config setting
358 default: '' # Has to be here because of the ignored empty value bug
359 NeutronExternalNetworkBridge:
360 description: Name of bridge used for external network traffic.
363 NeutronBridgeMappings:
365 The OVS logical->physical bridge mappings to use. See the Neutron
366 documentation for details. Defaults to mapping br-ex - the external
367 bridge on hosts - to a physical name 'datacentre' which can be used
368 to create provider networks (and we use this for the default floating
369 network) - if changing this either use different post-install network
370 scripts or be sure to keep 'datacentre' as a mapping network name.
371 type: comma_delimited_list
372 default: "datacentre:br-ex"
373 NeutronDnsmasqOptions:
374 default: 'dhcp-option-force=26,1400'
375 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
377 NeutronEnableDHCPAgent:
378 description: Knob to enable/disable DHCP Agent
381 NeutronEnableL3Agent:
382 description: Knob to enable/disable L3 agent
385 NeutronEnableMetadataAgent:
386 description: Knob to enable/disable Metadata agent
389 NeutronEnableOVSAgent:
390 description: Knob to enable/disable OVS Agent
395 description: Agent mode for the neutron-l3-agent on the controller hosts
399 description: Whether to enable l3-agent HA
401 NeutronDhcpAgentsPerNetwork:
404 description: The number of neutron dhcp agents to schedule per network
407 description: Whether to configure Neutron Distributed Virtual Routers
409 NeutronMetadataProxySharedSecret:
410 description: Shared secret to prevent spoofing
416 The core plugin for Neutron. The value should be the entrypoint to be loaded
417 from neutron.core_plugins namespace.
419 NeutronServicePlugins:
420 default: "router,qos"
422 Comma-separated list of service plugin entrypoints to be loaded from the
423 neutron.service_plugins namespace.
424 type: comma_delimited_list
426 default: "vxlan,vlan,flat,gre"
428 Comma-separated list of network type driver entrypoints to be loaded.
429 type: comma_delimited_list
430 NeutronMechanismDrivers:
431 default: 'openvswitch'
433 The mechanism drivers for the Neutron tenant network.
434 type: comma_delimited_list
435 NeutronAllowL3AgentFailover:
437 description: Allow automatic l3-agent failover
439 NeutronEnableIsolatedMetadata:
441 description: If True, DHCP provide metadata route to VM.
443 NeutronEnableTunnelling:
449 Enable/disable the L2 population feature in the Neutron agents.
452 type: comma_delimited_list
453 default: 'datacentre'
454 description: If set, flat networks to configure in neutron plugins.
457 description: Whether to enable l3-agent HA
461 description: The tenant network type for Neutron.
462 type: comma_delimited_list
463 NeutronNetworkVLANRanges:
464 default: 'datacentre:1:1000'
466 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
467 Neutron documentation for permitted values. Defaults to permitting any
468 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
469 type: comma_delimited_list
471 description: The password for the neutron service and db account, used by neutron agents.
474 NeutronPublicInterface:
476 description: What interface to bridge onto br-ex for network nodes.
478 NeutronPublicInterfaceTag:
481 VLAN tag for creating a public VLAN. The tag will be used to
482 create an access port on the exterior bridge for each control plane node,
483 and that port will be given the IP address returned by neutron from the
484 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
485 overcloud.yaml to include the deployment of VLAN ports to the control
488 NeutronPublicInterfaceDefaultRoute:
490 description: A custom default route for the NeutronPublicInterface.
492 NeutronPublicInterfaceIP:
494 description: A custom IP address to put onto the NeutronPublicInterface.
496 NeutronPublicInterfaceRawDevice:
498 description: If set, the public interface is a vlan with this device as the raw device.
502 The default MTU for tenant networks. For VXLAN/GRE tunneling, this should
503 be at least 50 bytes smaller than the MTU on the physical network. This
504 value will be used to set the MTU on the virtual Ethernet device.
505 This number is related to the value of NeutronDnsmasqOptions, since that
506 will determine the MTU that is assigned to the VM host through DHCP.
512 The tunnel types for the Neutron tenant network.
513 type: comma_delimited_list
514 NeutronTunnelIdRanges:
516 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
517 of GRE tunnel IDs that are available for tenant network allocation
518 default: ["1:4094", ]
519 type: comma_delimited_list
522 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
523 of VXLAN VNI IDs that are available for tenant network allocation
524 default: ["1:4094", ]
525 type: comma_delimited_list
526 NeutronPluginExtensions:
527 default: "qos,port_security"
529 Comma-separated list of extensions enabled for the Neutron plugin.
530 type: comma_delimited_list
531 NeutronAgentExtensions:
534 Comma-separated list of extensions enabled for the Neutron agents.
535 type: comma_delimited_list
541 description: Number of workers for Neutron service.
546 Whether to create cron job for purging soft deleted rows in Nova database.
549 description: The password for the nova service and db account, used by nova-api.
554 description: Number of workers for Nova service.
558 description: Should MongoDb journaling be disabled
562 description: Comma-separated list of ntp servers
563 type: comma_delimited_list
566 description: The password for the 'pcsd' user.
568 PublicVirtualInterface:
571 Specifies the interface where the public-facing virtual ip will be assigned.
572 This should be int_public when a VLAN is being used.
576 default: '' # Has to be here because of the ignored empty value bug
579 default: '' # Has to be here because of the ignored empty value bug
583 description: The password for RabbitMQ
588 description: The username for RabbitMQ
593 Rabbit client subscriber parameter to specify
594 an SSL connection to the RabbitMQ host.
598 description: Set rabbit subscriber port, change this if using SSL
602 description: Configures RabbitMQ FD limit
606 default: '' # Has to be here because of the ignored empty value bug
607 SnmpdReadonlyUserName:
608 default: ro_snmp_user
609 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
611 SnmpdReadonlyUserPassword:
612 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
616 description: A random string to be used as a salt when hashing to determine mappings
622 description: Value of mount_check in Swift account/container/object -server.conf
627 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
630 description: Partition Power to use when building Swift rings
633 description: The password for the swift service account, used by the swift proxy
643 description: How many replicas to use in the swift rings.
646 description: Number of workers for Swift service.
650 description: The timezone to be set on controller nodes.
652 UpgradeLevelNovaCompute:
654 description: Nova Compute upgrade level
656 VirtualIP: # DEPRECATED: use per service settings instead
658 default: '' # Has to be here because of the ignored empty value bug
665 GlanceRegistryVirtualIP:
671 KeystoneAdminApiVirtualIP:
674 KeystonePublicApiVirtualIP:
680 EnablePackageInstall:
682 description: Set to true to enable package installation via Puppet
686 description: Mapping of service_name -> network name. Typically set
687 via parameter_defaults in the resource registry.
691 description: Mapping of service endpoint -> protocol. Typically set
692 via parameter_defaults in the resource registry.
698 Setting to a previously unused value during stack-update will trigger
699 package update on all nodes
702 default: '' # Defaults to Heat created hostname
706 description: Optional mapping to override hostnames
707 NetworkDeploymentActions:
708 type: comma_delimited_list
710 Heat action when to apply network configuration changes
715 SoftwareConfigTransport:
716 default: POLL_SERVER_CFN
718 How the server should receive the metadata required for software configuration.
721 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
726 The DNS domain used for the hosts. This should match the dhcp_domain
727 configured in the Undercloud neutron. Defaults to localdomain.
731 Extra properties or metadata passed to Nova for the created nodes in
732 the overcloud. It's accessible via the Nova metadata API.
736 description: Optional scheduler hints to pass to nova
742 type: OS::Nova::Server
744 image: {get_param: Image}
745 image_update_policy: {get_param: ImageUpdatePolicy}
746 flavor: {get_param: Flavor}
747 key_name: {get_param: KeyName}
750 user_data_format: SOFTWARE_CONFIG
751 user_data: {get_resource: UserData}
754 template: {get_param: Hostname}
755 params: {get_param: HostnameMap}
756 software_config_transport: {get_param: SoftwareConfigTransport}
757 metadata: {get_param: ServerMetadata}
758 scheduler_hints: {get_param: SchedulerHints}
760 # Combine the NodeAdminUserData and NodeUserData mime archives
762 type: OS::Heat::MultipartMime
765 - config: {get_resource: NodeAdminUserData}
767 - config: {get_resource: NodeUserData}
770 # Creates the "heat-admin" user if configured via the environment
771 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
773 type: OS::TripleO::NodeAdminUserData
775 # For optional operator additional userdata
776 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
778 type: OS::TripleO::NodeUserData
781 type: OS::TripleO::Controller::Ports::ExternalPort
783 IPPool: {get_param: ControllerIPs}
784 NodeIndex: {get_param: NodeIndex}
785 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
788 type: OS::TripleO::Controller::Ports::InternalApiPort
790 IPPool: {get_param: ControllerIPs}
791 NodeIndex: {get_param: NodeIndex}
792 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
795 type: OS::TripleO::Controller::Ports::StoragePort
797 IPPool: {get_param: ControllerIPs}
798 NodeIndex: {get_param: NodeIndex}
799 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
802 type: OS::TripleO::Controller::Ports::StorageMgmtPort
804 IPPool: {get_param: ControllerIPs}
805 NodeIndex: {get_param: NodeIndex}
806 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
809 type: OS::TripleO::Controller::Ports::TenantPort
811 IPPool: {get_param: ControllerIPs}
812 NodeIndex: {get_param: NodeIndex}
813 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
816 type: OS::TripleO::Controller::Ports::ManagementPort
818 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
821 type: OS::TripleO::Network::Ports::NetIpMap
823 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
824 ExternalIp: {get_attr: [ExternalPort, ip_address]}
825 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
826 StorageIp: {get_attr: [StoragePort, ip_address]}
827 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
828 TenantIp: {get_attr: [TenantPort, ip_address]}
829 ManagementIp: {get_attr: [ManagementPort, ip_address]}
832 type: OS::TripleO::Network::Ports::NetIpSubnetMap
834 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
835 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
836 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
837 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
838 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
839 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
840 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
843 type: OS::TripleO::Controller::Net::SoftwareConfig
845 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
846 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
847 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
848 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
849 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
850 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
851 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
854 type: OS::TripleO::SoftwareDeployment
856 name: NetworkDeployment
857 config: {get_resource: NetworkConfig}
858 server: {get_resource: Controller}
859 actions: {get_param: NetworkDeploymentActions}
862 interface_name: {get_param: NeutronPublicInterface}
864 # Resource for site-specific injection of root certificate
866 depends_on: NetworkDeployment
867 type: OS::TripleO::NodeTLSCAData
869 server: {get_resource: Controller}
871 # Resource for site-specific passing of private keys/certificates
873 depends_on: NodeTLSCAData
874 type: OS::TripleO::NodeTLSData
876 server: {get_resource: Controller}
877 NodeIndex: {get_param: NodeIndex}
880 ControllerDeployment:
881 type: OS::TripleO::SoftwareDeployment
882 depends_on: NetworkDeployment
884 name: ControllerDeployment
885 config: {get_resource: ControllerConfig}
886 server: {get_resource: Controller}
888 bootstack_nodeid: {get_attr: [Controller, name]}
889 ceilometer_workers: {get_param: CeilometerWorkers}
890 cinder_workers: {get_param: CinderWorkers}
891 glance_workers: {get_param: GlanceWorkers}
892 heat_workers: {get_param: HeatWorkers}
893 keystone_workers: {get_param: KeystoneWorkers}
894 nova_workers: {get_param: NovaWorkers}
895 neutron_workers: {get_param: NeutronWorkers}
896 swift_workers: {get_param: SwiftWorkers}
897 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
898 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
899 neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
900 haproxy_log_address: {get_param: HAProxySyslogAddress}
901 heat.watch_server_url:
905 - {get_param: HeatApiVirtualIP}
907 heat.metadata_server_url:
911 - {get_param: HeatApiVirtualIP}
913 heat.waitcondition_server_url:
917 - {get_param: HeatApiVirtualIP}
918 - ':8000/v1/waitcondition'
919 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
920 heat_enable_db_purge: {get_param: HeatEnableDBPurge}
921 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
922 horizon_secret: {get_param: HorizonSecret}
923 admin_email: {get_param: AdminEmail}
924 admin_password: {get_param: AdminPassword}
925 admin_token: {get_param: AdminToken}
926 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
927 debug: {get_param: Debug}
928 cinder_enable_db_purge: {get_param: CinderEnableDBPurge}
929 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
930 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
931 cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
936 SERVERS: {get_param: CinderNfsServers}
937 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
938 cinder_password: {get_param: CinderPassword}
939 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
940 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
941 cinder_backend_config: {get_param: CinderBackendConfig}
945 - - 'mysql+pymysql://cinder:'
946 - {get_param: CinderPassword}
948 - {get_param: MysqlVirtualIP}
950 glance_port: {get_param: [EndpointMap, GlanceInternal, port]}
951 glance_password: {get_param: GlancePassword}
952 glance_backend: {get_param: GlanceBackend}
953 glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice}
954 glance_file_pcmk_fstype: {get_param: GlanceFilePcmkFstype}
955 glance_file_pcmk_manage: {get_param: GlanceFilePcmkManage}
956 glance_file_pcmk_options: {get_param: GlanceFilePcmkOptions}
957 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
958 glance_log_file: {get_param: GlanceLogFile}
962 - - 'mysql+pymysql://glance:'
963 - {get_param: GlancePassword}
965 - {get_param: MysqlVirtualIP}
967 heat_password: {get_param: HeatPassword}
968 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
972 - - 'mysql+pymysql://heat:'
973 - {get_param: HeatPassword}
975 - {get_param: MysqlVirtualIP}
977 keystone_ca_certificate: {get_param: KeystoneCACertificate}
978 keystone_signing_key: {get_param: KeystoneSigningKey}
979 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
980 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
981 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
982 keystone_notification_driver: {get_param: KeystoneNotificationDriver}
983 keystone_notification_format: {get_param: KeystoneNotificationFormat}
984 keystone_enable_db_purge: {get_param: KeystoneEnableDBPurge}
988 - - 'mysql+pymysql://keystone:'
989 - {get_param: AdminToken}
991 - {get_param: MysqlVirtualIP}
993 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
994 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
995 keystone_public_url: { get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
996 keystone_internal_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
997 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
998 enable_fencing: {get_param: EnableFencing}
999 enable_galera: {get_param: EnableGalera}
1000 enable_load_balancer: {get_param: EnableLoadBalancer}
1001 enable_ceph_storage: {get_param: EnableCephStorage}
1002 enable_swift_storage: {get_param: EnableSwiftStorage}
1003 manage_firewall: {get_param: ManageFirewall}
1004 purge_firewall_rules: {get_param: PurgeFirewallRules}
1005 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
1006 mysql_max_connections: {get_param: MysqlMaxConnections}
1007 mysql_root_password: {get_param: MysqlRootPassword}
1010 template: tripleo-CLUSTER
1012 CLUSTER: {get_param: MysqlClusterUniquePart}
1013 neutron_flat_networks:
1017 NETWORKS: {get_param: NeutronFlatNetworks}
1018 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
1019 neutron_agent_mode: {get_param: NeutronAgentMode}
1020 neutron_router_distributed: {get_param: NeutronDVR}
1021 neutron_core_plugin: {get_param: NeutronCorePlugin}
1022 neutron_service_plugins:
1026 PLUGINS: {get_param: NeutronServicePlugins}
1027 neutron_type_drivers:
1031 DRIVERS: {get_param: NeutronTypeDrivers}
1032 neutron_enable_dhcp_agent: {get_param: NeutronEnableDHCPAgent}
1033 neutron_enable_l3_agent: {get_param: NeutronEnableL3Agent}
1034 neutron_enable_metadata_agent: {get_param: NeutronEnableMetadataAgent}
1035 neutron_enable_ovs_agent: {get_param: NeutronEnableOVSAgent}
1036 neutron_mechanism_drivers:
1038 template: MECHANISMS
1040 MECHANISMS: {get_param: NeutronMechanismDrivers}
1041 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
1042 neutron_l3_ha: {get_param: NeutronL3HA}
1043 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
1044 neutron_network_vlan_ranges:
1048 RANGES: {get_param: NeutronNetworkVLANRanges}
1049 neutron_bridge_mappings:
1053 MAPPINGS: {get_param: NeutronBridgeMappings}
1054 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
1055 neutron_public_interface: {get_param: NeutronPublicInterface}
1056 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
1057 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
1058 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
1059 neutron_tunnel_id_ranges:
1063 RANGES: {get_param: NeutronTunnelIdRanges}
1068 RANGES: {get_param: NeutronVniRanges}
1069 neutron_tenant_network_types:
1073 TYPES: {get_param: NeutronNetworkType}
1074 neutron_tunnel_types:
1078 TYPES: {get_param: NeutronTunnelTypes}
1079 neutron_plugin_extensions:
1081 template: PLUGIN_EXTENSIONS
1083 PLUGIN_EXTENSIONS: {get_param: NeutronPluginExtensions}
1084 neutron_agent_extensions:
1086 template: AGENT_EXTENSIONS
1088 AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
1089 neutron_password: {get_param: NeutronPassword}
1090 neutron_tenant_mtu: {get_param: NeutronTenantMtu}
1091 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
1095 - - 'mysql+pymysql://neutron:'
1096 - {get_param: NeutronPassword}
1098 - {get_param: MysqlVirtualIP}
1099 - '/ovs_neutron?charset=utf8'
1100 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
1101 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
1102 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
1103 neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
1104 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
1105 ceilometer_backend: {get_param: CeilometerBackend}
1106 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
1107 ceilometer_password: {get_param: CeilometerPassword}
1108 ceilometer_coordination_url:
1112 - {get_param: RedisVirtualIP}
1117 - - 'mysql+pymysql://ceilometer:'
1118 - {get_param: CeilometerPassword}
1120 - {get_param: MysqlVirtualIP}
1122 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
1123 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
1124 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
1125 nova_password: {get_param: NovaPassword}
1129 - - 'mysql+pymysql://nova:'
1130 - {get_param: NovaPassword}
1132 - {get_param: MysqlVirtualIP}
1137 - - 'mysql+pymysql://nova_api:'
1138 - {get_param: NovaPassword}
1140 - {get_param: MysqlVirtualIP}
1142 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
1143 instance_name_template: {get_param: InstanceNameTemplate}
1144 fencing_config: {get_param: FencingConfig}
1145 pcsd_password: {get_param: PcsdPassword}
1146 rabbit_username: {get_param: RabbitUserName}
1147 rabbit_password: {get_param: RabbitPassword}
1148 rabbit_cookie: {get_param: RabbitCookie}
1149 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
1150 rabbit_client_port: {get_param: RabbitClientPort}
1151 mongodb_no_journal: {get_param: MongoDbNoJournal}
1152 # We need to force this into quotes or hiera will return integer causing
1153 # the puppet module validation regexp to fail.
1154 # Remove when: https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/401
1159 LIMIT: {get_param: RabbitFDLimit}
1160 ntp_servers: {get_param: NtpServer}
1161 timezone: {get_param: TimeZone}
1162 control_virtual_interface: {get_param: ControlVirtualInterface}
1163 public_virtual_interface: {get_param: PublicVirtualInterface}
1164 swift_hash_suffix: {get_param: SwiftHashSuffix}
1165 swift_password: {get_param: SwiftPassword}
1166 swift_part_power: {get_param: SwiftPartPower}
1167 swift_replicas: {get_param: SwiftReplicas}
1168 swift_min_part_hours: {get_param: SwiftMinPartHours}
1169 swift_mount_check: {get_param: SwiftMountCheck}
1170 enable_package_install: {get_param: EnablePackageInstall}
1171 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
1172 sahara_password: {get_param: SaharaPassword}
1176 - - 'mysql://sahara:'
1177 - {get_param: SaharaPassword}
1179 - {get_param: MysqlVirtualIP}
1181 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
1182 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1183 cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
1184 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
1185 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
1186 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
1187 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
1188 glance_registry_host: {get_param: GlanceRegistryVirtualIP}
1189 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
1190 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
1191 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
1192 keystone_region: {get_param: KeystoneRegion}
1193 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
1194 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
1195 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
1196 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
1197 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
1198 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
1199 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
1200 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
1201 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
1202 redis_vip: {get_param: RedisVirtualIP}
1203 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
1204 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1205 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
1206 mysql_virtual_ip: {get_param: MysqlVirtualIP}
1207 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
1208 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1209 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1211 # Map heat metadata into hiera datafiles
1213 type: OS::Heat::StructuredConfig
1215 group: os-apply-config
1220 - heat_config_%{::deploy_config_name}
1221 - controller_extraconfig
1226 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
1227 - ceph_cluster # provided by CephClusterConfig
1229 - bootstrap_node # provided by BootstrapNodeConfig
1230 - all_nodes # provided by allNodesConfig
1231 - vip_data # provided by vip-config
1234 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
1235 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
1236 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
1237 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
1238 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
1239 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
1240 - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
1241 - midonet_data #Optionally provided by AllNodesExtraConfig
1242 - neutron_opencontrail_data # Optionally provided by ControllerExtraConfigPre
1244 controller_extraconfig:
1245 mapped_data: {get_param: ControllerExtraConfig}
1247 mapped_data: {get_param: ExtraConfig}
1249 raw_data: {get_file: hieradata/common.yaml}
1251 raw_data: {get_file: hieradata/ceph.yaml}
1253 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
1254 ceph::profile::params::public_network: {get_input: ceph_public_network}
1255 ceph::mon::public_addr: {get_input: ceph_public_ip}
1257 raw_data: {get_file: hieradata/database.yaml}
1259 raw_data: {get_file: hieradata/object.yaml}
1261 raw_data: {get_file: hieradata/controller.yaml}
1262 mapped_data: # data supplied directly to this deployment configuration, etc
1263 bootstack_nodeid: {get_input: bootstack_nodeid}
1266 enable_fencing: {get_input: enable_fencing}
1267 enable_load_balancer: {get_input: enable_load_balancer}
1268 hacluster_pwd: {get_input: pcsd_password}
1269 tripleo::fencing::config: {get_input: fencing_config}
1272 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
1273 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
1274 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
1275 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
1276 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
1277 swift::proxy::authtoken::admin_password: {get_input: swift_password}
1278 swift::proxy::workers: {get_input: swift_workers}
1279 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
1280 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
1281 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
1282 swift_mount_check: {get_input: swift_mount_check}
1284 # NOTE(dprince): build_ring support is currently not wired in.
1285 # See: https://review.openstack.org/#/c/109225/
1286 tripleo::ringbuilder::build_ring: True
1289 cinder_enable_db_purge: {get_input: cinder_enable_db_purge}
1290 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
1291 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
1292 cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
1293 cinder_nfs_servers: {get_input: cinder_nfs_servers}
1294 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
1295 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
1296 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
1297 cinder::database_connection: {get_input: cinder_dsn}
1298 cinder::api::keystone_password: {get_input: cinder_password}
1299 cinder::api::auth_uri: {get_input: keystone_auth_uri}
1300 cinder::api::identity_uri: {get_input: keystone_identity_uri}
1301 cinder::api::bind_host: {get_input: cinder_api_network}
1302 cinder::rabbit_userid: {get_input: rabbit_username}
1303 cinder::rabbit_password: {get_input: rabbit_password}
1304 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1305 cinder::rabbit_port: {get_input: rabbit_client_port}
1306 cinder::debug: {get_input: debug}
1307 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
1308 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
1309 cinder_backend_config: {get_input: CinderBackendConfig}
1310 cinder::db::mysql::password: {get_input: cinder_password}
1313 glance::api::bind_port: {get_input: glance_port}
1314 glance::api::bind_host: {get_input: glance_api_network}
1315 glance::api::auth_uri: {get_input: keystone_auth_uri}
1316 glance::api::identity_uri: {get_input: keystone_identity_uri}
1317 glance::api::registry_host: {get_input: glance_registry_host}
1318 glance::api::keystone_password: {get_input: glance_password}
1319 glance::api::debug: {get_input: debug}
1320 glance::api::workers: {get_input: glance_workers}
1321 glance_notifier_strategy: {get_input: glance_notifier_strategy}
1322 glance_log_file: {get_input: glance_log_file}
1323 glance_log_file: {get_input: glance_log_file}
1324 glance::api::database_connection: {get_input: glance_dsn}
1325 glance::registry::keystone_password: {get_input: glance_password}
1326 glance::registry::database_connection: {get_input: glance_dsn}
1327 glance::registry::bind_host: {get_input: glance_registry_network}
1328 glance::registry::auth_uri: {get_input: keystone_auth_uri}
1329 glance::registry::identity_uri: {get_input: keystone_identity_uri}
1330 glance::registry::debug: {get_input: debug}
1331 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_uri}
1332 glance::registry::workers: {get_input: glance_workers}
1333 glance::backend::swift::swift_store_user: service:glance
1334 glance::backend::swift::swift_store_key: {get_input: glance_password}
1335 glance_backend: {get_input: glance_backend}
1336 glance::db::mysql::password: {get_input: glance_password}
1337 glance_file_pcmk_device: {get_input: glance_file_pcmk_device}
1338 glance_file_pcmk_fstype: {get_input: glance_file_pcmk_fstype}
1339 glance_file_pcmk_manage: {get_input: glance_file_pcmk_manage}
1340 glance_file_pcmk_options: {get_input: glance_file_pcmk_options}
1341 glance::notify::rabbitmq::rabbit_userid: {get_input: rabbit_username}
1342 glance::notify::rabbitmq::rabbit_password: {get_input: rabbit_password}
1343 glance::notify::rabbitmq::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1346 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
1347 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
1348 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
1349 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
1350 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
1351 heat::rabbit_userid: {get_input: rabbit_username}
1352 heat::rabbit_password: {get_input: rabbit_password}
1353 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1354 heat::rabbit_port: {get_input: rabbit_client_port}
1355 heat::auth_uri: {get_input: keystone_auth_uri}
1356 heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
1357 heat::identity_uri: {get_input: keystone_identity_uri}
1358 heat::keystone_password: {get_input: heat_password}
1359 heat::api::bind_host: {get_input: heat_api_network}
1360 heat::api::workers: {get_input: heat_workers}
1361 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
1362 heat::api_cloudwatch::workers: {get_input: heat_workers}
1363 heat::api_cfn::bind_host: {get_input: heat_api_network}
1364 heat::api_cfn::workers: {get_input: heat_workers}
1365 heat::database_connection: {get_input: heat_dsn}
1366 heat::debug: {get_input: debug}
1367 heat::db::mysql::password: {get_input: heat_password}
1368 heat_enable_db_purge: {get_input: heat_enable_db_purge}
1371 keystone::admin_token: {get_input: admin_token}
1372 keystone_ca_certificate: {get_input: keystone_ca_certificate}
1373 keystone_signing_key: {get_input: keystone_signing_key}
1374 keystone_signing_certificate: {get_input: keystone_signing_certificate}
1375 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
1376 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
1377 keystone::database_connection: {get_input: keystone_dsn}
1378 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
1379 keystone::public_bind_host: {get_input: keystone_public_api_network}
1380 keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
1381 keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
1382 keystone::debug: {get_input: debug}
1383 keystone::db::mysql::password: {get_input: admin_token}
1384 keystone::rabbit_userid: {get_input: rabbit_username}
1385 keystone::rabbit_password: {get_input: rabbit_password}
1386 keystone::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1387 keystone::rabbit_port: {get_input: rabbit_client_port}
1388 keystone::notification_driver: {get_input: keystone_notification_driver}
1389 keystone::notification_format: {get_input: keystone_notification_format}
1390 keystone::roles::admin::email: {get_input: admin_email}
1391 keystone::roles::admin::password: {get_input: admin_password}
1392 keystone::endpoint::public_url: {get_input: keystone_public_url}
1393 keystone::endpoint::internal_url: {get_input: keystone_internal_url}
1394 keystone::endpoint::admin_url: {get_input: keystone_identity_uri}
1395 keystone::endpoint::region: {get_input: keystone_region}
1396 keystone::admin_workers: {get_input: keystone_workers}
1397 keystone::public_workers: {get_input: keystone_workers}
1398 keystone_enable_db_purge: {get_input: keystone_enable_db_purge}
1399 keystone::public_endpoint: {get_input: keystone_public_url}
1401 mongodb::server::bind_ip: {get_input: mongo_db_network}
1402 mongodb::server::nojournal: {get_input: mongodb_no_journal}
1404 admin_password: {get_input: admin_password}
1405 enable_galera: {get_input: enable_galera}
1406 enable_ceph_storage: {get_input: enable_ceph_storage}
1407 enable_swift_storage: {get_input: enable_swift_storage}
1408 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
1409 mysql_max_connections: {get_input: mysql_max_connections}
1410 mysql::server::root_password: {get_input: mysql_root_password}
1411 mysql_cluster_name: {get_input: mysql_cluster_name}
1412 mysql_bind_host: {get_input: mysql_network}
1413 mysql_virtual_ip: {get_input: mysql_virtual_ip}
1416 neutron::bind_host: {get_input: neutron_api_network}
1417 neutron::rabbit_password: {get_input: rabbit_password}
1418 neutron::rabbit_user: {get_input: rabbit_username}
1419 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1420 neutron::rabbit_port: {get_input: rabbit_client_port}
1421 neutron::debug: {get_input: debug}
1422 neutron::server::auth_uri: {get_input: keystone_auth_uri}
1423 neutron::server::identity_uri: {get_input: keystone_identity_uri}
1424 neutron::server::database_connection: {get_input: neutron_dsn}
1425 neutron::server::api_workers: {get_input: neutron_workers}
1426 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
1427 neutron::network_device_mtu: {get_input: neutron_tenant_mtu}
1428 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
1429 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
1430 neutron::agents::dhcp::enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata}
1431 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
1432 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
1433 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1434 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
1435 neutron::agents::metadata::metadata_workers: {get_input: neutron_workers}
1436 neutron_agent_mode: {get_input: neutron_agent_mode}
1437 neutron_router_distributed: {get_input: neutron_router_distributed}
1438 neutron::core_plugin: {get_input: neutron_core_plugin}
1439 neutron::service_plugins: {get_input: neutron_service_plugins}
1440 neutron::enable_dhcp_agent: {get_input: neutron_enable_dhcp_agent}
1441 neutron::enable_l3_agent: {get_input: neutron_enable_l3_agent}
1442 neutron::enable_metadata_agent: {get_input: neutron_enable_metadata_agent}
1443 neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent}
1444 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
1445 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
1446 neutron::plugins::ml2::extension_drivers: {get_input: neutron_plugin_extensions}
1447 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
1448 neutron::server::l3_ha: {get_input: neutron_l3_ha}
1449 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
1450 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
1451 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
1452 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
1453 neutron::agents::ml2::ovs::bridge_mappings: {get_input: neutron_bridge_mappings}
1454 neutron_public_interface: {get_input: neutron_public_interface}
1455 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
1456 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
1457 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
1458 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
1459 neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types}
1460 neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions}
1461 neutron::server::auth_password: {get_input: neutron_password}
1462 neutron::agents::metadata::auth_password: {get_input: neutron_password}
1463 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
1464 neutron_dsn: {get_input: neutron_dsn}
1465 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1466 neutron::db::mysql::password: {get_input: neutron_password}
1467 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
1468 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
1469 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
1470 neutron::keystone::auth::password: {get_input: neutron_password }
1471 neutron::keystone::auth::region: {get_input: keystone_region}
1472 neutron::server::notifications::nova_url: {get_input: nova_internal_url}
1473 neutron::server::notifications::auth_url: {get_input: neutron_auth_url}
1474 neutron::server::notifications::tenant_name: 'service'
1475 neutron::server::notifications::project_name: 'service'
1476 neutron::server::notifications::password: {get_input: nova_password}
1479 ceilometer_backend: {get_input: ceilometer_backend}
1480 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1481 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1482 ceilometer::rabbit_userid: {get_input: rabbit_username}
1483 ceilometer::rabbit_password: {get_input: rabbit_password}
1484 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1485 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1486 ceilometer::debug: {get_input: debug}
1487 ceilometer::api::host: {get_input: ceilometer_api_network}
1488 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1489 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1490 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1491 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1492 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
1493 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1494 ceilometer::db::mysql::password: {get_input: ceilometer_password}
1495 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1496 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1499 nova::rabbit_userid: {get_input: rabbit_username}
1500 nova::rabbit_password: {get_input: rabbit_password}
1501 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1502 nova::rabbit_port: {get_input: rabbit_client_port}
1503 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
1504 nova::debug: {get_input: debug}
1505 nova::api::auth_uri: {get_input: keystone_auth_uri}
1506 nova::api::identity_uri: {get_input: keystone_identity_uri}
1507 nova::api::api_bind_address: {get_input: nova_api_network}
1508 nova::api::metadata_listen: {get_input: nova_metadata_network}
1509 nova::api::admin_password: {get_input: nova_password}
1510 nova::api::osapi_compute_workers: {get_input: nova_workers}
1511 nova::api::ec2_workers: {get_input: nova_workers}
1512 nova::api::metadata_workers: {get_input: nova_workers}
1513 nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu}
1514 nova::database_connection: {get_input: nova_dsn}
1515 nova::api_database_connection: {get_input: nova_api_dsn}
1516 nova::glance_api_servers: {get_input: glance_api_servers}
1517 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1518 nova::api::instance_name_template: {get_input: instance_name_template}
1519 nova::network::neutron::neutron_password: {get_input: neutron_password}
1520 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1521 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
1522 nova::vncproxy::host: {get_input: nova_api_network}
1523 nova::db::mysql::password: {get_input: nova_password}
1524 nova::db::mysql_api::password: {get_input: nova_password}
1525 nova_enable_db_purge: {get_input: nova_enable_db_purge}
1528 apache::ip: {get_input: horizon_network}
1529 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1530 horizon::django_debug: {get_input: debug}
1531 horizon::secret_key: {get_input: horizon_secret}
1532 horizon::bind_address: {get_input: horizon_network}
1533 horizon::keystone_url: {get_input: keystone_auth_uri}
1536 sahara::host: {get_input: sahara_api_network}
1544 sahara::admin_password: {get_input: sahara_password}
1545 sahara::auth_uri: {get_input: keystone_auth_uri}
1546 sahara::admin_user: sahara
1547 sahara::identity_uri: {get_input: keystone_identity_uri}
1548 sahara::use_neutron: true
1549 sahara::database_connection: {get_input: sahara_dsn}
1550 sahara::debug: {get_input: debug}
1551 sahara::rpc_backend: rabbit
1552 sahara::rabbit_userid: {get_input: rabbit_username}
1553 sahara::rabbit_password: {get_input: rabbit_password}
1554 sahara::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1555 sahara::rabbit_port: {get_input: rabbit_client_port}
1556 sahara::db::mysql::password: {get_input: sahara_password}
1559 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1560 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1561 rabbitmq::file_limit: {get_input: rabbit_fd_limit}
1562 rabbitmq::default_user: {get_input: rabbit_username}
1563 rabbitmq::default_pass: {get_input: rabbit_password}
1565 redis::bind: {get_input: redis_network}
1566 redis_vip: {get_input: redis_vip}
1568 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1569 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1571 memcached::listen_ip: {get_input: memcached_network}
1572 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1573 ntp::servers: {get_input: ntp_servers}
1574 timezone::timezone: {get_input: timezone}
1575 control_virtual_interface: {get_input: control_virtual_interface}
1576 public_virtual_interface: {get_input: public_virtual_interface}
1577 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1578 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1579 tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address}
1580 tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1581 tripleo::packages::enable_install: {get_input: enable_package_install}
1582 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1584 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1585 ControllerExtraConfigPre:
1586 depends_on: ControllerDeployment
1587 type: OS::TripleO::ControllerExtraConfigPre
1589 server: {get_resource: Controller}
1591 # Hook for site-specific additional pre-deployment config,
1592 # applying to all nodes, e.g node registration/unregistration
1594 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1595 type: OS::TripleO::NodeExtraConfig
1597 server: {get_resource: Controller}
1600 type: OS::TripleO::Tasks::PackageUpdate
1603 type: OS::Heat::SoftwareDeployment
1605 name: UpdateDeployment
1606 config: {get_resource: UpdateConfig}
1607 server: {get_resource: Controller}
1610 get_param: UpdateIdentifier
1614 description: IP address of the server in the ctlplane network
1615 value: {get_attr: [Controller, networks, ctlplane, 0]}
1616 external_ip_address:
1617 description: IP address of the server in the external network
1618 value: {get_attr: [ExternalPort, ip_address]}
1619 internal_api_ip_address:
1620 description: IP address of the server in the internal_api network
1621 value: {get_attr: [InternalApiPort, ip_address]}
1623 description: IP address of the server in the storage network
1624 value: {get_attr: [StoragePort, ip_address]}
1625 storage_mgmt_ip_address:
1626 description: IP address of the server in the storage_mgmt network
1627 value: {get_attr: [StorageMgmtPort, ip_address]}
1629 description: IP address of the server in the tenant network
1630 value: {get_attr: [TenantPort, ip_address]}
1631 management_ip_address:
1632 description: IP address of the server in the management network
1633 value: {get_attr: [ManagementPort, ip_address]}
1635 description: Hostname of the server
1636 value: {get_attr: [Controller, name]}
1639 Node object in the format {ip: ..., name: ...} format that the corosync
1642 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1643 name: {get_attr: [Controller, name]}
1646 Server's IP address and hostname in the /etc/hosts format
1650 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
1651 EXTERNALIP EXTERNALHOST
1652 INTERNAL_APIIP INTERNAL_APIHOST
1653 STORAGEIP STORAGEHOST
1654 STORAGE_MGMTIP STORAGE_MGMTHOST
1656 MANAGEMENTIP MANAGEMENTHOST
1658 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1659 DOMAIN: {get_param: CloudDomain}
1660 PRIMARYHOST: {get_attr: [Controller, name]}
1661 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
1665 - - {get_attr: [Controller, name]}
1667 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
1671 - - {get_attr: [Controller, name]}
1673 STORAGEIP: {get_attr: [StoragePort, ip_address]}
1677 - - {get_attr: [Controller, name]}
1679 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
1683 - - {get_attr: [Controller, name]}
1685 TENANTIP: {get_attr: [TenantPort, ip_address]}
1689 - - {get_attr: [Controller, name]}
1691 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
1695 - - {get_attr: [Controller, name]}
1697 nova_server_resource:
1698 description: Heat resource handle for the Nova compute server
1700 {get_resource: Controller}
1702 description: Swift device formatted for swift-ring-builder
1705 template: 'r1z1-IP:%PORT%/d1'
1707 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1708 swift_proxy_memcache:
1709 description: Swift proxy-memcache value
1712 template: "IP:11211"
1714 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1716 description: identifier which changes if the controller configuration may need re-applying
1720 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1721 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1722 - {get_attr: [NodeTLSData, deploy_stdout]}
1723 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1724 - {get_param: UpdateIdentifier}
1725 tls_key_modulus_md5:
1726 description: MD5 checksum of the TLS Key Modulus
1727 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1728 tls_cert_modulus_md5:
1729 description: MD5 checksum of the TLS Certificate Modulus
1730 value: {get_attr: [NodeTLSData, cert_modulus_md5]}