1 heat_template_version: 2015-04-30
4 OpenStack controller node configured by Puppet.
8 default: 'admin@example.com'
9 description: The email for the keystone admin account.
14 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
19 description: The keystone auth secret and db password.
22 CeilometerApiVirtualIP:
27 description: The ceilometer backend type.
29 CeilometerMeteringSecret:
31 description: Secret shared by the ceilometer services.
36 description: The password for the ceilometer service and db account.
42 CinderEnableNfsBackend:
44 description: Whether to enable or not the NFS backend for Cinder
46 CinderEnableIscsiBackend:
48 description: Whether to enable or not the Iscsi backend for Cinder
50 CinderEnableRbdBackend:
52 description: Whether to enable or not the Rbd backend for Cinder
56 description: The iSCSI helper to use with cinder.
58 CinderLVMLoopDeviceSize:
60 description: The size of the loopback file used by the cinder LVM driver.
62 CinderNfsMountOptions:
65 Mount options for NFS mounts used by Cinder NFS backend. Effective
66 when CinderEnableNfsBackend is true.
71 NFS servers used by Cinder NFS backend. Effective when
72 CinderEnableNfsBackend is true.
73 type: comma_delimited_list
76 description: The password for the cinder service and db account, used by cinder-api.
81 description: Contains parameters to configure Cinder backends. Typically
82 set via parameter_defaults in the resource registry.
86 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
88 ControllerExtraConfig:
91 Controller specific hiera configuration data to inject into the cluster.
93 ControlVirtualInterface:
95 description: Interface where virtual ip will be assigned.
99 description: Set to True to enable debugging on all services.
103 description: Whether to enable fencing in Pacemaker or not.
107 description: Whether to use Galera instead of regular MariaDB.
111 description: Whether to deploy a LoadBalancer on the Controller
115 description: Whether to deploy Ceph Storage (OSD) on the Controller
119 description: Whether to enable Swift Storage on the Controller
124 Additional hieradata to inject into the cluster, note that
125 ControllerExtraConfig takes precedence over ExtraConfig.
130 Pacemaker fencing configuration. The JSON should have
131 the following structure:
135 "agent": "AGENT_NAME",
136 "host_mac": "HOST_MAC_ADDRESS",
137 "params": {"PARAM_NAME": "PARAM_VALUE"}
145 "agent": "fence_xvm",
146 "host_mac": "52:54:00:aa:bb:cc",
148 "multicast_address": "225.0.0.12",
149 "port": "baremetal_0",
151 "manage_key_file": true,
152 "key_file": "/etc/fence_xvm.key",
153 "key_file_password": "abcdef"
160 description: Flavor for control nodes to request when deploying.
163 - custom_constraint: nova.flavor
164 GlanceNotifierStrategy:
165 description: Strategy to use for Glance notification queue
169 description: The filepath of the file to use for logging messages from Glance.
174 description: The password for the glance service and db account, used by the glance services.
179 description: The short name of the Glance backend to use. Should be one
180 of swift, rbd, or file
183 - allowed_values: ['swift', 'file', 'rbd']
184 GlanceFilePcmkDevice:
187 An exported storage device that should be mounted by Pacemaker
188 as Glance storage. Effective when GlanceFilePcmkManage is true.
190 GlanceFilePcmkFstype:
193 Filesystem type for Pacemaker mount used as Glance storage.
194 Effective when GlanceFilePcmkManage is true.
196 GlanceFilePcmkManage:
199 Whether to make Glance file backend a mount managed by Pacemaker.
200 Effective when GlanceBackend is 'file'.
202 GlanceFilePcmkOptions:
205 Mount options for Pacemaker mount used as Glance storage.
206 Effective when GlanceFilePcmkManage is true.
208 HAProxySyslogAddress:
210 description: Syslog address where HAproxy will send its log
214 description: The password for the Heat service and db account, used by the Heat services.
217 HeatStackDomainAdminPassword:
218 description: Password for heat_domain_admin user.
222 HeatAuthEncryptionKey:
223 description: Auth encryption key for heat-engine
228 description: A list of IP/Hostname allowed to connect to horizon
229 type: comma_delimited_list
231 description: Secret key for Django
236 default: overcloud-control
238 - custom_constraint: glance.image
240 default: 'REBUILD_PRESERVE_EPHEMERAL'
241 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
245 description: Name of an existing EC2 KeyPair to enable SSH access to the instances
248 - custom_constraint: nova.keypair
249 KeystoneCACertificate:
251 description: Keystone self-signed certificate authority certificate.
253 KeystoneSigningCertificate:
255 description: Keystone certificate for verifying token validity.
259 description: Keystone key for signing tokens.
262 KeystoneSSLCertificate:
264 description: Keystone certificate for verifying token validity.
266 KeystoneSSLCertificateKey:
268 description: Keystone key for signing tokens.
271 KeystoneNotificationDriver:
272 description: Comma-separated list of Oslo notification drivers used by Keystone
273 default: ['messaging']
274 type: comma_delimited_list
275 KeystoneNotificationFormat:
276 description: The Keystone notification format
280 - allowed_values: [ 'basic', 'cadf' ]
284 description: Keystone region for endpoint
287 description: Whether to manage IPtables rules.
291 description: Whether IPtables rules should be purged before setting up the new ones.
293 MysqlClusterUniquePart:
294 description: A unique identifier of the MySQL cluster the controller is in.
296 default: 'unset' # Has to be here because of the ignored empty value bug
297 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
299 # - length: {min: 4, max: 10}
300 MysqlInnodbBufferPoolSize:
302 Specifies the size of the buffer pool in megabytes. Setting to
303 zero should be interpreted as "no value" and will defer to the
308 description: Configures MySQL max_connections config setting
314 default: '' # Has to be here because of the ignored empty value bug
315 NeutronExternalNetworkBridge:
316 description: Name of bridge used for external network traffic.
319 NeutronBridgeMappings:
321 The OVS logical->physical bridge mappings to use. See the Neutron
322 documentation for details. Defaults to mapping br-ex - the external
323 bridge on hosts - to a physical name 'datacentre' which can be used
324 to create provider networks (and we use this for the default floating
325 network) - if changing this either use different post-install network
326 scripts or be sure to keep 'datacentre' as a mapping network name.
328 default: "datacentre:br-ex"
329 NeutronDnsmasqOptions:
330 default: 'dhcp-option-force=26,1400'
331 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
333 NeutronEnableDHCPAgent:
334 description: Knob to enable/disable DHCP Agent
337 NeutronEnableL3Agent:
338 description: Knob to enable/disable L3 agent
341 NeutronEnableMetadataAgent:
342 description: Knob to enable/disable Metadata agent
345 NeutronEnableOVSAgent:
346 description: Knob to enable/disable OVS Agent
351 description: Agent mode for the neutron-l3-agent on the controller hosts
355 description: Whether to enable l3-agent HA
357 NeutronDhcpAgentsPerNetwork:
360 description: The number of neutron dhcp agents to schedule per network
363 description: Whether to configure Neutron Distributed Virtual Routers
365 NeutronMetadataProxySharedSecret:
367 description: Shared secret to prevent spoofing
373 The core plugin for Neutron. The value should be the entrypoint to be loaded
374 from neutron.core_plugins namespace.
376 NeutronServicePlugins:
379 Comma-separated list of service plugin entrypoints to be loaded from the
380 neutron.service_plugins namespace.
381 type: comma_delimited_list
383 default: "vxlan,vlan,flat,gre"
385 Comma-separated list of network type driver entrypoints to be loaded.
386 type: comma_delimited_list
387 NeutronMechanismDrivers:
388 default: 'openvswitch'
390 The mechanism drivers for the Neutron tenant network. To specify multiple
391 values, use a comma separated string, like so: 'openvswitch,l2_population'
393 NeutronAllowL3AgentFailover:
395 description: Allow automatic l3-agent failover
397 NeutronEnableIsolatedMetadata:
399 description: If True, DHCP provide metadata route to VM.
401 NeutronEnableTunnelling:
407 Enable/disable the L2 population feature in the Neutron agents.
411 default: 'datacentre'
412 description: If set, flat networks to configure in neutron plugins.
415 description: Whether to enable l3-agent HA
419 description: The tenant network type for Neutron, either gre or vxlan.
421 NeutronNetworkVLANRanges:
422 default: 'datacentre'
424 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
425 Neutron documentation for permitted values. Defaults to permitting any
426 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
427 type: comma_delimited_list
430 description: The password for the neutron service and db account, used by neutron agents.
433 NeutronPublicInterface:
435 description: What interface to bridge onto br-ex for network nodes.
437 NeutronPublicInterfaceTag:
440 VLAN tag for creating a public VLAN. The tag will be used to
441 create an access port on the exterior bridge for each control plane node,
442 and that port will be given the IP address returned by neutron from the
443 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
444 overcloud.yaml to include the deployment of VLAN ports to the control
447 NeutronPublicInterfaceDefaultRoute:
449 description: A custom default route for the NeutronPublicInterface.
451 NeutronPublicInterfaceIP:
453 description: A custom IP address to put onto the NeutronPublicInterface.
455 NeutronPublicInterfaceRawDevice:
457 description: If set, the public interface is a vlan with this device as the raw device.
462 The tunnel types for the Neutron tenant network. To specify multiple
463 values, use a comma separated string, like so: 'gre,vxlan'
465 NeutronTunnelIdRanges:
467 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
468 of GRE tunnel IDs that are available for tenant network allocation
469 default: ["1:1000", ]
470 type: comma_delimited_list
473 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
474 of VXLAN VNI IDs that are available for tenant network allocation
475 default: ["1:1000", ]
476 type: comma_delimited_list
482 description: The password for the nova service and db account, used by nova-api.
487 description: Should MongoDb journaling be disabled
491 description: Comma-separated list of ntp servers
492 type: comma_delimited_list
495 description: The password for the 'pcsd' user.
497 PublicVirtualInterface:
500 Specifies the interface where the public-facing virtual ip will be assigned.
501 This should be int_public when a VLAN is being used.
505 default: '' # Has to be here because of the ignored empty value bug
508 default: '' # Has to be here because of the ignored empty value bug
512 description: The password for RabbitMQ
517 description: The username for RabbitMQ
522 Rabbit client subscriber parameter to specify
523 an SSL connection to the RabbitMQ host.
527 description: Set rabbit subscriber port, change this if using SSL
531 description: Configures RabbitMQ FD limit
535 default: '' # Has to be here because of the ignored empty value bug
536 SnmpdReadonlyUserName:
537 default: ro_snmp_user
538 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
540 SnmpdReadonlyUserPassword:
542 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
547 description: A random string to be used as a salt when hashing to determine mappings
553 description: Value of mount_check in Swift account/container/object -server.conf
558 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
561 description: Partition Power to use when building Swift rings
565 description: The password for the swift service account, used by the swift proxy
575 description: How many replicas to use in the swift rings.
576 VirtualIP: # DEPRECATED: use per service settings instead
578 default: '' # Has to be here because of the ignored empty value bug
585 GlanceRegistryVirtualIP:
591 KeystoneAdminApiVirtualIP:
594 KeystonePublicApiVirtualIP:
600 EnablePackageInstall:
602 description: Set to true to enable package installation via Puppet
606 description: Mapping of service_name -> network name. Typically set
607 via parameter_defaults in the resource registry.
611 description: Mapping of service endpoint -> protocol. Typically set
612 via parameter_defaults in the resource registry.
618 Setting to a previously unused value during stack-update will trigger
619 package update on all nodes
622 default: '' # Defaults to Heat created hostname
623 NetworkDeploymentActions:
624 type: comma_delimited_list
626 Heat action when to apply network configuration changes
635 The DNS domain used for the hosts. This should match the dhcp_domain
636 configured in the Undercloud neutron. Defaults to localdomain.
641 type: OS::Nova::Server
643 image: {get_param: Image}
644 image_update_policy: {get_param: ImageUpdatePolicy}
645 flavor: {get_param: Flavor}
646 key_name: {get_param: KeyName}
649 user_data_format: SOFTWARE_CONFIG
650 user_data: {get_resource: UserData}
651 name: {get_param: Hostname}
653 # Combine the NodeAdminUserData and NodeUserData mime archives
655 type: OS::Heat::MultipartMime
658 - config: {get_resource: NodeAdminUserData}
660 - config: {get_resource: NodeUserData}
663 # Creates the "heat-admin" user if configured via the environment
664 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
666 type: OS::TripleO::NodeAdminUserData
668 # For optional operator additional userdata
669 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
671 type: OS::TripleO::NodeUserData
674 type: OS::TripleO::Controller::Ports::ExternalPort
676 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
679 type: OS::TripleO::Controller::Ports::InternalApiPort
681 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
684 type: OS::TripleO::Controller::Ports::StoragePort
686 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
689 type: OS::TripleO::Controller::Ports::StorageMgmtPort
691 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
694 type: OS::TripleO::Controller::Ports::TenantPort
696 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
699 type: OS::TripleO::Network::Ports::NetIpMap
701 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
702 ExternalIp: {get_attr: [ExternalPort, ip_address]}
703 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
704 StorageIp: {get_attr: [StoragePort, ip_address]}
705 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
706 TenantIp: {get_attr: [TenantPort, ip_address]}
709 type: OS::TripleO::Network::Ports::NetIpSubnetMap
711 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
712 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
713 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
714 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
715 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
716 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
719 type: OS::TripleO::Controller::Net::SoftwareConfig
721 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
722 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
723 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
724 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
725 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
726 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
729 type: OS::TripleO::SoftwareDeployment
731 config: {get_resource: NetworkConfig}
732 server: {get_resource: Controller}
733 actions: {get_param: NetworkDeploymentActions}
736 interface_name: {get_param: NeutronPublicInterface}
738 # Resource for site-specific injection of root certificate
740 depends_on: NetworkDeployment
741 type: OS::TripleO::NodeTLSCAData
743 server: {get_resource: Controller}
745 # Hook for site-specific passing of private keys/certificates
747 depends_on: NodeTLSCAData
748 type: OS::TripleO::NodeTLSData
750 server: {get_resource: Controller}
751 NodeIndex: {get_param: NodeIndex}
753 ControllerDeployment:
754 type: OS::TripleO::SoftwareDeployment
755 depends_on: NetworkDeployment
757 config: {get_resource: ControllerConfig}
758 server: {get_resource: Controller}
760 bootstack_nodeid: {get_attr: [Controller, name]}
761 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
762 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
763 neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
764 haproxy_log_address: {get_param: HAProxySyslogAddress}
765 heat.watch_server_url:
769 - {get_param: HeatApiVirtualIP}
771 heat.metadata_server_url:
775 - {get_param: HeatApiVirtualIP}
777 heat.waitcondition_server_url:
781 - {get_param: HeatApiVirtualIP}
782 - ':8000/v1/waitcondition'
783 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
784 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
785 horizon_secret: {get_param: HorizonSecret}
786 admin_email: {get_param: AdminEmail}
787 admin_password: {get_param: AdminPassword}
788 admin_token: {get_param: AdminToken}
789 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
790 debug: {get_param: Debug}
791 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
792 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
793 cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
796 template: "['SERVERS']"
801 - {get_param: CinderNfsServers}
802 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
803 cinder_password: {get_param: CinderPassword}
804 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
805 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
806 cinder_backend_config: {get_param: CinderBackendConfig}
810 - - 'mysql://cinder:'
811 - {get_param: CinderPassword}
813 - {get_param: MysqlVirtualIP}
815 glance_port: {get_param: [EndpointMap, GlanceInternal, port]}
816 glance_password: {get_param: GlancePassword}
817 glance_backend: {get_param: GlanceBackend}
818 glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice}
819 glance_file_pcmk_fstype: {get_param: GlanceFilePcmkFstype}
820 glance_file_pcmk_manage: {get_param: GlanceFilePcmkManage}
821 glance_file_pcmk_options: {get_param: GlanceFilePcmkOptions}
822 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
823 glance_log_file: {get_param: GlanceLogFile}
827 - - 'mysql://glance:'
828 - {get_param: GlancePassword}
830 - {get_param: MysqlVirtualIP}
832 heat_password: {get_param: HeatPassword}
833 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
838 - {get_param: HeatPassword}
840 - {get_param: MysqlVirtualIP}
842 keystone_ca_certificate: {get_param: KeystoneCACertificate}
843 keystone_signing_key: {get_param: KeystoneSigningKey}
844 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
845 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
846 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
847 keystone_notification_driver: {get_param: KeystoneNotificationDriver}
848 keystone_notification_format: {get_param: KeystoneNotificationFormat}
852 - - 'mysql://keystone:'
853 - {get_param: AdminToken}
855 - {get_param: MysqlVirtualIP}
857 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
858 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
859 keystone_public_url: { get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
860 keystone_internal_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
861 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
862 enable_fencing: {get_param: EnableFencing}
863 enable_galera: {get_param: EnableGalera}
864 enable_load_balancer: {get_param: EnableLoadBalancer}
865 enable_ceph_storage: {get_param: EnableCephStorage}
866 enable_swift_storage: {get_param: EnableSwiftStorage}
867 manage_firewall: {get_param: ManageFirewall}
868 purge_firewall_rules: {get_param: PurgeFirewallRules}
869 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
870 mysql_max_connections: {get_param: MysqlMaxConnections}
871 mysql_root_password: {get_param: MysqlRootPassword}
874 template: tripleo-CLUSTER
876 CLUSTER: {get_param: MysqlClusterUniquePart}
877 neutron_flat_networks: {get_param: NeutronFlatNetworks}
878 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
879 neutron_agent_mode: {get_param: NeutronAgentMode}
880 neutron_router_distributed: {get_param: NeutronDVR}
881 neutron_core_plugin: {get_param: NeutronCorePlugin}
882 neutron_service_plugins:
884 template: "['PLUGINS']"
889 - {get_param: NeutronServicePlugins}
890 neutron_type_drivers:
892 template: "['DRIVERS']"
897 - {get_param: NeutronTypeDrivers}
898 neutron_enable_dhcp_agent: {get_param: NeutronEnableDHCPAgent}
899 neutron_enable_l3_agent: {get_param: NeutronEnableL3Agent}
900 neutron_enable_metadata_agent: {get_param: NeutronEnableMetadataAgent}
901 neutron_enable_ovs_agent: {get_param: NeutronEnableOVSAgent}
902 neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers}
903 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
904 neutron_l3_ha: {get_param: NeutronL3HA}
905 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
906 neutron_network_vlan_ranges:
908 template: "['RANGES']"
913 - {get_param: NeutronNetworkVLANRanges}
914 neutron_bridge_mappings: {get_param: NeutronBridgeMappings}
915 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
916 neutron_public_interface: {get_param: NeutronPublicInterface}
917 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
918 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
919 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
920 neutron_tenant_network_type: {get_param: NeutronNetworkType}
921 neutron_tunnel_types: {get_param: NeutronTunnelTypes}
922 neutron_tunnel_id_ranges:
924 template: "['RANGES']"
929 - {get_param: NeutronTunnelIdRanges}
932 template: "['RANGES']"
937 - {get_param: NeutronVniRanges}
938 neutron_password: {get_param: NeutronPassword}
939 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
943 - - 'mysql://neutron:'
944 - {get_param: NeutronPassword}
946 - {get_param: MysqlVirtualIP}
947 - '/ovs_neutron?charset=utf8'
948 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
949 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
950 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
951 neutron_admin_auth_url: { get_param: [ EndpointMap, KeystoneAdmin, uri ] }
952 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
953 ceilometer_backend: {get_param: CeilometerBackend}
954 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
955 ceilometer_password: {get_param: CeilometerPassword}
956 ceilometer_coordination_url:
960 - {get_param: RedisVirtualIP}
965 - - 'mysql://ceilometer:'
966 - {get_param: CeilometerPassword}
968 - {get_param: MysqlVirtualIP}
970 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
971 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
972 nova_password: {get_param: NovaPassword}
977 - {get_param: NovaPassword}
979 - {get_param: MysqlVirtualIP}
981 fencing_config: {get_param: FencingConfig}
982 pcsd_password: {get_param: PcsdPassword}
983 rabbit_username: {get_param: RabbitUserName}
984 rabbit_password: {get_param: RabbitPassword}
985 rabbit_cookie: {get_param: RabbitCookie}
986 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
987 rabbit_client_port: {get_param: RabbitClientPort}
988 mongodb_no_journal: {get_param: MongoDbNoJournal}
989 # We need to force this into quotes or hiera will return integer causing
990 # the puppet module validation regexp to fail.
991 # Remove when: https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/401
996 LIMIT: {get_param: RabbitFDLimit}
997 ntp_servers: {get_param: NtpServer}
998 control_virtual_interface: {get_param: ControlVirtualInterface}
999 public_virtual_interface: {get_param: PublicVirtualInterface}
1000 swift_hash_suffix: {get_param: SwiftHashSuffix}
1001 swift_password: {get_param: SwiftPassword}
1002 swift_part_power: {get_param: SwiftPartPower}
1003 swift_replicas: {get_param: SwiftReplicas}
1004 swift_min_part_hours: {get_param: SwiftMinPartHours}
1005 swift_mount_check: {get_param: SwiftMountCheck}
1006 enable_package_install: {get_param: EnablePackageInstall}
1007 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
1008 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
1009 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1010 cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
1011 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
1012 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
1013 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
1014 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
1015 glance_registry_host: {get_param: GlanceRegistryVirtualIP}
1016 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
1017 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
1018 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
1019 keystone_region: {get_param: KeystoneRegion}
1020 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
1021 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
1022 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
1023 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
1024 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
1025 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
1026 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
1027 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
1028 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
1029 redis_vip: {get_param: RedisVirtualIP}
1030 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1031 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
1032 mysql_virtual_ip: {get_param: MysqlVirtualIP}
1033 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
1034 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1035 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1037 # Map heat metadata into hiera datafiles
1039 type: OS::Heat::StructuredConfig
1041 group: os-apply-config
1046 - heat_config_%{::deploy_config_name}
1047 - controller_extraconfig
1052 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
1053 - ceph_cluster # provided by CephClusterConfig
1055 - bootstrap_node # provided by BootstrapNodeConfig
1056 - all_nodes # provided by allNodesConfig
1057 - vip_data # provided by vip-config
1060 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
1061 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
1062 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
1063 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
1064 - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
1066 controller_extraconfig:
1067 mapped_data: {get_param: ControllerExtraConfig}
1069 mapped_data: {get_param: ExtraConfig}
1071 raw_data: {get_file: hieradata/common.yaml}
1073 raw_data: {get_file: hieradata/ceph.yaml}
1075 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
1076 ceph::profile::params::public_network: {get_input: ceph_public_network}
1077 ceph::mon::public_addr: {get_input: ceph_public_ip}
1079 raw_data: {get_file: hieradata/database.yaml}
1081 raw_data: {get_file: hieradata/object.yaml}
1083 raw_data: {get_file: hieradata/controller.yaml}
1084 mapped_data: # data supplied directly to this deployment configuration, etc
1085 bootstack_nodeid: {get_input: bootstack_nodeid}
1088 enable_fencing: {get_input: enable_fencing}
1089 enable_load_balancer: {get_input: enable_load_balancer}
1090 hacluster_pwd: {get_input: pcsd_password}
1091 tripleo::fencing::config: {get_input: fencing_config}
1094 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
1095 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
1096 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
1097 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
1098 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
1099 swift::proxy::authtoken::admin_password: {get_input: swift_password}
1100 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
1101 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
1102 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
1103 swift_mount_check: {get_input: swift_mount_check}
1105 # NOTE(dprince): build_ring support is currently not wired in.
1106 # See: https://review.openstack.org/#/c/109225/
1107 tripleo::ringbuilder::build_ring: True
1110 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
1111 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
1112 cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
1113 cinder_nfs_servers: {get_input: cinder_nfs_servers}
1114 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
1115 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
1116 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
1117 cinder::database_connection: {get_input: cinder_dsn}
1118 cinder::api::keystone_password: {get_input: cinder_password}
1119 cinder::api::auth_uri: {get_input: keystone_auth_uri}
1120 cinder::api::identity_uri: {get_input: keystone_identity_uri}
1121 cinder::api::bind_host: {get_input: cinder_api_network}
1122 cinder::rabbit_userid: {get_input: rabbit_username}
1123 cinder::rabbit_password: {get_input: rabbit_password}
1124 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1125 cinder::rabbit_port: {get_input: rabbit_client_port}
1126 cinder::debug: {get_input: debug}
1127 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
1128 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
1129 cinder_backend_config: {get_input: CinderBackendConfig}
1130 cinder::db::mysql::password: {get_input: cinder_password}
1133 glance::api::bind_port: {get_input: glance_port}
1134 glance::api::bind_host: {get_input: glance_api_network}
1135 glance::api::auth_uri: {get_input: keystone_auth_uri}
1136 glance::api::identity_uri: {get_input: keystone_identity_uri}
1137 glance::api::registry_host: {get_input: glance_registry_host}
1138 glance::api::keystone_password: {get_input: glance_password}
1139 glance::api::debug: {get_input: debug}
1140 glance_notifier_strategy: {get_input: glance_notifier_strategy}
1141 glance_log_file: {get_input: glance_log_file}
1142 glance_log_file: {get_input: glance_log_file}
1143 glance::api::database_connection: {get_input: glance_dsn}
1144 glance::registry::keystone_password: {get_input: glance_password}
1145 glance::registry::database_connection: {get_input: glance_dsn}
1146 glance::registry::bind_host: {get_input: glance_registry_network}
1147 glance::registry::auth_uri: {get_input: keystone_auth_uri}
1148 glance::registry::identity_uri: {get_input: keystone_identity_uri}
1149 glance::registry::debug: {get_input: debug}
1150 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_uri}
1151 glance::backend::swift::swift_store_user: service:glance
1152 glance::backend::swift::swift_store_key: {get_input: glance_password}
1153 glance_backend: {get_input: glance_backend}
1154 glance::db::mysql::password: {get_input: glance_password}
1155 glance_file_pcmk_device: {get_input: glance_file_pcmk_device}
1156 glance_file_pcmk_fstype: {get_input: glance_file_pcmk_fstype}
1157 glance_file_pcmk_manage: {get_input: glance_file_pcmk_manage}
1158 glance_file_pcmk_options: {get_input: glance_file_pcmk_options}
1161 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
1162 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
1163 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
1164 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
1165 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
1166 heat::rabbit_userid: {get_input: rabbit_username}
1167 heat::rabbit_password: {get_input: rabbit_password}
1168 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1169 heat::rabbit_port: {get_input: rabbit_client_port}
1170 heat::auth_uri: {get_input: keystone_auth_uri}
1171 heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
1172 heat::identity_uri: {get_input: keystone_identity_uri}
1173 heat::keystone_password: {get_input: heat_password}
1174 heat::api::bind_host: {get_input: heat_api_network}
1175 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
1176 heat::api_cfn::bind_host: {get_input: heat_api_network}
1177 heat::database_connection: {get_input: heat_dsn}
1178 heat::debug: {get_input: debug}
1179 heat::db::mysql::password: {get_input: heat_password}
1182 keystone::admin_token: {get_input: admin_token}
1183 keystone_ca_certificate: {get_input: keystone_ca_certificate}
1184 keystone_signing_key: {get_input: keystone_signing_key}
1185 keystone_signing_certificate: {get_input: keystone_signing_certificate}
1186 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
1187 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
1188 keystone::database_connection: {get_input: keystone_dsn}
1189 keystone::public_bind_host: {get_input: keystone_public_api_network}
1190 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
1191 keystone::debug: {get_input: debug}
1192 keystone::db::mysql::password: {get_input: admin_token}
1193 keystone::rabbit_userid: {get_input: rabbit_username}
1194 keystone::rabbit_password: {get_input: rabbit_password}
1195 keystone::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1196 keystone::rabbit_port: {get_input: rabbit_client_port}
1197 keystone::notification_driver: {get_input: keystone_notification_driver}
1198 keystone::notification_format: {get_input: keystone_notification_format}
1199 keystone::roles::admin::email: {get_input: admin_email}
1200 keystone::roles::admin::password: {get_input: admin_password}
1201 keystone::endpoint::public_url: {get_input: keystone_public_url}
1202 keystone::endpoint::internal_url: {get_input: keystone_internal_url}
1203 keystone::endpoint::admin_url: {get_input: keystone_identity_uri}
1204 keystone::endpoint::region: {get_input: keystone_region}
1206 mongodb::server::bind_ip: {get_input: mongo_db_network}
1207 mongodb::server::nojournal: {get_input: mongodb_no_journal}
1209 admin_password: {get_input: admin_password}
1210 enable_galera: {get_input: enable_galera}
1211 enable_ceph_storage: {get_input: enable_ceph_storage}
1212 enable_swift_storage: {get_input: enable_swift_storage}
1213 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
1214 mysql_max_connections: {get_input: mysql_max_connections}
1215 mysql::server::root_password: {get_input: mysql_root_password}
1216 mysql_cluster_name: {get_input: mysql_cluster_name}
1217 mysql_bind_host: {get_input: mysql_network}
1218 mysql_virtual_ip: {get_input: mysql_virtual_ip}
1221 neutron::bind_host: {get_input: neutron_api_network}
1222 neutron::rabbit_password: {get_input: rabbit_password}
1223 neutron::rabbit_user: {get_input: rabbit_username}
1224 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1225 neutron::rabbit_port: {get_input: rabbit_client_port}
1226 neutron::debug: {get_input: debug}
1227 neutron::server::auth_uri: {get_input: keystone_auth_uri}
1228 neutron::server::identity_uri: {get_input: keystone_identity_uri}
1229 neutron::server::database_connection: {get_input: neutron_dsn}
1230 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
1231 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
1232 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
1233 neutron::agents::dhcp::enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata}
1234 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
1235 neutron_flat_networks: {get_input: neutron_flat_networks}
1236 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1237 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
1238 neutron_agent_mode: {get_input: neutron_agent_mode}
1239 neutron_router_distributed: {get_input: neutron_router_distributed}
1240 neutron::core_plugin: {get_input: neutron_core_plugin}
1241 neutron::service_plugins: {get_input: neutron_service_plugins}
1242 neutron::enable_dhcp_agent: {get_input: neutron_enable_dhcp_agent}
1243 neutron::enable_l3_agent: {get_input: neutron_enable_l3_agent}
1244 neutron::enable_metadata_agent: {get_input: neutron_enable_metadata_agent}
1245 neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent}
1246 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
1247 neutron_mechanism_drivers: {get_input: neutron_mechanism_drivers}
1248 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
1249 neutron::server::l3_ha: {get_input: neutron_l3_ha}
1250 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
1251 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
1252 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
1253 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
1254 neutron_bridge_mappings: {get_input: neutron_bridge_mappings}
1255 neutron_public_interface: {get_input: neutron_public_interface}
1256 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
1257 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
1258 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
1259 neutron_tenant_network_type: {get_input: neutron_tenant_network_type}
1260 neutron_tunnel_types: {get_input: neutron_tunnel_types}
1261 neutron::server::auth_password: {get_input: neutron_password}
1262 neutron::agents::metadata::auth_password: {get_input: neutron_password}
1263 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
1264 neutron_dsn: {get_input: neutron_dsn}
1265 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1266 neutron::db::mysql::password: {get_input: neutron_password}
1267 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
1268 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
1269 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
1270 neutron::keystone::auth::password: {get_input: neutron_password }
1271 neutron::keystone::auth::region: {get_input: keystone_region}
1272 neutron::server::notifications::nova_url: {get_input: nova_internal_url}
1273 neutron::server::notifications::auth_url: {get_input: neutron_admin_auth_url}
1274 neutron::server::notifications::tenant_name: 'service'
1275 neutron::server::notifications::password: {get_input: nova_password}
1278 ceilometer_backend: {get_input: ceilometer_backend}
1279 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1280 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1281 ceilometer::rabbit_userid: {get_input: rabbit_username}
1282 ceilometer::rabbit_password: {get_input: rabbit_password}
1283 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1284 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1285 ceilometer::debug: {get_input: debug}
1286 ceilometer::api::host: {get_input: ceilometer_api_network}
1287 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1288 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1289 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1290 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1291 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
1292 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1293 ceilometer::db::mysql::password: {get_input: ceilometer_password}
1294 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1295 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1298 nova::rabbit_userid: {get_input: rabbit_username}
1299 nova::rabbit_password: {get_input: rabbit_password}
1300 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1301 nova::rabbit_port: {get_input: rabbit_client_port}
1302 nova::debug: {get_input: debug}
1303 nova::api::auth_uri: {get_input: keystone_auth_uri}
1304 nova::api::identity_uri: {get_input: keystone_identity_uri}
1305 nova::api::api_bind_address: {get_input: nova_api_network}
1306 nova::api::metadata_listen: {get_input: nova_metadata_network}
1307 nova::api::admin_password: {get_input: nova_password}
1308 nova::database_connection: {get_input: nova_dsn}
1309 nova::glance_api_servers: {get_input: glance_api_servers}
1310 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1311 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
1312 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1313 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
1314 nova::vncproxy::host: {get_input: nova_api_network}
1315 nova::db::mysql::password: {get_input: nova_password}
1318 apache::ip: {get_input: horizon_network}
1319 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1320 horizon::django_debug: {get_input: debug}
1321 horizon::secret_key: {get_input: horizon_secret}
1322 horizon::bind_address: {get_input: horizon_network}
1323 horizon::keystone_url: {get_input: keystone_auth_uri}
1326 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1327 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1328 rabbitmq::file_limit: {get_input: rabbit_fd_limit}
1329 rabbitmq::default_user: {get_input: rabbit_username}
1330 rabbitmq::default_pass: {get_input: rabbit_password}
1332 redis::bind: {get_input: redis_network}
1333 redis_vip: {get_input: redis_vip}
1335 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1336 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1338 memcached::listen_ip: {get_input: memcached_network}
1339 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1340 ntp::servers: {get_input: ntp_servers}
1341 control_virtual_interface: {get_input: control_virtual_interface}
1342 public_virtual_interface: {get_input: public_virtual_interface}
1343 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1344 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1345 tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address}
1346 # NOTE(jaosorior): The service certificate configuration for
1347 # HAProxy was left commented because to properly use this, we
1348 # need to be able to set up the keystone endpoints. And
1349 # currently that is not possible, but is being addressed by
1350 # other commits. A subsequent commit will uncomment this.
1351 #tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1352 tripleo::packages::enable_install: {get_input: enable_package_install}
1353 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1355 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1356 ControllerExtraConfigPre:
1357 depends_on: ControllerDeployment
1358 type: OS::TripleO::ControllerExtraConfigPre
1360 server: {get_resource: Controller}
1362 # Hook for site-specific additional pre-deployment config,
1363 # applying to all nodes, e.g node registration/unregistration
1365 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1366 type: OS::TripleO::NodeExtraConfig
1368 server: {get_resource: Controller}
1371 type: OS::TripleO::Tasks::PackageUpdate
1374 type: OS::Heat::SoftwareDeployment
1376 config: {get_resource: UpdateConfig}
1377 server: {get_resource: Controller}
1380 get_param: UpdateIdentifier
1384 description: IP address of the server in the ctlplane network
1385 value: {get_attr: [Controller, networks, ctlplane, 0]}
1386 external_ip_address:
1387 description: IP address of the server in the external network
1388 value: {get_attr: [ExternalPort, ip_address]}
1389 internal_api_ip_address:
1390 description: IP address of the server in the internal_api network
1391 value: {get_attr: [InternalApiPort, ip_address]}
1393 description: IP address of the server in the storage network
1394 value: {get_attr: [StoragePort, ip_address]}
1395 storage_mgmt_ip_address:
1396 description: IP address of the server in the storage_mgmt network
1397 value: {get_attr: [StorageMgmtPort, ip_address]}
1399 description: IP address of the server in the tenant network
1400 value: {get_attr: [TenantPort, ip_address]}
1402 description: Hostname of the server
1403 value: {get_attr: [Controller, name]}
1406 Node object in the format {ip: ..., name: ...} format that the corosync
1409 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1410 name: {get_attr: [Controller, name]}
1413 Server's IP address and hostname in the /etc/hosts format
1416 template: IP HOST.DOMAIN HOST CLOUDNAME
1418 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1419 DOMAIN: {get_param: CloudDomain}
1420 HOST: {get_attr: [Controller, name]}
1421 CLOUDNAME: {get_param: CloudName}
1422 nova_server_resource:
1423 description: Heat resource handle for the Nova compute server
1425 {get_resource: Controller}
1427 description: Swift device formatted for swift-ring-builder
1430 template: 'r1z1-IP:%PORT%/d1'
1432 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1433 swift_proxy_memcache:
1434 description: Swift proxy-memcache value
1437 template: "IP:11211"
1439 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1441 description: identifier which changes if the controller configuration may need re-applying
1445 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1446 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1447 - {get_attr: [NodeTLSData, deploy_stdout]}
1448 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1449 - {get_param: UpdateIdentifier}
1450 tls_key_modulus_md5:
1451 description: MD5 checksum of the TLS Key Modulus
1452 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1453 tls_cert_modulus_md5:
1454 description: MD5 checksum of the TLS Certificate Modulus
1455 value: {get_attr: [NodeTLSData, cert_modulus_md5]}