1 heat_template_version: 2016-04-08
4 OpenStack controller node configured by Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
15 description: The password for the aodh services.
18 #TODO(composable Redis): Remove the Redis password param
19 #As is used by ceilometer
20 CeilometerApiVirtualIP:
25 description: The ceilometer backend type.
27 CeilometerMeteringSecret:
28 description: Secret shared by the ceilometer services.
32 description: The password for the ceilometer service and db account.
35 CeilometerStoreEvents:
37 description: Whether to store events in ceilometer.
39 CeilometerMeterDispatcher:
41 description: Dispatcher to process meter data
44 - allowed_values: ['gnocchi', 'database']
50 description: Number of workers for Ceilometer service.
52 controllerExtraConfig:
55 Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
57 ControllerExtraConfig:
60 Controller specific hiera configuration data to inject into the cluster.
65 A network mapped list of IPs to assign to Controllers in the following form:
67 "internal_api": ["a.b.c.d", "e.f.g.h"],
71 ControlVirtualInterface:
73 description: Interface where virtual ip will be assigned.
77 description: Enable IPv6 in Corosync
81 description: Set to True to enable debugging on all services.
85 description: Whether to enable fencing in Pacemaker or not.
89 description: Whether to use Galera instead of regular MariaDB.
93 description: Whether to deploy a LoadBalancer on the Controller
97 description: Whether to deploy Ceph Storage (OSD) on the Controller
102 Additional hieradata to inject into the cluster, note that
103 ControllerExtraConfig takes precedence over ExtraConfig.
108 Pacemaker fencing configuration. The JSON should have
109 the following structure:
113 "agent": "AGENT_NAME",
114 "host_mac": "HOST_MAC_ADDRESS",
115 "params": {"PARAM_NAME": "PARAM_VALUE"}
123 "agent": "fence_xvm",
124 "host_mac": "52:54:00:aa:bb:cc",
126 "multicast_address": "225.0.0.12",
127 "port": "baremetal_0",
129 "manage_key_file": true,
130 "key_file": "/etc/fence_xvm.key",
131 "key_file_password": "abcdef"
138 description: Flavor for control nodes to request when deploying.
141 - custom_constraint: nova.flavor
144 description: The short name of the Gnocchi backend to use. Should be one
145 of swift, rbd, or file
148 - allowed_values: ['swift', 'file', 'rbd']
149 GnocchiIndexerBackend:
151 description: The short name of the Gnocchi indexer backend to use.
157 description: The password for the gnocchi service and db account.
160 HAProxyStatsPassword:
161 description: Password for HAProxy stats endpoint
164 description: User for HAProxy stats endpoint
167 HAProxySyslogAddress:
169 description: Syslog address where HAproxy will send its log
171 HeatAuthEncryptionKey:
172 description: Auth encryption key for heat-engine
177 description: A list of IP/Hostname allowed to connect to horizon
178 type: comma_delimited_list
180 description: Secret key for Django
185 default: overcloud-control
187 - custom_constraint: glance.image
189 default: 'REBUILD_PRESERVE_EPHEMERAL'
190 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
192 InstanceNameTemplate:
193 default: 'instance-%08x'
194 description: Template string to be used to generate instance names
198 description: Name of an existing Nova key pair to enable SSH access to the instances
201 - custom_constraint: nova.keypair
205 description: Keystone region for endpoint
208 description: Whether to manage IPtables rules.
212 description: Enable IPv6 features in Memcached.
216 description: Whether IPtables rules should be purged before setting up the new ones.
221 MysqlClusterUniquePart:
222 description: A unique identifier of the MySQL cluster the controller is in.
224 default: 'unset' # Has to be here because of the ignored empty value bug
225 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
227 # - length: {min: 4, max: 10}
228 MysqlInnodbBufferPoolSize:
230 Specifies the size of the buffer pool in megabytes. Setting to
231 zero should be interpreted as "no value" and will defer to the
236 description: Configures MySQL max_connections config setting
239 MysqlClustercheckPassword:
245 default: '' # Has to be here because of the ignored empty value bug
246 NeutronMetadataProxySharedSecret:
247 description: Shared secret to prevent spoofing
251 description: The password for the neutron service and db account, used by neutron agents.
254 NeutronPublicInterface:
256 description: What interface to bridge onto br-ex for network nodes.
260 The default MTU for tenant networks. For VXLAN/GRE tunneling, this should
261 be at least 50 bytes smaller than the MTU on the physical network. This
262 value will be used to set the MTU on the virtual Ethernet device.
263 This number is related to the value of NeutronDnsmasqOptions, since that
264 will determine the MTU that is assigned to the VM host through DHCP.
273 Whether to create cron job for purging soft deleted rows in Nova database.
277 description: Enable IPv6 features in Nova
280 description: The password for the nova service and db account, used by nova-api.
285 description: The password for the 'pcsd' user.
287 PublicVirtualInterface:
290 Specifies the interface where the public-facing virtual ip will be assigned.
291 This should be int_public when a VLAN is being used.
295 default: '' # Has to be here because of the ignored empty value bug
298 default: '' # Has to be here because of the ignored empty value bug
301 description: The password for RabbitMQ
306 description: The username for RabbitMQ
311 Rabbit client subscriber parameter to specify
312 an SSL connection to the RabbitMQ host.
316 description: Set rabbit subscriber port, change this if using SSL
319 description: The password for Redis
324 default: '' # Has to be here because of the ignored empty value bug
327 default: '' # Has to be here because of the ignored empty value bug
328 description: An IP address which is wrapped in brackets in case of IPv6
329 SnmpdReadonlyUserName:
330 default: ro_snmp_user
331 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
333 SnmpdReadonlyUserPassword:
334 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
338 description: A random string to be used as a salt when hashing to determine mappings
345 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
348 description: Partition Power to use when building Swift rings
352 description: Whether to manage Swift rings or not
360 description: How many replicas to use in the swift rings.
363 description: The timezone to be set on controller nodes.
365 UpgradeLevelNovaCompute:
367 description: Nova Compute upgrade level
369 VirtualIP: # DEPRECATED: use per service settings instead
371 default: '' # Has to be here because of the ignored empty value bug
384 EnablePackageInstall:
386 description: Set to true to enable package installation via Puppet
390 description: Mapping of service_name -> network name. Typically set
391 via parameter_defaults in the resource registry.
395 description: Mapping of service endpoint -> protocol. Typically set
396 via parameter_defaults in the resource registry.
402 Setting to a previously unused value during stack-update will trigger
403 package update on all nodes
406 default: '' # Defaults to Heat created hostname
410 description: Optional mapping to override hostnames
411 NetworkDeploymentActions:
412 type: comma_delimited_list
414 Heat action when to apply network configuration changes
419 SoftwareConfigTransport:
420 default: POLL_SERVER_CFN
422 How the server should receive the metadata required for software configuration.
425 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
430 The DNS domain used for the hosts. This should match the dhcp_domain
431 configured in the Undercloud neutron. Defaults to localdomain.
435 Extra properties or metadata passed to Nova for the created nodes in
436 the overcloud. It's accessible via the Nova metadata API.
440 description: Optional scheduler hints to pass to nova
442 ServiceConfigSettings:
448 description: Do not use deprecated params, they will be removed.
450 - controllerExtraConfig
455 type: OS::Nova::Server
457 image: {get_param: Image}
458 image_update_policy: {get_param: ImageUpdatePolicy}
459 flavor: {get_param: Flavor}
460 key_name: {get_param: KeyName}
463 user_data_format: SOFTWARE_CONFIG
464 user_data: {get_resource: UserData}
467 template: {get_param: Hostname}
468 params: {get_param: HostnameMap}
469 software_config_transport: {get_param: SoftwareConfigTransport}
470 metadata: {get_param: ServerMetadata}
471 scheduler_hints: {get_param: SchedulerHints}
473 # Combine the NodeAdminUserData and NodeUserData mime archives
475 type: OS::Heat::MultipartMime
478 - config: {get_resource: NodeAdminUserData}
480 - config: {get_resource: NodeUserData}
483 # Creates the "heat-admin" user if configured via the environment
484 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
486 type: OS::TripleO::NodeAdminUserData
488 # For optional operator additional userdata
489 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
491 type: OS::TripleO::NodeUserData
494 type: OS::TripleO::Controller::Ports::ExternalPort
496 IPPool: {get_param: ControllerIPs}
497 NodeIndex: {get_param: NodeIndex}
498 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
501 type: OS::TripleO::Controller::Ports::InternalApiPort
503 IPPool: {get_param: ControllerIPs}
504 NodeIndex: {get_param: NodeIndex}
505 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
508 type: OS::TripleO::Controller::Ports::StoragePort
510 IPPool: {get_param: ControllerIPs}
511 NodeIndex: {get_param: NodeIndex}
512 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
515 type: OS::TripleO::Controller::Ports::StorageMgmtPort
517 IPPool: {get_param: ControllerIPs}
518 NodeIndex: {get_param: NodeIndex}
519 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
522 type: OS::TripleO::Controller::Ports::TenantPort
524 IPPool: {get_param: ControllerIPs}
525 NodeIndex: {get_param: NodeIndex}
526 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
529 type: OS::TripleO::Controller::Ports::ManagementPort
531 IPPool: {get_param: ControllerIPs}
532 NodeIndex: {get_param: NodeIndex}
533 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
536 type: OS::TripleO::Network::Ports::NetIpMap
538 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
539 ExternalIp: {get_attr: [ExternalPort, ip_address]}
540 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
541 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
542 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
543 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
544 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
545 StorageIp: {get_attr: [StoragePort, ip_address]}
546 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
547 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
548 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
549 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
550 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
551 TenantIp: {get_attr: [TenantPort, ip_address]}
552 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
553 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
554 ManagementIp: {get_attr: [ManagementPort, ip_address]}
555 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
556 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
559 type: OS::TripleO::Controller::Net::SoftwareConfig
561 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
562 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
563 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
564 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
565 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
566 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
567 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
570 type: OS::TripleO::SoftwareDeployment
572 name: NetworkDeployment
573 config: {get_resource: NetworkConfig}
574 server: {get_resource: Controller}
575 actions: {get_param: NetworkDeploymentActions}
578 interface_name: {get_param: NeutronPublicInterface}
580 # Resource for site-specific injection of root certificate
582 depends_on: NetworkDeployment
583 type: OS::TripleO::NodeTLSCAData
585 server: {get_resource: Controller}
587 # Resource for site-specific passing of private keys/certificates
589 depends_on: NodeTLSCAData
590 type: OS::TripleO::NodeTLSData
592 server: {get_resource: Controller}
593 NodeIndex: {get_param: NodeIndex}
596 ControllerDeployment:
597 type: OS::TripleO::SoftwareDeployment
598 depends_on: NetworkDeployment
600 name: ControllerDeployment
601 config: {get_resource: ControllerConfig}
602 server: {get_resource: Controller}
604 bootstack_nodeid: {get_attr: [Controller, name]}
605 ceilometer_workers: {get_param: CeilometerWorkers}
606 haproxy_log_address: {get_param: HAProxySyslogAddress}
607 haproxy_stats_password: {get_param: HAProxyStatsPassword}
608 haproxy_stats_user: {get_param: HAProxyStatsUser}
609 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
610 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
611 horizon_secret: {get_param: HorizonSecret}
612 admin_password: {get_param: AdminPassword}
613 debug: {get_param: Debug}
614 cinder_public_url: {get_param: [EndpointMap, CinderPublic, uri]}
615 cinder_internal_url: {get_param: [EndpointMap, CinderInternal, uri]}
616 cinder_admin_url: {get_param: [EndpointMap, CinderAdmin, uri]}
617 cinder_public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]}
618 cinder_internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]}
619 cinder_admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]}
620 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
621 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
622 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
623 enable_fencing: {get_param: EnableFencing}
624 enable_galera: {get_param: EnableGalera}
625 enable_load_balancer: {get_param: EnableLoadBalancer}
626 enable_ceph_storage: {get_param: EnableCephStorage}
627 manage_firewall: {get_param: ManageFirewall}
628 purge_firewall_rules: {get_param: PurgeFirewallRules}
629 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
630 mysql_max_connections: {get_param: MysqlMaxConnections}
631 mysql_root_password: {get_param: MysqlRootPassword}
632 mysql_clustercheck_password: {get_param: MysqlClustercheckPassword}
635 template: tripleo-CLUSTER
637 CLUSTER: {get_param: MysqlClusterUniquePart}
638 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
639 neutron_password: {get_param: NeutronPassword}
640 neutron_tenant_mtu: {get_param: NeutronTenantMtu}
641 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
642 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
643 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
644 neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
645 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
646 ceilometer_backend: {get_param: CeilometerBackend}
647 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
648 ceilometer_password: {get_param: CeilometerPassword}
649 ceilometer_store_events: {get_param: CeilometerStoreEvents}
650 aodh_password: {get_param: AodhPassword}
651 aodh_internal_url: { get_param: [ EndpointMap, AodhInternal, uri ] }
652 aodh_public_url: { get_param: [ EndpointMap, AodhPublic, uri ] }
653 aodh_admin_url: { get_param: [ EndpointMap, AodhAdmin, uri ] }
654 ceilometer_meter_dispatcher: {get_param: CeilometerMeterDispatcher}
655 gnocchi_password: {get_param: GnocchiPassword}
656 gnocchi_backend: {get_param: GnocchiBackend}
657 gnocchi_indexer_backend: {get_param: GnocchiIndexerBackend}
658 ceilometer_coordination_url:
662 - {get_param: RedisPassword}
664 - {get_param: RedisVirtualIPUri}
669 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
671 - {get_param: CeilometerPassword}
673 - {get_param: [EndpointMap, MysqlInternal, host]}
678 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
680 - {get_param: GnocchiPassword}
682 - {get_param: [EndpointMap, MysqlInternal, host]}
687 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
689 - {get_param: AodhPassword}
691 - {get_param: [EndpointMap, MysqlInternal, host]}
693 gnocchi_internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]}
694 gnocchi_public_url: { get_param: [ EndpointMap, GnocchiPublic, uri ] }
695 gnocchi_admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] }
696 ceilometer_public_url: {get_param: [EndpointMap, CeilometerPublic, uri]}
697 ceilometer_internal_url: {get_param: [EndpointMap, CeilometerInternal, uri]}
698 ceilometer_admin_url: {get_param: [EndpointMap, CeilometerAdmin, uri]}
699 ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
700 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
701 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
702 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
703 nova_ipv6: {get_param: NovaIPv6}
704 corosync_ipv6: {get_param: CorosyncIPv6}
705 memcached_ipv6: {get_param: MemcachedIPv6}
706 nova_password: {get_param: NovaPassword}
710 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
712 - {get_param: NovaPassword}
714 - {get_param: [EndpointMap, MysqlInternal, host]}
719 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
721 - {get_param: NovaPassword}
723 - {get_param: [EndpointMap, MysqlInternal, host]}
725 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
726 instance_name_template: {get_param: InstanceNameTemplate}
727 nova_public_url: {get_param: [EndpointMap, NovaPublic, uri]}
728 nova_internal_url: {get_param: [EndpointMap, NovaInternal, uri]}
729 nova_admin_url: {get_param: [EndpointMap, NovaAdmin, uri]}
730 fencing_config: {get_param: FencingConfig}
731 pcsd_password: {get_param: PcsdPassword}
732 rabbit_username: {get_param: RabbitUserName}
733 rabbit_password: {get_param: RabbitPassword}
734 rabbit_cookie: {get_param: RabbitCookie}
735 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
736 rabbit_client_port: {get_param: RabbitClientPort}
737 timezone: {get_param: TimeZone}
738 control_virtual_interface: {get_param: ControlVirtualInterface}
739 public_virtual_interface: {get_param: PublicVirtualInterface}
740 swift_hash_suffix: {get_param: SwiftHashSuffix}
741 swift_part_power: {get_param: SwiftPartPower}
742 swift_ring_build: {get_param: SwiftRingBuild}
743 swift_replicas: {get_param: SwiftReplicas}
744 swift_min_part_hours: {get_param: SwiftMinPartHours}
745 enable_package_install: {get_param: EnablePackageInstall}
746 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
747 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
748 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
749 cinder_iscsi_network:
753 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
754 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
755 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
756 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
757 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
758 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
759 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
760 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
761 keystone_region: {get_param: KeystoneRegion}
762 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
763 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
764 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
765 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
766 aodh_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]}
767 gnocchi_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]}
768 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
769 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
770 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
773 template: "['SUBNET']"
775 SUBNET: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
776 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
777 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
778 redis_vip: {get_param: RedisVirtualIP}
779 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
780 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
781 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
782 mysql_virtual_ip: {get_param: MysqlVirtualIP}
783 ceph_cluster_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
784 ceph_public_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
785 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
787 # Map heat metadata into hiera datafiles
789 type: OS::Heat::StructuredConfig
791 group: os-apply-config
796 - heat_config_%{::deploy_config_name}
797 - controller_extraconfig
803 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
804 - ceph_cluster # provided by CephClusterConfig
806 - bootstrap_node # provided by BootstrapNodeConfig
807 - all_nodes # provided by allNodesConfig
808 - vip_data # provided by vip-config
812 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
813 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
814 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
815 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
816 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
817 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
818 - midonet_data #Optionally provided by AllNodesExtraConfig
819 merge_behavior: deeper
822 mapped_data: {get_param: ServiceConfigSettings}
823 controller_extraconfig:
826 - {get_param: controllerExtraConfig}
827 - {get_param: ControllerExtraConfig}
829 mapped_data: {get_param: ExtraConfig}
831 raw_data: {get_file: hieradata/common.yaml}
834 net_ip_map: {get_attr: [NetIpMap, net_ip_map]}
835 net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]}
836 net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]}
838 raw_data: {get_file: hieradata/ceph.yaml}
840 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
841 ceph::profile::params::public_network: {get_input: ceph_public_network}
842 ceph::profile::params::public_addr: {get_input: ceph_public_ip}
844 raw_data: {get_file: hieradata/database.yaml}
846 raw_data: {get_file: hieradata/object.yaml}
848 raw_data: {get_file: hieradata/controller.yaml}
849 mapped_data: # data supplied directly to this deployment configuration, etc
850 bootstack_nodeid: {get_input: bootstack_nodeid}
853 enable_fencing: {get_input: enable_fencing}
854 enable_load_balancer: {get_input: enable_load_balancer}
855 hacluster_pwd: {get_input: pcsd_password}
856 corosync_ipv6: {get_input: corosync_ipv6}
857 tripleo::fencing::config: {get_input: fencing_config}
860 # FIXME: need to move proxy_local_net_ip into swift-proxy.yaml
861 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
862 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
863 swift::swift_hash_path_suffix: {get_input: swift_hash_suffix}
864 tripleo::ringbuilder::build_ring: { get_input: swift_ring_build }
865 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
866 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
867 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
870 tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: {get_input: cinder_iscsi_network}
871 cinder::api::bind_host: {get_input: cinder_api_network}
872 cinder::keystone::auth::public_url: {get_input: cinder_public_url }
873 cinder::keystone::auth::internal_url: {get_input: cinder_internal_url }
874 cinder::keystone::auth::admin_url: {get_input: cinder_admin_url }
875 cinder::keystone::auth::public_url_v2: {get_input: cinder_public_url_v2 }
876 cinder::keystone::auth::internal_url_v2: {get_input: cinder_internal_url_v2 }
877 cinder::keystone::auth::admin_url_v2: {get_input: cinder_admin_url_v2 }
878 cinder::keystone::auth::password: {get_input: cinder_password }
879 cinder::keystone::auth::region: {get_input: keystone_region}
882 glance::api::bind_host: {get_input: glance_api_network}
883 glance::registry::bind_host: {get_input: glance_registry_network}
884 glance::keystone::auth::region: {get_input: keystone_region}
887 heat::api::bind_host: {get_input: heat_api_network}
888 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
889 heat::api_cfn::bind_host: {get_input: heat_api_network}
890 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
893 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
894 keystone::public_bind_host: {get_input: keystone_public_api_network}
895 keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
896 keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
899 mongodb::server::bind_ip: {get_input: mongo_db_network}
902 admin_password: {get_input: admin_password}
903 enable_galera: {get_input: enable_galera}
904 enable_ceph_storage: {get_input: enable_ceph_storage}
905 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
906 mysql_max_connections: {get_input: mysql_max_connections}
907 mysql::server::root_password: {get_input: mysql_root_password}
908 mysql_clustercheck_password: {get_input: mysql_clustercheck_password}
909 mysql_cluster_name: {get_input: mysql_cluster_name}
910 mysql_bind_host: {get_input: mysql_network}
911 mysql_virtual_ip: {get_input: mysql_virtual_ip}
914 neutron::bind_host: {get_input: neutron_api_network}
915 neutron::network_device_mtu: {get_input: neutron_tenant_mtu}
916 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
917 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
918 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
919 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
920 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
921 neutron::keystone::auth::password: {get_input: neutron_password }
922 neutron::keystone::auth::region: {get_input: keystone_region}
925 ceilometer_backend: {get_input: ceilometer_backend}
926 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
927 ceilometer::telemetry_secret: {get_input: ceilometer_metering_secret}
928 ceilometer::rabbit_userid: {get_input: rabbit_username}
929 ceilometer::rabbit_password: {get_input: rabbit_password}
930 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
931 ceilometer::rabbit_port: {get_input: rabbit_client_port}
932 ceilometer::debug: {get_input: debug}
933 ceilometer::api::host: {get_input: ceilometer_api_network}
934 ceilometer::api::keystone_password: {get_input: ceilometer_password}
935 ceilometer::api::auth_uri: {get_input: keystone_auth_uri}
936 ceilometer::api::identity_uri: {get_input: keystone_identity_uri}
937 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
938 ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url}
939 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
940 ceilometer::agent::notification::store_events: {get_input: ceilometer_store_events}
941 ceilometer::db::mysql::password: {get_input: ceilometer_password}
942 ceilometer::collector::meter_dispatcher: {get_input: ceilometer_meter_dispatcher}
943 ceilometer::dispatcher::gnocchi::url: {get_input: gnocchi_internal_url }
944 ceilometer::dispatcher::gnocchi::filter_project: 'service'
945 ceilometer::dispatcher::gnocchi::archive_policy: 'low'
946 ceilometer::dispatcher::gnocchi::resources_definition_file: 'gnocchi_resources.yaml'
947 ceilometer::keystone::auth::public_url: {get_input: ceilometer_public_url }
948 ceilometer::keystone::auth::internal_url: {get_input: ceilometer_internal_url }
949 ceilometer::keystone::auth::admin_url: {get_input: ceilometer_admin_url }
950 ceilometer::keystone::auth::password: {get_input: ceilometer_password }
951 ceilometer::keystone::auth::region: {get_input: keystone_region}
952 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
953 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
956 aodh_mysql_conn_string: {get_input: aodh_dsn}
957 aodh::rabbit_userid: {get_input: rabbit_username}
958 aodh::rabbit_password: {get_input: rabbit_password}
959 aodh::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
960 aodh::rabbit_port: {get_input: rabbit_client_port}
961 aodh::debug: {get_input: debug}
962 aodh::wsgi::apache::ssl: false
963 aodh::wsgi::apache::bind_host: {get_input: aodh_api_network}
964 aodh::api::service_name: 'httpd'
965 aodh::api::host: {get_input: aodh_api_network}
966 aodh::api::keystone_password: {get_input: aodh_password}
967 aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri}
968 aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri}
969 aodh::auth::auth_url: {get_input: keystone_auth_uri}
970 aodh::auth::auth_password: {get_input: aodh_password}
971 aodh::db::mysql::password: {get_input: aodh_password}
972 # for a migration path from ceilometer-alarm to aodh, we use the same database & coordination
973 aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url}
974 aodh::keystone::auth::public_url: {get_input: aodh_public_url }
975 aodh::keystone::auth::internal_url: {get_input: aodh_internal_url }
976 aodh::keystone::auth::admin_url: {get_input: aodh_admin_url }
977 aodh::keystone::auth::password: {get_input: aodh_password }
978 aodh::keystone::auth::region: {get_input: keystone_region}
981 gnocchi_backend: {get_input: gnocchi_backend}
982 gnocchi_indexer_backend: {get_input: gnocchi_indexer_backend}
983 gnocchi_mysql_conn_string: {get_input: gnocchi_dsn}
984 gnocchi::debug: {get_input: debug}
985 gnocchi::wsgi::apache::ssl: false
986 gnocchi::wsgi::apache::bind_host: {get_input: gnocchi_api_network}
987 gnocchi::api::service_name: 'httpd'
988 gnocchi::api::host: {get_input: gnocchi_api_network}
989 gnocchi::api::keystone_password: {get_input: gnocchi_password}
990 gnocchi::api::keystone_auth_uri: {get_input: keystone_auth_uri}
991 gnocchi::api::keystone_identity_uri: {get_input: keystone_identity_uri}
992 gnocchi::db::mysql::password: {get_input: gnocchi_password}
993 gnocchi::storage::swift::swift_authurl: {get_input: keystone_auth_uri}
994 gnocchi::storage::swift::swift_key: {get_input: gnocchi_password}
995 gnocchi::keystone::auth::public_url: {get_input: gnocchi_public_url }
996 gnocchi::keystone::auth::internal_url: {get_input: gnocchi_internal_url }
997 gnocchi::keystone::auth::admin_url: {get_input: gnocchi_admin_url }
998 gnocchi::keystone::auth::password: {get_input: gnocchi_password }
999 gnocchi::keystone::auth::region: {get_input: keystone_region}
1002 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
1003 nova::use_ipv6: {get_input: nova_ipv6}
1004 nova::api::auth_uri: {get_input: keystone_auth_uri}
1005 nova::api::identity_uri: {get_input: keystone_identity_uri}
1006 nova::api::api_bind_address: {get_input: nova_api_network}
1007 nova::api::metadata_listen: {get_input: nova_metadata_network}
1008 nova::api::admin_password: {get_input: nova_password}
1009 nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu}
1010 nova::database_connection: {get_input: nova_dsn}
1011 nova::api_database_connection: {get_input: nova_api_dsn}
1012 nova::glance_api_servers: {get_input: glance_api_servers}
1013 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1014 nova::api::instance_name_template: {get_input: instance_name_template}
1015 nova::network::neutron::neutron_password: {get_input: neutron_password}
1016 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1017 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
1018 nova::vncproxy::host: {get_input: nova_api_network}
1019 nova::db::mysql::password: {get_input: nova_password}
1020 nova::db::mysql_api::password: {get_input: nova_password}
1021 nova_enable_db_purge: {get_input: nova_enable_db_purge}
1022 nova::keystone::auth::public_url: {get_input: nova_public_url}
1023 nova::keystone::auth::internal_url: {get_input: nova_internal_url}
1024 nova::keystone::auth::admin_url: {get_input: nova_admin_url}
1025 nova::keystone::auth::password: {get_input: nova_password }
1026 nova::keystone::auth::region: {get_input: keystone_region}
1029 apache::mod::remoteip::proxy_ips: {get_input: horizon_subnet}
1030 apache::ip: {get_input: horizon_network}
1031 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1032 horizon::django_debug: {get_input: debug}
1033 horizon::secret_key: {get_input: horizon_secret}
1034 horizon::bind_address: {get_input: horizon_network}
1035 horizon::keystone_url: {get_input: keystone_auth_uri}
1038 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1039 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1041 redis::bind: {get_input: redis_network}
1042 redis_vip: {get_input: redis_vip}
1044 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1045 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1047 memcached_ipv6: {get_input: memcached_ipv6}
1048 memcached::listen_ip: {get_input: memcached_network}
1049 timezone::timezone: {get_input: timezone}
1050 control_virtual_interface: {get_input: control_virtual_interface}
1051 public_virtual_interface: {get_input: public_virtual_interface}
1052 tripleo::keepalived::control_virtual_interface: {get_input: control_virtual_interface}
1053 tripleo::keepalived::public_virtual_interface: {get_input: public_virtual_interface}
1054 tripleo::haproxy::control_virtual_interface: {get_input: control_virtual_interface}
1055 tripleo::haproxy::public_virtual_interface: {get_input: public_virtual_interface}
1056 tripleo::haproxy::haproxy_log_address: {get_input: haproxy_log_address}
1057 tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1058 tripleo::haproxy::haproxy_stats_user: {get_input: haproxy_stats_user}
1059 tripleo::haproxy::haproxy_stats_password: {get_input: haproxy_stats_password}
1060 tripleo::haproxy::redis_password: {get_input: redis_password}
1061 tripleo::packages::enable_install: {get_input: enable_package_install}
1062 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1064 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1065 ControllerExtraConfigPre:
1066 depends_on: ControllerDeployment
1067 type: OS::TripleO::ControllerExtraConfigPre
1069 server: {get_resource: Controller}
1071 # Hook for site-specific additional pre-deployment config,
1072 # applying to all nodes, e.g node registration/unregistration
1074 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1075 type: OS::TripleO::NodeExtraConfig
1077 server: {get_resource: Controller}
1080 type: OS::TripleO::Tasks::PackageUpdate
1083 type: OS::Heat::SoftwareDeployment
1085 name: UpdateDeployment
1086 config: {get_resource: UpdateConfig}
1087 server: {get_resource: Controller}
1090 get_param: UpdateIdentifier
1094 description: IP address of the server in the ctlplane network
1095 value: {get_attr: [Controller, networks, ctlplane, 0]}
1096 external_ip_address:
1097 description: IP address of the server in the external network
1098 value: {get_attr: [ExternalPort, ip_address]}
1099 internal_api_ip_address:
1100 description: IP address of the server in the internal_api network
1101 value: {get_attr: [InternalApiPort, ip_address]}
1103 description: IP address of the server in the storage network
1104 value: {get_attr: [StoragePort, ip_address]}
1105 storage_mgmt_ip_address:
1106 description: IP address of the server in the storage_mgmt network
1107 value: {get_attr: [StorageMgmtPort, ip_address]}
1109 description: IP address of the server in the tenant network
1110 value: {get_attr: [TenantPort, ip_address]}
1111 management_ip_address:
1112 description: IP address of the server in the management network
1113 value: {get_attr: [ManagementPort, ip_address]}
1115 description: Hostname of the server
1116 value: {get_attr: [Controller, name]}
1119 Server's IP address and hostname in the /etc/hosts format
1123 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
1124 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
1125 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
1126 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
1127 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
1128 TENANTIP TENANTHOST.DOMAIN TENANTHOST
1129 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
1131 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1132 DOMAIN: {get_param: CloudDomain}
1133 PRIMARYHOST: {get_attr: [Controller, name]}
1134 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
1138 - - {get_attr: [Controller, name]}
1140 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
1144 - - {get_attr: [Controller, name]}
1146 STORAGEIP: {get_attr: [StoragePort, ip_address]}
1150 - - {get_attr: [Controller, name]}
1152 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
1156 - - {get_attr: [Controller, name]}
1158 TENANTIP: {get_attr: [TenantPort, ip_address]}
1162 - - {get_attr: [Controller, name]}
1164 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
1168 - - {get_attr: [Controller, name]}
1170 nova_server_resource:
1171 description: Heat resource handle for the Nova compute server
1173 {get_resource: Controller}
1175 description: Swift device formatted for swift-ring-builder
1178 template: 'r1z1-IP:%PORT%/d1'
1180 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1181 swift_proxy_memcache:
1182 description: Swift proxy-memcache value
1185 template: "IP:11211"
1187 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1189 description: identifier which changes if the controller configuration may need re-applying
1193 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1194 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1195 - {get_attr: [NodeTLSData, deploy_stdout]}
1196 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1197 - {get_param: UpdateIdentifier}
1198 tls_key_modulus_md5:
1199 description: MD5 checksum of the TLS Key Modulus
1200 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1201 tls_cert_modulus_md5:
1202 description: MD5 checksum of the TLS Certificate Modulus
1203 value: {get_attr: [NodeTLSData, cert_modulus_md5]}
Code Review / apex-tripleo-heat-templates.git / blob