1 heat_template_version: 2016-04-08
4 OpenStack controller node configured by Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
15 description: The password for the aodh services.
18 #TODO(composable Redis): Remove the Redis password param
19 #As is used by ceilometer
20 CeilometerApiVirtualIP:
25 description: The ceilometer backend type.
27 CeilometerMeteringSecret:
28 description: Secret shared by the ceilometer services.
32 description: The password for the ceilometer service and db account.
35 CeilometerStoreEvents:
37 description: Whether to store events in ceilometer.
39 CeilometerMeterDispatcher:
41 description: Dispatcher to process meter data
44 - allowed_values: ['gnocchi', 'database']
50 description: Number of workers for Ceilometer service.
52 controllerExtraConfig:
55 Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
57 ControllerExtraConfig:
60 Controller specific hiera configuration data to inject into the cluster.
65 A network mapped list of IPs to assign to Controllers in the following form:
67 "internal_api": ["a.b.c.d", "e.f.g.h"],
71 ControlVirtualInterface:
73 description: Interface where virtual ip will be assigned.
77 description: Enable IPv6 in Corosync
81 description: Set to True to enable debugging on all services.
85 description: Whether to enable fencing in Pacemaker or not.
89 description: Whether to use Galera instead of regular MariaDB.
93 description: Whether to deploy a LoadBalancer on the Controller
97 description: Whether to deploy Ceph Storage (OSD) on the Controller
102 Additional hieradata to inject into the cluster, note that
103 ControllerExtraConfig takes precedence over ExtraConfig.
108 Pacemaker fencing configuration. The JSON should have
109 the following structure:
113 "agent": "AGENT_NAME",
114 "host_mac": "HOST_MAC_ADDRESS",
115 "params": {"PARAM_NAME": "PARAM_VALUE"}
123 "agent": "fence_xvm",
124 "host_mac": "52:54:00:aa:bb:cc",
126 "multicast_address": "225.0.0.12",
127 "port": "baremetal_0",
129 "manage_key_file": true,
130 "key_file": "/etc/fence_xvm.key",
131 "key_file_password": "abcdef"
138 description: Flavor for control nodes to request when deploying.
141 - custom_constraint: nova.flavor
144 description: The short name of the Gnocchi backend to use. Should be one
145 of swift, rbd, or file
148 - allowed_values: ['swift', 'file', 'rbd']
149 GnocchiIndexerBackend:
151 description: The short name of the Gnocchi indexer backend to use.
157 description: The password for the gnocchi service and db account.
160 HAProxyStatsPassword:
161 description: Password for HAProxy stats endpoint
164 description: User for HAProxy stats endpoint
167 HAProxySyslogAddress:
169 description: Syslog address where HAproxy will send its log
171 HeatAuthEncryptionKey:
172 description: Auth encryption key for heat-engine
177 description: A list of IP/Hostname allowed to connect to horizon
178 type: comma_delimited_list
180 description: Secret key for Django
185 default: overcloud-control
187 - custom_constraint: glance.image
189 default: 'REBUILD_PRESERVE_EPHEMERAL'
190 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
192 InstanceNameTemplate:
193 default: 'instance-%08x'
194 description: Template string to be used to generate instance names
198 description: Name of an existing Nova key pair to enable SSH access to the instances
201 - custom_constraint: nova.keypair
205 description: Keystone region for endpoint
208 description: Whether to manage IPtables rules.
212 description: Enable IPv6 features in Memcached.
216 description: Whether IPtables rules should be purged before setting up the new ones.
221 MysqlClusterUniquePart:
222 description: A unique identifier of the MySQL cluster the controller is in.
224 default: 'unset' # Has to be here because of the ignored empty value bug
225 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
227 # - length: {min: 4, max: 10}
228 MysqlInnodbBufferPoolSize:
230 Specifies the size of the buffer pool in megabytes. Setting to
231 zero should be interpreted as "no value" and will defer to the
236 description: Configures MySQL max_connections config setting
239 MysqlClustercheckPassword:
245 default: '' # Has to be here because of the ignored empty value bug
246 NeutronMetadataProxySharedSecret:
247 description: Shared secret to prevent spoofing
251 description: The password for the neutron service and db account, used by neutron agents.
254 NeutronPublicInterface:
256 description: What interface to bridge onto br-ex for network nodes.
260 The default MTU for tenant networks. For VXLAN/GRE tunneling, this should
261 be at least 50 bytes smaller than the MTU on the physical network. This
262 value will be used to set the MTU on the virtual Ethernet device.
263 This number is related to the value of NeutronDnsmasqOptions, since that
264 will determine the MTU that is assigned to the VM host through DHCP.
273 Whether to create cron job for purging soft deleted rows in Nova database.
277 description: Enable IPv6 features in Nova
280 description: The password for the nova service and db account, used by nova-api.
285 description: The password for the 'pcsd' user.
287 PublicVirtualInterface:
290 Specifies the interface where the public-facing virtual ip will be assigned.
291 This should be int_public when a VLAN is being used.
295 default: '' # Has to be here because of the ignored empty value bug
298 default: '' # Has to be here because of the ignored empty value bug
301 description: The password for RabbitMQ
306 description: The username for RabbitMQ
311 Rabbit client subscriber parameter to specify
312 an SSL connection to the RabbitMQ host.
316 description: Set rabbit subscriber port, change this if using SSL
319 description: The password for Redis
324 default: '' # Has to be here because of the ignored empty value bug
327 default: '' # Has to be here because of the ignored empty value bug
328 description: An IP address which is wrapped in brackets in case of IPv6
329 SnmpdReadonlyUserName:
330 default: ro_snmp_user
331 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
333 SnmpdReadonlyUserPassword:
334 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
338 description: A random string to be used as a salt when hashing to determine mappings
345 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
348 description: Partition Power to use when building Swift rings
352 description: Whether to manage Swift rings or not
360 description: How many replicas to use in the swift rings.
363 description: The timezone to be set on controller nodes.
365 UpgradeLevelNovaCompute:
367 description: Nova Compute upgrade level
369 VirtualIP: # DEPRECATED: use per service settings instead
371 default: '' # Has to be here because of the ignored empty value bug
384 EnablePackageInstall:
386 description: Set to true to enable package installation via Puppet
390 description: Mapping of service_name -> network name. Typically set
391 via parameter_defaults in the resource registry.
395 description: Mapping of service endpoint -> protocol. Typically set
396 via parameter_defaults in the resource registry.
402 Setting to a previously unused value during stack-update will trigger
403 package update on all nodes
406 default: '' # Defaults to Heat created hostname
410 description: Optional mapping to override hostnames
411 NetworkDeploymentActions:
412 type: comma_delimited_list
414 Heat action when to apply network configuration changes
419 SoftwareConfigTransport:
420 default: POLL_SERVER_CFN
422 How the server should receive the metadata required for software configuration.
425 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
430 The DNS domain used for the hosts. This should match the dhcp_domain
431 configured in the Undercloud neutron. Defaults to localdomain.
435 Extra properties or metadata passed to Nova for the created nodes in
436 the overcloud. It's accessible via the Nova metadata API.
440 description: Optional scheduler hints to pass to nova
442 ServiceConfigSettings:
448 description: Do not use deprecated params, they will be removed.
450 - controllerExtraConfig
455 type: OS::Nova::Server
457 image: {get_param: Image}
458 image_update_policy: {get_param: ImageUpdatePolicy}
459 flavor: {get_param: Flavor}
460 key_name: {get_param: KeyName}
463 user_data_format: SOFTWARE_CONFIG
464 user_data: {get_resource: UserData}
467 template: {get_param: Hostname}
468 params: {get_param: HostnameMap}
469 software_config_transport: {get_param: SoftwareConfigTransport}
470 metadata: {get_param: ServerMetadata}
471 scheduler_hints: {get_param: SchedulerHints}
473 # Combine the NodeAdminUserData and NodeUserData mime archives
475 type: OS::Heat::MultipartMime
478 - config: {get_resource: NodeAdminUserData}
480 - config: {get_resource: NodeUserData}
483 # Creates the "heat-admin" user if configured via the environment
484 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
486 type: OS::TripleO::NodeAdminUserData
488 # For optional operator additional userdata
489 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
491 type: OS::TripleO::NodeUserData
494 type: OS::TripleO::Controller::Ports::ExternalPort
496 IPPool: {get_param: ControllerIPs}
497 NodeIndex: {get_param: NodeIndex}
498 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
501 type: OS::TripleO::Controller::Ports::InternalApiPort
503 IPPool: {get_param: ControllerIPs}
504 NodeIndex: {get_param: NodeIndex}
505 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
508 type: OS::TripleO::Controller::Ports::StoragePort
510 IPPool: {get_param: ControllerIPs}
511 NodeIndex: {get_param: NodeIndex}
512 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
515 type: OS::TripleO::Controller::Ports::StorageMgmtPort
517 IPPool: {get_param: ControllerIPs}
518 NodeIndex: {get_param: NodeIndex}
519 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
522 type: OS::TripleO::Controller::Ports::TenantPort
524 IPPool: {get_param: ControllerIPs}
525 NodeIndex: {get_param: NodeIndex}
526 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
529 type: OS::TripleO::Controller::Ports::ManagementPort
531 IPPool: {get_param: ControllerIPs}
532 NodeIndex: {get_param: NodeIndex}
533 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
536 type: OS::TripleO::Network::Ports::NetIpMap
538 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
539 ExternalIp: {get_attr: [ExternalPort, ip_address]}
540 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
541 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
542 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
543 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
544 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
545 StorageIp: {get_attr: [StoragePort, ip_address]}
546 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
547 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
548 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
549 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
550 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
551 TenantIp: {get_attr: [TenantPort, ip_address]}
552 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
553 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
554 ManagementIp: {get_attr: [ManagementPort, ip_address]}
555 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
556 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
559 type: OS::TripleO::Controller::Net::SoftwareConfig
561 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
562 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
563 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
564 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
565 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
566 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
567 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
570 type: OS::TripleO::SoftwareDeployment
572 name: NetworkDeployment
573 config: {get_resource: NetworkConfig}
574 server: {get_resource: Controller}
575 actions: {get_param: NetworkDeploymentActions}
578 interface_name: {get_param: NeutronPublicInterface}
580 # Resource for site-specific injection of root certificate
582 depends_on: NetworkDeployment
583 type: OS::TripleO::NodeTLSCAData
585 server: {get_resource: Controller}
587 # Resource for site-specific passing of private keys/certificates
589 depends_on: NodeTLSCAData
590 type: OS::TripleO::NodeTLSData
592 server: {get_resource: Controller}
593 NodeIndex: {get_param: NodeIndex}
596 ControllerDeployment:
597 type: OS::TripleO::SoftwareDeployment
598 depends_on: NetworkDeployment
600 name: ControllerDeployment
601 config: {get_resource: ControllerConfig}
602 server: {get_resource: Controller}
604 bootstack_nodeid: {get_attr: [Controller, name]}
605 ceilometer_workers: {get_param: CeilometerWorkers}
606 haproxy_log_address: {get_param: HAProxySyslogAddress}
607 haproxy_stats_password: {get_param: HAProxyStatsPassword}
608 haproxy_stats_user: {get_param: HAProxyStatsUser}
609 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
610 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
611 horizon_secret: {get_param: HorizonSecret}
612 admin_password: {get_param: AdminPassword}
613 debug: {get_param: Debug}
614 cinder_public_url: {get_param: [EndpointMap, CinderPublic, uri]}
615 cinder_internal_url: {get_param: [EndpointMap, CinderInternal, uri]}
616 cinder_admin_url: {get_param: [EndpointMap, CinderAdmin, uri]}
617 cinder_public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]}
618 cinder_internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]}
619 cinder_admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]}
620 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
621 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
622 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
623 enable_fencing: {get_param: EnableFencing}
624 enable_galera: {get_param: EnableGalera}
625 enable_load_balancer: {get_param: EnableLoadBalancer}
626 enable_ceph_storage: {get_param: EnableCephStorage}
627 manage_firewall: {get_param: ManageFirewall}
628 purge_firewall_rules: {get_param: PurgeFirewallRules}
629 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
630 mysql_max_connections: {get_param: MysqlMaxConnections}
631 mysql_root_password: {get_param: MysqlRootPassword}
632 mysql_clustercheck_password: {get_param: MysqlClustercheckPassword}
635 template: tripleo-CLUSTER
637 CLUSTER: {get_param: MysqlClusterUniquePart}
638 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
639 neutron_password: {get_param: NeutronPassword}
640 neutron_tenant_mtu: {get_param: NeutronTenantMtu}
641 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
642 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
643 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
644 neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
645 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
646 ceilometer_backend: {get_param: CeilometerBackend}
647 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
648 ceilometer_password: {get_param: CeilometerPassword}
649 ceilometer_store_events: {get_param: CeilometerStoreEvents}
650 aodh_password: {get_param: AodhPassword}
651 aodh_internal_url: { get_param: [ EndpointMap, AodhInternal, uri ] }
652 aodh_public_url: { get_param: [ EndpointMap, AodhPublic, uri ] }
653 aodh_admin_url: { get_param: [ EndpointMap, AodhAdmin, uri ] }
654 ceilometer_meter_dispatcher: {get_param: CeilometerMeterDispatcher}
655 gnocchi_password: {get_param: GnocchiPassword}
656 gnocchi_backend: {get_param: GnocchiBackend}
657 gnocchi_indexer_backend: {get_param: GnocchiIndexerBackend}
658 ceilometer_coordination_url:
662 - {get_param: RedisPassword}
664 - {get_param: RedisVirtualIPUri}
669 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
671 - {get_param: CeilometerPassword}
673 - {get_param: [EndpointMap, MysqlInternal, host]}
678 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
680 - {get_param: GnocchiPassword}
682 - {get_param: [EndpointMap, MysqlInternal, host]}
687 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
689 - {get_param: AodhPassword}
691 - {get_param: [EndpointMap, MysqlInternal, host]}
693 gnocchi_internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]}
694 gnocchi_public_url: { get_param: [ EndpointMap, GnocchiPublic, uri ] }
695 gnocchi_admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] }
696 ceilometer_public_url: {get_param: [EndpointMap, CeilometerPublic, uri]}
697 ceilometer_internal_url: {get_param: [EndpointMap, CeilometerInternal, uri]}
698 ceilometer_admin_url: {get_param: [EndpointMap, CeilometerAdmin, uri]}
699 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
700 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
701 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
702 nova_ipv6: {get_param: NovaIPv6}
703 corosync_ipv6: {get_param: CorosyncIPv6}
704 memcached_ipv6: {get_param: MemcachedIPv6}
705 nova_password: {get_param: NovaPassword}
709 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
711 - {get_param: NovaPassword}
713 - {get_param: [EndpointMap, MysqlInternal, host]}
718 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
720 - {get_param: NovaPassword}
722 - {get_param: [EndpointMap, MysqlInternal, host]}
724 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
725 instance_name_template: {get_param: InstanceNameTemplate}
726 nova_public_url: {get_param: [EndpointMap, NovaPublic, uri]}
727 nova_internal_url: {get_param: [EndpointMap, NovaInternal, uri]}
728 nova_admin_url: {get_param: [EndpointMap, NovaAdmin, uri]}
729 fencing_config: {get_param: FencingConfig}
730 pcsd_password: {get_param: PcsdPassword}
731 rabbit_username: {get_param: RabbitUserName}
732 rabbit_password: {get_param: RabbitPassword}
733 rabbit_cookie: {get_param: RabbitCookie}
734 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
735 rabbit_client_port: {get_param: RabbitClientPort}
736 timezone: {get_param: TimeZone}
737 control_virtual_interface: {get_param: ControlVirtualInterface}
738 public_virtual_interface: {get_param: PublicVirtualInterface}
739 swift_hash_suffix: {get_param: SwiftHashSuffix}
740 swift_part_power: {get_param: SwiftPartPower}
741 swift_ring_build: {get_param: SwiftRingBuild}
742 swift_replicas: {get_param: SwiftReplicas}
743 swift_min_part_hours: {get_param: SwiftMinPartHours}
744 enable_package_install: {get_param: EnablePackageInstall}
745 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
746 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
747 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
748 cinder_iscsi_network:
752 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
753 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
754 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
755 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
756 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
757 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
758 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
759 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
760 keystone_region: {get_param: KeystoneRegion}
761 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
762 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
763 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
764 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
765 aodh_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]}
766 gnocchi_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]}
767 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
768 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
769 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
772 template: "['SUBNET']"
774 SUBNET: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
775 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
776 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
777 redis_vip: {get_param: RedisVirtualIP}
778 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
779 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
780 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
781 mysql_virtual_ip: {get_param: MysqlVirtualIP}
782 ceph_cluster_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
783 ceph_public_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
784 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
786 # Map heat metadata into hiera datafiles
788 type: OS::Heat::StructuredConfig
790 group: os-apply-config
795 - heat_config_%{::deploy_config_name}
796 - controller_extraconfig
802 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
803 - ceph_cluster # provided by CephClusterConfig
805 - bootstrap_node # provided by BootstrapNodeConfig
806 - all_nodes # provided by allNodesConfig
807 - vip_data # provided by vip-config
811 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
812 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
813 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
814 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
815 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
816 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
817 - midonet_data #Optionally provided by AllNodesExtraConfig
818 merge_behavior: deeper
821 mapped_data: {get_param: ServiceConfigSettings}
822 controller_extraconfig:
825 - {get_param: controllerExtraConfig}
826 - {get_param: ControllerExtraConfig}
828 mapped_data: {get_param: ExtraConfig}
830 raw_data: {get_file: hieradata/common.yaml}
833 net_ip_map: {get_attr: [NetIpMap, net_ip_map]}
834 net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]}
835 net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]}
837 raw_data: {get_file: hieradata/ceph.yaml}
839 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
840 ceph::profile::params::public_network: {get_input: ceph_public_network}
841 ceph::profile::params::public_addr: {get_input: ceph_public_ip}
843 raw_data: {get_file: hieradata/database.yaml}
845 raw_data: {get_file: hieradata/object.yaml}
847 raw_data: {get_file: hieradata/controller.yaml}
848 mapped_data: # data supplied directly to this deployment configuration, etc
849 bootstack_nodeid: {get_input: bootstack_nodeid}
852 enable_fencing: {get_input: enable_fencing}
853 enable_load_balancer: {get_input: enable_load_balancer}
854 hacluster_pwd: {get_input: pcsd_password}
855 corosync_ipv6: {get_input: corosync_ipv6}
856 tripleo::fencing::config: {get_input: fencing_config}
859 # FIXME: need to move proxy_local_net_ip into swift-proxy.yaml
860 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
861 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
862 swift::swift_hash_path_suffix: {get_input: swift_hash_suffix}
863 tripleo::ringbuilder::build_ring: { get_input: swift_ring_build }
864 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
865 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
866 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
869 tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: {get_input: cinder_iscsi_network}
870 cinder::api::bind_host: {get_input: cinder_api_network}
871 cinder::keystone::auth::public_url: {get_input: cinder_public_url }
872 cinder::keystone::auth::internal_url: {get_input: cinder_internal_url }
873 cinder::keystone::auth::admin_url: {get_input: cinder_admin_url }
874 cinder::keystone::auth::public_url_v2: {get_input: cinder_public_url_v2 }
875 cinder::keystone::auth::internal_url_v2: {get_input: cinder_internal_url_v2 }
876 cinder::keystone::auth::admin_url_v2: {get_input: cinder_admin_url_v2 }
877 cinder::keystone::auth::password: {get_input: cinder_password }
878 cinder::keystone::auth::region: {get_input: keystone_region}
881 glance::api::bind_host: {get_input: glance_api_network}
882 glance::registry::bind_host: {get_input: glance_registry_network}
883 glance::keystone::auth::region: {get_input: keystone_region}
886 heat::api::bind_host: {get_input: heat_api_network}
887 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
888 heat::api_cfn::bind_host: {get_input: heat_api_network}
889 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
892 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
893 keystone::public_bind_host: {get_input: keystone_public_api_network}
894 keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
895 keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
898 mongodb::server::bind_ip: {get_input: mongo_db_network}
901 admin_password: {get_input: admin_password}
902 enable_galera: {get_input: enable_galera}
903 enable_ceph_storage: {get_input: enable_ceph_storage}
904 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
905 mysql_max_connections: {get_input: mysql_max_connections}
906 mysql::server::root_password: {get_input: mysql_root_password}
907 mysql_clustercheck_password: {get_input: mysql_clustercheck_password}
908 mysql_cluster_name: {get_input: mysql_cluster_name}
909 mysql_bind_host: {get_input: mysql_network}
910 mysql_virtual_ip: {get_input: mysql_virtual_ip}
913 neutron::bind_host: {get_input: neutron_api_network}
914 neutron::network_device_mtu: {get_input: neutron_tenant_mtu}
915 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
916 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
917 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
918 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
919 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
920 neutron::keystone::auth::password: {get_input: neutron_password }
921 neutron::keystone::auth::region: {get_input: keystone_region}
924 ceilometer_backend: {get_input: ceilometer_backend}
925 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
926 ceilometer::telemetry_secret: {get_input: ceilometer_metering_secret}
927 ceilometer::rabbit_userid: {get_input: rabbit_username}
928 ceilometer::rabbit_password: {get_input: rabbit_password}
929 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
930 ceilometer::rabbit_port: {get_input: rabbit_client_port}
931 ceilometer::debug: {get_input: debug}
932 ceilometer::api::host: {get_input: ceilometer_api_network}
933 ceilometer::api::keystone_password: {get_input: ceilometer_password}
934 ceilometer::api::auth_uri: {get_input: keystone_auth_uri}
935 ceilometer::api::identity_uri: {get_input: keystone_identity_uri}
936 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
937 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
938 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
939 ceilometer::agent::notification::store_events: {get_input: ceilometer_store_events}
940 ceilometer::db::mysql::password: {get_input: ceilometer_password}
941 ceilometer::collector::meter_dispatcher: {get_input: ceilometer_meter_dispatcher}
942 ceilometer::dispatcher::gnocchi::url: {get_input: gnocchi_internal_url }
943 ceilometer::dispatcher::gnocchi::filter_project: 'service'
944 ceilometer::dispatcher::gnocchi::archive_policy: 'low'
945 ceilometer::dispatcher::gnocchi::resources_definition_file: 'gnocchi_resources.yaml'
946 ceilometer::keystone::auth::public_url: {get_input: ceilometer_public_url }
947 ceilometer::keystone::auth::internal_url: {get_input: ceilometer_internal_url }
948 ceilometer::keystone::auth::admin_url: {get_input: ceilometer_admin_url }
949 ceilometer::keystone::auth::password: {get_input: ceilometer_password }
950 ceilometer::keystone::auth::region: {get_input: keystone_region}
951 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
952 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
955 aodh_mysql_conn_string: {get_input: aodh_dsn}
956 aodh::rabbit_userid: {get_input: rabbit_username}
957 aodh::rabbit_password: {get_input: rabbit_password}
958 aodh::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
959 aodh::rabbit_port: {get_input: rabbit_client_port}
960 aodh::debug: {get_input: debug}
961 aodh::wsgi::apache::ssl: false
962 aodh::wsgi::apache::bind_host: {get_input: aodh_api_network}
963 aodh::api::service_name: 'httpd'
964 aodh::api::host: {get_input: aodh_api_network}
965 aodh::api::keystone_password: {get_input: aodh_password}
966 aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri}
967 aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri}
968 aodh::auth::auth_url: {get_input: keystone_auth_uri}
969 aodh::auth::auth_password: {get_input: aodh_password}
970 aodh::db::mysql::password: {get_input: aodh_password}
971 # for a migration path from ceilometer-alarm to aodh, we use the same database & coordination
972 aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url}
973 aodh::keystone::auth::public_url: {get_input: aodh_public_url }
974 aodh::keystone::auth::internal_url: {get_input: aodh_internal_url }
975 aodh::keystone::auth::admin_url: {get_input: aodh_admin_url }
976 aodh::keystone::auth::password: {get_input: aodh_password }
977 aodh::keystone::auth::region: {get_input: keystone_region}
980 gnocchi_backend: {get_input: gnocchi_backend}
981 gnocchi_indexer_backend: {get_input: gnocchi_indexer_backend}
982 gnocchi_mysql_conn_string: {get_input: gnocchi_dsn}
983 gnocchi::debug: {get_input: debug}
984 gnocchi::wsgi::apache::ssl: false
985 gnocchi::wsgi::apache::bind_host: {get_input: gnocchi_api_network}
986 gnocchi::api::service_name: 'httpd'
987 gnocchi::api::host: {get_input: gnocchi_api_network}
988 gnocchi::api::keystone_password: {get_input: gnocchi_password}
989 gnocchi::api::keystone_auth_uri: {get_input: keystone_auth_uri}
990 gnocchi::api::keystone_identity_uri: {get_input: keystone_identity_uri}
991 gnocchi::db::mysql::password: {get_input: gnocchi_password}
992 gnocchi::storage::swift::swift_authurl: {get_input: keystone_auth_uri}
993 gnocchi::storage::swift::swift_key: {get_input: gnocchi_password}
994 gnocchi::keystone::auth::public_url: {get_input: gnocchi_public_url }
995 gnocchi::keystone::auth::internal_url: {get_input: gnocchi_internal_url }
996 gnocchi::keystone::auth::admin_url: {get_input: gnocchi_admin_url }
997 gnocchi::keystone::auth::password: {get_input: gnocchi_password }
998 gnocchi::keystone::auth::region: {get_input: keystone_region}
1001 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
1002 nova::use_ipv6: {get_input: nova_ipv6}
1003 nova::api::auth_uri: {get_input: keystone_auth_uri}
1004 nova::api::identity_uri: {get_input: keystone_identity_uri}
1005 nova::api::api_bind_address: {get_input: nova_api_network}
1006 nova::api::metadata_listen: {get_input: nova_metadata_network}
1007 nova::api::admin_password: {get_input: nova_password}
1008 nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu}
1009 nova::database_connection: {get_input: nova_dsn}
1010 nova::api_database_connection: {get_input: nova_api_dsn}
1011 nova::glance_api_servers: {get_input: glance_api_servers}
1012 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1013 nova::api::instance_name_template: {get_input: instance_name_template}
1014 nova::network::neutron::neutron_password: {get_input: neutron_password}
1015 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1016 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
1017 nova::vncproxy::host: {get_input: nova_api_network}
1018 nova::db::mysql::password: {get_input: nova_password}
1019 nova::db::mysql_api::password: {get_input: nova_password}
1020 nova_enable_db_purge: {get_input: nova_enable_db_purge}
1021 nova::keystone::auth::public_url: {get_input: nova_public_url}
1022 nova::keystone::auth::internal_url: {get_input: nova_internal_url}
1023 nova::keystone::auth::admin_url: {get_input: nova_admin_url}
1024 nova::keystone::auth::password: {get_input: nova_password }
1025 nova::keystone::auth::region: {get_input: keystone_region}
1028 apache::mod::remoteip::proxy_ips: {get_input: horizon_subnet}
1029 apache::ip: {get_input: horizon_network}
1030 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1031 horizon::django_debug: {get_input: debug}
1032 horizon::secret_key: {get_input: horizon_secret}
1033 horizon::bind_address: {get_input: horizon_network}
1034 horizon::keystone_url: {get_input: keystone_auth_uri}
1037 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1038 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1040 redis::bind: {get_input: redis_network}
1041 redis_vip: {get_input: redis_vip}
1043 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1044 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1046 memcached_ipv6: {get_input: memcached_ipv6}
1047 memcached::listen_ip: {get_input: memcached_network}
1048 timezone::timezone: {get_input: timezone}
1049 control_virtual_interface: {get_input: control_virtual_interface}
1050 public_virtual_interface: {get_input: public_virtual_interface}
1051 tripleo::keepalived::control_virtual_interface: {get_input: control_virtual_interface}
1052 tripleo::keepalived::public_virtual_interface: {get_input: public_virtual_interface}
1053 tripleo::haproxy::control_virtual_interface: {get_input: control_virtual_interface}
1054 tripleo::haproxy::public_virtual_interface: {get_input: public_virtual_interface}
1055 tripleo::haproxy::haproxy_log_address: {get_input: haproxy_log_address}
1056 tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1057 tripleo::haproxy::haproxy_stats_user: {get_input: haproxy_stats_user}
1058 tripleo::haproxy::haproxy_stats_password: {get_input: haproxy_stats_password}
1059 tripleo::haproxy::redis_password: {get_input: redis_password}
1060 tripleo::packages::enable_install: {get_input: enable_package_install}
1061 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1063 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1064 ControllerExtraConfigPre:
1065 depends_on: ControllerDeployment
1066 type: OS::TripleO::ControllerExtraConfigPre
1068 server: {get_resource: Controller}
1070 # Hook for site-specific additional pre-deployment config,
1071 # applying to all nodes, e.g node registration/unregistration
1073 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1074 type: OS::TripleO::NodeExtraConfig
1076 server: {get_resource: Controller}
1079 type: OS::TripleO::Tasks::PackageUpdate
1082 type: OS::Heat::SoftwareDeployment
1084 name: UpdateDeployment
1085 config: {get_resource: UpdateConfig}
1086 server: {get_resource: Controller}
1089 get_param: UpdateIdentifier
1093 description: IP address of the server in the ctlplane network
1094 value: {get_attr: [Controller, networks, ctlplane, 0]}
1095 external_ip_address:
1096 description: IP address of the server in the external network
1097 value: {get_attr: [ExternalPort, ip_address]}
1098 internal_api_ip_address:
1099 description: IP address of the server in the internal_api network
1100 value: {get_attr: [InternalApiPort, ip_address]}
1102 description: IP address of the server in the storage network
1103 value: {get_attr: [StoragePort, ip_address]}
1104 storage_mgmt_ip_address:
1105 description: IP address of the server in the storage_mgmt network
1106 value: {get_attr: [StorageMgmtPort, ip_address]}
1108 description: IP address of the server in the tenant network
1109 value: {get_attr: [TenantPort, ip_address]}
1110 management_ip_address:
1111 description: IP address of the server in the management network
1112 value: {get_attr: [ManagementPort, ip_address]}
1114 description: Hostname of the server
1115 value: {get_attr: [Controller, name]}
1118 Server's IP address and hostname in the /etc/hosts format
1122 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
1123 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
1124 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
1125 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
1126 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
1127 TENANTIP TENANTHOST.DOMAIN TENANTHOST
1128 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
1130 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1131 DOMAIN: {get_param: CloudDomain}
1132 PRIMARYHOST: {get_attr: [Controller, name]}
1133 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
1137 - - {get_attr: [Controller, name]}
1139 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
1143 - - {get_attr: [Controller, name]}
1145 STORAGEIP: {get_attr: [StoragePort, ip_address]}
1149 - - {get_attr: [Controller, name]}
1151 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
1155 - - {get_attr: [Controller, name]}
1157 TENANTIP: {get_attr: [TenantPort, ip_address]}
1161 - - {get_attr: [Controller, name]}
1163 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
1167 - - {get_attr: [Controller, name]}
1169 nova_server_resource:
1170 description: Heat resource handle for the Nova compute server
1172 {get_resource: Controller}
1174 description: Swift device formatted for swift-ring-builder
1177 template: 'r1z1-IP:%PORT%/d1'
1179 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1180 swift_proxy_memcache:
1181 description: Swift proxy-memcache value
1184 template: "IP:11211"
1186 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1188 description: identifier which changes if the controller configuration may need re-applying
1192 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1193 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1194 - {get_attr: [NodeTLSData, deploy_stdout]}
1195 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1196 - {get_param: UpdateIdentifier}
1197 tls_key_modulus_md5:
1198 description: MD5 checksum of the TLS Key Modulus
1199 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1200 tls_cert_modulus_md5:
1201 description: MD5 checksum of the TLS Certificate Modulus
1202 value: {get_attr: [NodeTLSData, cert_modulus_md5]}
Code Review / apex-tripleo-heat-templates.git / blob