1 heat_template_version: 2015-10-15
4 OpenStack controller node configured by Puppet.
8 default: 'admin@example.com'
9 description: The email for the keystone admin account.
13 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
17 description: The keystone auth secret and db password.
20 CeilometerApiVirtualIP:
25 description: The ceilometer backend type.
27 CeilometerMeteringSecret:
28 description: Secret shared by the ceilometer services.
32 description: The password for the ceilometer service and db account.
40 description: Number of workers for Ceilometer service.
45 Whether to create cron job for purging soft deleted rows in Cinder database.
47 CinderEnableNfsBackend:
49 description: Whether to enable or not the NFS backend for Cinder
51 CinderEnableIscsiBackend:
53 description: Whether to enable or not the Iscsi backend for Cinder
55 CinderEnableRbdBackend:
57 description: Whether to enable or not the Rbd backend for Cinder
61 description: The iSCSI helper to use with cinder.
63 CinderLVMLoopDeviceSize:
65 description: The size of the loopback file used by the cinder LVM driver.
67 CinderNfsMountOptions:
70 Mount options for NFS mounts used by Cinder NFS backend. Effective
71 when CinderEnableNfsBackend is true.
76 NFS servers used by Cinder NFS backend. Effective when
77 CinderEnableNfsBackend is true.
78 type: comma_delimited_list
80 description: The password for the cinder service and db account, used by cinder-api.
85 description: Contains parameters to configure Cinder backends. Typically
86 set via parameter_defaults in the resource registry.
90 description: Number of workers for Cinder service.
94 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
96 ControllerExtraConfig:
99 Controller specific hiera configuration data to inject into the cluster.
104 A network mapped list of IPs to assign to Controllers in the following form:
106 "internal_api": ["a.b.c.d", "e.f.g.h"],
110 ControlVirtualInterface:
112 description: Interface where virtual ip will be assigned.
116 description: Set to True to enable debugging on all services.
120 description: Whether to enable fencing in Pacemaker or not.
124 description: Whether to use Galera instead of regular MariaDB.
128 description: Whether to deploy a LoadBalancer on the Controller
132 description: Whether to deploy Ceph Storage (OSD) on the Controller
136 description: Whether to enable Swift Storage on the Controller
141 Additional hieradata to inject into the cluster, note that
142 ControllerExtraConfig takes precedence over ExtraConfig.
147 Pacemaker fencing configuration. The JSON should have
148 the following structure:
152 "agent": "AGENT_NAME",
153 "host_mac": "HOST_MAC_ADDRESS",
154 "params": {"PARAM_NAME": "PARAM_VALUE"}
162 "agent": "fence_xvm",
163 "host_mac": "52:54:00:aa:bb:cc",
165 "multicast_address": "225.0.0.12",
166 "port": "baremetal_0",
168 "manage_key_file": true,
169 "key_file": "/etc/fence_xvm.key",
170 "key_file_password": "abcdef"
177 description: Flavor for control nodes to request when deploying.
180 - custom_constraint: nova.flavor
181 GlanceNotifierStrategy:
182 description: Strategy to use for Glance notification queue
186 description: The filepath of the file to use for logging messages from Glance.
190 description: The password for the glance service and db account, used by the glance services.
195 description: The short name of the Glance backend to use. Should be one
196 of swift, rbd, or file
199 - allowed_values: ['swift', 'file', 'rbd']
200 GlanceFilePcmkDevice:
203 An exported storage device that should be mounted by Pacemaker
204 as Glance storage. Effective when GlanceFilePcmkManage is true.
206 GlanceFilePcmkFstype:
209 Filesystem type for Pacemaker mount used as Glance storage.
210 Effective when GlanceFilePcmkManage is true.
212 GlanceFilePcmkManage:
215 Whether to make Glance file backend a mount managed by Pacemaker.
216 Effective when GlanceBackend is 'file'.
218 GlanceFilePcmkOptions:
221 Mount options for Pacemaker mount used as Glance storage.
222 Effective when GlanceFilePcmkManage is true.
224 HAProxySyslogAddress:
226 description: Syslog address where HAproxy will send its log
230 description: Number of workers for Glance service.
233 description: The password for the Heat service and db account, used by the Heat services.
236 HeatStackDomainAdminPassword:
237 description: Password for heat_domain_admin user.
240 HeatAuthEncryptionKey:
241 description: Auth encryption key for heat-engine
246 description: A list of IP/Hostname allowed to connect to horizon
247 type: comma_delimited_list
250 description: Number of workers for Heat service.
253 description: Secret key for Django
258 default: overcloud-control
260 - custom_constraint: glance.image
262 default: 'REBUILD_PRESERVE_EPHEMERAL'
263 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
265 InstanceNameTemplate:
266 default: 'instance-%08x'
267 description: Template string to be used to generate instance names
271 description: Name of an existing Nova key pair to enable SSH access to the instances
274 - custom_constraint: nova.keypair
275 KeystoneCACertificate:
277 description: Keystone self-signed certificate authority certificate.
279 KeystoneEnableDBPurge:
282 Whether to create cron job for purging soft deleted rows in Keystone database.
284 KeystoneSigningCertificate:
286 description: Keystone certificate for verifying token validity.
290 description: Keystone key for signing tokens.
293 KeystoneSSLCertificate:
295 description: Keystone certificate for verifying token validity.
297 KeystoneSSLCertificateKey:
299 description: Keystone key for signing tokens.
302 KeystoneNotificationDriver:
303 description: Comma-separated list of Oslo notification drivers used by Keystone
304 default: ['messaging']
305 type: comma_delimited_list
306 KeystoneNotificationFormat:
307 description: The Keystone notification format
311 - allowed_values: [ 'basic', 'cadf' ]
315 description: Keystone region for endpoint
318 description: Whether to manage IPtables rules.
322 description: Whether IPtables rules should be purged before setting up the new ones.
326 description: Number of workers for Keystone service.
333 description: The password for the sahara service account, used by sahara-api.
336 MysqlClusterUniquePart:
337 description: A unique identifier of the MySQL cluster the controller is in.
339 default: 'unset' # Has to be here because of the ignored empty value bug
340 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
342 # - length: {min: 4, max: 10}
343 MysqlInnodbBufferPoolSize:
345 Specifies the size of the buffer pool in megabytes. Setting to
346 zero should be interpreted as "no value" and will defer to the
351 description: Configures MySQL max_connections config setting
357 default: '' # Has to be here because of the ignored empty value bug
358 NeutronExternalNetworkBridge:
359 description: Name of bridge used for external network traffic.
362 NeutronBridgeMappings:
364 The OVS logical->physical bridge mappings to use. See the Neutron
365 documentation for details. Defaults to mapping br-ex - the external
366 bridge on hosts - to a physical name 'datacentre' which can be used
367 to create provider networks (and we use this for the default floating
368 network) - if changing this either use different post-install network
369 scripts or be sure to keep 'datacentre' as a mapping network name.
370 type: comma_delimited_list
371 default: "datacentre:br-ex"
372 NeutronDnsmasqOptions:
373 default: 'dhcp-option-force=26,1400'
374 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
376 NeutronEnableDHCPAgent:
377 description: Knob to enable/disable DHCP Agent
380 NeutronEnableL3Agent:
381 description: Knob to enable/disable L3 agent
384 NeutronEnableMetadataAgent:
385 description: Knob to enable/disable Metadata agent
388 NeutronEnableOVSAgent:
389 description: Knob to enable/disable OVS Agent
394 description: Agent mode for the neutron-l3-agent on the controller hosts
398 description: Whether to enable l3-agent HA
400 NeutronDhcpAgentsPerNetwork:
403 description: The number of neutron dhcp agents to schedule per network
406 description: Whether to configure Neutron Distributed Virtual Routers
408 NeutronMetadataProxySharedSecret:
409 description: Shared secret to prevent spoofing
415 The core plugin for Neutron. The value should be the entrypoint to be loaded
416 from neutron.core_plugins namespace.
418 NeutronServicePlugins:
419 default: "router,qos"
421 Comma-separated list of service plugin entrypoints to be loaded from the
422 neutron.service_plugins namespace.
423 type: comma_delimited_list
425 default: "vxlan,vlan,flat,gre"
427 Comma-separated list of network type driver entrypoints to be loaded.
428 type: comma_delimited_list
429 NeutronMechanismDrivers:
430 default: 'openvswitch'
432 The mechanism drivers for the Neutron tenant network.
433 type: comma_delimited_list
434 NeutronAllowL3AgentFailover:
436 description: Allow automatic l3-agent failover
438 NeutronEnableIsolatedMetadata:
440 description: If True, DHCP provide metadata route to VM.
442 NeutronEnableTunnelling:
448 Enable/disable the L2 population feature in the Neutron agents.
451 type: comma_delimited_list
452 default: 'datacentre'
453 description: If set, flat networks to configure in neutron plugins.
456 description: Whether to enable l3-agent HA
460 description: The tenant network type for Neutron.
461 type: comma_delimited_list
462 NeutronNetworkVLANRanges:
463 default: 'datacentre:1:1000'
465 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
466 Neutron documentation for permitted values. Defaults to permitting any
467 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
468 type: comma_delimited_list
470 description: The password for the neutron service and db account, used by neutron agents.
473 NeutronPublicInterface:
475 description: What interface to bridge onto br-ex for network nodes.
477 NeutronPublicInterfaceTag:
480 VLAN tag for creating a public VLAN. The tag will be used to
481 create an access port on the exterior bridge for each control plane node,
482 and that port will be given the IP address returned by neutron from the
483 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
484 overcloud.yaml to include the deployment of VLAN ports to the control
487 NeutronPublicInterfaceDefaultRoute:
489 description: A custom default route for the NeutronPublicInterface.
491 NeutronPublicInterfaceIP:
493 description: A custom IP address to put onto the NeutronPublicInterface.
495 NeutronPublicInterfaceRawDevice:
497 description: If set, the public interface is a vlan with this device as the raw device.
502 The tunnel types for the Neutron tenant network.
503 type: comma_delimited_list
504 NeutronTunnelIdRanges:
506 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
507 of GRE tunnel IDs that are available for tenant network allocation
508 default: ["1:1000", ]
509 type: comma_delimited_list
512 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
513 of VXLAN VNI IDs that are available for tenant network allocation
514 default: ["1:1000", ]
515 type: comma_delimited_list
516 NeutronPluginExtensions:
519 Comma-separated list of extensions enabled for the Neutron plugin.
520 type: comma_delimited_list
521 NeutronAgentExtensions:
524 Comma-separated list of extensions enabled for the Neutron agents.
525 type: comma_delimited_list
531 description: Number of workers for Neutron service.
536 Whether to create cron job for purging soft deleted rows in Nova database.
539 description: The password for the nova service and db account, used by nova-api.
544 description: Number of workers for Nova service.
548 description: Should MongoDb journaling be disabled
552 description: Comma-separated list of ntp servers
553 type: comma_delimited_list
556 description: The password for the 'pcsd' user.
558 PublicVirtualInterface:
561 Specifies the interface where the public-facing virtual ip will be assigned.
562 This should be int_public when a VLAN is being used.
566 default: '' # Has to be here because of the ignored empty value bug
569 default: '' # Has to be here because of the ignored empty value bug
573 description: The password for RabbitMQ
578 description: The username for RabbitMQ
583 Rabbit client subscriber parameter to specify
584 an SSL connection to the RabbitMQ host.
588 description: Set rabbit subscriber port, change this if using SSL
592 description: Configures RabbitMQ FD limit
596 default: '' # Has to be here because of the ignored empty value bug
597 SnmpdReadonlyUserName:
598 default: ro_snmp_user
599 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
601 SnmpdReadonlyUserPassword:
602 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
606 description: A random string to be used as a salt when hashing to determine mappings
612 description: Value of mount_check in Swift account/container/object -server.conf
617 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
620 description: Partition Power to use when building Swift rings
623 description: The password for the swift service account, used by the swift proxy
633 description: How many replicas to use in the swift rings.
636 description: Number of workers for Swift service.
640 description: The timezone to be set on controller nodes.
642 VirtualIP: # DEPRECATED: use per service settings instead
644 default: '' # Has to be here because of the ignored empty value bug
651 GlanceRegistryVirtualIP:
657 KeystoneAdminApiVirtualIP:
660 KeystonePublicApiVirtualIP:
666 EnablePackageInstall:
668 description: Set to true to enable package installation via Puppet
672 description: Mapping of service_name -> network name. Typically set
673 via parameter_defaults in the resource registry.
677 description: Mapping of service endpoint -> protocol. Typically set
678 via parameter_defaults in the resource registry.
684 Setting to a previously unused value during stack-update will trigger
685 package update on all nodes
688 default: '' # Defaults to Heat created hostname
689 NetworkDeploymentActions:
690 type: comma_delimited_list
692 Heat action when to apply network configuration changes
697 SoftwareConfigTransport:
698 default: POLL_SERVER_CFN
700 How the server should receive the metadata required for software configuration.
703 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
708 The DNS domain used for the hosts. This should match the dhcp_domain
709 configured in the Undercloud neutron. Defaults to localdomain.
713 Extra properties or metadata passed to Nova for the created nodes in
714 the overcloud. It's accessible via the Nova metadata API.
718 description: Optional scheduler hints to pass to nova
724 type: OS::Nova::Server
726 image: {get_param: Image}
727 image_update_policy: {get_param: ImageUpdatePolicy}
728 flavor: {get_param: Flavor}
729 key_name: {get_param: KeyName}
732 user_data_format: SOFTWARE_CONFIG
733 user_data: {get_resource: UserData}
734 name: {get_param: Hostname}
735 software_config_transport: {get_param: SoftwareConfigTransport}
736 metadata: {get_param: ServerMetadata}
737 scheduler_hints: {get_param: SchedulerHints}
739 # Combine the NodeAdminUserData and NodeUserData mime archives
741 type: OS::Heat::MultipartMime
744 - config: {get_resource: NodeAdminUserData}
746 - config: {get_resource: NodeUserData}
749 # Creates the "heat-admin" user if configured via the environment
750 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
752 type: OS::TripleO::NodeAdminUserData
754 # For optional operator additional userdata
755 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
757 type: OS::TripleO::NodeUserData
760 type: OS::TripleO::Controller::Ports::ExternalPort
762 IPPool: {get_param: ControllerIPs}
763 NodeIndex: {get_param: NodeIndex}
764 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
767 type: OS::TripleO::Controller::Ports::InternalApiPort
769 IPPool: {get_param: ControllerIPs}
770 NodeIndex: {get_param: NodeIndex}
771 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
774 type: OS::TripleO::Controller::Ports::StoragePort
776 IPPool: {get_param: ControllerIPs}
777 NodeIndex: {get_param: NodeIndex}
778 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
781 type: OS::TripleO::Controller::Ports::StorageMgmtPort
783 IPPool: {get_param: ControllerIPs}
784 NodeIndex: {get_param: NodeIndex}
785 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
788 type: OS::TripleO::Controller::Ports::TenantPort
790 IPPool: {get_param: ControllerIPs}
791 NodeIndex: {get_param: NodeIndex}
792 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
795 type: OS::TripleO::Controller::Ports::ManagementPort
797 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
800 type: OS::TripleO::Network::Ports::NetIpMap
802 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
803 ExternalIp: {get_attr: [ExternalPort, ip_address]}
804 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
805 StorageIp: {get_attr: [StoragePort, ip_address]}
806 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
807 TenantIp: {get_attr: [TenantPort, ip_address]}
808 ManagementIp: {get_attr: [ManagementPort, ip_address]}
811 type: OS::TripleO::Network::Ports::NetIpSubnetMap
813 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
814 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
815 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
816 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
817 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
818 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
819 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
822 type: OS::TripleO::Controller::Net::SoftwareConfig
824 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
825 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
826 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
827 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
828 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
829 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
830 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
833 type: OS::TripleO::SoftwareDeployment
835 config: {get_resource: NetworkConfig}
836 server: {get_resource: Controller}
837 actions: {get_param: NetworkDeploymentActions}
840 interface_name: {get_param: NeutronPublicInterface}
842 # Resource for site-specific injection of root certificate
844 depends_on: NetworkDeployment
845 type: OS::TripleO::NodeTLSCAData
847 server: {get_resource: Controller}
849 # Resource for site-specific passing of private keys/certificates
851 depends_on: NodeTLSCAData
852 type: OS::TripleO::NodeTLSData
854 server: {get_resource: Controller}
855 NodeIndex: {get_param: NodeIndex}
858 ControllerDeployment:
859 type: OS::TripleO::SoftwareDeployment
860 depends_on: NetworkDeployment
862 config: {get_resource: ControllerConfig}
863 server: {get_resource: Controller}
865 bootstack_nodeid: {get_attr: [Controller, name]}
866 ceilometer_workers: {get_param: CeilometerWorkers}
867 cinder_workers: {get_param: CinderWorkers}
868 glance_workers: {get_param: GlanceWorkers}
869 heat_workers: {get_param: HeatWorkers}
870 keystone_workers: {get_param: KeystoneWorkers}
871 nova_workers: {get_param: NovaWorkers}
872 neutron_workers: {get_param: NeutronWorkers}
873 swift_workers: {get_param: SwiftWorkers}
874 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
875 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
876 neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
877 haproxy_log_address: {get_param: HAProxySyslogAddress}
878 heat.watch_server_url:
882 - {get_param: HeatApiVirtualIP}
884 heat.metadata_server_url:
888 - {get_param: HeatApiVirtualIP}
890 heat.waitcondition_server_url:
894 - {get_param: HeatApiVirtualIP}
895 - ':8000/v1/waitcondition'
896 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
897 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
898 horizon_secret: {get_param: HorizonSecret}
899 admin_email: {get_param: AdminEmail}
900 admin_password: {get_param: AdminPassword}
901 admin_token: {get_param: AdminToken}
902 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
903 debug: {get_param: Debug}
904 cinder_enable_db_purge: {get_param: CinderEnableDBPurge}
905 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
906 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
907 cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
912 SERVERS: {get_param: CinderNfsServers}
913 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
914 cinder_password: {get_param: CinderPassword}
915 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
916 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
917 cinder_backend_config: {get_param: CinderBackendConfig}
921 - - 'mysql+pymysql://cinder:'
922 - {get_param: CinderPassword}
924 - {get_param: MysqlVirtualIP}
926 glance_port: {get_param: [EndpointMap, GlanceInternal, port]}
927 glance_password: {get_param: GlancePassword}
928 glance_backend: {get_param: GlanceBackend}
929 glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice}
930 glance_file_pcmk_fstype: {get_param: GlanceFilePcmkFstype}
931 glance_file_pcmk_manage: {get_param: GlanceFilePcmkManage}
932 glance_file_pcmk_options: {get_param: GlanceFilePcmkOptions}
933 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
934 glance_log_file: {get_param: GlanceLogFile}
938 - - 'mysql+pymysql://glance:'
939 - {get_param: GlancePassword}
941 - {get_param: MysqlVirtualIP}
943 heat_password: {get_param: HeatPassword}
944 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
948 - - 'mysql+pymysql://heat:'
949 - {get_param: HeatPassword}
951 - {get_param: MysqlVirtualIP}
953 keystone_ca_certificate: {get_param: KeystoneCACertificate}
954 keystone_signing_key: {get_param: KeystoneSigningKey}
955 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
956 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
957 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
958 keystone_notification_driver: {get_param: KeystoneNotificationDriver}
959 keystone_notification_format: {get_param: KeystoneNotificationFormat}
960 keystone_enable_db_purge: {get_param: KeystoneEnableDBPurge}
964 - - 'mysql+pymysql://keystone:'
965 - {get_param: AdminToken}
967 - {get_param: MysqlVirtualIP}
969 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
970 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
971 keystone_public_url: { get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
972 keystone_internal_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
973 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
974 enable_fencing: {get_param: EnableFencing}
975 enable_galera: {get_param: EnableGalera}
976 enable_load_balancer: {get_param: EnableLoadBalancer}
977 enable_ceph_storage: {get_param: EnableCephStorage}
978 enable_swift_storage: {get_param: EnableSwiftStorage}
979 manage_firewall: {get_param: ManageFirewall}
980 purge_firewall_rules: {get_param: PurgeFirewallRules}
981 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
982 mysql_max_connections: {get_param: MysqlMaxConnections}
983 mysql_root_password: {get_param: MysqlRootPassword}
986 template: tripleo-CLUSTER
988 CLUSTER: {get_param: MysqlClusterUniquePart}
989 neutron_flat_networks:
993 NETWORKS: {get_param: NeutronFlatNetworks}
994 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
995 neutron_agent_mode: {get_param: NeutronAgentMode}
996 neutron_router_distributed: {get_param: NeutronDVR}
997 neutron_core_plugin: {get_param: NeutronCorePlugin}
998 neutron_service_plugins:
1002 PLUGINS: {get_param: NeutronServicePlugins}
1003 neutron_type_drivers:
1007 DRIVERS: {get_param: NeutronTypeDrivers}
1008 neutron_enable_dhcp_agent: {get_param: NeutronEnableDHCPAgent}
1009 neutron_enable_l3_agent: {get_param: NeutronEnableL3Agent}
1010 neutron_enable_metadata_agent: {get_param: NeutronEnableMetadataAgent}
1011 neutron_enable_ovs_agent: {get_param: NeutronEnableOVSAgent}
1012 neutron_mechanism_drivers:
1014 template: MECHANISMS
1016 MECHANISMS: {get_param: NeutronMechanismDrivers}
1017 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
1018 neutron_l3_ha: {get_param: NeutronL3HA}
1019 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
1020 neutron_network_vlan_ranges:
1024 RANGES: {get_param: NeutronNetworkVLANRanges}
1025 neutron_bridge_mappings:
1029 MAPPINGS: {get_param: NeutronBridgeMappings}
1030 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
1031 neutron_public_interface: {get_param: NeutronPublicInterface}
1032 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
1033 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
1034 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
1035 neutron_tunnel_id_ranges:
1039 RANGES: {get_param: NeutronTunnelIdRanges}
1044 RANGES: {get_param: NeutronVniRanges}
1045 neutron_tenant_network_types:
1049 TYPES: {get_param: NeutronNetworkType}
1050 neutron_tunnel_types:
1054 TYPES: {get_param: NeutronTunnelTypes}
1055 neutron_plugin_extensions:
1057 template: PLUGIN_EXTENSIONS
1059 PLUGIN_EXTENSIONS: {get_param: NeutronPluginExtensions}
1060 neutron_agent_extensions:
1062 template: AGENT_EXTENSIONS
1064 AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
1065 neutron_password: {get_param: NeutronPassword}
1066 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
1070 - - 'mysql+pymysql://neutron:'
1071 - {get_param: NeutronPassword}
1073 - {get_param: MysqlVirtualIP}
1074 - '/ovs_neutron?charset=utf8'
1075 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
1076 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
1077 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
1078 neutron_admin_auth_url: { get_param: [ EndpointMap, KeystoneAdmin, uri_no_suffix ] }
1079 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
1080 ceilometer_backend: {get_param: CeilometerBackend}
1081 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
1082 ceilometer_password: {get_param: CeilometerPassword}
1083 ceilometer_coordination_url:
1087 - {get_param: RedisVirtualIP}
1092 - - 'mysql+pymysql://ceilometer:'
1093 - {get_param: CeilometerPassword}
1095 - {get_param: MysqlVirtualIP}
1097 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
1098 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
1099 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
1100 nova_password: {get_param: NovaPassword}
1104 - - 'mysql+pymysql://nova:'
1105 - {get_param: NovaPassword}
1107 - {get_param: MysqlVirtualIP}
1109 instance_name_template: {get_param: InstanceNameTemplate}
1110 fencing_config: {get_param: FencingConfig}
1111 pcsd_password: {get_param: PcsdPassword}
1112 rabbit_username: {get_param: RabbitUserName}
1113 rabbit_password: {get_param: RabbitPassword}
1114 rabbit_cookie: {get_param: RabbitCookie}
1115 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
1116 rabbit_client_port: {get_param: RabbitClientPort}
1117 mongodb_no_journal: {get_param: MongoDbNoJournal}
1118 # We need to force this into quotes or hiera will return integer causing
1119 # the puppet module validation regexp to fail.
1120 # Remove when: https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/401
1125 LIMIT: {get_param: RabbitFDLimit}
1126 ntp_servers: {get_param: NtpServer}
1127 timezone: {get_param: TimeZone}
1128 control_virtual_interface: {get_param: ControlVirtualInterface}
1129 public_virtual_interface: {get_param: PublicVirtualInterface}
1130 swift_hash_suffix: {get_param: SwiftHashSuffix}
1131 swift_password: {get_param: SwiftPassword}
1132 swift_part_power: {get_param: SwiftPartPower}
1133 swift_replicas: {get_param: SwiftReplicas}
1134 swift_min_part_hours: {get_param: SwiftMinPartHours}
1135 swift_mount_check: {get_param: SwiftMountCheck}
1136 enable_package_install: {get_param: EnablePackageInstall}
1137 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
1138 sahara_password: {get_param: SaharaPassword}
1142 - - 'mysql://sahara:'
1143 - {get_param: SaharaPassword}
1145 - {get_param: MysqlVirtualIP}
1147 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
1148 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1149 cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
1150 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
1151 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
1152 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
1153 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
1154 glance_registry_host: {get_param: GlanceRegistryVirtualIP}
1155 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
1156 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
1157 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
1158 keystone_region: {get_param: KeystoneRegion}
1159 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
1160 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
1161 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
1162 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
1163 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
1164 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
1165 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
1166 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
1167 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
1168 redis_vip: {get_param: RedisVirtualIP}
1169 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
1170 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1171 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
1172 mysql_virtual_ip: {get_param: MysqlVirtualIP}
1173 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
1174 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1175 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1177 # Map heat metadata into hiera datafiles
1179 type: OS::Heat::StructuredConfig
1181 group: os-apply-config
1186 - heat_config_%{::deploy_config_name}
1187 - controller_extraconfig
1192 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
1193 - ceph_cluster # provided by CephClusterConfig
1195 - bootstrap_node # provided by BootstrapNodeConfig
1196 - all_nodes # provided by allNodesConfig
1197 - vip_data # provided by vip-config
1200 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
1201 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
1202 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
1203 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
1204 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
1205 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
1206 - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
1207 - midonet_data #Optionally provided by AllNodesExtraConfig
1209 controller_extraconfig:
1210 mapped_data: {get_param: ControllerExtraConfig}
1212 mapped_data: {get_param: ExtraConfig}
1214 raw_data: {get_file: hieradata/common.yaml}
1216 raw_data: {get_file: hieradata/ceph.yaml}
1218 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
1219 ceph::profile::params::public_network: {get_input: ceph_public_network}
1220 ceph::mon::public_addr: {get_input: ceph_public_ip}
1222 raw_data: {get_file: hieradata/database.yaml}
1224 raw_data: {get_file: hieradata/object.yaml}
1226 raw_data: {get_file: hieradata/controller.yaml}
1227 mapped_data: # data supplied directly to this deployment configuration, etc
1228 bootstack_nodeid: {get_input: bootstack_nodeid}
1231 enable_fencing: {get_input: enable_fencing}
1232 enable_load_balancer: {get_input: enable_load_balancer}
1233 hacluster_pwd: {get_input: pcsd_password}
1234 tripleo::fencing::config: {get_input: fencing_config}
1237 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
1238 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
1239 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
1240 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
1241 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
1242 swift::proxy::authtoken::admin_password: {get_input: swift_password}
1243 swift::proxy::workers: {get_input: swift_workers}
1244 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
1245 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
1246 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
1247 swift_mount_check: {get_input: swift_mount_check}
1249 # NOTE(dprince): build_ring support is currently not wired in.
1250 # See: https://review.openstack.org/#/c/109225/
1251 tripleo::ringbuilder::build_ring: True
1254 cinder_enable_db_purge: {get_input: cinder_enable_db_purge}
1255 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
1256 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
1257 cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
1258 cinder_nfs_servers: {get_input: cinder_nfs_servers}
1259 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
1260 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
1261 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
1262 cinder::database_connection: {get_input: cinder_dsn}
1263 cinder::api::keystone_password: {get_input: cinder_password}
1264 cinder::api::auth_uri: {get_input: keystone_auth_uri}
1265 cinder::api::identity_uri: {get_input: keystone_identity_uri}
1266 cinder::api::bind_host: {get_input: cinder_api_network}
1267 cinder::rabbit_userid: {get_input: rabbit_username}
1268 cinder::rabbit_password: {get_input: rabbit_password}
1269 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1270 cinder::rabbit_port: {get_input: rabbit_client_port}
1271 cinder::debug: {get_input: debug}
1272 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
1273 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
1274 cinder_backend_config: {get_input: CinderBackendConfig}
1275 cinder::db::mysql::password: {get_input: cinder_password}
1278 glance::api::bind_port: {get_input: glance_port}
1279 glance::api::bind_host: {get_input: glance_api_network}
1280 glance::api::auth_uri: {get_input: keystone_auth_uri}
1281 glance::api::identity_uri: {get_input: keystone_identity_uri}
1282 glance::api::registry_host: {get_input: glance_registry_host}
1283 glance::api::keystone_password: {get_input: glance_password}
1284 glance::api::debug: {get_input: debug}
1285 glance::api::workers: {get_input: glance_workers}
1286 glance_notifier_strategy: {get_input: glance_notifier_strategy}
1287 glance_log_file: {get_input: glance_log_file}
1288 glance_log_file: {get_input: glance_log_file}
1289 glance::api::database_connection: {get_input: glance_dsn}
1290 glance::registry::keystone_password: {get_input: glance_password}
1291 glance::registry::database_connection: {get_input: glance_dsn}
1292 glance::registry::bind_host: {get_input: glance_registry_network}
1293 glance::registry::auth_uri: {get_input: keystone_auth_uri}
1294 glance::registry::identity_uri: {get_input: keystone_identity_uri}
1295 glance::registry::debug: {get_input: debug}
1296 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_uri}
1297 glance::registry::workers: {get_input: glance_workers}
1298 glance::backend::swift::swift_store_user: service:glance
1299 glance::backend::swift::swift_store_key: {get_input: glance_password}
1300 glance_backend: {get_input: glance_backend}
1301 glance::db::mysql::password: {get_input: glance_password}
1302 glance_file_pcmk_device: {get_input: glance_file_pcmk_device}
1303 glance_file_pcmk_fstype: {get_input: glance_file_pcmk_fstype}
1304 glance_file_pcmk_manage: {get_input: glance_file_pcmk_manage}
1305 glance_file_pcmk_options: {get_input: glance_file_pcmk_options}
1308 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
1309 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
1310 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
1311 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
1312 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
1313 heat::rabbit_userid: {get_input: rabbit_username}
1314 heat::rabbit_password: {get_input: rabbit_password}
1315 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1316 heat::rabbit_port: {get_input: rabbit_client_port}
1317 heat::auth_uri: {get_input: keystone_auth_uri}
1318 heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
1319 heat::identity_uri: {get_input: keystone_identity_uri}
1320 heat::keystone_password: {get_input: heat_password}
1321 heat::api::bind_host: {get_input: heat_api_network}
1322 heat::api::workers: {get_input: heat_workers}
1323 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
1324 heat::api_cloudwatch::workers: {get_input: heat_workers}
1325 heat::api_cfn::bind_host: {get_input: heat_api_network}
1326 heat::api_cfn::workers: {get_input: heat_workers}
1327 heat::database_connection: {get_input: heat_dsn}
1328 heat::debug: {get_input: debug}
1329 heat::db::mysql::password: {get_input: heat_password}
1332 keystone::admin_token: {get_input: admin_token}
1333 keystone_ca_certificate: {get_input: keystone_ca_certificate}
1334 keystone_signing_key: {get_input: keystone_signing_key}
1335 keystone_signing_certificate: {get_input: keystone_signing_certificate}
1336 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
1337 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
1338 keystone::database_connection: {get_input: keystone_dsn}
1339 keystone::public_bind_host: {get_input: keystone_public_api_network}
1340 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
1341 keystone::debug: {get_input: debug}
1342 keystone::db::mysql::password: {get_input: admin_token}
1343 keystone::rabbit_userid: {get_input: rabbit_username}
1344 keystone::rabbit_password: {get_input: rabbit_password}
1345 keystone::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1346 keystone::rabbit_port: {get_input: rabbit_client_port}
1347 keystone::notification_driver: {get_input: keystone_notification_driver}
1348 keystone::notification_format: {get_input: keystone_notification_format}
1349 keystone::roles::admin::email: {get_input: admin_email}
1350 keystone::roles::admin::password: {get_input: admin_password}
1351 keystone::endpoint::public_url: {get_input: keystone_public_url}
1352 keystone::endpoint::internal_url: {get_input: keystone_internal_url}
1353 keystone::endpoint::admin_url: {get_input: keystone_identity_uri}
1354 keystone::endpoint::region: {get_input: keystone_region}
1355 keystone::admin_workers: {get_input: keystone_workers}
1356 keystone::public_workers: {get_input: keystone_workers}
1357 keystone_enable_db_purge: {get_input: keystone_enable_db_purge}
1360 mongodb::server::bind_ip: {get_input: mongo_db_network}
1361 mongodb::server::nojournal: {get_input: mongodb_no_journal}
1363 admin_password: {get_input: admin_password}
1364 enable_galera: {get_input: enable_galera}
1365 enable_ceph_storage: {get_input: enable_ceph_storage}
1366 enable_swift_storage: {get_input: enable_swift_storage}
1367 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
1368 mysql_max_connections: {get_input: mysql_max_connections}
1369 mysql::server::root_password: {get_input: mysql_root_password}
1370 mysql_cluster_name: {get_input: mysql_cluster_name}
1371 mysql_bind_host: {get_input: mysql_network}
1372 mysql_virtual_ip: {get_input: mysql_virtual_ip}
1375 neutron::bind_host: {get_input: neutron_api_network}
1376 neutron::rabbit_password: {get_input: rabbit_password}
1377 neutron::rabbit_user: {get_input: rabbit_username}
1378 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1379 neutron::rabbit_port: {get_input: rabbit_client_port}
1380 neutron::debug: {get_input: debug}
1381 neutron::server::auth_uri: {get_input: keystone_auth_uri}
1382 neutron::server::identity_uri: {get_input: keystone_identity_uri}
1383 neutron::server::database_connection: {get_input: neutron_dsn}
1384 neutron::server::api_workers: {get_input: neutron_workers}
1385 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
1386 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
1387 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
1388 neutron::agents::dhcp::enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata}
1389 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
1390 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
1391 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1392 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
1393 neutron::agents::metadata::metadata_workers: {get_input: neutron_workers}
1394 neutron_agent_mode: {get_input: neutron_agent_mode}
1395 neutron_router_distributed: {get_input: neutron_router_distributed}
1396 neutron::core_plugin: {get_input: neutron_core_plugin}
1397 neutron::service_plugins: {get_input: neutron_service_plugins}
1398 neutron::enable_dhcp_agent: {get_input: neutron_enable_dhcp_agent}
1399 neutron::enable_l3_agent: {get_input: neutron_enable_l3_agent}
1400 neutron::enable_metadata_agent: {get_input: neutron_enable_metadata_agent}
1401 neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent}
1402 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
1403 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
1404 neutron::plugins::ml2::extension_drivers: {get_input: neutron_plugin_extensions}
1405 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
1406 neutron::server::l3_ha: {get_input: neutron_l3_ha}
1407 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
1408 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
1409 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
1410 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
1411 neutron::agents::ml2::ovs:bridge_mappings: {get_input: neutron_bridge_mappings}
1412 neutron_public_interface: {get_input: neutron_public_interface}
1413 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
1414 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
1415 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
1416 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
1417 neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types}
1418 neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions}
1419 neutron::server::auth_password: {get_input: neutron_password}
1420 neutron::agents::metadata::auth_password: {get_input: neutron_password}
1421 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
1422 neutron_dsn: {get_input: neutron_dsn}
1423 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1424 neutron::db::mysql::password: {get_input: neutron_password}
1425 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
1426 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
1427 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
1428 neutron::keystone::auth::password: {get_input: neutron_password }
1429 neutron::keystone::auth::region: {get_input: keystone_region}
1430 neutron::server::notifications::nova_url: {get_input: nova_internal_url}
1431 neutron::server::notifications::auth_url: {get_input: neutron_admin_auth_url}
1432 neutron::server::notifications::tenant_name: 'service'
1433 neutron::server::notifications::project_name: 'service'
1434 neutron::server::notifications::password: {get_input: nova_password}
1437 ceilometer_backend: {get_input: ceilometer_backend}
1438 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1439 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1440 ceilometer::rabbit_userid: {get_input: rabbit_username}
1441 ceilometer::rabbit_password: {get_input: rabbit_password}
1442 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1443 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1444 ceilometer::debug: {get_input: debug}
1445 ceilometer::api::host: {get_input: ceilometer_api_network}
1446 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1447 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1448 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1449 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1450 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
1451 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1452 ceilometer::db::mysql::password: {get_input: ceilometer_password}
1453 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1454 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1457 nova::rabbit_userid: {get_input: rabbit_username}
1458 nova::rabbit_password: {get_input: rabbit_password}
1459 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1460 nova::rabbit_port: {get_input: rabbit_client_port}
1461 nova::debug: {get_input: debug}
1462 nova::api::auth_uri: {get_input: keystone_auth_uri}
1463 nova::api::identity_uri: {get_input: keystone_identity_uri}
1464 nova::api::api_bind_address: {get_input: nova_api_network}
1465 nova::api::metadata_listen: {get_input: nova_metadata_network}
1466 nova::api::admin_password: {get_input: nova_password}
1467 nova::api::osapi_compute_workers: {get_input: nova_workers}
1468 nova::api::ec2_workers: {get_input: nova_workers}
1469 nova::api::metadata_workers: {get_input: nova_workers}
1470 nova::database_connection: {get_input: nova_dsn}
1471 nova::glance_api_servers: {get_input: glance_api_servers}
1472 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1473 nova::api::instance_name_template: {get_input: instance_name_template}
1474 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
1475 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1476 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
1477 nova::vncproxy::host: {get_input: nova_api_network}
1478 nova::db::mysql::password: {get_input: nova_password}
1479 nova_enable_db_purge: {get_input: nova_enable_db_purge}
1482 apache::ip: {get_input: horizon_network}
1483 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1484 horizon::django_debug: {get_input: debug}
1485 horizon::secret_key: {get_input: horizon_secret}
1486 horizon::bind_address: {get_input: horizon_network}
1487 horizon::keystone_url: {get_input: keystone_auth_uri}
1490 sahara::host: {get_input: sahara_api_network}
1498 sahara::admin_password: {get_input: sahara_password}
1499 sahara::auth_uri: {get_input: keystone_auth_uri}
1500 sahara::admin_user: sahara
1501 sahara::identity_uri: {get_input: keystone_identity_uri}
1502 sahara::use_neutron: true
1503 sahara::database_connection: {get_input: sahara_dsn}
1504 sahara::debug: {get_input: debug}
1505 sahara::rpc_backend: rabbit
1506 sahara::rabbit_userid: {get_input: rabbit_username}
1507 sahara::rabbit_password: {get_input: rabbit_password}
1508 sahara::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1509 sahara::rabbit_port: {get_input: rabbit_client_port}
1510 sahara::db::mysql::password: {get_input: sahara_password}
1513 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1514 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1515 rabbitmq::file_limit: {get_input: rabbit_fd_limit}
1516 rabbitmq::default_user: {get_input: rabbit_username}
1517 rabbitmq::default_pass: {get_input: rabbit_password}
1519 redis::bind: {get_input: redis_network}
1520 redis_vip: {get_input: redis_vip}
1522 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1523 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1525 memcached::listen_ip: {get_input: memcached_network}
1526 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1527 ntp::servers: {get_input: ntp_servers}
1528 timezone::timezone: {get_input: timezone}
1529 control_virtual_interface: {get_input: control_virtual_interface}
1530 public_virtual_interface: {get_input: public_virtual_interface}
1531 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1532 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1533 tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address}
1534 tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1535 tripleo::packages::enable_install: {get_input: enable_package_install}
1536 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1538 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1539 ControllerExtraConfigPre:
1540 depends_on: ControllerDeployment
1541 type: OS::TripleO::ControllerExtraConfigPre
1543 server: {get_resource: Controller}
1545 # Hook for site-specific additional pre-deployment config,
1546 # applying to all nodes, e.g node registration/unregistration
1548 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1549 type: OS::TripleO::NodeExtraConfig
1551 server: {get_resource: Controller}
1554 type: OS::TripleO::Tasks::PackageUpdate
1557 type: OS::Heat::SoftwareDeployment
1559 config: {get_resource: UpdateConfig}
1560 server: {get_resource: Controller}
1563 get_param: UpdateIdentifier
1567 description: IP address of the server in the ctlplane network
1568 value: {get_attr: [Controller, networks, ctlplane, 0]}
1569 external_ip_address:
1570 description: IP address of the server in the external network
1571 value: {get_attr: [ExternalPort, ip_address]}
1572 internal_api_ip_address:
1573 description: IP address of the server in the internal_api network
1574 value: {get_attr: [InternalApiPort, ip_address]}
1576 description: IP address of the server in the storage network
1577 value: {get_attr: [StoragePort, ip_address]}
1578 storage_mgmt_ip_address:
1579 description: IP address of the server in the storage_mgmt network
1580 value: {get_attr: [StorageMgmtPort, ip_address]}
1582 description: IP address of the server in the tenant network
1583 value: {get_attr: [TenantPort, ip_address]}
1584 management_ip_address:
1585 description: IP address of the server in the management network
1586 value: {get_attr: [ManagementPort, ip_address]}
1588 description: Hostname of the server
1589 value: {get_attr: [Controller, name]}
1592 Node object in the format {ip: ..., name: ...} format that the corosync
1595 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1596 name: {get_attr: [Controller, name]}
1599 Server's IP address and hostname in the /etc/hosts format
1602 template: IP HOST.DOMAIN HOST CLOUDNAME
1604 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1605 DOMAIN: {get_param: CloudDomain}
1606 HOST: {get_attr: [Controller, name]}
1607 CLOUDNAME: {get_param: CloudName}
1608 nova_server_resource:
1609 description: Heat resource handle for the Nova compute server
1611 {get_resource: Controller}
1613 description: Swift device formatted for swift-ring-builder
1616 template: 'r1z1-IP:%PORT%/d1'
1618 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1619 swift_proxy_memcache:
1620 description: Swift proxy-memcache value
1623 template: "IP:11211"
1625 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1627 description: identifier which changes if the controller configuration may need re-applying
1631 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1632 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1633 - {get_attr: [NodeTLSData, deploy_stdout]}
1634 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1635 - {get_param: UpdateIdentifier}
1636 tls_key_modulus_md5:
1637 description: MD5 checksum of the TLS Key Modulus
1638 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1639 tls_cert_modulus_md5:
1640 description: MD5 checksum of the TLS Certificate Modulus
1641 value: {get_attr: [NodeTLSData, cert_modulus_md5]}