1 heat_template_version: 2015-04-30
4 OpenStack controller node configured by Puppet.
9 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
14 description: The keystone auth secret and db password.
19 description: The ceilometer backend type.
21 CeilometerMeteringSecret:
23 description: Secret shared by the ceilometer services.
28 description: The password for the ceilometer service and db account.
31 CinderEnableNfsBackend:
33 description: Whether to enable or not the NFS backend for Cinder
35 CinderEnableIscsiBackend:
37 description: Whether to enable or not the Iscsi backend for Cinder
39 CinderEnableRbdBackend:
41 description: Whether to enable or not the Rbd backend for Cinder
45 description: The iSCSI helper to use with cinder.
47 CinderLVMLoopDeviceSize:
49 description: The size of the loopback file used by the cinder LVM driver.
51 CinderNfsMountOptions:
54 Mount options for NFS mounts used by Cinder NFS backend. Effective
55 when CinderEnableNfsBackend is true.
60 NFS servers used by Cinder NFS backend. Effective when
61 CinderEnableNfsBackend is true.
62 type: comma_delimited_list
65 description: The password for the cinder service and db account, used by cinder-api.
70 description: Contains parameters to configure Cinder backends. Typically
71 set via parameter_defaults in the resource registry.
75 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
77 ControllerExtraConfig:
80 Controller specific hiera configuration data to inject into the cluster.
82 ControlVirtualInterface:
84 description: Interface where virtual ip will be assigned.
88 description: Set to True to enable debugging on all services.
92 description: Whether to enable fencing in Pacemaker or not.
96 description: Whether to use Galera instead of regular MariaDB.
100 description: Whether to deploy Ceph Storage (OSD) on the Controller
104 description: Whether to enable Swift Storage on the Controller
109 Additional hieradata to inject into the cluster, note that
110 ControllerExtraConfig takes precedence over ExtraConfig.
115 Pacemaker fencing configuration. The JSON should have
116 the following structure:
120 "agent": "AGENT_NAME",
121 "host_mac": "HOST_MAC_ADDRESS",
122 "params": {"PARAM_NAME": "PARAM_VALUE"}
130 "agent": "fence_xvm",
131 "host_mac": "52:54:00:aa:bb:cc",
133 "multicast_address": "225.0.0.12",
134 "port": "baremetal_0",
136 "manage_key_file": true,
137 "key_file": "/etc/fence_xvm.key",
138 "key_file_password": "abcdef"
145 description: Flavor for control nodes to request when deploying.
148 - custom_constraint: nova.flavor
149 GlanceNotifierStrategy:
150 description: Strategy to use for Glance notification queue
154 description: The filepath of the file to use for logging messages from Glance.
159 description: The password for the glance service and db account, used by the glance services.
164 description: Glance port.
168 description: Protocol to use when connecting to glance, set to https for SSL.
172 description: The short name of the Glance backend to use. Should be one
173 of swift, rbd, or file
176 - allowed_values: ['swift', 'file', 'rbd']
179 description: The password for the Heat service and db account, used by the Heat services.
182 HeatStackDomainAdminPassword:
183 description: Password for heat_domain_admin user.
187 HeatAuthEncryptionKey:
188 description: Auth encryption key for heat-engine
191 description: Secret key for Django
195 default: overcloud-control
197 - custom_constraint: glance.image
199 default: 'REBUILD_PRESERVE_EPHEMERAL'
200 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
204 description: Name of an existing EC2 KeyPair to enable SSH access to the instances
207 - custom_constraint: nova.keypair
208 KeystoneCACertificate:
210 description: Keystone self-signed certificate authority certificate.
212 KeystoneSigningCertificate:
214 description: Keystone certificate for verifying token validity.
218 description: Keystone key for signing tokens.
221 KeystoneSSLCertificate:
223 description: Keystone certificate for verifying token validity.
225 KeystoneSSLCertificateKey:
227 description: Keystone key for signing tokens.
230 KeystoneNotificationDriver:
231 description: Comma-separated list of Oslo notification drivers used by Keystone
232 default: ['messaging']
233 type: comma_delimited_list
234 KeystoneNotificationFormat:
235 description: The Keystone notification format
239 - allowed_values: [ 'basic', 'cadf' ]
240 MysqlClusterUniquePart:
241 description: A unique identifier of the MySQL cluster the controller is in.
243 default: 'unset' # Has to be here because of the ignored empty value bug
244 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
246 # - length: {min: 4, max: 10}
247 MysqlInnodbBufferPoolSize:
249 Specifies the size of the buffer pool in megabytes. Setting to
250 zero should be interpreted as "no value" and will defer to the
255 description: Configures MySQL max_connections config setting
261 default: '' # Has to be here because of the ignored empty value bug
262 NeutronExternalNetworkBridge:
263 description: Name of bridge used for external network traffic.
266 NeutronBridgeMappings:
268 The OVS logical->physical bridge mappings to use. See the Neutron
269 documentation for details. Defaults to mapping br-ex - the external
270 bridge on hosts - to a physical name 'datacentre' which can be used
271 to create provider networks (and we use this for the default floating
272 network) - if changing this either use different post-install network
273 scripts or be sure to keep 'datacentre' as a mapping network name.
275 default: "datacentre:br-ex"
276 NeutronDnsmasqOptions:
277 default: 'dhcp-option-force=26,1400'
278 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
282 description: Agent mode for the neutron-l3-agent on the controller hosts
286 description: Whether to enable l3-agent HA
288 NeutronDhcpAgentsPerNetwork:
291 description: The number of neutron dhcp agents to schedule per network
294 description: Whether to configure Neutron Distributed Virtual Routers
296 NeutronMetadataProxySharedSecret:
298 description: Shared secret to prevent spoofing
300 NeutronMechanismDrivers:
301 default: 'openvswitch'
303 The mechanism drivers for the Neutron tenant network. To specify multiple
304 values, use a comma separated string, like so: 'openvswitch,l2_population'
306 NeutronAllowL3AgentFailover:
308 description: Allow automatic l3-agent failover
310 NeutronEnableTunnelling:
315 default: 'datacentre'
316 description: If set, flat networks to configure in neutron plugins.
319 description: Whether to enable l3-agent HA
323 description: The tenant network type for Neutron, either gre or vxlan.
325 NeutronNetworkVLANRanges:
326 default: 'datacentre'
328 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
329 Neutron documentation for permitted values. Defaults to permitting any
330 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
331 type: comma_delimited_list
334 description: The password for the neutron service and db account, used by neutron agents.
337 NeutronPublicInterface:
339 description: What interface to bridge onto br-ex for network nodes.
341 NeutronPublicInterfaceTag:
344 VLAN tag for creating a public VLAN. The tag will be used to
345 create an access port on the exterior bridge for each control plane node,
346 and that port will be given the IP address returned by neutron from the
347 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
348 overcloud.yaml to include the deployment of VLAN ports to the control
351 NeutronPublicInterfaceDefaultRoute:
353 description: A custom default route for the NeutronPublicInterface.
355 NeutronPublicInterfaceIP:
357 description: A custom IP address to put onto the NeutronPublicInterface.
359 NeutronPublicInterfaceRawDevice:
361 description: If set, the public interface is a vlan with this device as the raw device.
366 The tunnel types for the Neutron tenant network. To specify multiple
367 values, use a comma separated string, like so: 'gre,vxlan'
369 NeutronTunnelIdRanges:
371 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
372 of GRE tunnel IDs that are available for tenant network allocation
373 default: ["1:1000", ]
374 type: comma_delimited_list
377 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
378 of VXLAN VNI IDs that are available for tenant network allocation
379 default: ["1:1000", ]
380 type: comma_delimited_list
383 description: The password for the nova service and db account, used by nova-api.
388 description: Should MongoDb journaling be disabled
395 description: The password for the 'pcsd' user.
396 PublicVirtualInterface:
399 Specifies the interface where the public-facing virtual ip will be assigned.
400 This should be int_public when a VLAN is being used.
402 PublicVirtualIP: # DEPRECATED: use per service settings instead
404 default: '' # Has to be here because of the ignored empty value bug
407 default: '' # Has to be here because of the ignored empty value bug
411 description: The password for RabbitMQ
416 description: The username for RabbitMQ
421 Rabbit client subscriber parameter to specify
422 an SSL connection to the RabbitMQ host.
426 description: Set rabbit subscriber port, change this if using SSL
430 default: '' # Has to be here because of the ignored empty value bug
431 SnmpdReadonlyUserName:
432 default: ro_snmp_user
433 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
435 SnmpdReadonlyUserPassword:
437 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
442 description: If set, the contents of an SSL certificate authority file.
446 description: If set, the contents of an SSL certificate .crt file for encrypting SSL endpoints.
451 description: If set, the contents of an SSL certificate .key file for encrypting SSL endpoints.
456 description: A random string to be used as a salt when hashing to determine mappings
462 description: Value of mount_check in Swift account/container/object -server.conf
467 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
470 description: Partition Power to use when building Swift rings
474 description: The password for the swift service account, used by the swift proxy
481 description: How many replicas to use in the swift rings.
482 VirtualIP: # DEPRECATED: use per service settings instead
484 default: '' # Has to be here because of the ignored empty value bug
494 KeystoneAdminApiVirtualIP:
497 KeystonePublicApiVirtualIP:
503 EnablePackageInstall:
505 description: Set to true to enable package installation via Puppet
509 description: Mapping of service_name -> network name. Typically set
510 via parameter_defaults in the resource registry.
516 Setting to a previously unused value during stack-update will trigger
517 package update on all nodes
520 default: '' # Defaults to Heat created hostname
525 type: OS::Nova::Server
527 image: {get_param: Image}
528 image_update_policy: {get_param: ImageUpdatePolicy}
529 flavor: {get_param: Flavor}
530 key_name: {get_param: KeyName}
533 user_data_format: SOFTWARE_CONFIG
534 user_data: {get_resource: UserData}
535 name: {get_param: Hostname}
537 # Combine the NodeAdminUserData and NodeUserData mime archives
539 type: OS::Heat::MultipartMime
542 - config: {get_resource: NodeAdminUserData}
544 - config: {get_resource: NodeUserData}
547 # Creates the "heat-admin" user if configured via the environment
548 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
550 type: OS::TripleO::NodeAdminUserData
552 # For optional operator additional userdata
553 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
555 type: OS::TripleO::NodeUserData
558 type: OS::TripleO::Controller::Ports::ExternalPort
560 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
563 type: OS::TripleO::Controller::Ports::InternalApiPort
565 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
568 type: OS::TripleO::Controller::Ports::StoragePort
570 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
573 type: OS::TripleO::Controller::Ports::StorageMgmtPort
575 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
578 type: OS::TripleO::Controller::Ports::TenantPort
580 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
583 type: OS::TripleO::Network::Ports::NetIpMap
585 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
586 ExternalIp: {get_attr: [ExternalPort, ip_address]}
587 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
588 StorageIp: {get_attr: [StoragePort, ip_address]}
589 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
590 TenantIp: {get_attr: [TenantPort, ip_address]}
593 type: OS::TripleO::Network::Ports::NetIpSubnetMap
595 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
596 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
597 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
598 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
599 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
600 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
603 type: OS::TripleO::Controller::Net::SoftwareConfig
605 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
606 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
607 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
608 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
609 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
610 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
613 type: OS::TripleO::SoftwareDeployment
615 config: {get_resource: NetworkConfig}
616 server: {get_resource: Controller}
619 interface_name: {get_param: NeutronPublicInterface}
621 ControllerDeployment:
622 type: OS::TripleO::SoftwareDeployment
623 depends_on: NetworkDeployment
625 config: {get_resource: ControllerConfig}
626 server: {get_resource: Controller}
628 bootstack_nodeid: {get_attr: [Controller, name]}
629 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
630 heat.watch_server_url:
634 - {get_param: HeatApiVirtualIP}
636 heat.metadata_server_url:
640 - {get_param: HeatApiVirtualIP}
642 heat.waitcondition_server_url:
646 - {get_param: HeatApiVirtualIP}
647 - ':8000/v1/waitcondition'
648 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
649 horizon_secret: {get_param: HorizonSecret}
650 admin_password: {get_param: AdminPassword}
651 admin_token: {get_param: AdminToken}
652 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
653 debug: {get_param: Debug}
654 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
655 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
656 cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
659 template: "['SERVERS']"
664 - {get_param: CinderNfsServers}
665 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
666 cinder_password: {get_param: CinderPassword}
667 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
668 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
669 cinder_backend_config: {get_param: CinderBackendConfig}
673 - - 'mysql://cinder:'
674 - {get_param: CinderPassword}
676 - {get_param: MysqlVirtualIP}
678 glance_port: {get_param: GlancePort}
679 glance_password: {get_param: GlancePassword}
680 glance_backend: {get_param: GlanceBackend}
681 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
682 glance_log_file: {get_param: GlanceLogFile}
686 - - 'mysql://glance:'
687 - {get_param: GlancePassword}
689 - {get_param: MysqlVirtualIP}
691 heat_password: {get_param: HeatPassword}
692 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
697 - {get_param: HeatPassword}
699 - {get_param: MysqlVirtualIP}
701 keystone_auth_address: {list_join: ['', ['http://', {get_param: KeystonePublicApiVirtualIP} , ':5000/v2.0']]}
702 keystone_ca_certificate: {get_param: KeystoneCACertificate}
703 keystone_signing_key: {get_param: KeystoneSigningKey}
704 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
705 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
706 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
707 keystone_notification_driver: {get_param: KeystoneNotificationDriver}
708 keystone_notification_format: {get_param: KeystoneNotificationFormat}
712 - - 'mysql://keystone:'
713 - {get_param: AdminToken}
715 - {get_param: MysqlVirtualIP}
717 keystone_identity_uri:
721 - {get_param: KeystoneAdminApiVirtualIP}
727 - {get_param: KeystonePublicApiVirtualIP}
733 - {get_param: KeystonePublicApiVirtualIP}
734 - ':5000/v2.0/ec2tokens'
735 enable_fencing: {get_param: EnableFencing}
736 enable_galera: {get_param: EnableGalera}
737 enable_ceph_storage: {get_param: EnableCephStorage}
738 enable_swift_storage: {get_param: EnableSwiftStorage}
739 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
740 mysql_max_connections: {get_param: MysqlMaxConnections}
741 mysql_root_password: {get_param: MysqlRootPassword}
744 template: tripleo-CLUSTER
746 CLUSTER: {get_param: MysqlClusterUniquePart}
747 neutron_flat_networks: {get_param: NeutronFlatNetworks}
748 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
749 neutron_agent_mode: {get_param: NeutronAgentMode}
750 neutron_router_distributed: {get_param: NeutronDVR}
751 neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers}
752 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
753 neutron_l3_ha: {get_param: NeutronL3HA}
754 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
755 neutron_network_vlan_ranges:
757 template: "['RANGES']"
762 - {get_param: NeutronNetworkVLANRanges}
763 neutron_bridge_mappings: {get_param: NeutronBridgeMappings}
764 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
765 neutron_public_interface: {get_param: NeutronPublicInterface}
766 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
767 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
768 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
769 neutron_tenant_network_type: {get_param: NeutronNetworkType}
770 neutron_tunnel_types: {get_param: NeutronTunnelTypes}
771 neutron_tunnel_id_ranges:
773 template: "['RANGES']"
778 - {get_param: NeutronTunnelIdRanges}
781 template: "['RANGES']"
786 - {get_param: NeutronVniRanges}
787 neutron_password: {get_param: NeutronPassword}
788 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
792 - - 'mysql://neutron:'
793 - {get_param: NeutronPassword}
795 - {get_param: MysqlVirtualIP}
796 - '/ovs_neutron?charset=utf8'
801 - {get_param: NeutronApiVirtualIP}
803 neutron_admin_auth_url:
807 - {get_param: KeystoneAdminApiVirtualIP}
809 ceilometer_backend: {get_param: CeilometerBackend}
810 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
811 ceilometer_password: {get_param: CeilometerPassword}
812 ceilometer_coordination_url:
816 - {get_param: RedisVirtualIP}
821 - - 'mysql://ceilometer:unset@'
822 - {get_param: MysqlVirtualIP}
824 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
825 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
826 nova_password: {get_param: NovaPassword}
831 - {get_param: NovaPassword}
833 - {get_param: MysqlVirtualIP}
835 fencing_config: {get_param: FencingConfig}
836 pcsd_password: {get_param: PcsdPassword}
837 rabbit_username: {get_param: RabbitUserName}
838 rabbit_password: {get_param: RabbitPassword}
839 rabbit_cookie: {get_param: RabbitCookie}
840 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
841 rabbit_client_port: {get_param: RabbitClientPort}
842 mongodb_no_journal: {get_param: MongoDbNoJournal}
845 template: '["server"]'
847 server: {get_param: NtpServer}
848 control_virtual_interface: {get_param: ControlVirtualInterface}
849 public_virtual_interface: {get_param: PublicVirtualInterface}
850 swift_hash_suffix: {get_param: SwiftHashSuffix}
851 swift_password: {get_param: SwiftPassword}
852 swift_part_power: {get_param: SwiftPartPower}
853 swift_replicas: {get_param: SwiftReplicas}
854 swift_min_part_hours: {get_param: SwiftMinPartHours}
855 swift_mount_check: {get_param: SwiftMountCheck}
856 enable_package_install: {get_param: EnablePackageInstall}
857 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
858 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
859 cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
860 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
861 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
862 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
866 - - {get_param: GlanceProtocol}
868 - {get_param: GlanceApiVirtualIP}
870 - {get_param: GlancePort}
871 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
872 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
873 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
874 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
875 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
876 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
877 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
878 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
879 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
880 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
881 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
882 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
883 redis_vip: {get_param: RedisVirtualIP}
884 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
885 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
886 mysql_virtual_ip: {get_param: MysqlVirtualIP}
887 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
888 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
889 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
891 # Map heat metadata into hiera datafiles
893 type: OS::Heat::StructuredConfig
895 group: os-apply-config
899 - heat_config_%{::deploy_config_name}
900 - controller_extraconfig
905 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
906 - ceph_cluster # provided by CephClusterConfig
908 - bootstrap_node # provided by BootstrapNodeConfig
909 - all_nodes # provided by allNodesConfig
910 - vip_data # provided by vip-config
913 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
914 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
915 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
917 controller_extraconfig:
918 mapped_data: {get_param: ControllerExtraConfig}
920 mapped_data: {get_param: ExtraConfig}
922 raw_data: {get_file: hieradata/common.yaml}
924 raw_data: {get_file: hieradata/ceph.yaml}
926 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
927 ceph::profile::params::public_network: {get_input: ceph_public_network}
928 ceph::mon::public_addr: {get_input: ceph_public_ip}
930 raw_data: {get_file: hieradata/database.yaml}
932 raw_data: {get_file: hieradata/object.yaml}
934 raw_data: {get_file: hieradata/controller.yaml}
935 mapped_data: # data supplied directly to this deployment configuration, etc
936 bootstack_nodeid: {get_input: bootstack_nodeid}
939 enable_fencing: {get_input: enable_fencing}
940 hacluster_pwd: {get_input: pcsd_password}
941 tripleo::fencing::config: {get_input: fencing_config}
944 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
945 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
946 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
947 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
948 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
949 swift::proxy::authtoken::admin_password: {get_input: swift_password}
950 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
951 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
952 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
953 swift_mount_check: {get_input: swift_mount_check}
955 # NOTE(dprince): build_ring support is currently not wired in.
956 # See: https://review.openstack.org/#/c/109225/
957 tripleo::ringbuilder::build_ring: True
960 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
961 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
962 cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
963 cinder_nfs_servers: {get_input: cinder_nfs_servers}
964 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
965 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
966 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
967 cinder::database_connection: {get_input: cinder_dsn}
968 cinder::api::keystone_password: {get_input: cinder_password}
969 cinder::api::auth_uri: {get_input: keystone_auth_uri}
970 cinder::api::identity_uri: {get_input: keystone_identity_uri}
971 cinder::api::bind_host: {get_input: cinder_api_network}
972 cinder::rabbit_userid: {get_input: rabbit_username}
973 cinder::rabbit_password: {get_input: rabbit_password}
974 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
975 cinder::rabbit_port: {get_input: rabbit_client_port}
976 cinder::debug: {get_input: debug}
977 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
978 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
979 cinder_backend_config: {get_input: CinderBackendConfig}
980 cinder::db::mysql::password: {get_input: cinder_password}
983 glance::api::bind_port: {get_input: glance_port}
984 glance::api::bind_host: {get_input: glance_api_network}
985 glance::api::auth_uri: {get_input: keystone_auth_uri}
986 glance::api::identity_uri: {get_input: keystone_identity_uri}
987 glance::api::registry_host: {get_input: glance_registry_network}
988 glance::api::keystone_password: {get_input: glance_password}
989 glance::api::debug: {get_input: debug}
990 glance_notifier_strategy: {get_input: glance_notifier_strategy}
991 glance_log_file: {get_input: glance_log_file}
992 glance_log_file: {get_input: glance_log_file}
993 glance::api::database_connection: {get_input: glance_dsn}
994 glance::registry::keystone_password: {get_input: glance_password}
995 glance::registry::database_connection: {get_input: glance_dsn}
996 glance::registry::bind_host: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
997 glance::registry::auth_uri: {get_input: keystone_auth_uri}
998 glance::registry::identity_uri: {get_input: keystone_identity_uri}
999 glance::registry::debug: {get_input: debug}
1000 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_address}
1001 glance::backend::swift::swift_store_user: service:glance
1002 glance::backend::swift::swift_store_key: {get_input: glance_password}
1003 glance_backend: {get_input: glance_backend}
1004 glance::db::mysql::password: {get_input: glance_password}
1007 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
1008 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
1009 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
1010 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
1011 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
1012 heat::rabbit_userid: {get_input: rabbit_username}
1013 heat::rabbit_password: {get_input: rabbit_password}
1014 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1015 heat::rabbit_port: {get_input: rabbit_client_port}
1016 heat::auth_uri: {get_input: keystone_auth_uri}
1017 heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
1018 heat::identity_uri: {get_input: keystone_identity_uri}
1019 heat::keystone_password: {get_input: heat_password}
1020 heat::api::bind_host: {get_input: heat_api_network}
1021 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
1022 heat::api_cfn::bind_host: {get_input: heat_api_network}
1023 heat::database_connection: {get_input: heat_dsn}
1024 heat::debug: {get_input: debug}
1025 heat::db::mysql::password: {get_input: heat_password}
1028 keystone::admin_token: {get_input: admin_token}
1029 keystone_ca_certificate: {get_input: keystone_ca_certificate}
1030 keystone_signing_key: {get_input: keystone_signing_key}
1031 keystone_signing_certificate: {get_input: keystone_signing_certificate}
1032 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
1033 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
1034 keystone::database_connection: {get_input: keystone_dsn}
1035 keystone::public_bind_host: {get_input: keystone_public_api_network}
1036 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
1037 keystone::debug: {get_input: debug}
1038 keystone::db::mysql::password: {get_input: admin_token}
1039 keystone::rabbit_userid: {get_input: rabbit_username}
1040 keystone::rabbit_password: {get_input: rabbit_password}
1041 keystone::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1042 keystone::rabbit_port: {get_input: rabbit_client_port}
1043 keystone::notification_driver: {get_input: keystone_notification_driver}
1044 keystone::notification_format: {get_input: keystone_notification_format}
1046 mongodb::server::bind_ip: {get_input: mongo_db_network}
1047 mongodb::server::nojournal: {get_input: mongodb_no_journal}
1049 admin_password: {get_input: admin_password}
1050 enable_galera: {get_input: enable_galera}
1051 enable_ceph_storage: {get_input: enable_ceph_storage}
1052 enable_swift_storage: {get_input: enable_swift_storage}
1053 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
1054 mysql_max_connections: {get_input: mysql_max_connections}
1055 mysql::server::root_password: {get_input: mysql_root_password}
1056 mysql_cluster_name: {get_input: mysql_cluster_name}
1057 mysql_bind_host: {get_input: mysql_network}
1058 mysql_virtual_ip: {get_input: mysql_virtual_ip}
1061 neutron::bind_host: {get_input: neutron_api_network}
1062 neutron::rabbit_password: {get_input: rabbit_password}
1063 neutron::rabbit_user: {get_input: rabbit_user}
1064 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1065 neutron::rabbit_port: {get_input: rabbit_client_port}
1066 neutron::debug: {get_input: debug}
1067 neutron::server::auth_uri: {get_input: keystone_auth_uri}
1068 neutron::server::identity_uri: {get_input: keystone_identity_uri}
1069 neutron::server::database_connection: {get_input: neutron_dsn}
1070 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
1071 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
1072 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
1073 neutron_flat_networks: {get_input: neutron_flat_networks}
1074 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1075 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
1076 neutron_agent_mode: {get_input: neutron_agent_mode}
1077 neutron_router_distributed: {get_input: neutron_router_distributed}
1078 neutron_mechanism_drivers: {get_input: neutron_mechanism_drivers}
1079 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
1080 neutron::server::l3_ha: {get_input: neutron_l3_ha}
1081 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
1082 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
1083 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
1084 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
1085 neutron_bridge_mappings: {get_input: neutron_bridge_mappings}
1086 neutron_public_interface: {get_input: neutron_public_interface}
1087 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
1088 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
1089 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
1090 neutron_tenant_network_type: {get_input: neutron_tenant_network_type}
1091 neutron_tunnel_types: {get_input: neutron_tunnel_types}
1092 neutron::server::auth_password: {get_input: neutron_password}
1093 neutron::agents::metadata::auth_password: {get_input: neutron_password}
1094 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
1095 neutron_dsn: {get_input: neutron_dsn}
1096 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1097 neutron::db::mysql::password: {get_input: neutron_password}
1100 ceilometer_backend: {get_input: ceilometer_backend}
1101 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1102 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1103 ceilometer::rabbit_userid: {get_input: rabbit_username}
1104 ceilometer::rabbit_password: {get_input: rabbit_password}
1105 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1106 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1107 ceilometer::debug: {get_input: debug}
1108 ceilometer::api::host: {get_input: ceilometer_api_network}
1109 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1110 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1111 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1112 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1113 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_address}
1114 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1115 ceilometer::db::mysql::password: {get_input: ceilometer_password}
1116 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1117 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1120 nova::rabbit_userid: {get_input: rabbit_username}
1121 nova::rabbit_password: {get_input: rabbit_password}
1122 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1123 nova::rabbit_port: {get_input: rabbit_client_port}
1124 nova::debug: {get_input: debug}
1125 nova::api::auth_uri: {get_input: keystone_auth_uri}
1126 nova::api::identity_uri: {get_input: keystone_identity_uri}
1127 nova::api::api_bind_address: {get_input: nova_api_network}
1128 nova::api::metadata_listen: {get_input: nova_metadata_network}
1129 nova::api::admin_password: {get_input: nova_password}
1130 nova::database_connection: {get_input: nova_dsn}
1131 nova::glance_api_servers: {get_input: glance_api_servers}
1132 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1133 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
1134 nova::network::neutron::neutron_url: {get_input: neutron_url}
1135 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
1136 nova::vncproxy::host: {get_input: nova_api_network}
1137 nova::db::mysql::password: {get_input: nova_password}
1140 apache::ip: {get_input: horizon_network}
1141 horizon::django_debug: {get_input: debug}
1142 horizon::secret_key: {get_input: horizon_secret}
1143 horizon::bind_address: {get_input: horizon_network}
1144 horizon::keystone_url: {get_input: keystone_auth_uri}
1147 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1148 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1150 redis::bind: {get_input: redis_network}
1151 redis_vip: {get_input: redis_vip}
1153 memcached::listen_ip: {get_input: memcached_network}
1154 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1155 ntp::servers: {get_input: ntp_servers}
1156 control_virtual_interface: {get_input: control_virtual_interface}
1157 public_virtual_interface: {get_input: public_virtual_interface}
1158 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1159 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1160 tripleo::packages::enable_install: {get_input: enable_package_install}
1162 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1163 ControllerExtraConfigPre:
1164 depends_on: ControllerDeployment
1165 type: OS::TripleO::ControllerExtraConfigPre
1167 server: {get_resource: Controller}
1170 type: OS::TripleO::Tasks::PackageUpdate
1173 type: OS::Heat::SoftwareDeployment
1175 config: {get_resource: UpdateConfig}
1176 server: {get_resource: Controller}
1179 get_param: UpdateIdentifier
1183 description: IP address of the server in the ctlplane network
1184 value: {get_attr: [Controller, networks, ctlplane, 0]}
1185 external_ip_address:
1186 description: IP address of the server in the external network
1187 value: {get_attr: [ExternalPort, ip_address]}
1188 internal_api_ip_address:
1189 description: IP address of the server in the internal_api network
1190 value: {get_attr: [InternalApiPort, ip_address]}
1192 description: IP address of the server in the storage network
1193 value: {get_attr: [StoragePort, ip_address]}
1194 storage_mgmt_ip_address:
1195 description: IP address of the server in the storage_mgmt network
1196 value: {get_attr: [StorageMgmtPort, ip_address]}
1198 description: IP address of the server in the tenant network
1199 value: {get_attr: [TenantPort, ip_address]}
1201 description: Hostname of the server
1202 value: {get_attr: [Controller, name]}
1205 Node object in the format {ip: ..., name: ...} format that the corosync
1208 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1209 name: {get_attr: [Controller, name]}
1212 Server's IP address and hostname in the /etc/hosts format
1215 template: IP HOST.localdomain HOST CLOUDNAME
1217 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1218 HOST: {get_attr: [Controller, name]}
1219 CLOUDNAME: {get_param: CloudName}
1220 nova_server_resource:
1221 description: Heat resource handle for the Nova compute server
1223 {get_resource: Controller}
1225 description: Swift device formatted for swift-ring-builder
1228 template: 'r1z1-IP:%PORT%/d1'
1230 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1231 swift_proxy_memcache:
1232 description: Swift proxy-memcache value
1235 template: "IP:11211"
1237 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1239 description: identifier which changes if the controller configuration may need re-applying
1243 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1244 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
Code Review / apex-tripleo-heat-templates.git / blob