1 heat_template_version: 2015-10-15
4 OpenStack controller node configured by Puppet.
8 default: 'admin@example.com'
9 description: The email for the keystone admin account.
13 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
17 description: The keystone auth secret and db password.
20 CeilometerApiVirtualIP:
25 description: The ceilometer backend type.
27 CeilometerMeteringSecret:
28 description: Secret shared by the ceilometer services.
32 description: The password for the ceilometer service and db account.
40 description: Number of workers for Ceilometer service.
45 Whether to create cron job for purging soft deleted rows in Cinder database.
47 CinderEnableNfsBackend:
49 description: Whether to enable or not the NFS backend for Cinder
51 CinderEnableIscsiBackend:
53 description: Whether to enable or not the Iscsi backend for Cinder
55 CinderEnableRbdBackend:
57 description: Whether to enable or not the Rbd backend for Cinder
61 description: The iSCSI helper to use with cinder.
63 CinderLVMLoopDeviceSize:
65 description: The size of the loopback file used by the cinder LVM driver.
67 CinderNfsMountOptions:
70 Mount options for NFS mounts used by Cinder NFS backend. Effective
71 when CinderEnableNfsBackend is true.
76 NFS servers used by Cinder NFS backend. Effective when
77 CinderEnableNfsBackend is true.
78 type: comma_delimited_list
80 description: The password for the cinder service and db account, used by cinder-api.
85 description: Contains parameters to configure Cinder backends. Typically
86 set via parameter_defaults in the resource registry.
90 description: Number of workers for Cinder service.
92 ControllerExtraConfig:
95 Controller specific hiera configuration data to inject into the cluster.
100 A network mapped list of IPs to assign to Controllers in the following form:
102 "internal_api": ["a.b.c.d", "e.f.g.h"],
106 ControlVirtualInterface:
108 description: Interface where virtual ip will be assigned.
112 description: Set to True to enable debugging on all services.
116 description: Whether to enable fencing in Pacemaker or not.
120 description: Whether to use Galera instead of regular MariaDB.
124 description: Whether to deploy a LoadBalancer on the Controller
128 description: Whether to deploy Ceph Storage (OSD) on the Controller
132 description: Whether to enable Swift Storage on the Controller
137 Additional hieradata to inject into the cluster, note that
138 ControllerExtraConfig takes precedence over ExtraConfig.
143 Pacemaker fencing configuration. The JSON should have
144 the following structure:
148 "agent": "AGENT_NAME",
149 "host_mac": "HOST_MAC_ADDRESS",
150 "params": {"PARAM_NAME": "PARAM_VALUE"}
158 "agent": "fence_xvm",
159 "host_mac": "52:54:00:aa:bb:cc",
161 "multicast_address": "225.0.0.12",
162 "port": "baremetal_0",
164 "manage_key_file": true,
165 "key_file": "/etc/fence_xvm.key",
166 "key_file_password": "abcdef"
173 description: Flavor for control nodes to request when deploying.
176 - custom_constraint: nova.flavor
177 GlanceNotifierStrategy:
178 description: Strategy to use for Glance notification queue
182 description: The filepath of the file to use for logging messages from Glance.
186 description: The password for the glance service and db account, used by the glance services.
191 description: The short name of the Glance backend to use. Should be one
192 of swift, rbd, or file
195 - allowed_values: ['swift', 'file', 'rbd']
196 GlanceFilePcmkDevice:
199 An exported storage device that should be mounted by Pacemaker
200 as Glance storage. Effective when GlanceFilePcmkManage is true.
202 GlanceFilePcmkFstype:
205 Filesystem type for Pacemaker mount used as Glance storage.
206 Effective when GlanceFilePcmkManage is true.
208 GlanceFilePcmkManage:
211 Whether to make Glance file backend a mount managed by Pacemaker.
212 Effective when GlanceBackend is 'file'.
214 GlanceFilePcmkOptions:
217 Mount options for Pacemaker mount used as Glance storage.
218 Effective when GlanceFilePcmkManage is true.
220 HAProxySyslogAddress:
222 description: Syslog address where HAproxy will send its log
226 description: Number of workers for Glance service.
229 description: The password for the Heat service and db account, used by the Heat services.
232 HeatStackDomainAdminPassword:
233 description: Password for heat_domain_admin user.
236 HeatAuthEncryptionKey:
237 description: Auth encryption key for heat-engine
242 description: A list of IP/Hostname allowed to connect to horizon
243 type: comma_delimited_list
246 description: Number of workers for Heat service.
249 description: Secret key for Django
254 default: overcloud-control
256 - custom_constraint: glance.image
258 default: 'REBUILD_PRESERVE_EPHEMERAL'
259 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
261 InstanceNameTemplate:
262 default: 'instance-%08x'
263 description: Template string to be used to generate instance names
267 description: Name of an existing Nova key pair to enable SSH access to the instances
270 - custom_constraint: nova.keypair
271 KeystoneCACertificate:
273 description: Keystone self-signed certificate authority certificate.
275 KeystoneEnableDBPurge:
278 Whether to create cron job for purging soft deleted rows in Keystone database.
280 KeystoneSigningCertificate:
282 description: Keystone certificate for verifying token validity.
286 description: Keystone key for signing tokens.
289 KeystoneSSLCertificate:
291 description: Keystone certificate for verifying token validity.
293 KeystoneSSLCertificateKey:
295 description: Keystone key for signing tokens.
298 KeystoneNotificationDriver:
299 description: Comma-separated list of Oslo notification drivers used by Keystone
300 default: ['messaging']
301 type: comma_delimited_list
302 KeystoneNotificationFormat:
303 description: The Keystone notification format
307 - allowed_values: [ 'basic', 'cadf' ]
311 description: Keystone region for endpoint
314 description: Whether to manage IPtables rules.
318 description: Whether IPtables rules should be purged before setting up the new ones.
322 description: Number of workers for Keystone service.
329 description: The password for the sahara service account, used by sahara-api.
332 MysqlClusterUniquePart:
333 description: A unique identifier of the MySQL cluster the controller is in.
335 default: 'unset' # Has to be here because of the ignored empty value bug
336 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
338 # - length: {min: 4, max: 10}
339 MysqlInnodbBufferPoolSize:
341 Specifies the size of the buffer pool in megabytes. Setting to
342 zero should be interpreted as "no value" and will defer to the
347 description: Configures MySQL max_connections config setting
353 default: '' # Has to be here because of the ignored empty value bug
354 NeutronExternalNetworkBridge:
355 description: Name of bridge used for external network traffic.
358 NeutronBridgeMappings:
360 The OVS logical->physical bridge mappings to use. See the Neutron
361 documentation for details. Defaults to mapping br-ex - the external
362 bridge on hosts - to a physical name 'datacentre' which can be used
363 to create provider networks (and we use this for the default floating
364 network) - if changing this either use different post-install network
365 scripts or be sure to keep 'datacentre' as a mapping network name.
366 type: comma_delimited_list
367 default: "datacentre:br-ex"
368 NeutronDnsmasqOptions:
369 default: 'dhcp-option-force=26,1400'
370 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
372 NeutronEnableDHCPAgent:
373 description: Knob to enable/disable DHCP Agent
376 NeutronEnableL3Agent:
377 description: Knob to enable/disable L3 agent
380 NeutronEnableMetadataAgent:
381 description: Knob to enable/disable Metadata agent
384 NeutronEnableOVSAgent:
385 description: Knob to enable/disable OVS Agent
390 description: Agent mode for the neutron-l3-agent on the controller hosts
394 description: Whether to enable l3-agent HA
396 NeutronDhcpAgentsPerNetwork:
399 description: The number of neutron dhcp agents to schedule per network
402 description: Whether to configure Neutron Distributed Virtual Routers
404 NeutronMetadataProxySharedSecret:
405 description: Shared secret to prevent spoofing
411 The core plugin for Neutron. The value should be the entrypoint to be loaded
412 from neutron.core_plugins namespace.
414 NeutronServicePlugins:
415 default: "router,qos"
417 Comma-separated list of service plugin entrypoints to be loaded from the
418 neutron.service_plugins namespace.
419 type: comma_delimited_list
421 default: "vxlan,vlan,flat,gre"
423 Comma-separated list of network type driver entrypoints to be loaded.
424 type: comma_delimited_list
425 NeutronMechanismDrivers:
426 default: 'openvswitch'
428 The mechanism drivers for the Neutron tenant network.
429 type: comma_delimited_list
430 NeutronAllowL3AgentFailover:
432 description: Allow automatic l3-agent failover
434 NeutronEnableIsolatedMetadata:
436 description: If True, DHCP provide metadata route to VM.
438 NeutronEnableTunnelling:
444 Enable/disable the L2 population feature in the Neutron agents.
447 type: comma_delimited_list
448 default: 'datacentre'
449 description: If set, flat networks to configure in neutron plugins.
452 description: Whether to enable l3-agent HA
456 description: The tenant network type for Neutron.
457 type: comma_delimited_list
458 NeutronNetworkVLANRanges:
459 default: 'datacentre:1:1000'
461 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
462 Neutron documentation for permitted values. Defaults to permitting any
463 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
464 type: comma_delimited_list
466 description: The password for the neutron service and db account, used by neutron agents.
469 NeutronPublicInterface:
471 description: What interface to bridge onto br-ex for network nodes.
473 NeutronPublicInterfaceTag:
476 VLAN tag for creating a public VLAN. The tag will be used to
477 create an access port on the exterior bridge for each control plane node,
478 and that port will be given the IP address returned by neutron from the
479 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
480 overcloud.yaml to include the deployment of VLAN ports to the control
483 NeutronPublicInterfaceDefaultRoute:
485 description: A custom default route for the NeutronPublicInterface.
487 NeutronPublicInterfaceIP:
489 description: A custom IP address to put onto the NeutronPublicInterface.
491 NeutronPublicInterfaceRawDevice:
493 description: If set, the public interface is a vlan with this device as the raw device.
498 The tunnel types for the Neutron tenant network.
499 type: comma_delimited_list
500 NeutronTunnelIdRanges:
502 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
503 of GRE tunnel IDs that are available for tenant network allocation
504 default: ["1:4094", ]
505 type: comma_delimited_list
508 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
509 of VXLAN VNI IDs that are available for tenant network allocation
510 default: ["1:4094", ]
511 type: comma_delimited_list
512 NeutronPluginExtensions:
515 Comma-separated list of extensions enabled for the Neutron plugin.
516 type: comma_delimited_list
517 NeutronAgentExtensions:
520 Comma-separated list of extensions enabled for the Neutron agents.
521 type: comma_delimited_list
527 description: Number of workers for Neutron service.
532 Whether to create cron job for purging soft deleted rows in Nova database.
535 description: The password for the nova service and db account, used by nova-api.
540 description: Number of workers for Nova service.
544 description: Should MongoDb journaling be disabled
548 description: Comma-separated list of ntp servers
549 type: comma_delimited_list
552 description: The password for the 'pcsd' user.
554 PublicVirtualInterface:
557 Specifies the interface where the public-facing virtual ip will be assigned.
558 This should be int_public when a VLAN is being used.
562 default: '' # Has to be here because of the ignored empty value bug
565 default: '' # Has to be here because of the ignored empty value bug
569 description: The password for RabbitMQ
574 description: The username for RabbitMQ
579 Rabbit client subscriber parameter to specify
580 an SSL connection to the RabbitMQ host.
584 description: Set rabbit subscriber port, change this if using SSL
588 description: Configures RabbitMQ FD limit
592 default: '' # Has to be here because of the ignored empty value bug
593 SnmpdReadonlyUserName:
594 default: ro_snmp_user
595 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
597 SnmpdReadonlyUserPassword:
598 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
602 description: A random string to be used as a salt when hashing to determine mappings
608 description: Value of mount_check in Swift account/container/object -server.conf
613 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
616 description: Partition Power to use when building Swift rings
619 description: The password for the swift service account, used by the swift proxy
629 description: How many replicas to use in the swift rings.
632 description: Number of workers for Swift service.
636 description: The timezone to be set on controller nodes.
638 VirtualIP: # DEPRECATED: use per service settings instead
640 default: '' # Has to be here because of the ignored empty value bug
647 GlanceRegistryVirtualIP:
653 KeystoneAdminApiVirtualIP:
656 KeystonePublicApiVirtualIP:
662 EnablePackageInstall:
664 description: Set to true to enable package installation via Puppet
668 description: Mapping of service_name -> network name. Typically set
669 via parameter_defaults in the resource registry.
673 description: Mapping of service endpoint -> protocol. Typically set
674 via parameter_defaults in the resource registry.
680 Setting to a previously unused value during stack-update will trigger
681 package update on all nodes
684 default: '' # Defaults to Heat created hostname
685 NetworkDeploymentActions:
686 type: comma_delimited_list
688 Heat action when to apply network configuration changes
693 SoftwareConfigTransport:
694 default: POLL_SERVER_CFN
696 How the server should receive the metadata required for software configuration.
699 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
704 The DNS domain used for the hosts. This should match the dhcp_domain
705 configured in the Undercloud neutron. Defaults to localdomain.
709 Extra properties or metadata passed to Nova for the created nodes in
710 the overcloud. It's accessible via the Nova metadata API.
714 description: Optional scheduler hints to pass to nova
720 type: OS::Nova::Server
722 image: {get_param: Image}
723 image_update_policy: {get_param: ImageUpdatePolicy}
724 flavor: {get_param: Flavor}
725 key_name: {get_param: KeyName}
728 user_data_format: SOFTWARE_CONFIG
729 user_data: {get_resource: UserData}
730 name: {get_param: Hostname}
731 software_config_transport: {get_param: SoftwareConfigTransport}
732 metadata: {get_param: ServerMetadata}
733 scheduler_hints: {get_param: SchedulerHints}
735 # Combine the NodeAdminUserData and NodeUserData mime archives
737 type: OS::Heat::MultipartMime
740 - config: {get_resource: NodeAdminUserData}
742 - config: {get_resource: NodeUserData}
745 # Creates the "heat-admin" user if configured via the environment
746 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
748 type: OS::TripleO::NodeAdminUserData
750 # For optional operator additional userdata
751 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
753 type: OS::TripleO::NodeUserData
756 type: OS::TripleO::Controller::Ports::ExternalPort
758 IPPool: {get_param: ControllerIPs}
759 NodeIndex: {get_param: NodeIndex}
760 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
763 type: OS::TripleO::Controller::Ports::InternalApiPort
765 IPPool: {get_param: ControllerIPs}
766 NodeIndex: {get_param: NodeIndex}
767 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
770 type: OS::TripleO::Controller::Ports::StoragePort
772 IPPool: {get_param: ControllerIPs}
773 NodeIndex: {get_param: NodeIndex}
774 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
777 type: OS::TripleO::Controller::Ports::StorageMgmtPort
779 IPPool: {get_param: ControllerIPs}
780 NodeIndex: {get_param: NodeIndex}
781 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
784 type: OS::TripleO::Controller::Ports::TenantPort
786 IPPool: {get_param: ControllerIPs}
787 NodeIndex: {get_param: NodeIndex}
788 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
791 type: OS::TripleO::Controller::Ports::ManagementPort
793 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
796 type: OS::TripleO::Network::Ports::NetIpMap
798 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
799 ExternalIp: {get_attr: [ExternalPort, ip_address]}
800 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
801 StorageIp: {get_attr: [StoragePort, ip_address]}
802 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
803 TenantIp: {get_attr: [TenantPort, ip_address]}
804 ManagementIp: {get_attr: [ManagementPort, ip_address]}
807 type: OS::TripleO::Network::Ports::NetIpSubnetMap
809 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
810 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
811 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
812 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
813 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
814 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
815 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
818 type: OS::TripleO::Controller::Net::SoftwareConfig
820 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
821 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
822 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
823 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
824 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
825 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
826 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
829 type: OS::TripleO::SoftwareDeployment
831 name: NetworkDeployment
832 config: {get_resource: NetworkConfig}
833 server: {get_resource: Controller}
834 actions: {get_param: NetworkDeploymentActions}
837 interface_name: {get_param: NeutronPublicInterface}
839 # Resource for site-specific injection of root certificate
841 depends_on: NetworkDeployment
842 type: OS::TripleO::NodeTLSCAData
844 server: {get_resource: Controller}
846 # Resource for site-specific passing of private keys/certificates
848 depends_on: NodeTLSCAData
849 type: OS::TripleO::NodeTLSData
851 server: {get_resource: Controller}
852 NodeIndex: {get_param: NodeIndex}
855 ControllerDeployment:
856 type: OS::TripleO::SoftwareDeployment
857 depends_on: NetworkDeployment
859 name: ControllerDeployment
860 config: {get_resource: ControllerConfig}
861 server: {get_resource: Controller}
863 bootstack_nodeid: {get_attr: [Controller, name]}
864 ceilometer_workers: {get_param: CeilometerWorkers}
865 cinder_workers: {get_param: CinderWorkers}
866 glance_workers: {get_param: GlanceWorkers}
867 heat_workers: {get_param: HeatWorkers}
868 keystone_workers: {get_param: KeystoneWorkers}
869 nova_workers: {get_param: NovaWorkers}
870 neutron_workers: {get_param: NeutronWorkers}
871 swift_workers: {get_param: SwiftWorkers}
872 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
873 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
874 neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
875 haproxy_log_address: {get_param: HAProxySyslogAddress}
876 heat.watch_server_url:
880 - {get_param: HeatApiVirtualIP}
882 heat.metadata_server_url:
886 - {get_param: HeatApiVirtualIP}
888 heat.waitcondition_server_url:
892 - {get_param: HeatApiVirtualIP}
893 - ':8000/v1/waitcondition'
894 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
895 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
896 horizon_secret: {get_param: HorizonSecret}
897 admin_email: {get_param: AdminEmail}
898 admin_password: {get_param: AdminPassword}
899 admin_token: {get_param: AdminToken}
900 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
901 debug: {get_param: Debug}
902 cinder_enable_db_purge: {get_param: CinderEnableDBPurge}
903 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
904 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
905 cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
910 SERVERS: {get_param: CinderNfsServers}
911 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
912 cinder_password: {get_param: CinderPassword}
913 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
914 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
915 cinder_backend_config: {get_param: CinderBackendConfig}
919 - - 'mysql+pymysql://cinder:'
920 - {get_param: CinderPassword}
922 - {get_param: MysqlVirtualIP}
924 glance_port: {get_param: [EndpointMap, GlanceInternal, port]}
925 glance_password: {get_param: GlancePassword}
926 glance_backend: {get_param: GlanceBackend}
927 glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice}
928 glance_file_pcmk_fstype: {get_param: GlanceFilePcmkFstype}
929 glance_file_pcmk_manage: {get_param: GlanceFilePcmkManage}
930 glance_file_pcmk_options: {get_param: GlanceFilePcmkOptions}
931 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
932 glance_log_file: {get_param: GlanceLogFile}
936 - - 'mysql+pymysql://glance:'
937 - {get_param: GlancePassword}
939 - {get_param: MysqlVirtualIP}
941 heat_password: {get_param: HeatPassword}
942 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
946 - - 'mysql+pymysql://heat:'
947 - {get_param: HeatPassword}
949 - {get_param: MysqlVirtualIP}
951 keystone_ca_certificate: {get_param: KeystoneCACertificate}
952 keystone_signing_key: {get_param: KeystoneSigningKey}
953 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
954 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
955 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
956 keystone_notification_driver: {get_param: KeystoneNotificationDriver}
957 keystone_notification_format: {get_param: KeystoneNotificationFormat}
958 keystone_enable_db_purge: {get_param: KeystoneEnableDBPurge}
962 - - 'mysql+pymysql://keystone:'
963 - {get_param: AdminToken}
965 - {get_param: MysqlVirtualIP}
967 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
968 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
969 keystone_public_url: { get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
970 keystone_internal_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
971 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
972 enable_fencing: {get_param: EnableFencing}
973 enable_galera: {get_param: EnableGalera}
974 enable_load_balancer: {get_param: EnableLoadBalancer}
975 enable_ceph_storage: {get_param: EnableCephStorage}
976 enable_swift_storage: {get_param: EnableSwiftStorage}
977 manage_firewall: {get_param: ManageFirewall}
978 purge_firewall_rules: {get_param: PurgeFirewallRules}
979 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
980 mysql_max_connections: {get_param: MysqlMaxConnections}
981 mysql_root_password: {get_param: MysqlRootPassword}
984 template: tripleo-CLUSTER
986 CLUSTER: {get_param: MysqlClusterUniquePart}
987 neutron_flat_networks:
991 NETWORKS: {get_param: NeutronFlatNetworks}
992 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
993 neutron_agent_mode: {get_param: NeutronAgentMode}
994 neutron_router_distributed: {get_param: NeutronDVR}
995 neutron_core_plugin: {get_param: NeutronCorePlugin}
996 neutron_service_plugins:
1000 PLUGINS: {get_param: NeutronServicePlugins}
1001 neutron_type_drivers:
1005 DRIVERS: {get_param: NeutronTypeDrivers}
1006 neutron_enable_dhcp_agent: {get_param: NeutronEnableDHCPAgent}
1007 neutron_enable_l3_agent: {get_param: NeutronEnableL3Agent}
1008 neutron_enable_metadata_agent: {get_param: NeutronEnableMetadataAgent}
1009 neutron_enable_ovs_agent: {get_param: NeutronEnableOVSAgent}
1010 neutron_mechanism_drivers:
1012 template: MECHANISMS
1014 MECHANISMS: {get_param: NeutronMechanismDrivers}
1015 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
1016 neutron_l3_ha: {get_param: NeutronL3HA}
1017 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
1018 neutron_network_vlan_ranges:
1022 RANGES: {get_param: NeutronNetworkVLANRanges}
1023 neutron_bridge_mappings:
1027 MAPPINGS: {get_param: NeutronBridgeMappings}
1028 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
1029 neutron_public_interface: {get_param: NeutronPublicInterface}
1030 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
1031 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
1032 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
1033 neutron_tunnel_id_ranges:
1037 RANGES: {get_param: NeutronTunnelIdRanges}
1042 RANGES: {get_param: NeutronVniRanges}
1043 neutron_tenant_network_types:
1047 TYPES: {get_param: NeutronNetworkType}
1048 neutron_tunnel_types:
1052 TYPES: {get_param: NeutronTunnelTypes}
1053 neutron_plugin_extensions:
1055 template: PLUGIN_EXTENSIONS
1057 PLUGIN_EXTENSIONS: {get_param: NeutronPluginExtensions}
1058 neutron_agent_extensions:
1060 template: AGENT_EXTENSIONS
1062 AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
1063 neutron_password: {get_param: NeutronPassword}
1064 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
1068 - - 'mysql+pymysql://neutron:'
1069 - {get_param: NeutronPassword}
1071 - {get_param: MysqlVirtualIP}
1072 - '/ovs_neutron?charset=utf8'
1073 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
1074 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
1075 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
1076 neutron_admin_auth_url: { get_param: [ EndpointMap, KeystoneAdmin, uri_no_suffix ] }
1077 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
1078 ceilometer_backend: {get_param: CeilometerBackend}
1079 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
1080 ceilometer_password: {get_param: CeilometerPassword}
1081 ceilometer_coordination_url:
1085 - {get_param: RedisVirtualIP}
1090 - - 'mysql+pymysql://ceilometer:'
1091 - {get_param: CeilometerPassword}
1093 - {get_param: MysqlVirtualIP}
1095 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
1096 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
1097 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
1098 nova_password: {get_param: NovaPassword}
1102 - - 'mysql+pymysql://nova:'
1103 - {get_param: NovaPassword}
1105 - {get_param: MysqlVirtualIP}
1110 - - 'mysql+pymysql://nova_api:'
1111 - {get_param: NovaPassword}
1113 - {get_param: MysqlVirtualIP}
1115 instance_name_template: {get_param: InstanceNameTemplate}
1116 fencing_config: {get_param: FencingConfig}
1117 pcsd_password: {get_param: PcsdPassword}
1118 rabbit_username: {get_param: RabbitUserName}
1119 rabbit_password: {get_param: RabbitPassword}
1120 rabbit_cookie: {get_param: RabbitCookie}
1121 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
1122 rabbit_client_port: {get_param: RabbitClientPort}
1123 mongodb_no_journal: {get_param: MongoDbNoJournal}
1124 # We need to force this into quotes or hiera will return integer causing
1125 # the puppet module validation regexp to fail.
1126 # Remove when: https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/401
1131 LIMIT: {get_param: RabbitFDLimit}
1132 ntp_servers: {get_param: NtpServer}
1133 timezone: {get_param: TimeZone}
1134 control_virtual_interface: {get_param: ControlVirtualInterface}
1135 public_virtual_interface: {get_param: PublicVirtualInterface}
1136 swift_hash_suffix: {get_param: SwiftHashSuffix}
1137 swift_password: {get_param: SwiftPassword}
1138 swift_part_power: {get_param: SwiftPartPower}
1139 swift_replicas: {get_param: SwiftReplicas}
1140 swift_min_part_hours: {get_param: SwiftMinPartHours}
1141 swift_mount_check: {get_param: SwiftMountCheck}
1142 enable_package_install: {get_param: EnablePackageInstall}
1143 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
1144 sahara_password: {get_param: SaharaPassword}
1148 - - 'mysql://sahara:'
1149 - {get_param: SaharaPassword}
1151 - {get_param: MysqlVirtualIP}
1153 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
1154 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1155 cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
1156 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
1157 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
1158 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
1159 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
1160 glance_registry_host: {get_param: GlanceRegistryVirtualIP}
1161 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
1162 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
1163 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
1164 keystone_region: {get_param: KeystoneRegion}
1165 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
1166 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
1167 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
1168 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
1169 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
1170 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
1171 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
1172 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
1173 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
1174 redis_vip: {get_param: RedisVirtualIP}
1175 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
1176 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1177 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
1178 mysql_virtual_ip: {get_param: MysqlVirtualIP}
1179 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
1180 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1181 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1183 # Map heat metadata into hiera datafiles
1185 type: OS::Heat::StructuredConfig
1187 group: os-apply-config
1192 - heat_config_%{::deploy_config_name}
1193 - controller_extraconfig
1198 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
1199 - ceph_cluster # provided by CephClusterConfig
1201 - bootstrap_node # provided by BootstrapNodeConfig
1202 - all_nodes # provided by allNodesConfig
1203 - vip_data # provided by vip-config
1206 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
1207 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
1208 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
1209 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
1210 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
1211 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
1212 - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
1213 - midonet_data #Optionally provided by AllNodesExtraConfig
1215 controller_extraconfig:
1216 mapped_data: {get_param: ControllerExtraConfig}
1218 mapped_data: {get_param: ExtraConfig}
1220 raw_data: {get_file: hieradata/common.yaml}
1222 raw_data: {get_file: hieradata/ceph.yaml}
1224 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
1225 ceph::profile::params::public_network: {get_input: ceph_public_network}
1226 ceph::mon::public_addr: {get_input: ceph_public_ip}
1228 raw_data: {get_file: hieradata/database.yaml}
1230 raw_data: {get_file: hieradata/object.yaml}
1232 raw_data: {get_file: hieradata/controller.yaml}
1233 mapped_data: # data supplied directly to this deployment configuration, etc
1234 bootstack_nodeid: {get_input: bootstack_nodeid}
1237 enable_fencing: {get_input: enable_fencing}
1238 enable_load_balancer: {get_input: enable_load_balancer}
1239 hacluster_pwd: {get_input: pcsd_password}
1240 tripleo::fencing::config: {get_input: fencing_config}
1243 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
1244 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
1245 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
1246 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
1247 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
1248 swift::proxy::authtoken::admin_password: {get_input: swift_password}
1249 swift::proxy::workers: {get_input: swift_workers}
1250 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
1251 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
1252 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
1253 swift_mount_check: {get_input: swift_mount_check}
1255 # NOTE(dprince): build_ring support is currently not wired in.
1256 # See: https://review.openstack.org/#/c/109225/
1257 tripleo::ringbuilder::build_ring: True
1260 cinder_enable_db_purge: {get_input: cinder_enable_db_purge}
1261 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
1262 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
1263 cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
1264 cinder_nfs_servers: {get_input: cinder_nfs_servers}
1265 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
1266 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
1267 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
1268 cinder::database_connection: {get_input: cinder_dsn}
1269 cinder::api::keystone_password: {get_input: cinder_password}
1270 cinder::api::auth_uri: {get_input: keystone_auth_uri}
1271 cinder::api::identity_uri: {get_input: keystone_identity_uri}
1272 cinder::api::bind_host: {get_input: cinder_api_network}
1273 cinder::rabbit_userid: {get_input: rabbit_username}
1274 cinder::rabbit_password: {get_input: rabbit_password}
1275 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1276 cinder::rabbit_port: {get_input: rabbit_client_port}
1277 cinder::debug: {get_input: debug}
1278 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
1279 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
1280 cinder_backend_config: {get_input: CinderBackendConfig}
1281 cinder::db::mysql::password: {get_input: cinder_password}
1284 glance::api::bind_port: {get_input: glance_port}
1285 glance::api::bind_host: {get_input: glance_api_network}
1286 glance::api::auth_uri: {get_input: keystone_auth_uri}
1287 glance::api::identity_uri: {get_input: keystone_identity_uri}
1288 glance::api::registry_host: {get_input: glance_registry_host}
1289 glance::api::keystone_password: {get_input: glance_password}
1290 glance::api::debug: {get_input: debug}
1291 glance::api::workers: {get_input: glance_workers}
1292 glance_notifier_strategy: {get_input: glance_notifier_strategy}
1293 glance_log_file: {get_input: glance_log_file}
1294 glance_log_file: {get_input: glance_log_file}
1295 glance::api::database_connection: {get_input: glance_dsn}
1296 glance::registry::keystone_password: {get_input: glance_password}
1297 glance::registry::database_connection: {get_input: glance_dsn}
1298 glance::registry::bind_host: {get_input: glance_registry_network}
1299 glance::registry::auth_uri: {get_input: keystone_auth_uri}
1300 glance::registry::identity_uri: {get_input: keystone_identity_uri}
1301 glance::registry::debug: {get_input: debug}
1302 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_uri}
1303 glance::registry::workers: {get_input: glance_workers}
1304 glance::backend::swift::swift_store_user: service:glance
1305 glance::backend::swift::swift_store_key: {get_input: glance_password}
1306 glance_backend: {get_input: glance_backend}
1307 glance::db::mysql::password: {get_input: glance_password}
1308 glance_file_pcmk_device: {get_input: glance_file_pcmk_device}
1309 glance_file_pcmk_fstype: {get_input: glance_file_pcmk_fstype}
1310 glance_file_pcmk_manage: {get_input: glance_file_pcmk_manage}
1311 glance_file_pcmk_options: {get_input: glance_file_pcmk_options}
1314 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
1315 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
1316 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
1317 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
1318 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
1319 heat::rabbit_userid: {get_input: rabbit_username}
1320 heat::rabbit_password: {get_input: rabbit_password}
1321 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1322 heat::rabbit_port: {get_input: rabbit_client_port}
1323 heat::auth_uri: {get_input: keystone_auth_uri}
1324 heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
1325 heat::identity_uri: {get_input: keystone_identity_uri}
1326 heat::keystone_password: {get_input: heat_password}
1327 heat::api::bind_host: {get_input: heat_api_network}
1328 heat::api::workers: {get_input: heat_workers}
1329 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
1330 heat::api_cloudwatch::workers: {get_input: heat_workers}
1331 heat::api_cfn::bind_host: {get_input: heat_api_network}
1332 heat::api_cfn::workers: {get_input: heat_workers}
1333 heat::database_connection: {get_input: heat_dsn}
1334 heat::debug: {get_input: debug}
1335 heat::db::mysql::password: {get_input: heat_password}
1338 keystone::admin_token: {get_input: admin_token}
1339 keystone_ca_certificate: {get_input: keystone_ca_certificate}
1340 keystone_signing_key: {get_input: keystone_signing_key}
1341 keystone_signing_certificate: {get_input: keystone_signing_certificate}
1342 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
1343 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
1344 keystone::database_connection: {get_input: keystone_dsn}
1345 keystone::public_bind_host: {get_input: keystone_public_api_network}
1346 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
1347 keystone::debug: {get_input: debug}
1348 keystone::db::mysql::password: {get_input: admin_token}
1349 keystone::rabbit_userid: {get_input: rabbit_username}
1350 keystone::rabbit_password: {get_input: rabbit_password}
1351 keystone::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1352 keystone::rabbit_port: {get_input: rabbit_client_port}
1353 keystone::notification_driver: {get_input: keystone_notification_driver}
1354 keystone::notification_format: {get_input: keystone_notification_format}
1355 keystone::roles::admin::email: {get_input: admin_email}
1356 keystone::roles::admin::password: {get_input: admin_password}
1357 keystone::endpoint::public_url: {get_input: keystone_public_url}
1358 keystone::endpoint::internal_url: {get_input: keystone_internal_url}
1359 keystone::endpoint::admin_url: {get_input: keystone_identity_uri}
1360 keystone::endpoint::region: {get_input: keystone_region}
1361 keystone::admin_workers: {get_input: keystone_workers}
1362 keystone::public_workers: {get_input: keystone_workers}
1363 keystone_enable_db_purge: {get_input: keystone_enable_db_purge}
1366 mongodb::server::bind_ip: {get_input: mongo_db_network}
1367 mongodb::server::nojournal: {get_input: mongodb_no_journal}
1369 admin_password: {get_input: admin_password}
1370 enable_galera: {get_input: enable_galera}
1371 enable_ceph_storage: {get_input: enable_ceph_storage}
1372 enable_swift_storage: {get_input: enable_swift_storage}
1373 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
1374 mysql_max_connections: {get_input: mysql_max_connections}
1375 mysql::server::root_password: {get_input: mysql_root_password}
1376 mysql_cluster_name: {get_input: mysql_cluster_name}
1377 mysql_bind_host: {get_input: mysql_network}
1378 mysql_virtual_ip: {get_input: mysql_virtual_ip}
1381 neutron::bind_host: {get_input: neutron_api_network}
1382 neutron::rabbit_password: {get_input: rabbit_password}
1383 neutron::rabbit_user: {get_input: rabbit_username}
1384 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1385 neutron::rabbit_port: {get_input: rabbit_client_port}
1386 neutron::debug: {get_input: debug}
1387 neutron::server::auth_uri: {get_input: keystone_auth_uri}
1388 neutron::server::identity_uri: {get_input: keystone_identity_uri}
1389 neutron::server::database_connection: {get_input: neutron_dsn}
1390 neutron::server::api_workers: {get_input: neutron_workers}
1391 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
1392 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
1393 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
1394 neutron::agents::dhcp::enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata}
1395 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
1396 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
1397 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1398 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
1399 neutron::agents::metadata::metadata_workers: {get_input: neutron_workers}
1400 neutron_agent_mode: {get_input: neutron_agent_mode}
1401 neutron_router_distributed: {get_input: neutron_router_distributed}
1402 neutron::core_plugin: {get_input: neutron_core_plugin}
1403 neutron::service_plugins: {get_input: neutron_service_plugins}
1404 neutron::enable_dhcp_agent: {get_input: neutron_enable_dhcp_agent}
1405 neutron::enable_l3_agent: {get_input: neutron_enable_l3_agent}
1406 neutron::enable_metadata_agent: {get_input: neutron_enable_metadata_agent}
1407 neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent}
1408 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
1409 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
1410 neutron::plugins::ml2::extension_drivers: {get_input: neutron_plugin_extensions}
1411 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
1412 neutron::server::l3_ha: {get_input: neutron_l3_ha}
1413 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
1414 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
1415 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
1416 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
1417 neutron::agents::ml2::ovs:bridge_mappings: {get_input: neutron_bridge_mappings}
1418 neutron_public_interface: {get_input: neutron_public_interface}
1419 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
1420 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
1421 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
1422 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
1423 neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types}
1424 neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions}
1425 neutron::server::auth_password: {get_input: neutron_password}
1426 neutron::agents::metadata::auth_password: {get_input: neutron_password}
1427 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
1428 neutron_dsn: {get_input: neutron_dsn}
1429 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1430 neutron::db::mysql::password: {get_input: neutron_password}
1431 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
1432 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
1433 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
1434 neutron::keystone::auth::password: {get_input: neutron_password }
1435 neutron::keystone::auth::region: {get_input: keystone_region}
1436 neutron::server::notifications::nova_url: {get_input: nova_internal_url}
1437 neutron::server::notifications::auth_url: {get_input: neutron_admin_auth_url}
1438 neutron::server::notifications::tenant_name: 'service'
1439 neutron::server::notifications::project_name: 'service'
1440 neutron::server::notifications::password: {get_input: nova_password}
1443 ceilometer_backend: {get_input: ceilometer_backend}
1444 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1445 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1446 ceilometer::rabbit_userid: {get_input: rabbit_username}
1447 ceilometer::rabbit_password: {get_input: rabbit_password}
1448 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1449 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1450 ceilometer::debug: {get_input: debug}
1451 ceilometer::api::host: {get_input: ceilometer_api_network}
1452 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1453 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1454 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1455 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1456 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
1457 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1458 ceilometer::db::mysql::password: {get_input: ceilometer_password}
1459 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1460 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1463 nova::rabbit_userid: {get_input: rabbit_username}
1464 nova::rabbit_password: {get_input: rabbit_password}
1465 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1466 nova::rabbit_port: {get_input: rabbit_client_port}
1467 nova::debug: {get_input: debug}
1468 nova::api::auth_uri: {get_input: keystone_auth_uri}
1469 nova::api::identity_uri: {get_input: keystone_identity_uri}
1470 nova::api::api_bind_address: {get_input: nova_api_network}
1471 nova::api::metadata_listen: {get_input: nova_metadata_network}
1472 nova::api::admin_password: {get_input: nova_password}
1473 nova::api::osapi_compute_workers: {get_input: nova_workers}
1474 nova::api::ec2_workers: {get_input: nova_workers}
1475 nova::api::metadata_workers: {get_input: nova_workers}
1476 nova::database_connection: {get_input: nova_dsn}
1477 nova::api_database_connection: {get_input: nova_api_dsn}
1478 nova::glance_api_servers: {get_input: glance_api_servers}
1479 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1480 nova::api::instance_name_template: {get_input: instance_name_template}
1481 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
1482 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1483 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
1484 nova::vncproxy::host: {get_input: nova_api_network}
1485 nova::db::mysql::password: {get_input: nova_password}
1486 nova::db::mysql_api::password: {get_input: nova_password}
1487 nova_enable_db_purge: {get_input: nova_enable_db_purge}
1490 apache::ip: {get_input: horizon_network}
1491 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1492 horizon::django_debug: {get_input: debug}
1493 horizon::secret_key: {get_input: horizon_secret}
1494 horizon::bind_address: {get_input: horizon_network}
1495 horizon::keystone_url: {get_input: keystone_auth_uri}
1498 sahara::host: {get_input: sahara_api_network}
1506 sahara::admin_password: {get_input: sahara_password}
1507 sahara::auth_uri: {get_input: keystone_auth_uri}
1508 sahara::admin_user: sahara
1509 sahara::identity_uri: {get_input: keystone_identity_uri}
1510 sahara::use_neutron: true
1511 sahara::database_connection: {get_input: sahara_dsn}
1512 sahara::debug: {get_input: debug}
1513 sahara::rpc_backend: rabbit
1514 sahara::rabbit_userid: {get_input: rabbit_username}
1515 sahara::rabbit_password: {get_input: rabbit_password}
1516 sahara::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1517 sahara::rabbit_port: {get_input: rabbit_client_port}
1518 sahara::db::mysql::password: {get_input: sahara_password}
1521 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1522 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1523 rabbitmq::file_limit: {get_input: rabbit_fd_limit}
1524 rabbitmq::default_user: {get_input: rabbit_username}
1525 rabbitmq::default_pass: {get_input: rabbit_password}
1527 redis::bind: {get_input: redis_network}
1528 redis_vip: {get_input: redis_vip}
1530 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1531 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1533 memcached::listen_ip: {get_input: memcached_network}
1534 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1535 ntp::servers: {get_input: ntp_servers}
1536 timezone::timezone: {get_input: timezone}
1537 control_virtual_interface: {get_input: control_virtual_interface}
1538 public_virtual_interface: {get_input: public_virtual_interface}
1539 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1540 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1541 tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address}
1542 tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1543 tripleo::packages::enable_install: {get_input: enable_package_install}
1544 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1546 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1547 ControllerExtraConfigPre:
1548 depends_on: ControllerDeployment
1549 type: OS::TripleO::ControllerExtraConfigPre
1551 server: {get_resource: Controller}
1553 # Hook for site-specific additional pre-deployment config,
1554 # applying to all nodes, e.g node registration/unregistration
1556 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1557 type: OS::TripleO::NodeExtraConfig
1559 server: {get_resource: Controller}
1562 type: OS::TripleO::Tasks::PackageUpdate
1565 type: OS::Heat::SoftwareDeployment
1567 name: UpdateDeployment
1568 config: {get_resource: UpdateConfig}
1569 server: {get_resource: Controller}
1572 get_param: UpdateIdentifier
1576 description: IP address of the server in the ctlplane network
1577 value: {get_attr: [Controller, networks, ctlplane, 0]}
1578 external_ip_address:
1579 description: IP address of the server in the external network
1580 value: {get_attr: [ExternalPort, ip_address]}
1581 internal_api_ip_address:
1582 description: IP address of the server in the internal_api network
1583 value: {get_attr: [InternalApiPort, ip_address]}
1585 description: IP address of the server in the storage network
1586 value: {get_attr: [StoragePort, ip_address]}
1587 storage_mgmt_ip_address:
1588 description: IP address of the server in the storage_mgmt network
1589 value: {get_attr: [StorageMgmtPort, ip_address]}
1591 description: IP address of the server in the tenant network
1592 value: {get_attr: [TenantPort, ip_address]}
1593 management_ip_address:
1594 description: IP address of the server in the management network
1595 value: {get_attr: [ManagementPort, ip_address]}
1597 description: Hostname of the server
1598 value: {get_attr: [Controller, name]}
1601 Node object in the format {ip: ..., name: ...} format that the corosync
1604 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1605 name: {get_attr: [Controller, name]}
1608 Server's IP address and hostname in the /etc/hosts format
1611 template: IP HOST.DOMAIN HOST
1613 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1614 DOMAIN: {get_param: CloudDomain}
1615 HOST: {get_attr: [Controller, name]}
1616 nova_server_resource:
1617 description: Heat resource handle for the Nova compute server
1619 {get_resource: Controller}
1621 description: Swift device formatted for swift-ring-builder
1624 template: 'r1z1-IP:%PORT%/d1'
1626 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1627 swift_proxy_memcache:
1628 description: Swift proxy-memcache value
1631 template: "IP:11211"
1633 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1635 description: identifier which changes if the controller configuration may need re-applying
1639 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1640 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1641 - {get_attr: [NodeTLSData, deploy_stdout]}
1642 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1643 - {get_param: UpdateIdentifier}
1644 tls_key_modulus_md5:
1645 description: MD5 checksum of the TLS Key Modulus
1646 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1647 tls_cert_modulus_md5:
1648 description: MD5 checksum of the TLS Certificate Modulus
1649 value: {get_attr: [NodeTLSData, cert_modulus_md5]}