1 heat_template_version: 2015-10-15
4 OpenStack controller node configured by Puppet.
8 default: 'admin@example.com'
9 description: The email for the keystone admin account.
13 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
17 description: The keystone auth secret and db password.
24 description: The password for the aodh services.
27 CeilometerApiVirtualIP:
32 description: The ceilometer backend type.
34 CeilometerMeteringSecret:
35 description: Secret shared by the ceilometer services.
39 description: The password for the ceilometer service and db account.
42 CeilometerStoreEvents:
44 description: Whether to store events in ceilometer.
51 description: Number of workers for Ceilometer service.
56 Whether to create cron job for purging soft deleted rows in Cinder database.
58 CinderEnableNfsBackend:
60 description: Whether to enable or not the NFS backend for Cinder
62 CinderEnableIscsiBackend:
64 description: Whether to enable or not the Iscsi backend for Cinder
66 CinderEnableRbdBackend:
68 description: Whether to enable or not the Rbd backend for Cinder
72 description: The iSCSI helper to use with cinder.
74 CinderLVMLoopDeviceSize:
76 description: The size of the loopback file used by the cinder LVM driver.
78 CinderNfsMountOptions:
81 Mount options for NFS mounts used by Cinder NFS backend. Effective
82 when CinderEnableNfsBackend is true.
87 NFS servers used by Cinder NFS backend. Effective when
88 CinderEnableNfsBackend is true.
89 type: comma_delimited_list
91 description: The password for the cinder service and db account, used by cinder-api.
96 description: Contains parameters to configure Cinder backends. Typically
97 set via parameter_defaults in the resource registry.
101 description: Number of workers for Cinder service.
103 ControllerExtraConfig:
106 Controller specific hiera configuration data to inject into the cluster.
111 A network mapped list of IPs to assign to Controllers in the following form:
113 "internal_api": ["a.b.c.d", "e.f.g.h"],
117 ControlVirtualInterface:
119 description: Interface where virtual ip will be assigned.
123 description: Enable IPv6 in Corosync
127 description: Set to True to enable debugging on all services.
131 description: Whether to enable fencing in Pacemaker or not.
135 description: Whether to use Galera instead of regular MariaDB.
139 description: Whether to deploy a LoadBalancer on the Controller
143 description: Whether to deploy Ceph Storage (OSD) on the Controller
147 description: Whether to enable Swift Storage on the Controller
152 Additional hieradata to inject into the cluster, note that
153 ControllerExtraConfig takes precedence over ExtraConfig.
158 Pacemaker fencing configuration. The JSON should have
159 the following structure:
163 "agent": "AGENT_NAME",
164 "host_mac": "HOST_MAC_ADDRESS",
165 "params": {"PARAM_NAME": "PARAM_VALUE"}
173 "agent": "fence_xvm",
174 "host_mac": "52:54:00:aa:bb:cc",
176 "multicast_address": "225.0.0.12",
177 "port": "baremetal_0",
179 "manage_key_file": true,
180 "key_file": "/etc/fence_xvm.key",
181 "key_file_password": "abcdef"
188 description: Flavor for control nodes to request when deploying.
191 - custom_constraint: nova.flavor
192 GlanceNotifierStrategy:
193 description: Strategy to use for Glance notification queue
197 description: The filepath of the file to use for logging messages from Glance.
201 description: The password for the glance service and db account, used by the glance services.
206 description: The short name of the Glance backend to use. Should be one
207 of swift, rbd, or file
210 - allowed_values: ['swift', 'file', 'rbd']
211 GlanceFilePcmkDevice:
214 An exported storage device that should be mounted by Pacemaker
215 as Glance storage. Effective when GlanceFilePcmkManage is true.
217 GlanceFilePcmkFstype:
220 Filesystem type for Pacemaker mount used as Glance storage.
221 Effective when GlanceFilePcmkManage is true.
223 GlanceFilePcmkManage:
226 Whether to make Glance file backend a mount managed by Pacemaker.
227 Effective when GlanceBackend is 'file'.
229 GlanceFilePcmkOptions:
232 Mount options for Pacemaker mount used as Glance storage.
233 Effective when GlanceFilePcmkManage is true.
235 HAProxyStatsPassword:
236 description: Password for HAProxy stats endpoint
239 description: User for HAProxy stats endpoint
242 HAProxySyslogAddress:
244 description: Syslog address where HAproxy will send its log
248 description: Number of workers for Glance service.
251 description: The password for the Heat service and db account, used by the Heat services.
254 HeatStackDomainAdminPassword:
255 description: Password for heat_stack_domain_admin user.
258 HeatAuthEncryptionKey:
259 description: Auth encryption key for heat-engine
264 description: A list of IP/Hostname allowed to connect to horizon
265 type: comma_delimited_list
268 description: Number of workers for Heat service.
274 Whether to create cron job for purging soft deleted rows in the Heat database.
276 description: Secret key for Django
281 default: overcloud-control
283 - custom_constraint: glance.image
285 default: 'REBUILD_PRESERVE_EPHEMERAL'
286 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
288 InstanceNameTemplate:
289 default: 'instance-%08x'
290 description: Template string to be used to generate instance names
294 description: Name of an existing Nova key pair to enable SSH access to the instances
297 - custom_constraint: nova.keypair
298 KeystoneCACertificate:
300 description: Keystone self-signed certificate authority certificate.
302 KeystoneEnableDBPurge:
305 Whether to create cron job for purging soft deleted rows in Keystone database.
307 KeystoneSigningCertificate:
309 description: Keystone certificate for verifying token validity.
313 description: Keystone key for signing tokens.
316 KeystoneSSLCertificate:
318 description: Keystone certificate for verifying token validity.
320 KeystoneSSLCertificateKey:
322 description: Keystone key for signing tokens.
325 KeystoneNotificationDriver:
326 description: Comma-separated list of Oslo notification drivers used by Keystone
327 default: ['messaging']
328 type: comma_delimited_list
329 KeystoneNotificationFormat:
330 description: The Keystone notification format
334 - allowed_values: [ 'basic', 'cadf' ]
338 description: Keystone region for endpoint
341 description: Whether to manage IPtables rules.
345 description: Enable IPv6 features in Memcached.
349 description: Whether IPtables rules should be purged before setting up the new ones.
353 description: Number of workers for Keystone service.
360 description: The password for the sahara service account, used by sahara-api.
363 MysqlClusterUniquePart:
364 description: A unique identifier of the MySQL cluster the controller is in.
366 default: 'unset' # Has to be here because of the ignored empty value bug
367 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
369 # - length: {min: 4, max: 10}
370 MysqlInnodbBufferPoolSize:
372 Specifies the size of the buffer pool in megabytes. Setting to
373 zero should be interpreted as "no value" and will defer to the
378 description: Configures MySQL max_connections config setting
384 default: '' # Has to be here because of the ignored empty value bug
385 NeutronExternalNetworkBridge:
386 description: Name of bridge used for external network traffic.
389 NeutronBridgeMappings:
391 The OVS logical->physical bridge mappings to use. See the Neutron
392 documentation for details. Defaults to mapping br-ex - the external
393 bridge on hosts - to a physical name 'datacentre' which can be used
394 to create provider networks (and we use this for the default floating
395 network) - if changing this either use different post-install network
396 scripts or be sure to keep 'datacentre' as a mapping network name.
397 type: comma_delimited_list
398 default: "datacentre:br-ex"
399 NeutronDnsmasqOptions:
400 default: 'dhcp-option-force=26,1400'
401 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
403 NeutronEnableDHCPAgent:
404 description: Knob to enable/disable DHCP Agent
407 NeutronEnableL3Agent:
408 description: Knob to enable/disable L3 agent
411 NeutronEnableMetadataAgent:
412 description: Knob to enable/disable Metadata agent
415 NeutronEnableOVSAgent:
416 description: Knob to enable/disable OVS Agent
421 description: Agent mode for the neutron-l3-agent on the controller hosts
425 description: Whether to enable l3-agent HA
427 NeutronDhcpAgentsPerNetwork:
430 description: The number of neutron dhcp agents to schedule per network
433 description: Whether to configure Neutron Distributed Virtual Routers
435 NeutronMetadataProxySharedSecret:
436 description: Shared secret to prevent spoofing
442 The core plugin for Neutron. The value should be the entrypoint to be loaded
443 from neutron.core_plugins namespace.
445 NeutronServicePlugins:
446 default: "router,qos"
448 Comma-separated list of service plugin entrypoints to be loaded from the
449 neutron.service_plugins namespace.
450 type: comma_delimited_list
452 default: "vxlan,vlan,flat,gre"
454 Comma-separated list of network type driver entrypoints to be loaded.
455 type: comma_delimited_list
456 NeutronMechanismDrivers:
457 default: 'openvswitch'
459 The mechanism drivers for the Neutron tenant network.
460 type: comma_delimited_list
461 NeutronAllowL3AgentFailover:
463 description: Allow automatic l3-agent failover
465 NeutronEnableIsolatedMetadata:
467 description: If True, DHCP provide metadata route to VM.
469 NeutronEnableTunnelling:
475 Enable/disable the L2 population feature in the Neutron agents.
478 type: comma_delimited_list
479 default: 'datacentre'
480 description: If set, flat networks to configure in neutron plugins.
483 description: Whether to enable l3-agent HA
487 description: The tenant network type for Neutron.
488 type: comma_delimited_list
489 NeutronNetworkVLANRanges:
490 default: 'datacentre:1:1000'
492 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
493 Neutron documentation for permitted values. Defaults to permitting any
494 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
495 type: comma_delimited_list
497 description: The password for the neutron service and db account, used by neutron agents.
500 NeutronPublicInterface:
502 description: What interface to bridge onto br-ex for network nodes.
504 NeutronPublicInterfaceTag:
507 VLAN tag for creating a public VLAN. The tag will be used to
508 create an access port on the exterior bridge for each control plane node,
509 and that port will be given the IP address returned by neutron from the
510 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
511 overcloud.yaml to include the deployment of VLAN ports to the control
514 NeutronPublicInterfaceDefaultRoute:
516 description: A custom default route for the NeutronPublicInterface.
518 NeutronPublicInterfaceIP:
520 description: A custom IP address to put onto the NeutronPublicInterface.
522 NeutronPublicInterfaceRawDevice:
524 description: If set, the public interface is a vlan with this device as the raw device.
528 The default MTU for tenant networks. For VXLAN/GRE tunneling, this should
529 be at least 50 bytes smaller than the MTU on the physical network. This
530 value will be used to set the MTU on the virtual Ethernet device.
531 This number is related to the value of NeutronDnsmasqOptions, since that
532 will determine the MTU that is assigned to the VM host through DHCP.
538 The tunnel types for the Neutron tenant network.
539 type: comma_delimited_list
540 NeutronTunnelIdRanges:
542 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
543 of GRE tunnel IDs that are available for tenant network allocation
544 default: ["1:4094", ]
545 type: comma_delimited_list
548 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
549 of VXLAN VNI IDs that are available for tenant network allocation
550 default: ["1:4094", ]
551 type: comma_delimited_list
552 NeutronPluginExtensions:
553 default: "qos,port_security"
555 Comma-separated list of extensions enabled for the Neutron plugin.
556 type: comma_delimited_list
557 NeutronAgentExtensions:
560 Comma-separated list of extensions enabled for the Neutron agents.
561 type: comma_delimited_list
567 description: Number of workers for Neutron service.
572 Whether to create cron job for purging soft deleted rows in Nova database.
576 description: Enable IPv6 features in Nova
579 description: The password for the nova service and db account, used by nova-api.
584 description: Number of workers for Nova service.
588 description: Should MongoDb journaling be disabled
592 description: Enable IPv6 if Mongo DB VIP is IPv6
596 description: Comma-separated list of ntp servers
597 type: comma_delimited_list
600 description: The password for the 'pcsd' user.
602 PublicVirtualInterface:
605 Specifies the interface where the public-facing virtual ip will be assigned.
606 This should be int_public when a VLAN is being used.
610 default: '' # Has to be here because of the ignored empty value bug
613 default: '' # Has to be here because of the ignored empty value bug
616 description: The password for RabbitMQ
621 description: The username for RabbitMQ
626 Rabbit client subscriber parameter to specify
627 an SSL connection to the RabbitMQ host.
631 description: Set rabbit subscriber port, change this if using SSL
635 description: Configures RabbitMQ FD limit
639 description: Enable IPv6 in RabbitMQ
643 description: The password to access the Redis service
647 default: '' # Has to be here because of the ignored empty value bug
650 default: '' # Has to be here because of the ignored empty value bug
651 description: An IP address which is wrapped in brackets in case of IPv6
652 SnmpdReadonlyUserName:
653 default: ro_snmp_user
654 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
656 SnmpdReadonlyUserPassword:
657 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
661 description: A random string to be used as a salt when hashing to determine mappings
667 description: Value of mount_check in Swift account/container/object -server.conf
672 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
675 description: Partition Power to use when building Swift rings
679 description: Whether to manage Swift rings or not
682 description: The password for the swift service account, used by the swift proxy
692 description: How many replicas to use in the swift rings.
695 description: Number of workers for Swift service.
699 description: The timezone to be set on controller nodes.
701 UpgradeLevelNovaCompute:
703 description: Nova Compute upgrade level
705 VirtualIP: # DEPRECATED: use per service settings instead
707 default: '' # Has to be here because of the ignored empty value bug
717 GlanceRegistryVirtualIP:
726 KeystoneAdminApiVirtualIP:
729 KeystonePublicApiVirtualIP:
735 EnablePackageInstall:
737 description: Set to true to enable package installation via Puppet
741 description: Mapping of service_name -> network name. Typically set
742 via parameter_defaults in the resource registry.
746 description: Mapping of service endpoint -> protocol. Typically set
747 via parameter_defaults in the resource registry.
753 Setting to a previously unused value during stack-update will trigger
754 package update on all nodes
757 default: '' # Defaults to Heat created hostname
761 description: Optional mapping to override hostnames
762 NetworkDeploymentActions:
763 type: comma_delimited_list
765 Heat action when to apply network configuration changes
770 SoftwareConfigTransport:
771 default: POLL_SERVER_CFN
773 How the server should receive the metadata required for software configuration.
776 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
781 The DNS domain used for the hosts. This should match the dhcp_domain
782 configured in the Undercloud neutron. Defaults to localdomain.
786 Extra properties or metadata passed to Nova for the created nodes in
787 the overcloud. It's accessible via the Nova metadata API.
791 description: Optional scheduler hints to pass to nova
793 ServiceConfigSettings:
800 type: OS::Nova::Server
802 image: {get_param: Image}
803 image_update_policy: {get_param: ImageUpdatePolicy}
804 flavor: {get_param: Flavor}
805 key_name: {get_param: KeyName}
808 user_data_format: SOFTWARE_CONFIG
809 user_data: {get_resource: UserData}
812 template: {get_param: Hostname}
813 params: {get_param: HostnameMap}
814 software_config_transport: {get_param: SoftwareConfigTransport}
815 metadata: {get_param: ServerMetadata}
816 scheduler_hints: {get_param: SchedulerHints}
818 # Combine the NodeAdminUserData and NodeUserData mime archives
820 type: OS::Heat::MultipartMime
823 - config: {get_resource: NodeAdminUserData}
825 - config: {get_resource: NodeUserData}
828 # Creates the "heat-admin" user if configured via the environment
829 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
831 type: OS::TripleO::NodeAdminUserData
833 # For optional operator additional userdata
834 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
836 type: OS::TripleO::NodeUserData
839 type: OS::TripleO::Controller::Ports::ExternalPort
841 IPPool: {get_param: ControllerIPs}
842 NodeIndex: {get_param: NodeIndex}
843 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
846 type: OS::TripleO::Controller::Ports::InternalApiPort
848 IPPool: {get_param: ControllerIPs}
849 NodeIndex: {get_param: NodeIndex}
850 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
853 type: OS::TripleO::Controller::Ports::StoragePort
855 IPPool: {get_param: ControllerIPs}
856 NodeIndex: {get_param: NodeIndex}
857 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
860 type: OS::TripleO::Controller::Ports::StorageMgmtPort
862 IPPool: {get_param: ControllerIPs}
863 NodeIndex: {get_param: NodeIndex}
864 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
867 type: OS::TripleO::Controller::Ports::TenantPort
869 IPPool: {get_param: ControllerIPs}
870 NodeIndex: {get_param: NodeIndex}
871 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
874 type: OS::TripleO::Controller::Ports::ManagementPort
876 IPPool: {get_param: ControllerIPs}
877 NodeIndex: {get_param: NodeIndex}
878 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
881 type: OS::TripleO::Network::Ports::NetIpMap
883 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
884 ExternalIp: {get_attr: [ExternalPort, ip_address]}
885 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
886 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
887 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
888 StorageIp: {get_attr: [StoragePort, ip_address]}
889 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
890 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
891 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
892 TenantIp: {get_attr: [TenantPort, ip_address]}
893 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
894 ManagementIp: {get_attr: [ManagementPort, ip_address]}
895 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
898 type: OS::TripleO::Network::Ports::NetIpSubnetMap
900 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
901 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
902 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
903 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
904 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
905 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
906 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
909 type: OS::TripleO::Controller::Net::SoftwareConfig
911 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
912 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
913 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
914 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
915 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
916 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
917 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
920 type: OS::TripleO::SoftwareDeployment
922 name: NetworkDeployment
923 config: {get_resource: NetworkConfig}
924 server: {get_resource: Controller}
925 actions: {get_param: NetworkDeploymentActions}
928 interface_name: {get_param: NeutronPublicInterface}
930 # Resource for site-specific injection of root certificate
932 depends_on: NetworkDeployment
933 type: OS::TripleO::NodeTLSCAData
935 server: {get_resource: Controller}
937 # Resource for site-specific passing of private keys/certificates
939 depends_on: NodeTLSCAData
940 type: OS::TripleO::NodeTLSData
942 server: {get_resource: Controller}
943 NodeIndex: {get_param: NodeIndex}
946 ControllerDeployment:
947 type: OS::TripleO::SoftwareDeployment
948 depends_on: NetworkDeployment
950 name: ControllerDeployment
951 config: {get_resource: ControllerConfig}
952 server: {get_resource: Controller}
954 bootstack_nodeid: {get_attr: [Controller, name]}
955 ceilometer_workers: {get_param: CeilometerWorkers}
956 cinder_workers: {get_param: CinderWorkers}
957 glance_workers: {get_param: GlanceWorkers}
958 heat_workers: {get_param: HeatWorkers}
959 keystone_workers: {get_param: KeystoneWorkers}
960 nova_workers: {get_param: NovaWorkers}
961 neutron_workers: {get_param: NeutronWorkers}
962 swift_workers: {get_param: SwiftWorkers}
963 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
964 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
965 neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
966 haproxy_log_address: {get_param: HAProxySyslogAddress}
967 haproxy_stats_password: {get_param: HAProxyStatsPassword}
968 haproxy_stats_user: {get_param: HAProxyStatsUser}
969 heat.watch_server_url:
973 - {get_param: HeatApiVirtualIPUri}
975 heat.metadata_server_url:
979 - {get_param: HeatApiVirtualIPUri}
981 heat.waitcondition_server_url:
985 - {get_param: HeatApiVirtualIPUri}
986 - ':8000/v1/waitcondition'
987 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
988 heat_enable_db_purge: {get_param: HeatEnableDBPurge}
989 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
990 horizon_secret: {get_param: HorizonSecret}
991 admin_email: {get_param: AdminEmail}
992 admin_password: {get_param: AdminPassword}
993 admin_token: {get_param: AdminToken}
994 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
995 debug: {get_param: Debug}
996 cinder_enable_db_purge: {get_param: CinderEnableDBPurge}
997 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
998 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
999 cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
1004 SERVERS: {get_param: CinderNfsServers}
1005 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
1006 cinder_password: {get_param: CinderPassword}
1007 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
1008 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
1009 cinder_backend_config: {get_param: CinderBackendConfig}
1013 - - 'mysql+pymysql://cinder:'
1014 - {get_param: CinderPassword}
1016 - {get_param: MysqlVirtualIPUri}
1018 glance_port: {get_param: [EndpointMap, GlanceInternal, port]}
1019 glance_password: {get_param: GlancePassword}
1020 glance_backend: {get_param: GlanceBackend}
1021 glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice}
1022 glance_file_pcmk_fstype: {get_param: GlanceFilePcmkFstype}
1023 glance_file_pcmk_manage: {get_param: GlanceFilePcmkManage}
1024 glance_file_pcmk_options: {get_param: GlanceFilePcmkOptions}
1025 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
1026 glance_log_file: {get_param: GlanceLogFile}
1030 - - 'mysql+pymysql://glance:'
1031 - {get_param: GlancePassword}
1033 - {get_param: MysqlVirtualIPUri}
1035 heat_password: {get_param: HeatPassword}
1036 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
1040 - - 'mysql+pymysql://heat:'
1041 - {get_param: HeatPassword}
1043 - {get_param: MysqlVirtualIPUri}
1045 keystone_ca_certificate: {get_param: KeystoneCACertificate}
1046 keystone_signing_key: {get_param: KeystoneSigningKey}
1047 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
1048 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
1049 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
1050 keystone_notification_driver: {get_param: KeystoneNotificationDriver}
1051 keystone_notification_format: {get_param: KeystoneNotificationFormat}
1052 keystone_enable_db_purge: {get_param: KeystoneEnableDBPurge}
1056 - - 'mysql+pymysql://keystone:'
1057 - {get_param: AdminToken}
1059 - {get_param: MysqlVirtualIPUri}
1061 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
1062 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
1063 keystone_public_url: { get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
1064 keystone_internal_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
1065 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
1066 enable_fencing: {get_param: EnableFencing}
1067 enable_galera: {get_param: EnableGalera}
1068 enable_load_balancer: {get_param: EnableLoadBalancer}
1069 enable_ceph_storage: {get_param: EnableCephStorage}
1070 enable_swift_storage: {get_param: EnableSwiftStorage}
1071 manage_firewall: {get_param: ManageFirewall}
1072 purge_firewall_rules: {get_param: PurgeFirewallRules}
1073 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
1074 mysql_max_connections: {get_param: MysqlMaxConnections}
1075 mysql_root_password: {get_param: MysqlRootPassword}
1078 template: tripleo-CLUSTER
1080 CLUSTER: {get_param: MysqlClusterUniquePart}
1081 neutron_flat_networks:
1085 NETWORKS: {get_param: NeutronFlatNetworks}
1086 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
1087 neutron_agent_mode: {get_param: NeutronAgentMode}
1088 neutron_router_distributed: {get_param: NeutronDVR}
1089 neutron_core_plugin: {get_param: NeutronCorePlugin}
1090 neutron_service_plugins:
1094 PLUGINS: {get_param: NeutronServicePlugins}
1095 neutron_type_drivers:
1099 DRIVERS: {get_param: NeutronTypeDrivers}
1100 neutron_enable_dhcp_agent: {get_param: NeutronEnableDHCPAgent}
1101 neutron_enable_l3_agent: {get_param: NeutronEnableL3Agent}
1102 neutron_enable_metadata_agent: {get_param: NeutronEnableMetadataAgent}
1103 neutron_enable_ovs_agent: {get_param: NeutronEnableOVSAgent}
1104 neutron_mechanism_drivers:
1106 template: MECHANISMS
1108 MECHANISMS: {get_param: NeutronMechanismDrivers}
1109 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
1110 neutron_l3_ha: {get_param: NeutronL3HA}
1111 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
1112 neutron_network_vlan_ranges:
1116 RANGES: {get_param: NeutronNetworkVLANRanges}
1117 neutron_bridge_mappings:
1121 MAPPINGS: {get_param: NeutronBridgeMappings}
1122 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
1123 neutron_public_interface: {get_param: NeutronPublicInterface}
1124 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
1125 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
1126 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
1127 neutron_tunnel_id_ranges:
1131 RANGES: {get_param: NeutronTunnelIdRanges}
1136 RANGES: {get_param: NeutronVniRanges}
1137 neutron_tenant_network_types:
1141 TYPES: {get_param: NeutronNetworkType}
1142 neutron_tunnel_types:
1146 TYPES: {get_param: NeutronTunnelTypes}
1147 neutron_plugin_extensions:
1149 template: PLUGIN_EXTENSIONS
1151 PLUGIN_EXTENSIONS: {get_param: NeutronPluginExtensions}
1152 neutron_agent_extensions:
1154 template: AGENT_EXTENSIONS
1156 AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
1157 neutron_password: {get_param: NeutronPassword}
1158 neutron_tenant_mtu: {get_param: NeutronTenantMtu}
1159 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
1163 - - 'mysql+pymysql://neutron:'
1164 - {get_param: NeutronPassword}
1166 - {get_param: MysqlVirtualIPUri}
1167 - '/ovs_neutron?charset=utf8'
1168 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
1169 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
1170 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
1171 neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
1172 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
1173 ceilometer_backend: {get_param: CeilometerBackend}
1174 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
1175 ceilometer_password: {get_param: CeilometerPassword}
1176 ceilometer_store_events: {get_param: CeilometerStoreEvents}
1177 aodh_password: {get_param: AodhPassword}
1178 ceilometer_coordination_url:
1182 - {get_param: RedisPassword}
1184 - {get_param: RedisVirtualIPUri}
1189 - - 'mysql+pymysql://ceilometer:'
1190 - {get_param: CeilometerPassword}
1192 - {get_param: MysqlVirtualIPUri}
1194 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
1195 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
1196 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
1197 nova_ipv6: {get_param: NovaIPv6}
1198 corosync_ipv6: {get_param: CorosyncIPv6}
1199 memcached_ipv6: {get_param: MemcachedIPv6}
1200 nova_password: {get_param: NovaPassword}
1204 - - 'mysql+pymysql://nova:'
1205 - {get_param: NovaPassword}
1207 - {get_param: MysqlVirtualIPUri}
1212 - - 'mysql+pymysql://nova_api:'
1213 - {get_param: NovaPassword}
1215 - {get_param: MysqlVirtualIPUri}
1217 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
1218 instance_name_template: {get_param: InstanceNameTemplate}
1219 fencing_config: {get_param: FencingConfig}
1220 pcsd_password: {get_param: PcsdPassword}
1221 rabbit_username: {get_param: RabbitUserName}
1222 rabbit_password: {get_param: RabbitPassword}
1223 rabbit_cookie: {get_param: RabbitCookie}
1224 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
1225 rabbit_client_port: {get_param: RabbitClientPort}
1226 rabbit_ipv6: {get_param: RabbitIPv6}
1227 rabbit_fd_limit: {get_param: RabbitFDLimit}
1228 mongodb_no_journal: {get_param: MongoDbNoJournal}
1229 mongodb_ipv6: {get_param: MongoDbIPv6}
1230 ntp_servers: {get_param: NtpServer}
1231 timezone: {get_param: TimeZone}
1232 control_virtual_interface: {get_param: ControlVirtualInterface}
1233 public_virtual_interface: {get_param: PublicVirtualInterface}
1234 swift_hash_suffix: {get_param: SwiftHashSuffix}
1235 swift_password: {get_param: SwiftPassword}
1236 swift_part_power: {get_param: SwiftPartPower}
1237 swift_ring_build: {get_param: SwiftRingBuild}
1238 swift_replicas: {get_param: SwiftReplicas}
1239 swift_min_part_hours: {get_param: SwiftMinPartHours}
1240 swift_mount_check: {get_param: SwiftMountCheck}
1241 enable_package_install: {get_param: EnablePackageInstall}
1242 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
1243 sahara_password: {get_param: SaharaPassword}
1247 - - 'mysql://sahara:'
1248 - {get_param: SaharaPassword}
1250 - {get_param: MysqlVirtualIPUri}
1252 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
1253 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1254 cinder_iscsi_network:
1258 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
1259 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
1260 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
1261 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
1262 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
1263 glance_registry_host: {get_param: GlanceRegistryVirtualIP}
1264 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
1265 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
1266 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
1267 keystone_region: {get_param: KeystoneRegion}
1268 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
1269 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
1270 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
1271 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
1272 aodh_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]}
1273 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
1274 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
1275 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
1276 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
1277 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
1278 redis_password: {get_param: RedisPassword}
1279 redis_vip: {get_param: RedisVirtualIP}
1280 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
1281 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1282 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
1283 mysql_virtual_ip: {get_param: MysqlVirtualIP}
1284 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
1285 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1286 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1288 # Map heat metadata into hiera datafiles
1290 type: OS::Heat::StructuredConfig
1292 group: os-apply-config
1297 - heat_config_%{::deploy_config_name}
1298 - controller_extraconfig
1304 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
1305 - ceph_cluster # provided by CephClusterConfig
1307 - bootstrap_node # provided by BootstrapNodeConfig
1308 - all_nodes # provided by allNodesConfig
1309 - vip_data # provided by vip-config
1312 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
1313 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
1314 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
1315 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
1316 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
1317 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
1318 - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
1319 - midonet_data #Optionally provided by AllNodesExtraConfig
1320 - neutron_opencontrail_data # Optionally provided by ControllerExtraConfigPre
1321 - neutron_plumgrid_data # Optionally provided by ControllerExtraConfigPre
1324 mapped_data: {get_param: ServiceConfigSettings}
1325 controller_extraconfig:
1326 mapped_data: {get_param: ControllerExtraConfig}
1328 mapped_data: {get_param: ExtraConfig}
1330 raw_data: {get_file: hieradata/common.yaml}
1332 raw_data: {get_file: hieradata/ceph.yaml}
1334 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
1335 ceph::profile::params::public_network: {get_input: ceph_public_network}
1336 ceph::profile::params::public_addr: {get_input: ceph_public_ip}
1338 raw_data: {get_file: hieradata/database.yaml}
1340 raw_data: {get_file: hieradata/object.yaml}
1342 raw_data: {get_file: hieradata/controller.yaml}
1343 mapped_data: # data supplied directly to this deployment configuration, etc
1344 bootstack_nodeid: {get_input: bootstack_nodeid}
1347 enable_fencing: {get_input: enable_fencing}
1348 enable_load_balancer: {get_input: enable_load_balancer}
1349 hacluster_pwd: {get_input: pcsd_password}
1350 corosync_ipv6: {get_input: corosync_ipv6}
1351 tripleo::fencing::config: {get_input: fencing_config}
1354 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
1355 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
1356 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
1357 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
1358 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
1359 swift::proxy::authtoken::admin_password: {get_input: swift_password}
1360 swift::proxy::workers: {get_input: swift_workers}
1361 tripleo::ringbuilder::build_ring: { get_input: swift_ring_build }
1362 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
1363 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
1364 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
1365 swift_mount_check: {get_input: swift_mount_check}
1368 cinder_enable_db_purge: {get_input: cinder_enable_db_purge}
1369 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
1370 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
1371 cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
1372 cinder_nfs_servers: {get_input: cinder_nfs_servers}
1373 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
1374 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
1375 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
1376 cinder::database_connection: {get_input: cinder_dsn}
1377 cinder::api::keystone_password: {get_input: cinder_password}
1378 cinder::api::auth_uri: {get_input: keystone_auth_uri}
1379 cinder::api::identity_uri: {get_input: keystone_identity_uri}
1380 cinder::api::bind_host: {get_input: cinder_api_network}
1381 cinder::rabbit_userid: {get_input: rabbit_username}
1382 cinder::rabbit_password: {get_input: rabbit_password}
1383 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1384 cinder::rabbit_port: {get_input: rabbit_client_port}
1385 cinder::debug: {get_input: debug}
1386 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
1387 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
1388 cinder_backend_config: {get_input: CinderBackendConfig}
1389 cinder::db::mysql::password: {get_input: cinder_password}
1392 glance::api::bind_port: {get_input: glance_port}
1393 glance::api::bind_host: {get_input: glance_api_network}
1394 glance::api::auth_uri: {get_input: keystone_auth_uri}
1395 glance::api::identity_uri: {get_input: keystone_identity_uri}
1396 glance::api::registry_host: {get_input: glance_registry_host}
1397 glance::api::keystone_password: {get_input: glance_password}
1398 glance::api::debug: {get_input: debug}
1399 glance::api::workers: {get_input: glance_workers}
1400 glance_notifier_strategy: {get_input: glance_notifier_strategy}
1401 glance_log_file: {get_input: glance_log_file}
1402 glance_log_file: {get_input: glance_log_file}
1403 glance::api::database_connection: {get_input: glance_dsn}
1404 glance::registry::keystone_password: {get_input: glance_password}
1405 glance::registry::database_connection: {get_input: glance_dsn}
1406 glance::registry::bind_host: {get_input: glance_registry_network}
1407 glance::registry::auth_uri: {get_input: keystone_auth_uri}
1408 glance::registry::identity_uri: {get_input: keystone_identity_uri}
1409 glance::registry::debug: {get_input: debug}
1410 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_uri}
1411 glance::registry::workers: {get_input: glance_workers}
1412 glance::backend::swift::swift_store_user: service:glance
1413 glance::backend::swift::swift_store_key: {get_input: glance_password}
1414 glance_backend: {get_input: glance_backend}
1415 glance::db::mysql::password: {get_input: glance_password}
1416 glance_file_pcmk_device: {get_input: glance_file_pcmk_device}
1417 glance_file_pcmk_fstype: {get_input: glance_file_pcmk_fstype}
1418 glance_file_pcmk_manage: {get_input: glance_file_pcmk_manage}
1419 glance_file_pcmk_options: {get_input: glance_file_pcmk_options}
1420 glance::notify::rabbitmq::rabbit_userid: {get_input: rabbit_username}
1421 glance::notify::rabbitmq::rabbit_password: {get_input: rabbit_password}
1422 glance::notify::rabbitmq::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1425 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
1426 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
1427 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
1428 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
1429 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
1430 heat::rabbit_userid: {get_input: rabbit_username}
1431 heat::rabbit_password: {get_input: rabbit_password}
1432 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1433 heat::rabbit_port: {get_input: rabbit_client_port}
1434 heat::auth_uri: {get_input: keystone_auth_uri}
1435 heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
1436 heat::identity_uri: {get_input: keystone_identity_uri}
1437 heat::keystone_password: {get_input: heat_password}
1438 heat::api::bind_host: {get_input: heat_api_network}
1439 heat::api::workers: {get_input: heat_workers}
1440 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
1441 heat::api_cloudwatch::workers: {get_input: heat_workers}
1442 heat::api_cfn::bind_host: {get_input: heat_api_network}
1443 heat::api_cfn::workers: {get_input: heat_workers}
1444 heat::database_connection: {get_input: heat_dsn}
1445 heat::debug: {get_input: debug}
1446 heat::db::mysql::password: {get_input: heat_password}
1447 heat_enable_db_purge: {get_input: heat_enable_db_purge}
1448 heat::keystone::domain::domain_password: {get_input: heat_stack_domain_admin_password}
1451 keystone::admin_token: {get_input: admin_token}
1452 keystone::roles::admin::password: {get_input: admin_password}
1453 keystone_ca_certificate: {get_input: keystone_ca_certificate}
1454 keystone_signing_key: {get_input: keystone_signing_key}
1455 keystone_signing_certificate: {get_input: keystone_signing_certificate}
1456 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
1457 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
1458 keystone::database_connection: {get_input: keystone_dsn}
1459 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
1460 keystone::public_bind_host: {get_input: keystone_public_api_network}
1461 keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
1462 keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
1463 keystone::debug: {get_input: debug}
1464 keystone::db::mysql::password: {get_input: admin_token}
1465 keystone::rabbit_userid: {get_input: rabbit_username}
1466 keystone::rabbit_password: {get_input: rabbit_password}
1467 keystone::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1468 keystone::rabbit_port: {get_input: rabbit_client_port}
1469 keystone::notification_driver: {get_input: keystone_notification_driver}
1470 keystone::notification_format: {get_input: keystone_notification_format}
1471 keystone::roles::admin::email: {get_input: admin_email}
1472 keystone::roles::admin::password: {get_input: admin_password}
1473 keystone::endpoint::public_url: {get_input: keystone_public_url}
1474 keystone::endpoint::internal_url: {get_input: keystone_internal_url}
1475 keystone::endpoint::admin_url: {get_input: keystone_identity_uri}
1476 keystone::endpoint::region: {get_input: keystone_region}
1477 keystone::admin_workers: {get_input: keystone_workers}
1478 keystone::public_workers: {get_input: keystone_workers}
1479 keystone_enable_db_purge: {get_input: keystone_enable_db_purge}
1480 keystone::public_endpoint: {get_input: keystone_public_url}
1482 mongodb::server::bind_ip: {get_input: mongo_db_network}
1483 mongodb::server::nojournal: {get_input: mongodb_no_journal}
1484 mongodb::server::ipv6: {get_input: mongodb_ipv6}
1486 admin_password: {get_input: admin_password}
1487 enable_galera: {get_input: enable_galera}
1488 enable_ceph_storage: {get_input: enable_ceph_storage}
1489 enable_swift_storage: {get_input: enable_swift_storage}
1490 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
1491 mysql_max_connections: {get_input: mysql_max_connections}
1492 mysql::server::root_password: {get_input: mysql_root_password}
1493 mysql_cluster_name: {get_input: mysql_cluster_name}
1494 mysql_bind_host: {get_input: mysql_network}
1495 mysql_virtual_ip: {get_input: mysql_virtual_ip}
1498 neutron::bind_host: {get_input: neutron_api_network}
1499 neutron::rabbit_password: {get_input: rabbit_password}
1500 neutron::rabbit_user: {get_input: rabbit_username}
1501 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1502 neutron::rabbit_port: {get_input: rabbit_client_port}
1503 neutron::debug: {get_input: debug}
1504 neutron::server::auth_uri: {get_input: keystone_auth_uri}
1505 neutron::server::identity_uri: {get_input: keystone_identity_uri}
1506 neutron::server::database_connection: {get_input: neutron_dsn}
1507 neutron::server::api_workers: {get_input: neutron_workers}
1508 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
1509 neutron::network_device_mtu: {get_input: neutron_tenant_mtu}
1510 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
1511 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
1512 neutron::agents::dhcp::enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata}
1513 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
1514 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
1515 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1516 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
1517 neutron::agents::metadata::metadata_workers: {get_input: neutron_workers}
1518 neutron_agent_mode: {get_input: neutron_agent_mode}
1519 neutron_router_distributed: {get_input: neutron_router_distributed}
1520 neutron::core_plugin: {get_input: neutron_core_plugin}
1521 neutron::service_plugins: {get_input: neutron_service_plugins}
1522 neutron::enable_dhcp_agent: {get_input: neutron_enable_dhcp_agent}
1523 neutron::enable_l3_agent: {get_input: neutron_enable_l3_agent}
1524 neutron::enable_metadata_agent: {get_input: neutron_enable_metadata_agent}
1525 neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent}
1526 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
1527 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
1528 neutron::plugins::ml2::extension_drivers: {get_input: neutron_plugin_extensions}
1529 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
1530 neutron::server::l3_ha: {get_input: neutron_l3_ha}
1531 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
1532 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
1533 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
1534 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
1535 neutron::agents::ml2::ovs::bridge_mappings: {get_input: neutron_bridge_mappings}
1536 neutron_public_interface: {get_input: neutron_public_interface}
1537 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
1538 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
1539 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
1540 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
1541 neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types}
1542 neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions}
1543 neutron::server::auth_password: {get_input: neutron_password}
1544 neutron::agents::metadata::auth_password: {get_input: neutron_password}
1545 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
1546 neutron_dsn: {get_input: neutron_dsn}
1547 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1548 neutron::db::mysql::password: {get_input: neutron_password}
1549 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
1550 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
1551 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
1552 neutron::keystone::auth::password: {get_input: neutron_password }
1553 neutron::keystone::auth::region: {get_input: keystone_region}
1554 neutron::server::notifications::nova_url: {get_input: nova_internal_url}
1555 neutron::server::notifications::auth_url: {get_input: neutron_auth_url}
1556 neutron::server::notifications::tenant_name: 'service'
1557 neutron::server::notifications::project_name: 'service'
1558 neutron::server::notifications::password: {get_input: nova_password}
1561 ceilometer_backend: {get_input: ceilometer_backend}
1562 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1563 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1564 ceilometer::rabbit_userid: {get_input: rabbit_username}
1565 ceilometer::rabbit_password: {get_input: rabbit_password}
1566 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1567 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1568 ceilometer::debug: {get_input: debug}
1569 ceilometer::api::host: {get_input: ceilometer_api_network}
1570 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1571 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1572 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1573 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1574 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
1575 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1576 ceilometer::agent::notification::store_events: {get_input: ceilometer_store_events}
1577 ceilometer::db::mysql::password: {get_input: ceilometer_password}
1578 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1579 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1582 aodh::rabbit_userid: {get_input: rabbit_username}
1583 aodh::rabbit_password: {get_input: rabbit_password}
1584 aodh::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1585 aodh::rabbit_port: {get_input: rabbit_client_port}
1586 aodh::debug: {get_input: debug}
1587 aodh::wsgi::apache::ssl: false
1588 aodh::wsgi::apache::bind_host: {get_input: aodh_api_network}
1589 aodh::api::service_name: 'httpd'
1590 aodh::api::host: {get_input: aodh_api_network}
1591 aodh::api::keystone_password: {get_input: aodh_password}
1592 aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1593 aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1594 aodh::auth::auth_password: {get_input: aodh_password}
1595 aodh::db::mysql::password: {get_input: aodh_password}
1596 # for a migration path from ceilometer-alarm to aodh, we use the same database & coordination
1597 aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url}
1600 nova::rabbit_userid: {get_input: rabbit_username}
1601 nova::rabbit_password: {get_input: rabbit_password}
1602 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1603 nova::rabbit_port: {get_input: rabbit_client_port}
1604 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
1605 nova::debug: {get_input: debug}
1606 nova::use_ipv6: {get_input: nova_ipv6}
1607 nova::api::auth_uri: {get_input: keystone_auth_uri}
1608 nova::api::identity_uri: {get_input: keystone_identity_uri}
1609 nova::api::api_bind_address: {get_input: nova_api_network}
1610 nova::api::metadata_listen: {get_input: nova_metadata_network}
1611 nova::api::admin_password: {get_input: nova_password}
1612 nova::api::osapi_compute_workers: {get_input: nova_workers}
1613 nova::api::ec2_workers: {get_input: nova_workers}
1614 nova::api::metadata_workers: {get_input: nova_workers}
1615 nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu}
1616 nova::database_connection: {get_input: nova_dsn}
1617 nova::api_database_connection: {get_input: nova_api_dsn}
1618 nova::glance_api_servers: {get_input: glance_api_servers}
1619 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1620 nova::api::instance_name_template: {get_input: instance_name_template}
1621 nova::network::neutron::neutron_password: {get_input: neutron_password}
1622 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1623 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
1624 nova::vncproxy::host: {get_input: nova_api_network}
1625 nova::db::mysql::password: {get_input: nova_password}
1626 nova::db::mysql_api::password: {get_input: nova_password}
1627 nova_enable_db_purge: {get_input: nova_enable_db_purge}
1630 apache::ip: {get_input: horizon_network}
1631 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1632 horizon::django_debug: {get_input: debug}
1633 horizon::secret_key: {get_input: horizon_secret}
1634 horizon::bind_address: {get_input: horizon_network}
1635 horizon::keystone_url: {get_input: keystone_auth_uri}
1638 sahara::host: {get_input: sahara_api_network}
1646 sahara::admin_password: {get_input: sahara_password}
1647 sahara::auth_uri: {get_input: keystone_auth_uri}
1648 sahara::admin_user: sahara
1649 sahara::identity_uri: {get_input: keystone_identity_uri}
1650 sahara::use_neutron: true
1651 sahara::database_connection: {get_input: sahara_dsn}
1652 sahara::debug: {get_input: debug}
1653 sahara::rpc_backend: rabbit
1654 sahara::rabbit_userid: {get_input: rabbit_username}
1655 sahara::rabbit_password: {get_input: rabbit_password}
1656 sahara::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1657 sahara::rabbit_port: {get_input: rabbit_client_port}
1658 sahara::db::mysql::password: {get_input: sahara_password}
1661 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1662 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1663 rabbitmq::file_limit: {get_input: rabbit_fd_limit}
1664 rabbitmq::default_user: {get_input: rabbit_username}
1665 rabbitmq::default_pass: {get_input: rabbit_password}
1666 rabbit_ipv6: {get_input: rabbit_ipv6}
1668 redis::bind: {get_input: redis_network}
1669 redis::requirepass: {get_input: redis_password}
1670 redis::masterauth: {get_input: redis_password}
1671 redis::sentinel_auth_pass: {get_input: redis_password}
1672 redis_vip: {get_input: redis_vip}
1674 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1675 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1677 memcached_ipv6: {get_input: memcached_ipv6}
1678 memcached::listen_ip: {get_input: memcached_network}
1679 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1680 ntp::servers: {get_input: ntp_servers}
1681 timezone::timezone: {get_input: timezone}
1682 control_virtual_interface: {get_input: control_virtual_interface}
1683 public_virtual_interface: {get_input: public_virtual_interface}
1684 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1685 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1686 tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address}
1687 tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1688 tripleo::loadbalancer::haproxy_stats_user: {get_input: haproxy_stats_user}
1689 tripleo::loadbalancer::haproxy_stats_password: {get_input: haproxy_stats_password}
1690 tripleo::loadbalancer::redis_password: {get_input: redis_password}
1691 tripleo::packages::enable_install: {get_input: enable_package_install}
1692 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1694 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1695 ControllerExtraConfigPre:
1696 depends_on: ControllerDeployment
1697 type: OS::TripleO::ControllerExtraConfigPre
1699 server: {get_resource: Controller}
1701 # Hook for site-specific additional pre-deployment config,
1702 # applying to all nodes, e.g node registration/unregistration
1704 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1705 type: OS::TripleO::NodeExtraConfig
1707 server: {get_resource: Controller}
1710 type: OS::TripleO::Tasks::PackageUpdate
1713 type: OS::Heat::SoftwareDeployment
1715 name: UpdateDeployment
1716 config: {get_resource: UpdateConfig}
1717 server: {get_resource: Controller}
1720 get_param: UpdateIdentifier
1724 description: IP address of the server in the ctlplane network
1725 value: {get_attr: [Controller, networks, ctlplane, 0]}
1726 external_ip_address:
1727 description: IP address of the server in the external network
1728 value: {get_attr: [ExternalPort, ip_address]}
1729 internal_api_ip_address:
1730 description: IP address of the server in the internal_api network
1731 value: {get_attr: [InternalApiPort, ip_address]}
1733 description: IP address of the server in the storage network
1734 value: {get_attr: [StoragePort, ip_address]}
1735 storage_mgmt_ip_address:
1736 description: IP address of the server in the storage_mgmt network
1737 value: {get_attr: [StorageMgmtPort, ip_address]}
1739 description: IP address of the server in the tenant network
1740 value: {get_attr: [TenantPort, ip_address]}
1741 management_ip_address:
1742 description: IP address of the server in the management network
1743 value: {get_attr: [ManagementPort, ip_address]}
1745 description: Hostname of the server
1746 value: {get_attr: [Controller, name]}
1749 Node object in the format {ip: ..., name: ...} format that the corosync
1752 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1753 name: {get_attr: [Controller, name]}
1756 Server's IP address and hostname in the /etc/hosts format
1760 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
1761 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
1762 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
1763 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
1764 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
1765 TENANTIP TENANTHOST.DOMAIN TENANTHOST
1766 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
1768 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1769 DOMAIN: {get_param: CloudDomain}
1770 PRIMARYHOST: {get_attr: [Controller, name]}
1771 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
1775 - - {get_attr: [Controller, name]}
1777 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
1781 - - {get_attr: [Controller, name]}
1783 STORAGEIP: {get_attr: [StoragePort, ip_address]}
1787 - - {get_attr: [Controller, name]}
1789 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
1793 - - {get_attr: [Controller, name]}
1795 TENANTIP: {get_attr: [TenantPort, ip_address]}
1799 - - {get_attr: [Controller, name]}
1801 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
1805 - - {get_attr: [Controller, name]}
1807 nova_server_resource:
1808 description: Heat resource handle for the Nova compute server
1810 {get_resource: Controller}
1812 description: Swift device formatted for swift-ring-builder
1815 template: 'r1z1-IP:%PORT%/d1'
1817 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1818 swift_proxy_memcache:
1819 description: Swift proxy-memcache value
1822 template: "IP:11211"
1824 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1826 description: identifier which changes if the controller configuration may need re-applying
1830 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1831 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1832 - {get_attr: [NodeTLSData, deploy_stdout]}
1833 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1834 - {get_param: UpdateIdentifier}
1835 tls_key_modulus_md5:
1836 description: MD5 checksum of the TLS Key Modulus
1837 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1838 tls_cert_modulus_md5:
1839 description: MD5 checksum of the TLS Certificate Modulus
1840 value: {get_attr: [NodeTLSData, cert_modulus_md5]}