1 heat_template_version: 2016-04-08
4 OpenStack controller node configured by Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
12 description: The password for the aodh services.
15 controllerExtraConfig:
18 Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
20 ControllerExtraConfig:
23 Controller specific hiera configuration data to inject into the cluster.
28 A network mapped list of IPs to assign to Controllers in the following form:
30 "internal_api": ["a.b.c.d", "e.f.g.h"],
34 ControlVirtualInterface:
36 description: Interface where virtual ip will be assigned.
40 description: Enable IPv6 in Corosync
44 description: Set to True to enable debugging on all services.
48 description: Whether to enable fencing in Pacemaker or not.
52 description: Whether to use Galera instead of regular MariaDB.
56 description: Whether to deploy a LoadBalancer on the Controller
61 Additional hieradata to inject into the cluster, note that
62 ControllerExtraConfig takes precedence over ExtraConfig.
67 Pacemaker fencing configuration. The JSON should have
68 the following structure:
72 "agent": "AGENT_NAME",
73 "host_mac": "HOST_MAC_ADDRESS",
74 "params": {"PARAM_NAME": "PARAM_VALUE"}
83 "host_mac": "52:54:00:aa:bb:cc",
85 "multicast_address": "225.0.0.12",
86 "port": "baremetal_0",
88 "manage_key_file": true,
89 "key_file": "/etc/fence_xvm.key",
90 "key_file_password": "abcdef"
97 description: Flavor for control nodes to request when deploying.
100 - custom_constraint: nova.flavor
103 description: The short name of the Gnocchi backend to use. Should be one
104 of swift, rbd, or file
107 - allowed_values: ['swift', 'file', 'rbd']
108 GnocchiIndexerBackend:
110 description: The short name of the Gnocchi indexer backend to use.
113 description: The password for the gnocchi service and db account.
116 HAProxyStatsPassword:
117 description: Password for HAProxy stats endpoint
120 description: User for HAProxy stats endpoint
123 HAProxySyslogAddress:
125 description: Syslog address where HAproxy will send its log
127 HeatAuthEncryptionKey:
128 description: Auth encryption key for heat-engine
133 description: A list of IP/Hostname allowed to connect to horizon
134 type: comma_delimited_list
136 description: Secret key for Django
141 default: overcloud-control
143 - custom_constraint: glance.image
145 default: 'REBUILD_PRESERVE_EPHEMERAL'
146 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
148 InstanceNameTemplate:
149 default: 'instance-%08x'
150 description: Template string to be used to generate instance names
154 description: Name of an existing Nova key pair to enable SSH access to the instances
157 - custom_constraint: nova.keypair
161 description: Keystone region for endpoint
164 description: Whether to manage IPtables rules.
168 description: Enable IPv6 features in Memcached.
172 description: Whether IPtables rules should be purged before setting up the new ones.
174 MysqlClusterUniquePart:
175 description: A unique identifier of the MySQL cluster the controller is in.
177 default: 'unset' # Has to be here because of the ignored empty value bug
178 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
180 # - length: {min: 4, max: 10}
181 MysqlInnodbBufferPoolSize:
183 Specifies the size of the buffer pool in megabytes. Setting to
184 zero should be interpreted as "no value" and will defer to the
189 description: Configures MySQL max_connections config setting
192 MysqlClustercheckPassword:
198 default: '' # Has to be here because of the ignored empty value bug
199 NeutronMetadataProxySharedSecret:
200 description: Shared secret to prevent spoofing
204 description: The password for the neutron service and db account, used by neutron agents.
207 NeutronPublicInterface:
209 description: What interface to bridge onto br-ex for network nodes.
214 Whether to create cron job for purging soft deleted rows in Nova database.
218 description: Enable IPv6 features in Nova
221 description: The password for the nova service and db account, used by nova-api.
226 description: The password for the 'pcsd' user.
228 PublicVirtualInterface:
231 Specifies the interface where the public-facing virtual ip will be assigned.
232 This should be int_public when a VLAN is being used.
236 default: '' # Has to be here because of the ignored empty value bug
239 description: The password for RabbitMQ
244 description: The username for RabbitMQ
249 Rabbit client subscriber parameter to specify
250 an SSL connection to the RabbitMQ host.
254 description: Set rabbit subscriber port, change this if using SSL
257 description: The password for Redis
262 default: '' # Has to be here because of the ignored empty value bug
265 default: '' # Has to be here because of the ignored empty value bug
266 description: An IP address which is wrapped in brackets in case of IPv6
268 description: A random string to be used as a salt when hashing to determine mappings
275 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
278 description: Partition Power to use when building Swift rings
282 description: Whether to manage Swift rings or not
287 description: How many replicas to use in the swift rings.
288 UpgradeLevelNovaCompute:
290 description: Nova Compute upgrade level
295 EnablePackageInstall:
297 description: Set to true to enable package installation via Puppet
301 description: Mapping of service_name -> network name. Typically set
302 via parameter_defaults in the resource registry.
306 description: Mapping of service endpoint -> protocol. Typically set
307 via parameter_defaults in the resource registry.
313 Setting to a previously unused value during stack-update will trigger
314 package update on all nodes
317 default: '' # Defaults to Heat created hostname
321 description: Optional mapping to override hostnames
322 NetworkDeploymentActions:
323 type: comma_delimited_list
325 Heat action when to apply network configuration changes
330 SoftwareConfigTransport:
331 default: POLL_SERVER_CFN
333 How the server should receive the metadata required for software configuration.
336 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
341 The DNS domain used for the hosts. This should match the dhcp_domain
342 configured in the Undercloud neutron. Defaults to localdomain.
346 Extra properties or metadata passed to Nova for the created nodes in
347 the overcloud. It's accessible via the Nova metadata API.
351 description: Optional scheduler hints to pass to nova
353 ServiceConfigSettings:
358 description: Command which will be run whenever configuration data changes
359 default: os-refresh-config --timeout 14400
363 description: Do not use deprecated params, they will be removed.
365 - controllerExtraConfig
370 type: OS::Nova::Server
373 command: {get_param: ConfigCommand}
375 image: {get_param: Image}
376 image_update_policy: {get_param: ImageUpdatePolicy}
377 flavor: {get_param: Flavor}
378 key_name: {get_param: KeyName}
381 user_data_format: SOFTWARE_CONFIG
382 user_data: {get_resource: UserData}
385 template: {get_param: Hostname}
386 params: {get_param: HostnameMap}
387 software_config_transport: {get_param: SoftwareConfigTransport}
388 metadata: {get_param: ServerMetadata}
389 scheduler_hints: {get_param: SchedulerHints}
391 # Combine the NodeAdminUserData and NodeUserData mime archives
393 type: OS::Heat::MultipartMime
396 - config: {get_resource: NodeAdminUserData}
398 - config: {get_resource: NodeUserData}
401 # Creates the "heat-admin" user if configured via the environment
402 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
404 type: OS::TripleO::NodeAdminUserData
406 # For optional operator additional userdata
407 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
409 type: OS::TripleO::NodeUserData
412 type: OS::TripleO::Controller::Ports::ExternalPort
414 IPPool: {get_param: ControllerIPs}
415 NodeIndex: {get_param: NodeIndex}
416 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
419 type: OS::TripleO::Controller::Ports::InternalApiPort
421 IPPool: {get_param: ControllerIPs}
422 NodeIndex: {get_param: NodeIndex}
423 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
426 type: OS::TripleO::Controller::Ports::StoragePort
428 IPPool: {get_param: ControllerIPs}
429 NodeIndex: {get_param: NodeIndex}
430 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
433 type: OS::TripleO::Controller::Ports::StorageMgmtPort
435 IPPool: {get_param: ControllerIPs}
436 NodeIndex: {get_param: NodeIndex}
437 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
440 type: OS::TripleO::Controller::Ports::TenantPort
442 IPPool: {get_param: ControllerIPs}
443 NodeIndex: {get_param: NodeIndex}
444 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
447 type: OS::TripleO::Controller::Ports::ManagementPort
449 IPPool: {get_param: ControllerIPs}
450 NodeIndex: {get_param: NodeIndex}
451 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
454 type: OS::TripleO::Network::Ports::NetIpMap
456 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
457 ExternalIp: {get_attr: [ExternalPort, ip_address]}
458 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
459 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
460 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
461 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
462 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
463 StorageIp: {get_attr: [StoragePort, ip_address]}
464 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
465 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
466 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
467 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
468 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
469 TenantIp: {get_attr: [TenantPort, ip_address]}
470 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
471 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
472 ManagementIp: {get_attr: [ManagementPort, ip_address]}
473 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
474 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
477 type: OS::TripleO::Controller::Net::SoftwareConfig
479 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
480 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
481 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
482 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
483 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
484 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
485 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
488 type: OS::TripleO::SoftwareDeployment
490 name: NetworkDeployment
491 config: {get_resource: NetworkConfig}
492 server: {get_resource: Controller}
493 actions: {get_param: NetworkDeploymentActions}
496 interface_name: {get_param: NeutronPublicInterface}
498 # Resource for site-specific injection of root certificate
500 depends_on: NetworkDeployment
501 type: OS::TripleO::NodeTLSCAData
503 server: {get_resource: Controller}
505 # Resource for site-specific passing of private keys/certificates
507 depends_on: NodeTLSCAData
508 type: OS::TripleO::NodeTLSData
510 server: {get_resource: Controller}
511 NodeIndex: {get_param: NodeIndex}
514 ControllerDeployment:
515 type: OS::TripleO::SoftwareDeployment
516 depends_on: NetworkDeployment
518 name: ControllerDeployment
519 config: {get_resource: ControllerConfig}
520 server: {get_resource: Controller}
522 bootstack_nodeid: {get_attr: [Controller, name]}
523 haproxy_log_address: {get_param: HAProxySyslogAddress}
524 haproxy_stats_password: {get_param: HAProxyStatsPassword}
525 haproxy_stats_user: {get_param: HAProxyStatsUser}
526 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
527 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
528 horizon_secret: {get_param: HorizonSecret}
529 admin_password: {get_param: AdminPassword}
530 debug: {get_param: Debug}
531 cinder_public_url: {get_param: [EndpointMap, CinderPublic, uri]}
532 cinder_internal_url: {get_param: [EndpointMap, CinderInternal, uri]}
533 cinder_admin_url: {get_param: [EndpointMap, CinderAdmin, uri]}
534 cinder_public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]}
535 cinder_internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]}
536 cinder_admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]}
537 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
538 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
539 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
540 enable_fencing: {get_param: EnableFencing}
541 enable_galera: {get_param: EnableGalera}
542 enable_load_balancer: {get_param: EnableLoadBalancer}
543 manage_firewall: {get_param: ManageFirewall}
544 purge_firewall_rules: {get_param: PurgeFirewallRules}
545 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
546 mysql_max_connections: {get_param: MysqlMaxConnections}
547 mysql_root_password: {get_param: MysqlRootPassword}
548 mysql_clustercheck_password: {get_param: MysqlClustercheckPassword}
551 template: tripleo-CLUSTER
553 CLUSTER: {get_param: MysqlClusterUniquePart}
554 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
555 neutron_password: {get_param: NeutronPassword}
556 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
557 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
558 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
559 neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
560 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
561 aodh_password: {get_param: AodhPassword}
562 aodh_internal_url: { get_param: [ EndpointMap, AodhInternal, uri ] }
563 aodh_public_url: { get_param: [ EndpointMap, AodhPublic, uri ] }
564 aodh_admin_url: { get_param: [ EndpointMap, AodhAdmin, uri ] }
565 gnocchi_password: {get_param: GnocchiPassword}
566 gnocchi_backend: {get_param: GnocchiBackend}
567 gnocchi_indexer_backend: {get_param: GnocchiIndexerBackend}
568 ceilometer_coordination_url:
572 - {get_param: RedisPassword}
574 - {get_param: RedisVirtualIPUri}
579 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
581 - {get_param: GnocchiPassword}
583 - {get_param: [EndpointMap, MysqlInternal, host]}
588 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
590 - {get_param: AodhPassword}
592 - {get_param: [EndpointMap, MysqlInternal, host]}
594 gnocchi_internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]}
595 gnocchi_public_url: { get_param: [ EndpointMap, GnocchiPublic, uri ] }
596 gnocchi_admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] }
597 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
598 nova_ipv6: {get_param: NovaIPv6}
599 corosync_ipv6: {get_param: CorosyncIPv6}
600 memcached_ipv6: {get_param: MemcachedIPv6}
601 nova_password: {get_param: NovaPassword}
605 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
607 - {get_param: NovaPassword}
609 - {get_param: [EndpointMap, MysqlInternal, host]}
614 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
616 - {get_param: NovaPassword}
618 - {get_param: [EndpointMap, MysqlInternal, host]}
620 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
621 instance_name_template: {get_param: InstanceNameTemplate}
622 nova_public_url: {get_param: [EndpointMap, NovaPublic, uri]}
623 nova_internal_url: {get_param: [EndpointMap, NovaInternal, uri]}
624 nova_admin_url: {get_param: [EndpointMap, NovaAdmin, uri]}
625 fencing_config: {get_param: FencingConfig}
626 pcsd_password: {get_param: PcsdPassword}
627 rabbit_username: {get_param: RabbitUserName}
628 rabbit_password: {get_param: RabbitPassword}
629 rabbit_cookie: {get_param: RabbitCookie}
630 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
631 rabbit_client_port: {get_param: RabbitClientPort}
632 control_virtual_interface: {get_param: ControlVirtualInterface}
633 public_virtual_interface: {get_param: PublicVirtualInterface}
634 swift_hash_suffix: {get_param: SwiftHashSuffix}
635 swift_part_power: {get_param: SwiftPartPower}
636 swift_ring_build: {get_param: SwiftRingBuild}
637 swift_replicas: {get_param: SwiftReplicas}
638 swift_min_part_hours: {get_param: SwiftMinPartHours}
639 enable_package_install: {get_param: EnablePackageInstall}
640 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
641 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
642 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
643 cinder_iscsi_network:
647 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
648 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
649 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
650 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
651 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
652 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
653 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
654 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
655 keystone_region: {get_param: KeystoneRegion}
656 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
657 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
658 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
659 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
660 aodh_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]}
661 gnocchi_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]}
662 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
663 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
664 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
667 template: "['SUBNET']"
669 SUBNET: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
670 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
671 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
672 redis_vip: {get_param: RedisVirtualIP}
673 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
674 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
675 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
676 mysql_virtual_ip: {get_param: MysqlVirtualIP}
677 ceph_cluster_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
678 ceph_public_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
679 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
680 ironic_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]}
682 # Map heat metadata into hiera datafiles
684 type: OS::Heat::StructuredConfig
686 group: os-apply-config
691 - heat_config_%{::deploy_config_name}
692 - controller_extraconfig
698 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
699 - ceph_cluster # provided by CephClusterConfig
701 - bootstrap_node # provided by BootstrapNodeConfig
702 - all_nodes # provided by allNodesConfig
703 - vip_data # provided by vip-config
707 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
708 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
709 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
710 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
711 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
712 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
713 - midonet_data #Optionally provided by AllNodesExtraConfig
714 merge_behavior: deeper
717 mapped_data: {get_param: ServiceConfigSettings}
718 controller_extraconfig:
721 - {get_param: controllerExtraConfig}
722 - {get_param: ControllerExtraConfig}
724 mapped_data: {get_param: ExtraConfig}
726 raw_data: {get_file: hieradata/common.yaml}
729 net_ip_map: {get_attr: [NetIpMap, net_ip_map]}
730 net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]}
731 net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]}
733 raw_data: {get_file: hieradata/ceph.yaml}
735 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
736 ceph::profile::params::public_network: {get_input: ceph_public_network}
737 ceph::profile::params::public_addr: {get_input: ceph_public_ip}
739 raw_data: {get_file: hieradata/database.yaml}
741 raw_data: {get_file: hieradata/object.yaml}
743 raw_data: {get_file: hieradata/controller.yaml}
744 mapped_data: # data supplied directly to this deployment configuration, etc
745 bootstack_nodeid: {get_input: bootstack_nodeid}
748 enable_fencing: {get_input: enable_fencing}
749 enable_load_balancer: {get_input: enable_load_balancer}
750 hacluster_pwd: {get_input: pcsd_password}
751 corosync_ipv6: {get_input: corosync_ipv6}
752 tripleo::fencing::config: {get_input: fencing_config}
755 # FIXME: need to move proxy_local_net_ip into swift-proxy.yaml
756 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
757 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
758 swift::swift_hash_path_suffix: {get_input: swift_hash_suffix}
759 tripleo::ringbuilder::build_ring: { get_input: swift_ring_build }
760 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
761 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
762 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
765 tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: {get_input: cinder_iscsi_network}
766 cinder::api::bind_host: {get_input: cinder_api_network}
767 cinder::keystone::auth::public_url: {get_input: cinder_public_url }
768 cinder::keystone::auth::internal_url: {get_input: cinder_internal_url }
769 cinder::keystone::auth::admin_url: {get_input: cinder_admin_url }
770 cinder::keystone::auth::public_url_v2: {get_input: cinder_public_url_v2 }
771 cinder::keystone::auth::internal_url_v2: {get_input: cinder_internal_url_v2 }
772 cinder::keystone::auth::admin_url_v2: {get_input: cinder_admin_url_v2 }
773 cinder::keystone::auth::password: {get_input: cinder_password }
774 cinder::keystone::auth::region: {get_input: keystone_region}
777 glance::api::bind_host: {get_input: glance_api_network}
778 glance::registry::bind_host: {get_input: glance_registry_network}
779 glance::keystone::auth::region: {get_input: keystone_region}
782 heat::api::bind_host: {get_input: heat_api_network}
783 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
784 heat::api_cfn::bind_host: {get_input: heat_api_network}
785 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
788 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
789 keystone::public_bind_host: {get_input: keystone_public_api_network}
790 keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
791 keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
794 mongodb::server::bind_ip: {get_input: mongo_db_network}
797 admin_password: {get_input: admin_password}
798 enable_galera: {get_input: enable_galera}
799 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
800 mysql_max_connections: {get_input: mysql_max_connections}
801 mysql::server::root_password: {get_input: mysql_root_password}
802 mysql_clustercheck_password: {get_input: mysql_clustercheck_password}
803 mysql_cluster_name: {get_input: mysql_cluster_name}
804 mysql_bind_host: {get_input: mysql_network}
805 mysql_virtual_ip: {get_input: mysql_virtual_ip}
808 neutron::bind_host: {get_input: neutron_api_network}
809 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
810 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
811 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
812 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
813 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
814 neutron::keystone::auth::password: {get_input: neutron_password }
815 neutron::keystone::auth::region: {get_input: keystone_region}
818 ceilometer::api::host: {get_input: ceilometer_api_network}
819 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
820 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
823 aodh_mysql_conn_string: {get_input: aodh_dsn}
824 aodh::rabbit_userid: {get_input: rabbit_username}
825 aodh::rabbit_password: {get_input: rabbit_password}
826 aodh::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
827 aodh::rabbit_port: {get_input: rabbit_client_port}
828 aodh::debug: {get_input: debug}
829 aodh::wsgi::apache::ssl: false
830 aodh::wsgi::apache::bind_host: {get_input: aodh_api_network}
831 aodh::api::service_name: 'httpd'
832 aodh::api::host: {get_input: aodh_api_network}
833 aodh::api::keystone_password: {get_input: aodh_password}
834 aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri}
835 aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri}
836 aodh::auth::auth_url: {get_input: keystone_auth_uri}
837 aodh::auth::auth_password: {get_input: aodh_password}
838 aodh::db::mysql::password: {get_input: aodh_password}
839 # for a migration path from ceilometer-alarm to aodh, we use the same database & coordination
840 aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url}
841 aodh::keystone::auth::public_url: {get_input: aodh_public_url }
842 aodh::keystone::auth::internal_url: {get_input: aodh_internal_url }
843 aodh::keystone::auth::admin_url: {get_input: aodh_admin_url }
844 aodh::keystone::auth::password: {get_input: aodh_password }
845 aodh::keystone::auth::region: {get_input: keystone_region}
848 gnocchi_backend: {get_input: gnocchi_backend}
849 gnocchi_indexer_backend: {get_input: gnocchi_indexer_backend}
850 gnocchi_mysql_conn_string: {get_input: gnocchi_dsn}
851 gnocchi::debug: {get_input: debug}
852 gnocchi::wsgi::apache::ssl: false
853 gnocchi::wsgi::apache::bind_host: {get_input: gnocchi_api_network}
854 gnocchi::api::service_name: 'httpd'
855 gnocchi::api::host: {get_input: gnocchi_api_network}
856 gnocchi::api::keystone_password: {get_input: gnocchi_password}
857 gnocchi::api::keystone_auth_uri: {get_input: keystone_auth_uri}
858 gnocchi::api::keystone_identity_uri: {get_input: keystone_identity_uri}
859 gnocchi::db::mysql::password: {get_input: gnocchi_password}
860 gnocchi::storage::swift::swift_authurl: {get_input: keystone_auth_uri}
861 gnocchi::storage::swift::swift_key: {get_input: gnocchi_password}
862 gnocchi::keystone::auth::public_url: {get_input: gnocchi_public_url }
863 gnocchi::keystone::auth::internal_url: {get_input: gnocchi_internal_url }
864 gnocchi::keystone::auth::admin_url: {get_input: gnocchi_admin_url }
865 gnocchi::keystone::auth::password: {get_input: gnocchi_password }
866 gnocchi::keystone::auth::region: {get_input: keystone_region}
869 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
870 nova::use_ipv6: {get_input: nova_ipv6}
871 nova::api::auth_uri: {get_input: keystone_auth_uri}
872 nova::api::identity_uri: {get_input: keystone_identity_uri}
873 nova::api::api_bind_address: {get_input: nova_api_network}
874 nova::api::metadata_listen: {get_input: nova_metadata_network}
875 nova::api::admin_password: {get_input: nova_password}
876 nova::database_connection: {get_input: nova_dsn}
877 nova::api_database_connection: {get_input: nova_api_dsn}
878 nova::glance_api_servers: {get_input: glance_api_servers}
879 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
880 nova::api::instance_name_template: {get_input: instance_name_template}
881 nova::network::neutron::neutron_password: {get_input: neutron_password}
882 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
883 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
884 nova::vncproxy::host: {get_input: nova_api_network}
885 nova::db::mysql::password: {get_input: nova_password}
886 nova::db::mysql_api::password: {get_input: nova_password}
887 nova_enable_db_purge: {get_input: nova_enable_db_purge}
888 nova::keystone::auth::public_url: {get_input: nova_public_url}
889 nova::keystone::auth::internal_url: {get_input: nova_internal_url}
890 nova::keystone::auth::admin_url: {get_input: nova_admin_url}
891 nova::keystone::auth::password: {get_input: nova_password }
892 nova::keystone::auth::region: {get_input: keystone_region}
895 apache::mod::remoteip::proxy_ips: {get_input: horizon_subnet}
896 apache::ip: {get_input: horizon_network}
897 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
898 horizon::django_debug: {get_input: debug}
899 horizon::secret_key: {get_input: horizon_secret}
900 horizon::bind_address: {get_input: horizon_network}
901 horizon::keystone_url: {get_input: keystone_auth_uri}
904 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
905 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
907 redis::bind: {get_input: redis_network}
908 redis_vip: {get_input: redis_vip}
910 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
911 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
913 memcached_ipv6: {get_input: memcached_ipv6}
914 memcached::listen_ip: {get_input: memcached_network}
915 control_virtual_interface: {get_input: control_virtual_interface}
916 public_virtual_interface: {get_input: public_virtual_interface}
917 tripleo::keepalived::control_virtual_interface: {get_input: control_virtual_interface}
918 tripleo::keepalived::public_virtual_interface: {get_input: public_virtual_interface}
919 tripleo::haproxy::control_virtual_interface: {get_input: control_virtual_interface}
920 tripleo::haproxy::public_virtual_interface: {get_input: public_virtual_interface}
921 tripleo::haproxy::haproxy_log_address: {get_input: haproxy_log_address}
922 tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
923 tripleo::haproxy::haproxy_stats_user: {get_input: haproxy_stats_user}
924 tripleo::haproxy::haproxy_stats_password: {get_input: haproxy_stats_password}
925 tripleo::haproxy::redis_password: {get_input: redis_password}
926 tripleo::packages::enable_install: {get_input: enable_package_install}
927 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
929 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
930 ControllerExtraConfigPre:
931 depends_on: ControllerDeployment
932 type: OS::TripleO::ControllerExtraConfigPre
934 server: {get_resource: Controller}
936 # Hook for site-specific additional pre-deployment config,
937 # applying to all nodes, e.g node registration/unregistration
939 depends_on: [ControllerExtraConfigPre, NodeTLSData]
940 type: OS::TripleO::NodeExtraConfig
942 server: {get_resource: Controller}
945 type: OS::TripleO::Tasks::PackageUpdate
948 type: OS::Heat::SoftwareDeployment
950 name: UpdateDeployment
951 config: {get_resource: UpdateConfig}
952 server: {get_resource: Controller}
955 get_param: UpdateIdentifier
959 description: IP address of the server in the ctlplane network
960 value: {get_attr: [Controller, networks, ctlplane, 0]}
962 description: IP address of the server in the external network
963 value: {get_attr: [ExternalPort, ip_address]}
964 internal_api_ip_address:
965 description: IP address of the server in the internal_api network
966 value: {get_attr: [InternalApiPort, ip_address]}
968 description: IP address of the server in the storage network
969 value: {get_attr: [StoragePort, ip_address]}
970 storage_mgmt_ip_address:
971 description: IP address of the server in the storage_mgmt network
972 value: {get_attr: [StorageMgmtPort, ip_address]}
974 description: IP address of the server in the tenant network
975 value: {get_attr: [TenantPort, ip_address]}
976 management_ip_address:
977 description: IP address of the server in the management network
978 value: {get_attr: [ManagementPort, ip_address]}
980 description: Hostname of the server
981 value: {get_attr: [Controller, name]}
984 Server's IP address and hostname in the /etc/hosts format
988 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
989 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
990 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
991 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
992 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
993 TENANTIP TENANTHOST.DOMAIN TENANTHOST
994 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
996 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
997 DOMAIN: {get_param: CloudDomain}
998 PRIMARYHOST: {get_attr: [Controller, name]}
999 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
1003 - - {get_attr: [Controller, name]}
1005 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
1009 - - {get_attr: [Controller, name]}
1011 STORAGEIP: {get_attr: [StoragePort, ip_address]}
1015 - - {get_attr: [Controller, name]}
1017 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
1021 - - {get_attr: [Controller, name]}
1023 TENANTIP: {get_attr: [TenantPort, ip_address]}
1027 - - {get_attr: [Controller, name]}
1029 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
1033 - - {get_attr: [Controller, name]}
1035 nova_server_resource:
1036 description: Heat resource handle for the Nova compute server
1038 {get_resource: Controller}
1040 description: Swift device formatted for swift-ring-builder
1043 template: 'r1z1-IP:%PORT%/d1'
1045 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1046 swift_proxy_memcache:
1047 description: Swift proxy-memcache value
1050 template: "IP:11211"
1052 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1053 tls_key_modulus_md5:
1054 description: MD5 checksum of the TLS Key Modulus
1055 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1056 tls_cert_modulus_md5:
1057 description: MD5 checksum of the TLS Certificate Modulus
1058 value: {get_attr: [NodeTLSData, cert_modulus_md5]}