1 heat_template_version: 2015-10-15
4 OpenStack controller node configured by Puppet.
8 default: 'admin@example.com'
9 description: The email for the keystone admin account.
13 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
17 description: The keystone auth secret and db password.
20 CeilometerApiVirtualIP:
25 description: The ceilometer backend type.
27 CeilometerMeteringSecret:
28 description: Secret shared by the ceilometer services.
32 description: The password for the ceilometer service and db account.
35 CeilometerStoreEvents:
37 description: Whether to store events in ceilometer.
44 description: Number of workers for Ceilometer service.
49 Whether to create cron job for purging soft deleted rows in Cinder database.
51 CinderEnableNfsBackend:
53 description: Whether to enable or not the NFS backend for Cinder
55 CinderEnableIscsiBackend:
57 description: Whether to enable or not the Iscsi backend for Cinder
59 CinderEnableRbdBackend:
61 description: Whether to enable or not the Rbd backend for Cinder
65 description: The iSCSI helper to use with cinder.
67 CinderLVMLoopDeviceSize:
69 description: The size of the loopback file used by the cinder LVM driver.
71 CinderNfsMountOptions:
74 Mount options for NFS mounts used by Cinder NFS backend. Effective
75 when CinderEnableNfsBackend is true.
80 NFS servers used by Cinder NFS backend. Effective when
81 CinderEnableNfsBackend is true.
82 type: comma_delimited_list
84 description: The password for the cinder service and db account, used by cinder-api.
89 description: Contains parameters to configure Cinder backends. Typically
90 set via parameter_defaults in the resource registry.
94 description: Number of workers for Cinder service.
96 ControllerExtraConfig:
99 Controller specific hiera configuration data to inject into the cluster.
104 A network mapped list of IPs to assign to Controllers in the following form:
106 "internal_api": ["a.b.c.d", "e.f.g.h"],
110 ControlVirtualInterface:
112 description: Interface where virtual ip will be assigned.
116 description: Enable IPv6 in Corosync
120 description: Set to True to enable debugging on all services.
124 description: Whether to enable fencing in Pacemaker or not.
128 description: Whether to use Galera instead of regular MariaDB.
132 description: Whether to deploy a LoadBalancer on the Controller
136 description: Whether to deploy Ceph Storage (OSD) on the Controller
140 description: Whether to enable Swift Storage on the Controller
145 Additional hieradata to inject into the cluster, note that
146 ControllerExtraConfig takes precedence over ExtraConfig.
151 Pacemaker fencing configuration. The JSON should have
152 the following structure:
156 "agent": "AGENT_NAME",
157 "host_mac": "HOST_MAC_ADDRESS",
158 "params": {"PARAM_NAME": "PARAM_VALUE"}
166 "agent": "fence_xvm",
167 "host_mac": "52:54:00:aa:bb:cc",
169 "multicast_address": "225.0.0.12",
170 "port": "baremetal_0",
172 "manage_key_file": true,
173 "key_file": "/etc/fence_xvm.key",
174 "key_file_password": "abcdef"
181 description: Flavor for control nodes to request when deploying.
184 - custom_constraint: nova.flavor
185 GlanceNotifierStrategy:
186 description: Strategy to use for Glance notification queue
190 description: The filepath of the file to use for logging messages from Glance.
194 description: The password for the glance service and db account, used by the glance services.
199 description: The short name of the Glance backend to use. Should be one
200 of swift, rbd, or file
203 - allowed_values: ['swift', 'file', 'rbd']
204 GlanceFilePcmkDevice:
207 An exported storage device that should be mounted by Pacemaker
208 as Glance storage. Effective when GlanceFilePcmkManage is true.
210 GlanceFilePcmkFstype:
213 Filesystem type for Pacemaker mount used as Glance storage.
214 Effective when GlanceFilePcmkManage is true.
216 GlanceFilePcmkManage:
219 Whether to make Glance file backend a mount managed by Pacemaker.
220 Effective when GlanceBackend is 'file'.
222 GlanceFilePcmkOptions:
225 Mount options for Pacemaker mount used as Glance storage.
226 Effective when GlanceFilePcmkManage is true.
228 HAProxySyslogAddress:
230 description: Syslog address where HAproxy will send its log
234 description: Number of workers for Glance service.
237 description: The password for the Heat service and db account, used by the Heat services.
240 HeatStackDomainAdminPassword:
241 description: Password for heat_stack_domain_admin user.
244 HeatAuthEncryptionKey:
245 description: Auth encryption key for heat-engine
250 description: A list of IP/Hostname allowed to connect to horizon
251 type: comma_delimited_list
254 description: Number of workers for Heat service.
260 Whether to create cron job for purging soft deleted rows in the Heat database.
262 description: Secret key for Django
267 default: overcloud-control
269 - custom_constraint: glance.image
271 default: 'REBUILD_PRESERVE_EPHEMERAL'
272 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
274 InstanceNameTemplate:
275 default: 'instance-%08x'
276 description: Template string to be used to generate instance names
280 description: Name of an existing Nova key pair to enable SSH access to the instances
283 - custom_constraint: nova.keypair
284 KeystoneCACertificate:
286 description: Keystone self-signed certificate authority certificate.
288 KeystoneEnableDBPurge:
291 Whether to create cron job for purging soft deleted rows in Keystone database.
293 KeystoneSigningCertificate:
295 description: Keystone certificate for verifying token validity.
299 description: Keystone key for signing tokens.
302 KeystoneSSLCertificate:
304 description: Keystone certificate for verifying token validity.
306 KeystoneSSLCertificateKey:
308 description: Keystone key for signing tokens.
311 KeystoneNotificationDriver:
312 description: Comma-separated list of Oslo notification drivers used by Keystone
313 default: ['messaging']
314 type: comma_delimited_list
315 KeystoneNotificationFormat:
316 description: The Keystone notification format
320 - allowed_values: [ 'basic', 'cadf' ]
324 description: Keystone region for endpoint
327 description: Whether to manage IPtables rules.
331 description: Whether IPtables rules should be purged before setting up the new ones.
335 description: Number of workers for Keystone service.
342 description: The password for the sahara service account, used by sahara-api.
345 MysqlClusterUniquePart:
346 description: A unique identifier of the MySQL cluster the controller is in.
348 default: 'unset' # Has to be here because of the ignored empty value bug
349 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
351 # - length: {min: 4, max: 10}
352 MysqlInnodbBufferPoolSize:
354 Specifies the size of the buffer pool in megabytes. Setting to
355 zero should be interpreted as "no value" and will defer to the
360 description: Configures MySQL max_connections config setting
366 default: '' # Has to be here because of the ignored empty value bug
367 NeutronExternalNetworkBridge:
368 description: Name of bridge used for external network traffic.
371 NeutronBridgeMappings:
373 The OVS logical->physical bridge mappings to use. See the Neutron
374 documentation for details. Defaults to mapping br-ex - the external
375 bridge on hosts - to a physical name 'datacentre' which can be used
376 to create provider networks (and we use this for the default floating
377 network) - if changing this either use different post-install network
378 scripts or be sure to keep 'datacentre' as a mapping network name.
379 type: comma_delimited_list
380 default: "datacentre:br-ex"
381 NeutronDnsmasqOptions:
382 default: 'dhcp-option-force=26,1400'
383 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
385 NeutronEnableDHCPAgent:
386 description: Knob to enable/disable DHCP Agent
389 NeutronEnableL3Agent:
390 description: Knob to enable/disable L3 agent
393 NeutronEnableMetadataAgent:
394 description: Knob to enable/disable Metadata agent
397 NeutronEnableOVSAgent:
398 description: Knob to enable/disable OVS Agent
403 description: Agent mode for the neutron-l3-agent on the controller hosts
407 description: Whether to enable l3-agent HA
409 NeutronDhcpAgentsPerNetwork:
412 description: The number of neutron dhcp agents to schedule per network
415 description: Whether to configure Neutron Distributed Virtual Routers
417 NeutronMetadataProxySharedSecret:
418 description: Shared secret to prevent spoofing
424 The core plugin for Neutron. The value should be the entrypoint to be loaded
425 from neutron.core_plugins namespace.
427 NeutronServicePlugins:
428 default: "router,qos"
430 Comma-separated list of service plugin entrypoints to be loaded from the
431 neutron.service_plugins namespace.
432 type: comma_delimited_list
434 default: "vxlan,vlan,flat,gre"
436 Comma-separated list of network type driver entrypoints to be loaded.
437 type: comma_delimited_list
438 NeutronMechanismDrivers:
439 default: 'openvswitch'
441 The mechanism drivers for the Neutron tenant network.
442 type: comma_delimited_list
443 NeutronAllowL3AgentFailover:
445 description: Allow automatic l3-agent failover
447 NeutronEnableIsolatedMetadata:
449 description: If True, DHCP provide metadata route to VM.
451 NeutronEnableTunnelling:
457 Enable/disable the L2 population feature in the Neutron agents.
460 type: comma_delimited_list
461 default: 'datacentre'
462 description: If set, flat networks to configure in neutron plugins.
465 description: Whether to enable l3-agent HA
469 description: The tenant network type for Neutron.
470 type: comma_delimited_list
471 NeutronNetworkVLANRanges:
472 default: 'datacentre:1:1000'
474 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
475 Neutron documentation for permitted values. Defaults to permitting any
476 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
477 type: comma_delimited_list
479 description: The password for the neutron service and db account, used by neutron agents.
482 NeutronPublicInterface:
484 description: What interface to bridge onto br-ex for network nodes.
486 NeutronPublicInterfaceTag:
489 VLAN tag for creating a public VLAN. The tag will be used to
490 create an access port on the exterior bridge for each control plane node,
491 and that port will be given the IP address returned by neutron from the
492 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
493 overcloud.yaml to include the deployment of VLAN ports to the control
496 NeutronPublicInterfaceDefaultRoute:
498 description: A custom default route for the NeutronPublicInterface.
500 NeutronPublicInterfaceIP:
502 description: A custom IP address to put onto the NeutronPublicInterface.
504 NeutronPublicInterfaceRawDevice:
506 description: If set, the public interface is a vlan with this device as the raw device.
510 The default MTU for tenant networks. For VXLAN/GRE tunneling, this should
511 be at least 50 bytes smaller than the MTU on the physical network. This
512 value will be used to set the MTU on the virtual Ethernet device.
513 This number is related to the value of NeutronDnsmasqOptions, since that
514 will determine the MTU that is assigned to the VM host through DHCP.
520 The tunnel types for the Neutron tenant network.
521 type: comma_delimited_list
522 NeutronTunnelIdRanges:
524 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
525 of GRE tunnel IDs that are available for tenant network allocation
526 default: ["1:4094", ]
527 type: comma_delimited_list
530 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
531 of VXLAN VNI IDs that are available for tenant network allocation
532 default: ["1:4094", ]
533 type: comma_delimited_list
534 NeutronPluginExtensions:
535 default: "qos,port_security"
537 Comma-separated list of extensions enabled for the Neutron plugin.
538 type: comma_delimited_list
539 NeutronAgentExtensions:
542 Comma-separated list of extensions enabled for the Neutron agents.
543 type: comma_delimited_list
549 description: Number of workers for Neutron service.
554 Whether to create cron job for purging soft deleted rows in Nova database.
558 description: Enable IPv6 features in Nova
561 description: The password for the nova service and db account, used by nova-api.
566 description: Number of workers for Nova service.
570 description: Should MongoDb journaling be disabled
574 description: Enable IPv6 if Mongo DB VIP is IPv6
578 description: Comma-separated list of ntp servers
579 type: comma_delimited_list
582 description: The password for the 'pcsd' user.
584 PublicVirtualInterface:
587 Specifies the interface where the public-facing virtual ip will be assigned.
588 This should be int_public when a VLAN is being used.
592 default: '' # Has to be here because of the ignored empty value bug
595 default: '' # Has to be here because of the ignored empty value bug
598 description: The password for RabbitMQ
603 description: The username for RabbitMQ
608 Rabbit client subscriber parameter to specify
609 an SSL connection to the RabbitMQ host.
613 description: Set rabbit subscriber port, change this if using SSL
617 description: Configures RabbitMQ FD limit
621 description: Enable IPv6 in RabbitMQ
625 description: The password to access the Redis service
629 default: '' # Has to be here because of the ignored empty value bug
632 default: '' # Has to be here because of the ignored empty value bug
633 description: An IP address which is wrapped in brackets in case of IPv6
634 SnmpdReadonlyUserName:
635 default: ro_snmp_user
636 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
638 SnmpdReadonlyUserPassword:
639 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
643 description: A random string to be used as a salt when hashing to determine mappings
649 description: Value of mount_check in Swift account/container/object -server.conf
654 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
657 description: Partition Power to use when building Swift rings
661 description: Whether to manage Swift rings or not
664 description: The password for the swift service account, used by the swift proxy
674 description: How many replicas to use in the swift rings.
677 description: Number of workers for Swift service.
681 description: The timezone to be set on controller nodes.
683 UpgradeLevelNovaCompute:
685 description: Nova Compute upgrade level
687 VirtualIP: # DEPRECATED: use per service settings instead
689 default: '' # Has to be here because of the ignored empty value bug
699 GlanceRegistryVirtualIP:
708 KeystoneAdminApiVirtualIP:
711 KeystonePublicApiVirtualIP:
717 EnablePackageInstall:
719 description: Set to true to enable package installation via Puppet
723 description: Mapping of service_name -> network name. Typically set
724 via parameter_defaults in the resource registry.
728 description: Mapping of service endpoint -> protocol. Typically set
729 via parameter_defaults in the resource registry.
735 Setting to a previously unused value during stack-update will trigger
736 package update on all nodes
739 default: '' # Defaults to Heat created hostname
743 description: Optional mapping to override hostnames
744 NetworkDeploymentActions:
745 type: comma_delimited_list
747 Heat action when to apply network configuration changes
752 SoftwareConfigTransport:
753 default: POLL_SERVER_CFN
755 How the server should receive the metadata required for software configuration.
758 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
763 The DNS domain used for the hosts. This should match the dhcp_domain
764 configured in the Undercloud neutron. Defaults to localdomain.
768 Extra properties or metadata passed to Nova for the created nodes in
769 the overcloud. It's accessible via the Nova metadata API.
773 description: Optional scheduler hints to pass to nova
779 type: OS::Nova::Server
781 image: {get_param: Image}
782 image_update_policy: {get_param: ImageUpdatePolicy}
783 flavor: {get_param: Flavor}
784 key_name: {get_param: KeyName}
787 user_data_format: SOFTWARE_CONFIG
788 user_data: {get_resource: UserData}
791 template: {get_param: Hostname}
792 params: {get_param: HostnameMap}
793 software_config_transport: {get_param: SoftwareConfigTransport}
794 metadata: {get_param: ServerMetadata}
795 scheduler_hints: {get_param: SchedulerHints}
797 # Combine the NodeAdminUserData and NodeUserData mime archives
799 type: OS::Heat::MultipartMime
802 - config: {get_resource: NodeAdminUserData}
804 - config: {get_resource: NodeUserData}
807 # Creates the "heat-admin" user if configured via the environment
808 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
810 type: OS::TripleO::NodeAdminUserData
812 # For optional operator additional userdata
813 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
815 type: OS::TripleO::NodeUserData
818 type: OS::TripleO::Controller::Ports::ExternalPort
820 IPPool: {get_param: ControllerIPs}
821 NodeIndex: {get_param: NodeIndex}
822 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
825 type: OS::TripleO::Controller::Ports::InternalApiPort
827 IPPool: {get_param: ControllerIPs}
828 NodeIndex: {get_param: NodeIndex}
829 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
832 type: OS::TripleO::Controller::Ports::StoragePort
834 IPPool: {get_param: ControllerIPs}
835 NodeIndex: {get_param: NodeIndex}
836 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
839 type: OS::TripleO::Controller::Ports::StorageMgmtPort
841 IPPool: {get_param: ControllerIPs}
842 NodeIndex: {get_param: NodeIndex}
843 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
846 type: OS::TripleO::Controller::Ports::TenantPort
848 IPPool: {get_param: ControllerIPs}
849 NodeIndex: {get_param: NodeIndex}
850 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
853 type: OS::TripleO::Controller::Ports::ManagementPort
855 IPPool: {get_param: ControllerIPs}
856 NodeIndex: {get_param: NodeIndex}
857 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
860 type: OS::TripleO::Network::Ports::NetIpMap
862 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
863 ExternalIp: {get_attr: [ExternalPort, ip_address]}
864 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
865 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
866 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
867 StorageIp: {get_attr: [StoragePort, ip_address]}
868 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
869 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
870 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
871 TenantIp: {get_attr: [TenantPort, ip_address]}
872 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
873 ManagementIp: {get_attr: [ManagementPort, ip_address]}
874 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
877 type: OS::TripleO::Network::Ports::NetIpSubnetMap
879 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
880 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
881 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
882 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
883 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
884 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
885 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
888 type: OS::TripleO::Controller::Net::SoftwareConfig
890 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
891 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
892 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
893 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
894 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
895 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
896 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
899 type: OS::TripleO::SoftwareDeployment
901 name: NetworkDeployment
902 config: {get_resource: NetworkConfig}
903 server: {get_resource: Controller}
904 actions: {get_param: NetworkDeploymentActions}
907 interface_name: {get_param: NeutronPublicInterface}
909 # Resource for site-specific injection of root certificate
911 depends_on: NetworkDeployment
912 type: OS::TripleO::NodeTLSCAData
914 server: {get_resource: Controller}
916 # Resource for site-specific passing of private keys/certificates
918 depends_on: NodeTLSCAData
919 type: OS::TripleO::NodeTLSData
921 server: {get_resource: Controller}
922 NodeIndex: {get_param: NodeIndex}
925 ControllerDeployment:
926 type: OS::TripleO::SoftwareDeployment
927 depends_on: NetworkDeployment
929 name: ControllerDeployment
930 config: {get_resource: ControllerConfig}
931 server: {get_resource: Controller}
933 bootstack_nodeid: {get_attr: [Controller, name]}
934 ceilometer_workers: {get_param: CeilometerWorkers}
935 cinder_workers: {get_param: CinderWorkers}
936 glance_workers: {get_param: GlanceWorkers}
937 heat_workers: {get_param: HeatWorkers}
938 keystone_workers: {get_param: KeystoneWorkers}
939 nova_workers: {get_param: NovaWorkers}
940 neutron_workers: {get_param: NeutronWorkers}
941 swift_workers: {get_param: SwiftWorkers}
942 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
943 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
944 neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
945 haproxy_log_address: {get_param: HAProxySyslogAddress}
946 heat.watch_server_url:
950 - {get_param: HeatApiVirtualIPUri}
952 heat.metadata_server_url:
956 - {get_param: HeatApiVirtualIPUri}
958 heat.waitcondition_server_url:
962 - {get_param: HeatApiVirtualIPUri}
963 - ':8000/v1/waitcondition'
964 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
965 heat_enable_db_purge: {get_param: HeatEnableDBPurge}
966 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
967 horizon_secret: {get_param: HorizonSecret}
968 admin_email: {get_param: AdminEmail}
969 admin_password: {get_param: AdminPassword}
970 admin_token: {get_param: AdminToken}
971 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
972 debug: {get_param: Debug}
973 cinder_enable_db_purge: {get_param: CinderEnableDBPurge}
974 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
975 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
976 cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
981 SERVERS: {get_param: CinderNfsServers}
982 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
983 cinder_password: {get_param: CinderPassword}
984 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
985 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
986 cinder_backend_config: {get_param: CinderBackendConfig}
990 - - 'mysql+pymysql://cinder:'
991 - {get_param: CinderPassword}
993 - {get_param: MysqlVirtualIPUri}
995 glance_port: {get_param: [EndpointMap, GlanceInternal, port]}
996 glance_password: {get_param: GlancePassword}
997 glance_backend: {get_param: GlanceBackend}
998 glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice}
999 glance_file_pcmk_fstype: {get_param: GlanceFilePcmkFstype}
1000 glance_file_pcmk_manage: {get_param: GlanceFilePcmkManage}
1001 glance_file_pcmk_options: {get_param: GlanceFilePcmkOptions}
1002 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
1003 glance_log_file: {get_param: GlanceLogFile}
1007 - - 'mysql+pymysql://glance:'
1008 - {get_param: GlancePassword}
1010 - {get_param: MysqlVirtualIPUri}
1012 heat_password: {get_param: HeatPassword}
1013 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
1017 - - 'mysql+pymysql://heat:'
1018 - {get_param: HeatPassword}
1020 - {get_param: MysqlVirtualIPUri}
1022 keystone_ca_certificate: {get_param: KeystoneCACertificate}
1023 keystone_signing_key: {get_param: KeystoneSigningKey}
1024 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
1025 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
1026 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
1027 keystone_notification_driver: {get_param: KeystoneNotificationDriver}
1028 keystone_notification_format: {get_param: KeystoneNotificationFormat}
1029 keystone_enable_db_purge: {get_param: KeystoneEnableDBPurge}
1033 - - 'mysql+pymysql://keystone:'
1034 - {get_param: AdminToken}
1036 - {get_param: MysqlVirtualIPUri}
1038 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
1039 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
1040 keystone_public_url: { get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
1041 keystone_internal_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
1042 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
1043 enable_fencing: {get_param: EnableFencing}
1044 enable_galera: {get_param: EnableGalera}
1045 enable_load_balancer: {get_param: EnableLoadBalancer}
1046 enable_ceph_storage: {get_param: EnableCephStorage}
1047 enable_swift_storage: {get_param: EnableSwiftStorage}
1048 manage_firewall: {get_param: ManageFirewall}
1049 purge_firewall_rules: {get_param: PurgeFirewallRules}
1050 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
1051 mysql_max_connections: {get_param: MysqlMaxConnections}
1052 mysql_root_password: {get_param: MysqlRootPassword}
1055 template: tripleo-CLUSTER
1057 CLUSTER: {get_param: MysqlClusterUniquePart}
1058 neutron_flat_networks:
1062 NETWORKS: {get_param: NeutronFlatNetworks}
1063 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
1064 neutron_agent_mode: {get_param: NeutronAgentMode}
1065 neutron_router_distributed: {get_param: NeutronDVR}
1066 neutron_core_plugin: {get_param: NeutronCorePlugin}
1067 neutron_service_plugins:
1071 PLUGINS: {get_param: NeutronServicePlugins}
1072 neutron_type_drivers:
1076 DRIVERS: {get_param: NeutronTypeDrivers}
1077 neutron_enable_dhcp_agent: {get_param: NeutronEnableDHCPAgent}
1078 neutron_enable_l3_agent: {get_param: NeutronEnableL3Agent}
1079 neutron_enable_metadata_agent: {get_param: NeutronEnableMetadataAgent}
1080 neutron_enable_ovs_agent: {get_param: NeutronEnableOVSAgent}
1081 neutron_mechanism_drivers:
1083 template: MECHANISMS
1085 MECHANISMS: {get_param: NeutronMechanismDrivers}
1086 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
1087 neutron_l3_ha: {get_param: NeutronL3HA}
1088 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
1089 neutron_network_vlan_ranges:
1093 RANGES: {get_param: NeutronNetworkVLANRanges}
1094 neutron_bridge_mappings:
1098 MAPPINGS: {get_param: NeutronBridgeMappings}
1099 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
1100 neutron_public_interface: {get_param: NeutronPublicInterface}
1101 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
1102 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
1103 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
1104 neutron_tunnel_id_ranges:
1108 RANGES: {get_param: NeutronTunnelIdRanges}
1113 RANGES: {get_param: NeutronVniRanges}
1114 neutron_tenant_network_types:
1118 TYPES: {get_param: NeutronNetworkType}
1119 neutron_tunnel_types:
1123 TYPES: {get_param: NeutronTunnelTypes}
1124 neutron_plugin_extensions:
1126 template: PLUGIN_EXTENSIONS
1128 PLUGIN_EXTENSIONS: {get_param: NeutronPluginExtensions}
1129 neutron_agent_extensions:
1131 template: AGENT_EXTENSIONS
1133 AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
1134 neutron_password: {get_param: NeutronPassword}
1135 neutron_tenant_mtu: {get_param: NeutronTenantMtu}
1136 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
1140 - - 'mysql+pymysql://neutron:'
1141 - {get_param: NeutronPassword}
1143 - {get_param: MysqlVirtualIPUri}
1144 - '/ovs_neutron?charset=utf8'
1145 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
1146 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
1147 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
1148 neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
1149 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
1150 ceilometer_backend: {get_param: CeilometerBackend}
1151 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
1152 ceilometer_password: {get_param: CeilometerPassword}
1153 ceilometer_store_events: {get_param: CeilometerStoreEvents}
1154 ceilometer_coordination_url:
1158 - {get_param: RedisVirtualIPUri}
1159 - ':6379/?password='
1160 - {get_param: RedisPassword}
1164 - - 'mysql+pymysql://ceilometer:'
1165 - {get_param: CeilometerPassword}
1167 - {get_param: MysqlVirtualIPUri}
1169 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
1170 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
1171 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
1172 nova_ipv6: {get_param: NovaIPv6}
1173 corosync_ipv6: {get_param: CorosyncIPv6}
1174 nova_password: {get_param: NovaPassword}
1178 - - 'mysql+pymysql://nova:'
1179 - {get_param: NovaPassword}
1181 - {get_param: MysqlVirtualIPUri}
1186 - - 'mysql+pymysql://nova_api:'
1187 - {get_param: NovaPassword}
1189 - {get_param: MysqlVirtualIPUri}
1191 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
1192 instance_name_template: {get_param: InstanceNameTemplate}
1193 fencing_config: {get_param: FencingConfig}
1194 pcsd_password: {get_param: PcsdPassword}
1195 rabbit_username: {get_param: RabbitUserName}
1196 rabbit_password: {get_param: RabbitPassword}
1197 rabbit_cookie: {get_param: RabbitCookie}
1198 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
1199 rabbit_client_port: {get_param: RabbitClientPort}
1200 rabbit_ipv6: {get_param: RabbitIPv6}
1201 rabbit_fd_limit: {get_param: RabbitFDLimit}
1202 mongodb_no_journal: {get_param: MongoDbNoJournal}
1203 mongodb_ipv6: {get_param: MongoDbIPv6}
1204 ntp_servers: {get_param: NtpServer}
1205 timezone: {get_param: TimeZone}
1206 control_virtual_interface: {get_param: ControlVirtualInterface}
1207 public_virtual_interface: {get_param: PublicVirtualInterface}
1208 swift_hash_suffix: {get_param: SwiftHashSuffix}
1209 swift_password: {get_param: SwiftPassword}
1210 swift_part_power: {get_param: SwiftPartPower}
1211 swift_ring_build: {get_param: SwiftRingBuild}
1212 swift_replicas: {get_param: SwiftReplicas}
1213 swift_min_part_hours: {get_param: SwiftMinPartHours}
1214 swift_mount_check: {get_param: SwiftMountCheck}
1215 enable_package_install: {get_param: EnablePackageInstall}
1216 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
1217 sahara_password: {get_param: SaharaPassword}
1221 - - 'mysql://sahara:'
1222 - {get_param: SaharaPassword}
1224 - {get_param: MysqlVirtualIPUri}
1226 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
1227 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1228 cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
1229 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
1230 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
1231 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
1232 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
1233 glance_registry_host: {get_param: GlanceRegistryVirtualIP}
1234 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
1235 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
1236 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
1237 keystone_region: {get_param: KeystoneRegion}
1238 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
1239 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
1240 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
1241 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
1242 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
1243 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
1244 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
1245 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
1246 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
1247 redis_password: {get_param: RedisPassword}
1248 redis_vip: {get_param: RedisVirtualIP}
1249 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
1250 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1251 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
1252 mysql_virtual_ip: {get_param: MysqlVirtualIP}
1253 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
1254 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1255 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1257 # Map heat metadata into hiera datafiles
1259 type: OS::Heat::StructuredConfig
1261 group: os-apply-config
1266 - heat_config_%{::deploy_config_name}
1267 - controller_extraconfig
1272 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
1273 - ceph_cluster # provided by CephClusterConfig
1275 - bootstrap_node # provided by BootstrapNodeConfig
1276 - all_nodes # provided by allNodesConfig
1277 - vip_data # provided by vip-config
1280 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
1281 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
1282 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
1283 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
1284 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
1285 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
1286 - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
1287 - midonet_data #Optionally provided by AllNodesExtraConfig
1288 - neutron_opencontrail_data # Optionally provided by ControllerExtraConfigPre
1290 controller_extraconfig:
1291 mapped_data: {get_param: ControllerExtraConfig}
1293 mapped_data: {get_param: ExtraConfig}
1295 raw_data: {get_file: hieradata/common.yaml}
1297 raw_data: {get_file: hieradata/ceph.yaml}
1299 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
1300 ceph::profile::params::public_network: {get_input: ceph_public_network}
1301 ceph::profile::params::public_addr: {get_input: ceph_public_ip}
1303 raw_data: {get_file: hieradata/database.yaml}
1305 raw_data: {get_file: hieradata/object.yaml}
1307 raw_data: {get_file: hieradata/controller.yaml}
1308 mapped_data: # data supplied directly to this deployment configuration, etc
1309 bootstack_nodeid: {get_input: bootstack_nodeid}
1312 enable_fencing: {get_input: enable_fencing}
1313 enable_load_balancer: {get_input: enable_load_balancer}
1314 hacluster_pwd: {get_input: pcsd_password}
1315 corosync_ipv6: {get_input: corosync_ipv6}
1316 tripleo::fencing::config: {get_input: fencing_config}
1319 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
1320 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
1321 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
1322 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
1323 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
1324 swift::proxy::authtoken::admin_password: {get_input: swift_password}
1325 swift::proxy::workers: {get_input: swift_workers}
1326 tripleo::ringbuilder::build_ring: { get_input: swift_ring_build }
1327 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
1328 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
1329 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
1330 swift_mount_check: {get_input: swift_mount_check}
1333 cinder_enable_db_purge: {get_input: cinder_enable_db_purge}
1334 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
1335 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
1336 cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
1337 cinder_nfs_servers: {get_input: cinder_nfs_servers}
1338 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
1339 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
1340 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
1341 cinder::database_connection: {get_input: cinder_dsn}
1342 cinder::api::keystone_password: {get_input: cinder_password}
1343 cinder::api::auth_uri: {get_input: keystone_auth_uri}
1344 cinder::api::identity_uri: {get_input: keystone_identity_uri}
1345 cinder::api::bind_host: {get_input: cinder_api_network}
1346 cinder::rabbit_userid: {get_input: rabbit_username}
1347 cinder::rabbit_password: {get_input: rabbit_password}
1348 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1349 cinder::rabbit_port: {get_input: rabbit_client_port}
1350 cinder::debug: {get_input: debug}
1351 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
1352 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
1353 cinder_backend_config: {get_input: CinderBackendConfig}
1354 cinder::db::mysql::password: {get_input: cinder_password}
1357 glance::api::bind_port: {get_input: glance_port}
1358 glance::api::bind_host: {get_input: glance_api_network}
1359 glance::api::auth_uri: {get_input: keystone_auth_uri}
1360 glance::api::identity_uri: {get_input: keystone_identity_uri}
1361 glance::api::registry_host: {get_input: glance_registry_host}
1362 glance::api::keystone_password: {get_input: glance_password}
1363 glance::api::debug: {get_input: debug}
1364 glance::api::workers: {get_input: glance_workers}
1365 glance_notifier_strategy: {get_input: glance_notifier_strategy}
1366 glance_log_file: {get_input: glance_log_file}
1367 glance_log_file: {get_input: glance_log_file}
1368 glance::api::database_connection: {get_input: glance_dsn}
1369 glance::registry::keystone_password: {get_input: glance_password}
1370 glance::registry::database_connection: {get_input: glance_dsn}
1371 glance::registry::bind_host: {get_input: glance_registry_network}
1372 glance::registry::auth_uri: {get_input: keystone_auth_uri}
1373 glance::registry::identity_uri: {get_input: keystone_identity_uri}
1374 glance::registry::debug: {get_input: debug}
1375 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_uri}
1376 glance::registry::workers: {get_input: glance_workers}
1377 glance::backend::swift::swift_store_user: service:glance
1378 glance::backend::swift::swift_store_key: {get_input: glance_password}
1379 glance_backend: {get_input: glance_backend}
1380 glance::db::mysql::password: {get_input: glance_password}
1381 glance_file_pcmk_device: {get_input: glance_file_pcmk_device}
1382 glance_file_pcmk_fstype: {get_input: glance_file_pcmk_fstype}
1383 glance_file_pcmk_manage: {get_input: glance_file_pcmk_manage}
1384 glance_file_pcmk_options: {get_input: glance_file_pcmk_options}
1385 glance::notify::rabbitmq::rabbit_userid: {get_input: rabbit_username}
1386 glance::notify::rabbitmq::rabbit_password: {get_input: rabbit_password}
1387 glance::notify::rabbitmq::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1390 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
1391 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
1392 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
1393 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
1394 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
1395 heat::rabbit_userid: {get_input: rabbit_username}
1396 heat::rabbit_password: {get_input: rabbit_password}
1397 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1398 heat::rabbit_port: {get_input: rabbit_client_port}
1399 heat::auth_uri: {get_input: keystone_auth_uri}
1400 heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
1401 heat::identity_uri: {get_input: keystone_identity_uri}
1402 heat::keystone_password: {get_input: heat_password}
1403 heat::api::bind_host: {get_input: heat_api_network}
1404 heat::api::workers: {get_input: heat_workers}
1405 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
1406 heat::api_cloudwatch::workers: {get_input: heat_workers}
1407 heat::api_cfn::bind_host: {get_input: heat_api_network}
1408 heat::api_cfn::workers: {get_input: heat_workers}
1409 heat::database_connection: {get_input: heat_dsn}
1410 heat::debug: {get_input: debug}
1411 heat::db::mysql::password: {get_input: heat_password}
1412 heat_enable_db_purge: {get_input: heat_enable_db_purge}
1413 heat::keystone::domain::domain_password: {get_input: heat_stack_domain_admin_password}
1416 keystone::admin_token: {get_input: admin_token}
1417 keystone::roles::admin::password: {get_input: admin_password}
1418 keystone_ca_certificate: {get_input: keystone_ca_certificate}
1419 keystone_signing_key: {get_input: keystone_signing_key}
1420 keystone_signing_certificate: {get_input: keystone_signing_certificate}
1421 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
1422 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
1423 keystone::database_connection: {get_input: keystone_dsn}
1424 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
1425 keystone::public_bind_host: {get_input: keystone_public_api_network}
1426 keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
1427 keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
1428 keystone::debug: {get_input: debug}
1429 keystone::db::mysql::password: {get_input: admin_token}
1430 keystone::rabbit_userid: {get_input: rabbit_username}
1431 keystone::rabbit_password: {get_input: rabbit_password}
1432 keystone::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1433 keystone::rabbit_port: {get_input: rabbit_client_port}
1434 keystone::notification_driver: {get_input: keystone_notification_driver}
1435 keystone::notification_format: {get_input: keystone_notification_format}
1436 keystone::roles::admin::email: {get_input: admin_email}
1437 keystone::roles::admin::password: {get_input: admin_password}
1438 keystone::endpoint::public_url: {get_input: keystone_public_url}
1439 keystone::endpoint::internal_url: {get_input: keystone_internal_url}
1440 keystone::endpoint::admin_url: {get_input: keystone_identity_uri}
1441 keystone::endpoint::region: {get_input: keystone_region}
1442 keystone::admin_workers: {get_input: keystone_workers}
1443 keystone::public_workers: {get_input: keystone_workers}
1444 keystone_enable_db_purge: {get_input: keystone_enable_db_purge}
1445 keystone::public_endpoint: {get_input: keystone_public_url}
1447 mongodb::server::bind_ip: {get_input: mongo_db_network}
1448 mongodb::server::nojournal: {get_input: mongodb_no_journal}
1449 mongodb::server::ipv6: {get_input: mongodb_ipv6}
1451 admin_password: {get_input: admin_password}
1452 enable_galera: {get_input: enable_galera}
1453 enable_ceph_storage: {get_input: enable_ceph_storage}
1454 enable_swift_storage: {get_input: enable_swift_storage}
1455 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
1456 mysql_max_connections: {get_input: mysql_max_connections}
1457 mysql::server::root_password: {get_input: mysql_root_password}
1458 mysql_cluster_name: {get_input: mysql_cluster_name}
1459 mysql_bind_host: {get_input: mysql_network}
1460 mysql_virtual_ip: {get_input: mysql_virtual_ip}
1463 neutron::bind_host: {get_input: neutron_api_network}
1464 neutron::rabbit_password: {get_input: rabbit_password}
1465 neutron::rabbit_user: {get_input: rabbit_username}
1466 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1467 neutron::rabbit_port: {get_input: rabbit_client_port}
1468 neutron::debug: {get_input: debug}
1469 neutron::server::auth_uri: {get_input: keystone_auth_uri}
1470 neutron::server::identity_uri: {get_input: keystone_identity_uri}
1471 neutron::server::database_connection: {get_input: neutron_dsn}
1472 neutron::server::api_workers: {get_input: neutron_workers}
1473 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
1474 neutron::network_device_mtu: {get_input: neutron_tenant_mtu}
1475 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
1476 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
1477 neutron::agents::dhcp::enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata}
1478 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
1479 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
1480 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1481 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
1482 neutron::agents::metadata::metadata_workers: {get_input: neutron_workers}
1483 neutron_agent_mode: {get_input: neutron_agent_mode}
1484 neutron_router_distributed: {get_input: neutron_router_distributed}
1485 neutron::core_plugin: {get_input: neutron_core_plugin}
1486 neutron::service_plugins: {get_input: neutron_service_plugins}
1487 neutron::enable_dhcp_agent: {get_input: neutron_enable_dhcp_agent}
1488 neutron::enable_l3_agent: {get_input: neutron_enable_l3_agent}
1489 neutron::enable_metadata_agent: {get_input: neutron_enable_metadata_agent}
1490 neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent}
1491 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
1492 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
1493 neutron::plugins::ml2::extension_drivers: {get_input: neutron_plugin_extensions}
1494 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
1495 neutron::server::l3_ha: {get_input: neutron_l3_ha}
1496 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
1497 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
1498 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
1499 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
1500 neutron::agents::ml2::ovs::bridge_mappings: {get_input: neutron_bridge_mappings}
1501 neutron_public_interface: {get_input: neutron_public_interface}
1502 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
1503 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
1504 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
1505 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
1506 neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types}
1507 neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions}
1508 neutron::server::auth_password: {get_input: neutron_password}
1509 neutron::agents::metadata::auth_password: {get_input: neutron_password}
1510 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
1511 neutron_dsn: {get_input: neutron_dsn}
1512 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1513 neutron::db::mysql::password: {get_input: neutron_password}
1514 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
1515 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
1516 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
1517 neutron::keystone::auth::password: {get_input: neutron_password }
1518 neutron::keystone::auth::region: {get_input: keystone_region}
1519 neutron::server::notifications::nova_url: {get_input: nova_internal_url}
1520 neutron::server::notifications::auth_url: {get_input: neutron_auth_url}
1521 neutron::server::notifications::tenant_name: 'service'
1522 neutron::server::notifications::project_name: 'service'
1523 neutron::server::notifications::password: {get_input: nova_password}
1526 ceilometer_backend: {get_input: ceilometer_backend}
1527 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1528 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1529 ceilometer::rabbit_userid: {get_input: rabbit_username}
1530 ceilometer::rabbit_password: {get_input: rabbit_password}
1531 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1532 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1533 ceilometer::debug: {get_input: debug}
1534 ceilometer::api::host: {get_input: ceilometer_api_network}
1535 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1536 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1537 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1538 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1539 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
1540 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1541 ceilometer::agent::notification::store_events: {get_input: ceilometer_store_events}
1542 ceilometer::db::mysql::password: {get_input: ceilometer_password}
1543 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1544 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1547 nova::rabbit_userid: {get_input: rabbit_username}
1548 nova::rabbit_password: {get_input: rabbit_password}
1549 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1550 nova::rabbit_port: {get_input: rabbit_client_port}
1551 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
1552 nova::debug: {get_input: debug}
1553 nova::use_ipv6: {get_input: nova_ipv6}
1554 nova::api::auth_uri: {get_input: keystone_auth_uri}
1555 nova::api::identity_uri: {get_input: keystone_identity_uri}
1556 nova::api::api_bind_address: {get_input: nova_api_network}
1557 nova::api::metadata_listen: {get_input: nova_metadata_network}
1558 nova::api::admin_password: {get_input: nova_password}
1559 nova::api::osapi_compute_workers: {get_input: nova_workers}
1560 nova::api::ec2_workers: {get_input: nova_workers}
1561 nova::api::metadata_workers: {get_input: nova_workers}
1562 nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu}
1563 nova::database_connection: {get_input: nova_dsn}
1564 nova::api_database_connection: {get_input: nova_api_dsn}
1565 nova::glance_api_servers: {get_input: glance_api_servers}
1566 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1567 nova::api::instance_name_template: {get_input: instance_name_template}
1568 nova::network::neutron::neutron_password: {get_input: neutron_password}
1569 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1570 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
1571 nova::vncproxy::host: {get_input: nova_api_network}
1572 nova::db::mysql::password: {get_input: nova_password}
1573 nova::db::mysql_api::password: {get_input: nova_password}
1574 nova_enable_db_purge: {get_input: nova_enable_db_purge}
1577 apache::ip: {get_input: horizon_network}
1578 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1579 horizon::django_debug: {get_input: debug}
1580 horizon::secret_key: {get_input: horizon_secret}
1581 horizon::bind_address: {get_input: horizon_network}
1582 horizon::keystone_url: {get_input: keystone_auth_uri}
1585 sahara::host: {get_input: sahara_api_network}
1593 sahara::admin_password: {get_input: sahara_password}
1594 sahara::auth_uri: {get_input: keystone_auth_uri}
1595 sahara::admin_user: sahara
1596 sahara::identity_uri: {get_input: keystone_identity_uri}
1597 sahara::use_neutron: true
1598 sahara::database_connection: {get_input: sahara_dsn}
1599 sahara::debug: {get_input: debug}
1600 sahara::rpc_backend: rabbit
1601 sahara::rabbit_userid: {get_input: rabbit_username}
1602 sahara::rabbit_password: {get_input: rabbit_password}
1603 sahara::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1604 sahara::rabbit_port: {get_input: rabbit_client_port}
1605 sahara::db::mysql::password: {get_input: sahara_password}
1608 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1609 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1610 rabbitmq::file_limit: {get_input: rabbit_fd_limit}
1611 rabbitmq::default_user: {get_input: rabbit_username}
1612 rabbitmq::default_pass: {get_input: rabbit_password}
1613 rabbit_ipv6: {get_input: rabbit_ipv6}
1615 redis::bind: {get_input: redis_network}
1616 redis::requirepass: {get_input: redis_password}
1617 redis::masterauth: {get_input: redis_password}
1618 redis::sentinel_auth_pass: {get_input: redis_password}
1619 redis_vip: {get_input: redis_vip}
1621 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1622 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1624 memcached::listen_ip: {get_input: memcached_network}
1625 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1626 ntp::servers: {get_input: ntp_servers}
1627 timezone::timezone: {get_input: timezone}
1628 control_virtual_interface: {get_input: control_virtual_interface}
1629 public_virtual_interface: {get_input: public_virtual_interface}
1630 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1631 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1632 tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address}
1633 tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1634 tripleo::packages::enable_install: {get_input: enable_package_install}
1635 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1637 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1638 ControllerExtraConfigPre:
1639 depends_on: ControllerDeployment
1640 type: OS::TripleO::ControllerExtraConfigPre
1642 server: {get_resource: Controller}
1644 # Hook for site-specific additional pre-deployment config,
1645 # applying to all nodes, e.g node registration/unregistration
1647 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1648 type: OS::TripleO::NodeExtraConfig
1650 server: {get_resource: Controller}
1653 type: OS::TripleO::Tasks::PackageUpdate
1656 type: OS::Heat::SoftwareDeployment
1658 name: UpdateDeployment
1659 config: {get_resource: UpdateConfig}
1660 server: {get_resource: Controller}
1663 get_param: UpdateIdentifier
1667 description: IP address of the server in the ctlplane network
1668 value: {get_attr: [Controller, networks, ctlplane, 0]}
1669 external_ip_address:
1670 description: IP address of the server in the external network
1671 value: {get_attr: [ExternalPort, ip_address]}
1672 internal_api_ip_address:
1673 description: IP address of the server in the internal_api network
1674 value: {get_attr: [InternalApiPort, ip_address]}
1676 description: IP address of the server in the storage network
1677 value: {get_attr: [StoragePort, ip_address]}
1678 storage_mgmt_ip_address:
1679 description: IP address of the server in the storage_mgmt network
1680 value: {get_attr: [StorageMgmtPort, ip_address]}
1682 description: IP address of the server in the tenant network
1683 value: {get_attr: [TenantPort, ip_address]}
1684 management_ip_address:
1685 description: IP address of the server in the management network
1686 value: {get_attr: [ManagementPort, ip_address]}
1688 description: Hostname of the server
1689 value: {get_attr: [Controller, name]}
1692 Node object in the format {ip: ..., name: ...} format that the corosync
1695 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1696 name: {get_attr: [Controller, name]}
1699 Server's IP address and hostname in the /etc/hosts format
1703 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
1704 EXTERNALIP EXTERNALHOST
1705 INTERNAL_APIIP INTERNAL_APIHOST
1706 STORAGEIP STORAGEHOST
1707 STORAGE_MGMTIP STORAGE_MGMTHOST
1709 MANAGEMENTIP MANAGEMENTHOST
1711 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1712 DOMAIN: {get_param: CloudDomain}
1713 PRIMARYHOST: {get_attr: [Controller, name]}
1714 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
1718 - - {get_attr: [Controller, name]}
1720 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
1724 - - {get_attr: [Controller, name]}
1726 STORAGEIP: {get_attr: [StoragePort, ip_address]}
1730 - - {get_attr: [Controller, name]}
1732 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
1736 - - {get_attr: [Controller, name]}
1738 TENANTIP: {get_attr: [TenantPort, ip_address]}
1742 - - {get_attr: [Controller, name]}
1744 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
1748 - - {get_attr: [Controller, name]}
1750 nova_server_resource:
1751 description: Heat resource handle for the Nova compute server
1753 {get_resource: Controller}
1755 description: Swift device formatted for swift-ring-builder
1758 template: 'r1z1-IP:%PORT%/d1'
1760 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1761 swift_proxy_memcache:
1762 description: Swift proxy-memcache value
1765 template: "IP:11211"
1767 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1769 description: identifier which changes if the controller configuration may need re-applying
1773 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1774 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1775 - {get_attr: [NodeTLSData, deploy_stdout]}
1776 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1777 - {get_param: UpdateIdentifier}
1778 tls_key_modulus_md5:
1779 description: MD5 checksum of the TLS Key Modulus
1780 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1781 tls_cert_modulus_md5:
1782 description: MD5 checksum of the TLS Certificate Modulus
1783 value: {get_attr: [NodeTLSData, cert_modulus_md5]}