1 heat_template_version: 2015-10-15
4 OpenStack controller node configured by Puppet.
8 default: 'admin@example.com'
9 description: The email for the keystone admin account.
13 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
17 description: The keystone auth secret and db password.
20 CeilometerApiVirtualIP:
25 description: The ceilometer backend type.
27 CeilometerMeteringSecret:
28 description: Secret shared by the ceilometer services.
32 description: The password for the ceilometer service and db account.
40 description: Number of workers for Ceilometer service.
45 Whether to create cron job for purging soft deleted rows in Cinder database.
47 CinderEnableNfsBackend:
49 description: Whether to enable or not the NFS backend for Cinder
51 CinderEnableIscsiBackend:
53 description: Whether to enable or not the Iscsi backend for Cinder
55 CinderEnableRbdBackend:
57 description: Whether to enable or not the Rbd backend for Cinder
61 description: The iSCSI helper to use with cinder.
63 CinderLVMLoopDeviceSize:
65 description: The size of the loopback file used by the cinder LVM driver.
67 CinderNfsMountOptions:
70 Mount options for NFS mounts used by Cinder NFS backend. Effective
71 when CinderEnableNfsBackend is true.
76 NFS servers used by Cinder NFS backend. Effective when
77 CinderEnableNfsBackend is true.
78 type: comma_delimited_list
80 description: The password for the cinder service and db account, used by cinder-api.
85 description: Contains parameters to configure Cinder backends. Typically
86 set via parameter_defaults in the resource registry.
90 description: Number of workers for Cinder service.
94 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
96 ControllerExtraConfig:
99 Controller specific hiera configuration data to inject into the cluster.
104 A network mapped list of IPs to assign to Controllers in the following form:
106 "internal_api": ["a.b.c.d", "e.f.g.h"],
110 ControlVirtualInterface:
112 description: Interface where virtual ip will be assigned.
116 description: Set to True to enable debugging on all services.
120 description: Whether to enable fencing in Pacemaker or not.
124 description: Whether to use Galera instead of regular MariaDB.
128 description: Whether to deploy a LoadBalancer on the Controller
132 description: Whether to deploy Ceph Storage (OSD) on the Controller
136 description: Whether to enable Swift Storage on the Controller
141 Additional hieradata to inject into the cluster, note that
142 ControllerExtraConfig takes precedence over ExtraConfig.
147 Pacemaker fencing configuration. The JSON should have
148 the following structure:
152 "agent": "AGENT_NAME",
153 "host_mac": "HOST_MAC_ADDRESS",
154 "params": {"PARAM_NAME": "PARAM_VALUE"}
162 "agent": "fence_xvm",
163 "host_mac": "52:54:00:aa:bb:cc",
165 "multicast_address": "225.0.0.12",
166 "port": "baremetal_0",
168 "manage_key_file": true,
169 "key_file": "/etc/fence_xvm.key",
170 "key_file_password": "abcdef"
177 description: Flavor for control nodes to request when deploying.
180 - custom_constraint: nova.flavor
181 GlanceNotifierStrategy:
182 description: Strategy to use for Glance notification queue
186 description: The filepath of the file to use for logging messages from Glance.
190 description: The password for the glance service and db account, used by the glance services.
195 description: The short name of the Glance backend to use. Should be one
196 of swift, rbd, or file
199 - allowed_values: ['swift', 'file', 'rbd']
200 GlanceFilePcmkDevice:
203 An exported storage device that should be mounted by Pacemaker
204 as Glance storage. Effective when GlanceFilePcmkManage is true.
206 GlanceFilePcmkFstype:
209 Filesystem type for Pacemaker mount used as Glance storage.
210 Effective when GlanceFilePcmkManage is true.
212 GlanceFilePcmkManage:
215 Whether to make Glance file backend a mount managed by Pacemaker.
216 Effective when GlanceBackend is 'file'.
218 GlanceFilePcmkOptions:
221 Mount options for Pacemaker mount used as Glance storage.
222 Effective when GlanceFilePcmkManage is true.
224 HAProxySyslogAddress:
226 description: Syslog address where HAproxy will send its log
230 description: Number of workers for Glance service.
233 description: The password for the Heat service and db account, used by the Heat services.
236 HeatStackDomainAdminPassword:
237 description: Password for heat_domain_admin user.
240 HeatAuthEncryptionKey:
241 description: Auth encryption key for heat-engine
246 description: A list of IP/Hostname allowed to connect to horizon
247 type: comma_delimited_list
250 description: Number of workers for Heat service.
253 description: Secret key for Django
258 default: overcloud-control
260 - custom_constraint: glance.image
262 default: 'REBUILD_PRESERVE_EPHEMERAL'
263 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
265 InstanceNameTemplate:
266 default: 'instance-%08x'
267 description: Template string to be used to generate instance names
271 description: Name of an existing Nova key pair to enable SSH access to the instances
274 - custom_constraint: nova.keypair
275 KeystoneCACertificate:
277 description: Keystone self-signed certificate authority certificate.
279 KeystoneSigningCertificate:
281 description: Keystone certificate for verifying token validity.
285 description: Keystone key for signing tokens.
288 KeystoneSSLCertificate:
290 description: Keystone certificate for verifying token validity.
292 KeystoneSSLCertificateKey:
294 description: Keystone key for signing tokens.
297 KeystoneNotificationDriver:
298 description: Comma-separated list of Oslo notification drivers used by Keystone
299 default: ['messaging']
300 type: comma_delimited_list
301 KeystoneNotificationFormat:
302 description: The Keystone notification format
306 - allowed_values: [ 'basic', 'cadf' ]
310 description: Keystone region for endpoint
313 description: Whether to manage IPtables rules.
317 description: Whether IPtables rules should be purged before setting up the new ones.
321 description: Number of workers for Keystone service.
323 MysqlClusterUniquePart:
324 description: A unique identifier of the MySQL cluster the controller is in.
326 default: 'unset' # Has to be here because of the ignored empty value bug
327 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
329 # - length: {min: 4, max: 10}
330 MysqlInnodbBufferPoolSize:
332 Specifies the size of the buffer pool in megabytes. Setting to
333 zero should be interpreted as "no value" and will defer to the
338 description: Configures MySQL max_connections config setting
344 default: '' # Has to be here because of the ignored empty value bug
345 NeutronExternalNetworkBridge:
346 description: Name of bridge used for external network traffic.
349 NeutronBridgeMappings:
351 The OVS logical->physical bridge mappings to use. See the Neutron
352 documentation for details. Defaults to mapping br-ex - the external
353 bridge on hosts - to a physical name 'datacentre' which can be used
354 to create provider networks (and we use this for the default floating
355 network) - if changing this either use different post-install network
356 scripts or be sure to keep 'datacentre' as a mapping network name.
357 type: comma_delimited_list
358 default: "datacentre:br-ex"
359 NeutronDnsmasqOptions:
360 default: 'dhcp-option-force=26,1400'
361 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
363 NeutronEnableDHCPAgent:
364 description: Knob to enable/disable DHCP Agent
367 NeutronEnableL3Agent:
368 description: Knob to enable/disable L3 agent
371 NeutronEnableMetadataAgent:
372 description: Knob to enable/disable Metadata agent
375 NeutronEnableOVSAgent:
376 description: Knob to enable/disable OVS Agent
381 description: Agent mode for the neutron-l3-agent on the controller hosts
385 description: Whether to enable l3-agent HA
387 NeutronDhcpAgentsPerNetwork:
390 description: The number of neutron dhcp agents to schedule per network
393 description: Whether to configure Neutron Distributed Virtual Routers
395 NeutronMetadataProxySharedSecret:
396 description: Shared secret to prevent spoofing
402 The core plugin for Neutron. The value should be the entrypoint to be loaded
403 from neutron.core_plugins namespace.
405 NeutronServicePlugins:
406 default: "router,qos"
408 Comma-separated list of service plugin entrypoints to be loaded from the
409 neutron.service_plugins namespace.
410 type: comma_delimited_list
412 default: "vxlan,vlan,flat,gre"
414 Comma-separated list of network type driver entrypoints to be loaded.
415 type: comma_delimited_list
416 NeutronMechanismDrivers:
417 default: 'openvswitch'
419 The mechanism drivers for the Neutron tenant network.
420 type: comma_delimited_list
421 NeutronAllowL3AgentFailover:
423 description: Allow automatic l3-agent failover
425 NeutronEnableIsolatedMetadata:
427 description: If True, DHCP provide metadata route to VM.
429 NeutronEnableTunnelling:
435 Enable/disable the L2 population feature in the Neutron agents.
438 type: comma_delimited_list
439 default: 'datacentre'
440 description: If set, flat networks to configure in neutron plugins.
443 description: Whether to enable l3-agent HA
447 description: The tenant network type for Neutron.
448 type: comma_delimited_list
449 NeutronNetworkVLANRanges:
450 default: 'datacentre:1:1000'
452 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
453 Neutron documentation for permitted values. Defaults to permitting any
454 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
455 type: comma_delimited_list
457 description: The password for the neutron service and db account, used by neutron agents.
460 NeutronPublicInterface:
462 description: What interface to bridge onto br-ex for network nodes.
464 NeutronPublicInterfaceTag:
467 VLAN tag for creating a public VLAN. The tag will be used to
468 create an access port on the exterior bridge for each control plane node,
469 and that port will be given the IP address returned by neutron from the
470 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
471 overcloud.yaml to include the deployment of VLAN ports to the control
474 NeutronPublicInterfaceDefaultRoute:
476 description: A custom default route for the NeutronPublicInterface.
478 NeutronPublicInterfaceIP:
480 description: A custom IP address to put onto the NeutronPublicInterface.
482 NeutronPublicInterfaceRawDevice:
484 description: If set, the public interface is a vlan with this device as the raw device.
489 The tunnel types for the Neutron tenant network.
490 type: comma_delimited_list
491 NeutronTunnelIdRanges:
493 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
494 of GRE tunnel IDs that are available for tenant network allocation
495 default: ["1:1000", ]
496 type: comma_delimited_list
499 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
500 of VXLAN VNI IDs that are available for tenant network allocation
501 default: ["1:1000", ]
502 type: comma_delimited_list
503 NeutronPluginExtensions:
506 Comma-separated list of extensions enabled for the Neutron plugin.
507 type: comma_delimited_list
508 NeutronAgentExtensions:
511 Comma-separated list of extensions enabled for the Neutron agents.
512 type: comma_delimited_list
518 description: Number of workers for Neutron service.
523 Whether to create cron job for purging soft deleted rows in Nova database.
526 description: The password for the nova service and db account, used by nova-api.
531 description: Number of workers for Nova service.
535 description: Should MongoDb journaling be disabled
539 description: Comma-separated list of ntp servers
540 type: comma_delimited_list
543 description: The password for the 'pcsd' user.
545 PublicVirtualInterface:
548 Specifies the interface where the public-facing virtual ip will be assigned.
549 This should be int_public when a VLAN is being used.
553 default: '' # Has to be here because of the ignored empty value bug
556 default: '' # Has to be here because of the ignored empty value bug
560 description: The password for RabbitMQ
565 description: The username for RabbitMQ
570 Rabbit client subscriber parameter to specify
571 an SSL connection to the RabbitMQ host.
575 description: Set rabbit subscriber port, change this if using SSL
579 description: Configures RabbitMQ FD limit
583 default: '' # Has to be here because of the ignored empty value bug
584 SnmpdReadonlyUserName:
585 default: ro_snmp_user
586 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
588 SnmpdReadonlyUserPassword:
589 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
593 description: A random string to be used as a salt when hashing to determine mappings
599 description: Value of mount_check in Swift account/container/object -server.conf
604 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
607 description: Partition Power to use when building Swift rings
610 description: The password for the swift service account, used by the swift proxy
620 description: How many replicas to use in the swift rings.
623 description: Number of workers for Swift service.
627 description: The timezone to be set on controller nodes.
629 VirtualIP: # DEPRECATED: use per service settings instead
631 default: '' # Has to be here because of the ignored empty value bug
638 GlanceRegistryVirtualIP:
644 KeystoneAdminApiVirtualIP:
647 KeystonePublicApiVirtualIP:
653 EnablePackageInstall:
655 description: Set to true to enable package installation via Puppet
659 description: Mapping of service_name -> network name. Typically set
660 via parameter_defaults in the resource registry.
664 description: Mapping of service endpoint -> protocol. Typically set
665 via parameter_defaults in the resource registry.
671 Setting to a previously unused value during stack-update will trigger
672 package update on all nodes
675 default: '' # Defaults to Heat created hostname
676 NetworkDeploymentActions:
677 type: comma_delimited_list
679 Heat action when to apply network configuration changes
684 SoftwareConfigTransport:
685 default: POLL_SERVER_CFN
687 How the server should receive the metadata required for software configuration.
690 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
695 The DNS domain used for the hosts. This should match the dhcp_domain
696 configured in the Undercloud neutron. Defaults to localdomain.
700 Extra properties or metadata passed to Nova for the created nodes in
701 the overcloud. It's accessible via the Nova metadata API.
705 description: Optional scheduler hints to pass to nova
711 type: OS::Nova::Server
713 image: {get_param: Image}
714 image_update_policy: {get_param: ImageUpdatePolicy}
715 flavor: {get_param: Flavor}
716 key_name: {get_param: KeyName}
719 user_data_format: SOFTWARE_CONFIG
720 user_data: {get_resource: UserData}
721 name: {get_param: Hostname}
722 software_config_transport: {get_param: SoftwareConfigTransport}
723 metadata: {get_param: ServerMetadata}
724 scheduler_hints: {get_param: SchedulerHints}
726 # Combine the NodeAdminUserData and NodeUserData mime archives
728 type: OS::Heat::MultipartMime
731 - config: {get_resource: NodeAdminUserData}
733 - config: {get_resource: NodeUserData}
736 # Creates the "heat-admin" user if configured via the environment
737 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
739 type: OS::TripleO::NodeAdminUserData
741 # For optional operator additional userdata
742 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
744 type: OS::TripleO::NodeUserData
747 type: OS::TripleO::Controller::Ports::ExternalPort
749 IPPool: {get_param: ControllerIPs}
750 NodeIndex: {get_param: NodeIndex}
751 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
754 type: OS::TripleO::Controller::Ports::InternalApiPort
756 IPPool: {get_param: ControllerIPs}
757 NodeIndex: {get_param: NodeIndex}
758 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
761 type: OS::TripleO::Controller::Ports::StoragePort
763 IPPool: {get_param: ControllerIPs}
764 NodeIndex: {get_param: NodeIndex}
765 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
768 type: OS::TripleO::Controller::Ports::StorageMgmtPort
770 IPPool: {get_param: ControllerIPs}
771 NodeIndex: {get_param: NodeIndex}
772 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
775 type: OS::TripleO::Controller::Ports::TenantPort
777 IPPool: {get_param: ControllerIPs}
778 NodeIndex: {get_param: NodeIndex}
779 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
782 type: OS::TripleO::Controller::Ports::ManagementPort
784 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
787 type: OS::TripleO::Network::Ports::NetIpMap
789 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
790 ExternalIp: {get_attr: [ExternalPort, ip_address]}
791 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
792 StorageIp: {get_attr: [StoragePort, ip_address]}
793 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
794 TenantIp: {get_attr: [TenantPort, ip_address]}
795 ManagementIp: {get_attr: [ManagementPort, ip_address]}
798 type: OS::TripleO::Network::Ports::NetIpSubnetMap
800 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
801 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
802 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
803 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
804 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
805 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
806 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
809 type: OS::TripleO::Controller::Net::SoftwareConfig
811 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
812 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
813 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
814 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
815 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
816 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
817 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
820 type: OS::TripleO::SoftwareDeployment
822 config: {get_resource: NetworkConfig}
823 server: {get_resource: Controller}
824 actions: {get_param: NetworkDeploymentActions}
827 interface_name: {get_param: NeutronPublicInterface}
829 # Resource for site-specific injection of root certificate
831 depends_on: NetworkDeployment
832 type: OS::TripleO::NodeTLSCAData
834 server: {get_resource: Controller}
836 # Resource for site-specific passing of private keys/certificates
838 depends_on: NodeTLSCAData
839 type: OS::TripleO::NodeTLSData
841 server: {get_resource: Controller}
842 NodeIndex: {get_param: NodeIndex}
844 ControllerDeployment:
845 type: OS::TripleO::SoftwareDeployment
846 depends_on: NetworkDeployment
848 config: {get_resource: ControllerConfig}
849 server: {get_resource: Controller}
851 bootstack_nodeid: {get_attr: [Controller, name]}
852 ceilometer_workers: {get_param: CeilometerWorkers}
853 cinder_workers: {get_param: CinderWorkers}
854 glance_workers: {get_param: GlanceWorkers}
855 heat_workers: {get_param: HeatWorkers}
856 keystone_workers: {get_param: KeystoneWorkers}
857 nova_workers: {get_param: NovaWorkers}
858 neutron_workers: {get_param: NeutronWorkers}
859 swift_workers: {get_param: SwiftWorkers}
860 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
861 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
862 neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
863 haproxy_log_address: {get_param: HAProxySyslogAddress}
864 heat.watch_server_url:
868 - {get_param: HeatApiVirtualIP}
870 heat.metadata_server_url:
874 - {get_param: HeatApiVirtualIP}
876 heat.waitcondition_server_url:
880 - {get_param: HeatApiVirtualIP}
881 - ':8000/v1/waitcondition'
882 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
883 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
884 horizon_secret: {get_param: HorizonSecret}
885 admin_email: {get_param: AdminEmail}
886 admin_password: {get_param: AdminPassword}
887 admin_token: {get_param: AdminToken}
888 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
889 debug: {get_param: Debug}
890 cinder_enable_db_purge: {get_param: CinderEnableDBPurge}
891 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
892 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
893 cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
898 SERVERS: {get_param: CinderNfsServers}
899 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
900 cinder_password: {get_param: CinderPassword}
901 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
902 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
903 cinder_backend_config: {get_param: CinderBackendConfig}
907 - - 'mysql://cinder:'
908 - {get_param: CinderPassword}
910 - {get_param: MysqlVirtualIP}
912 glance_port: {get_param: [EndpointMap, GlanceInternal, port]}
913 glance_password: {get_param: GlancePassword}
914 glance_backend: {get_param: GlanceBackend}
915 glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice}
916 glance_file_pcmk_fstype: {get_param: GlanceFilePcmkFstype}
917 glance_file_pcmk_manage: {get_param: GlanceFilePcmkManage}
918 glance_file_pcmk_options: {get_param: GlanceFilePcmkOptions}
919 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
920 glance_log_file: {get_param: GlanceLogFile}
924 - - 'mysql://glance:'
925 - {get_param: GlancePassword}
927 - {get_param: MysqlVirtualIP}
929 heat_password: {get_param: HeatPassword}
930 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
935 - {get_param: HeatPassword}
937 - {get_param: MysqlVirtualIP}
939 keystone_ca_certificate: {get_param: KeystoneCACertificate}
940 keystone_signing_key: {get_param: KeystoneSigningKey}
941 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
942 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
943 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
944 keystone_notification_driver: {get_param: KeystoneNotificationDriver}
945 keystone_notification_format: {get_param: KeystoneNotificationFormat}
949 - - 'mysql://keystone:'
950 - {get_param: AdminToken}
952 - {get_param: MysqlVirtualIP}
954 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
955 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
956 keystone_public_url: { get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
957 keystone_internal_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
958 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
959 enable_fencing: {get_param: EnableFencing}
960 enable_galera: {get_param: EnableGalera}
961 enable_load_balancer: {get_param: EnableLoadBalancer}
962 enable_ceph_storage: {get_param: EnableCephStorage}
963 enable_swift_storage: {get_param: EnableSwiftStorage}
964 manage_firewall: {get_param: ManageFirewall}
965 purge_firewall_rules: {get_param: PurgeFirewallRules}
966 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
967 mysql_max_connections: {get_param: MysqlMaxConnections}
968 mysql_root_password: {get_param: MysqlRootPassword}
971 template: tripleo-CLUSTER
973 CLUSTER: {get_param: MysqlClusterUniquePart}
974 neutron_flat_networks:
978 NETWORKS: {get_param: NeutronFlatNetworks}
979 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
980 neutron_agent_mode: {get_param: NeutronAgentMode}
981 neutron_router_distributed: {get_param: NeutronDVR}
982 neutron_core_plugin: {get_param: NeutronCorePlugin}
983 neutron_service_plugins:
987 PLUGINS: {get_param: NeutronServicePlugins}
988 neutron_type_drivers:
992 DRIVERS: {get_param: NeutronTypeDrivers}
993 neutron_enable_dhcp_agent: {get_param: NeutronEnableDHCPAgent}
994 neutron_enable_l3_agent: {get_param: NeutronEnableL3Agent}
995 neutron_enable_metadata_agent: {get_param: NeutronEnableMetadataAgent}
996 neutron_enable_ovs_agent: {get_param: NeutronEnableOVSAgent}
997 neutron_mechanism_drivers:
1001 MECHANISMS: {get_param: NeutronMechanismDrivers}
1002 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
1003 neutron_l3_ha: {get_param: NeutronL3HA}
1004 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
1005 neutron_network_vlan_ranges:
1009 RANGES: {get_param: NeutronNetworkVLANRanges}
1010 neutron_bridge_mappings:
1014 MAPPINGS: {get_param: NeutronBridgeMappings}
1015 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
1016 neutron_public_interface: {get_param: NeutronPublicInterface}
1017 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
1018 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
1019 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
1020 neutron_tunnel_id_ranges:
1024 RANGES: {get_param: NeutronTunnelIdRanges}
1029 RANGES: {get_param: NeutronVniRanges}
1030 neutron_tenant_network_types:
1034 TYPES: {get_param: NeutronNetworkType}
1035 neutron_tunnel_types:
1039 TYPES: {get_param: NeutronTunnelTypes}
1040 neutron_plugin_extensions:
1042 template: PLUGIN_EXTENSIONS
1044 PLUGIN_EXTENSIONS: {get_param: NeutronPluginExtensions}
1045 neutron_agent_extensions:
1047 template: AGENT_EXTENSIONS
1049 AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
1050 neutron_password: {get_param: NeutronPassword}
1051 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
1055 - - 'mysql://neutron:'
1056 - {get_param: NeutronPassword}
1058 - {get_param: MysqlVirtualIP}
1059 - '/ovs_neutron?charset=utf8'
1060 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
1061 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
1062 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
1063 neutron_admin_auth_url: { get_param: [ EndpointMap, KeystoneAdmin, uri ] }
1064 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
1065 ceilometer_backend: {get_param: CeilometerBackend}
1066 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
1067 ceilometer_password: {get_param: CeilometerPassword}
1068 ceilometer_coordination_url:
1072 - {get_param: RedisVirtualIP}
1077 - - 'mysql://ceilometer:'
1078 - {get_param: CeilometerPassword}
1080 - {get_param: MysqlVirtualIP}
1082 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
1083 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
1084 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
1085 nova_password: {get_param: NovaPassword}
1090 - {get_param: NovaPassword}
1092 - {get_param: MysqlVirtualIP}
1094 instance_name_template: {get_param: InstanceNameTemplate}
1095 fencing_config: {get_param: FencingConfig}
1096 pcsd_password: {get_param: PcsdPassword}
1097 rabbit_username: {get_param: RabbitUserName}
1098 rabbit_password: {get_param: RabbitPassword}
1099 rabbit_cookie: {get_param: RabbitCookie}
1100 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
1101 rabbit_client_port: {get_param: RabbitClientPort}
1102 mongodb_no_journal: {get_param: MongoDbNoJournal}
1103 # We need to force this into quotes or hiera will return integer causing
1104 # the puppet module validation regexp to fail.
1105 # Remove when: https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/401
1110 LIMIT: {get_param: RabbitFDLimit}
1111 ntp_servers: {get_param: NtpServer}
1112 timezone: {get_param: TimeZone}
1113 control_virtual_interface: {get_param: ControlVirtualInterface}
1114 public_virtual_interface: {get_param: PublicVirtualInterface}
1115 swift_hash_suffix: {get_param: SwiftHashSuffix}
1116 swift_password: {get_param: SwiftPassword}
1117 swift_part_power: {get_param: SwiftPartPower}
1118 swift_replicas: {get_param: SwiftReplicas}
1119 swift_min_part_hours: {get_param: SwiftMinPartHours}
1120 swift_mount_check: {get_param: SwiftMountCheck}
1121 enable_package_install: {get_param: EnablePackageInstall}
1122 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
1123 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
1124 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1125 cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
1126 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
1127 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
1128 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
1129 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
1130 glance_registry_host: {get_param: GlanceRegistryVirtualIP}
1131 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
1132 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
1133 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
1134 keystone_region: {get_param: KeystoneRegion}
1135 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
1136 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
1137 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
1138 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
1139 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
1140 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
1141 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
1142 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
1143 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
1144 redis_vip: {get_param: RedisVirtualIP}
1145 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1146 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
1147 mysql_virtual_ip: {get_param: MysqlVirtualIP}
1148 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
1149 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1150 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1152 # Map heat metadata into hiera datafiles
1154 type: OS::Heat::StructuredConfig
1156 group: os-apply-config
1161 - heat_config_%{::deploy_config_name}
1162 - controller_extraconfig
1167 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
1168 - ceph_cluster # provided by CephClusterConfig
1170 - bootstrap_node # provided by BootstrapNodeConfig
1171 - all_nodes # provided by allNodesConfig
1172 - vip_data # provided by vip-config
1175 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
1176 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
1177 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
1178 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
1179 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
1180 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
1181 - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
1182 - midonet_data #Optionally provided by AllNodesExtraConfig
1184 controller_extraconfig:
1185 mapped_data: {get_param: ControllerExtraConfig}
1187 mapped_data: {get_param: ExtraConfig}
1189 raw_data: {get_file: hieradata/common.yaml}
1191 raw_data: {get_file: hieradata/ceph.yaml}
1193 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
1194 ceph::profile::params::public_network: {get_input: ceph_public_network}
1195 ceph::mon::public_addr: {get_input: ceph_public_ip}
1197 raw_data: {get_file: hieradata/database.yaml}
1199 raw_data: {get_file: hieradata/object.yaml}
1201 raw_data: {get_file: hieradata/controller.yaml}
1202 mapped_data: # data supplied directly to this deployment configuration, etc
1203 bootstack_nodeid: {get_input: bootstack_nodeid}
1206 enable_fencing: {get_input: enable_fencing}
1207 enable_load_balancer: {get_input: enable_load_balancer}
1208 hacluster_pwd: {get_input: pcsd_password}
1209 tripleo::fencing::config: {get_input: fencing_config}
1212 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
1213 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
1214 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
1215 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
1216 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
1217 swift::proxy::authtoken::admin_password: {get_input: swift_password}
1218 swift::proxy::workers: {get_input: swift_workers}
1219 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
1220 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
1221 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
1222 swift_mount_check: {get_input: swift_mount_check}
1224 # NOTE(dprince): build_ring support is currently not wired in.
1225 # See: https://review.openstack.org/#/c/109225/
1226 tripleo::ringbuilder::build_ring: True
1229 cinder_enable_db_purge: {get_input: cinder_enable_db_purge}
1230 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
1231 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
1232 cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
1233 cinder_nfs_servers: {get_input: cinder_nfs_servers}
1234 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
1235 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
1236 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
1237 cinder::database_connection: {get_input: cinder_dsn}
1238 cinder::api::keystone_password: {get_input: cinder_password}
1239 cinder::api::auth_uri: {get_input: keystone_auth_uri}
1240 cinder::api::identity_uri: {get_input: keystone_identity_uri}
1241 cinder::api::bind_host: {get_input: cinder_api_network}
1242 cinder::rabbit_userid: {get_input: rabbit_username}
1243 cinder::rabbit_password: {get_input: rabbit_password}
1244 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1245 cinder::rabbit_port: {get_input: rabbit_client_port}
1246 cinder::debug: {get_input: debug}
1247 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
1248 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
1249 cinder_backend_config: {get_input: CinderBackendConfig}
1250 cinder::db::mysql::password: {get_input: cinder_password}
1253 glance::api::bind_port: {get_input: glance_port}
1254 glance::api::bind_host: {get_input: glance_api_network}
1255 glance::api::auth_uri: {get_input: keystone_auth_uri}
1256 glance::api::identity_uri: {get_input: keystone_identity_uri}
1257 glance::api::registry_host: {get_input: glance_registry_host}
1258 glance::api::keystone_password: {get_input: glance_password}
1259 glance::api::debug: {get_input: debug}
1260 glance::api::workers: {get_input: glance_workers}
1261 glance_notifier_strategy: {get_input: glance_notifier_strategy}
1262 glance_log_file: {get_input: glance_log_file}
1263 glance_log_file: {get_input: glance_log_file}
1264 glance::api::database_connection: {get_input: glance_dsn}
1265 glance::registry::keystone_password: {get_input: glance_password}
1266 glance::registry::database_connection: {get_input: glance_dsn}
1267 glance::registry::bind_host: {get_input: glance_registry_network}
1268 glance::registry::auth_uri: {get_input: keystone_auth_uri}
1269 glance::registry::identity_uri: {get_input: keystone_identity_uri}
1270 glance::registry::debug: {get_input: debug}
1271 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_uri}
1272 glance::registry::workers: {get_input: glance_workers}
1273 glance::backend::swift::swift_store_user: service:glance
1274 glance::backend::swift::swift_store_key: {get_input: glance_password}
1275 glance_backend: {get_input: glance_backend}
1276 glance::db::mysql::password: {get_input: glance_password}
1277 glance_file_pcmk_device: {get_input: glance_file_pcmk_device}
1278 glance_file_pcmk_fstype: {get_input: glance_file_pcmk_fstype}
1279 glance_file_pcmk_manage: {get_input: glance_file_pcmk_manage}
1280 glance_file_pcmk_options: {get_input: glance_file_pcmk_options}
1283 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
1284 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
1285 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
1286 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
1287 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
1288 heat::rabbit_userid: {get_input: rabbit_username}
1289 heat::rabbit_password: {get_input: rabbit_password}
1290 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1291 heat::rabbit_port: {get_input: rabbit_client_port}
1292 heat::auth_uri: {get_input: keystone_auth_uri}
1293 heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
1294 heat::identity_uri: {get_input: keystone_identity_uri}
1295 heat::keystone_password: {get_input: heat_password}
1296 heat::api::bind_host: {get_input: heat_api_network}
1297 heat::api::workers: {get_input: heat_workers}
1298 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
1299 heat::api_cloudwatch::workers: {get_input: heat_workers}
1300 heat::api_cfn::bind_host: {get_input: heat_api_network}
1301 heat::api_cfn::workers: {get_input: heat_workers}
1302 heat::database_connection: {get_input: heat_dsn}
1303 heat::debug: {get_input: debug}
1304 heat::db::mysql::password: {get_input: heat_password}
1307 keystone::admin_token: {get_input: admin_token}
1308 keystone_ca_certificate: {get_input: keystone_ca_certificate}
1309 keystone_signing_key: {get_input: keystone_signing_key}
1310 keystone_signing_certificate: {get_input: keystone_signing_certificate}
1311 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
1312 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
1313 keystone::database_connection: {get_input: keystone_dsn}
1314 keystone::public_bind_host: {get_input: keystone_public_api_network}
1315 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
1316 keystone::debug: {get_input: debug}
1317 keystone::db::mysql::password: {get_input: admin_token}
1318 keystone::rabbit_userid: {get_input: rabbit_username}
1319 keystone::rabbit_password: {get_input: rabbit_password}
1320 keystone::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1321 keystone::rabbit_port: {get_input: rabbit_client_port}
1322 keystone::notification_driver: {get_input: keystone_notification_driver}
1323 keystone::notification_format: {get_input: keystone_notification_format}
1324 keystone::roles::admin::email: {get_input: admin_email}
1325 keystone::roles::admin::password: {get_input: admin_password}
1326 keystone::endpoint::public_url: {get_input: keystone_public_url}
1327 keystone::endpoint::internal_url: {get_input: keystone_internal_url}
1328 keystone::endpoint::admin_url: {get_input: keystone_identity_uri}
1329 keystone::endpoint::region: {get_input: keystone_region}
1330 keystone::admin_workers: {get_input: keystone_workers}
1331 keystone::public_workers: {get_input: keystone_workers}
1334 mongodb::server::bind_ip: {get_input: mongo_db_network}
1335 mongodb::server::nojournal: {get_input: mongodb_no_journal}
1337 admin_password: {get_input: admin_password}
1338 enable_galera: {get_input: enable_galera}
1339 enable_ceph_storage: {get_input: enable_ceph_storage}
1340 enable_swift_storage: {get_input: enable_swift_storage}
1341 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
1342 mysql_max_connections: {get_input: mysql_max_connections}
1343 mysql::server::root_password: {get_input: mysql_root_password}
1344 mysql_cluster_name: {get_input: mysql_cluster_name}
1345 mysql_bind_host: {get_input: mysql_network}
1346 mysql_virtual_ip: {get_input: mysql_virtual_ip}
1349 neutron::bind_host: {get_input: neutron_api_network}
1350 neutron::rabbit_password: {get_input: rabbit_password}
1351 neutron::rabbit_user: {get_input: rabbit_username}
1352 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1353 neutron::rabbit_port: {get_input: rabbit_client_port}
1354 neutron::debug: {get_input: debug}
1355 neutron::server::auth_uri: {get_input: keystone_auth_uri}
1356 neutron::server::identity_uri: {get_input: keystone_identity_uri}
1357 neutron::server::database_connection: {get_input: neutron_dsn}
1358 neutron::server::api_workers: {get_input: neutron_workers}
1359 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
1360 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
1361 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
1362 neutron::agents::dhcp::enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata}
1363 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
1364 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
1365 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1366 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
1367 neutron::agents::metadata::metadata_workers: {get_input: neutron_workers}
1368 neutron_agent_mode: {get_input: neutron_agent_mode}
1369 neutron_router_distributed: {get_input: neutron_router_distributed}
1370 neutron::core_plugin: {get_input: neutron_core_plugin}
1371 neutron::service_plugins: {get_input: neutron_service_plugins}
1372 neutron::enable_dhcp_agent: {get_input: neutron_enable_dhcp_agent}
1373 neutron::enable_l3_agent: {get_input: neutron_enable_l3_agent}
1374 neutron::enable_metadata_agent: {get_input: neutron_enable_metadata_agent}
1375 neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent}
1376 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
1377 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
1378 neutron::plugins::ml2::extension_drivers: {get_input: neutron_plugin_extensions}
1379 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
1380 neutron::server::l3_ha: {get_input: neutron_l3_ha}
1381 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
1382 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
1383 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
1384 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
1385 neutron::agents::ml2::ovs:bridge_mappings: {get_input: neutron_bridge_mappings}
1386 neutron_public_interface: {get_input: neutron_public_interface}
1387 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
1388 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
1389 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
1390 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
1391 neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types}
1392 neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions}
1393 neutron::server::auth_password: {get_input: neutron_password}
1394 neutron::agents::metadata::auth_password: {get_input: neutron_password}
1395 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
1396 neutron_dsn: {get_input: neutron_dsn}
1397 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1398 neutron::db::mysql::password: {get_input: neutron_password}
1399 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
1400 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
1401 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
1402 neutron::keystone::auth::password: {get_input: neutron_password }
1403 neutron::keystone::auth::region: {get_input: keystone_region}
1404 neutron::server::notifications::nova_url: {get_input: nova_internal_url}
1405 neutron::server::notifications::auth_url: {get_input: neutron_admin_auth_url}
1406 neutron::server::notifications::tenant_name: 'service'
1407 neutron::server::notifications::password: {get_input: nova_password}
1410 ceilometer_backend: {get_input: ceilometer_backend}
1411 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1412 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1413 ceilometer::rabbit_userid: {get_input: rabbit_username}
1414 ceilometer::rabbit_password: {get_input: rabbit_password}
1415 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1416 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1417 ceilometer::debug: {get_input: debug}
1418 ceilometer::api::host: {get_input: ceilometer_api_network}
1419 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1420 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1421 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1422 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1423 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
1424 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1425 ceilometer::db::mysql::password: {get_input: ceilometer_password}
1426 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1427 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1430 nova::rabbit_userid: {get_input: rabbit_username}
1431 nova::rabbit_password: {get_input: rabbit_password}
1432 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1433 nova::rabbit_port: {get_input: rabbit_client_port}
1434 nova::debug: {get_input: debug}
1435 nova::api::auth_uri: {get_input: keystone_auth_uri}
1436 nova::api::identity_uri: {get_input: keystone_identity_uri}
1437 nova::api::api_bind_address: {get_input: nova_api_network}
1438 nova::api::metadata_listen: {get_input: nova_metadata_network}
1439 nova::api::admin_password: {get_input: nova_password}
1440 nova::api::osapi_compute_workers: {get_input: nova_workers}
1441 nova::api::ec2_workers: {get_input: nova_workers}
1442 nova::api::metadata_workers: {get_input: nova_workers}
1443 nova::database_connection: {get_input: nova_dsn}
1444 nova::glance_api_servers: {get_input: glance_api_servers}
1445 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1446 nova::api::instance_name_template: {get_input: instance_name_template}
1447 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
1448 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1449 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
1450 nova::vncproxy::host: {get_input: nova_api_network}
1451 nova::db::mysql::password: {get_input: nova_password}
1452 nova_enable_db_purge: {get_input: nova_enable_db_purge}
1455 apache::ip: {get_input: horizon_network}
1456 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1457 horizon::django_debug: {get_input: debug}
1458 horizon::secret_key: {get_input: horizon_secret}
1459 horizon::bind_address: {get_input: horizon_network}
1460 horizon::keystone_url: {get_input: keystone_auth_uri}
1463 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1464 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1465 rabbitmq::file_limit: {get_input: rabbit_fd_limit}
1466 rabbitmq::default_user: {get_input: rabbit_username}
1467 rabbitmq::default_pass: {get_input: rabbit_password}
1469 redis::bind: {get_input: redis_network}
1470 redis_vip: {get_input: redis_vip}
1472 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1473 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1475 memcached::listen_ip: {get_input: memcached_network}
1476 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1477 ntp::servers: {get_input: ntp_servers}
1478 timezone::timezone: {get_input: timezone}
1479 control_virtual_interface: {get_input: control_virtual_interface}
1480 public_virtual_interface: {get_input: public_virtual_interface}
1481 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1482 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1483 tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address}
1484 tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1485 tripleo::packages::enable_install: {get_input: enable_package_install}
1486 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1488 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1489 ControllerExtraConfigPre:
1490 depends_on: ControllerDeployment
1491 type: OS::TripleO::ControllerExtraConfigPre
1493 server: {get_resource: Controller}
1495 # Hook for site-specific additional pre-deployment config,
1496 # applying to all nodes, e.g node registration/unregistration
1498 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1499 type: OS::TripleO::NodeExtraConfig
1501 server: {get_resource: Controller}
1504 type: OS::TripleO::Tasks::PackageUpdate
1507 type: OS::Heat::SoftwareDeployment
1509 config: {get_resource: UpdateConfig}
1510 server: {get_resource: Controller}
1513 get_param: UpdateIdentifier
1517 description: IP address of the server in the ctlplane network
1518 value: {get_attr: [Controller, networks, ctlplane, 0]}
1519 external_ip_address:
1520 description: IP address of the server in the external network
1521 value: {get_attr: [ExternalPort, ip_address]}
1522 internal_api_ip_address:
1523 description: IP address of the server in the internal_api network
1524 value: {get_attr: [InternalApiPort, ip_address]}
1526 description: IP address of the server in the storage network
1527 value: {get_attr: [StoragePort, ip_address]}
1528 storage_mgmt_ip_address:
1529 description: IP address of the server in the storage_mgmt network
1530 value: {get_attr: [StorageMgmtPort, ip_address]}
1532 description: IP address of the server in the tenant network
1533 value: {get_attr: [TenantPort, ip_address]}
1534 management_ip_address:
1535 description: IP address of the server in the management network
1536 value: {get_attr: [ManagementPort, ip_address]}
1538 description: Hostname of the server
1539 value: {get_attr: [Controller, name]}
1542 Node object in the format {ip: ..., name: ...} format that the corosync
1545 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1546 name: {get_attr: [Controller, name]}
1549 Server's IP address and hostname in the /etc/hosts format
1552 template: IP HOST.DOMAIN HOST CLOUDNAME
1554 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1555 DOMAIN: {get_param: CloudDomain}
1556 HOST: {get_attr: [Controller, name]}
1557 CLOUDNAME: {get_param: CloudName}
1558 nova_server_resource:
1559 description: Heat resource handle for the Nova compute server
1561 {get_resource: Controller}
1563 description: Swift device formatted for swift-ring-builder
1566 template: 'r1z1-IP:%PORT%/d1'
1568 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1569 swift_proxy_memcache:
1570 description: Swift proxy-memcache value
1573 template: "IP:11211"
1575 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1577 description: identifier which changes if the controller configuration may need re-applying
1581 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1582 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1583 - {get_attr: [NodeTLSData, deploy_stdout]}
1584 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1585 - {get_param: UpdateIdentifier}
1586 tls_key_modulus_md5:
1587 description: MD5 checksum of the TLS Key Modulus
1588 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1589 tls_cert_modulus_md5:
1590 description: MD5 checksum of the TLS Certificate Modulus
1591 value: {get_attr: [NodeTLSData, cert_modulus_md5]}