1 heat_template_version: 2016-04-08
4 OpenStack controller node configured by Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
15 description: The password for the aodh services.
18 CeilometerApiVirtualIP:
23 description: The ceilometer backend type.
25 CeilometerMeteringSecret:
26 description: Secret shared by the ceilometer services.
30 description: The password for the ceilometer service and db account.
33 CeilometerStoreEvents:
35 description: Whether to store events in ceilometer.
37 CeilometerMeterDispatcher:
39 description: Dispatcher to process meter data
42 - allowed_values: ['gnocchi', 'database']
48 description: Number of workers for Ceilometer service.
53 Whether to create cron job for purging soft deleted rows in Cinder database.
55 CinderEnableNfsBackend:
57 description: Whether to enable or not the NFS backend for Cinder
59 CinderEnableIscsiBackend:
61 description: Whether to enable or not the Iscsi backend for Cinder
63 CinderEnableRbdBackend:
65 description: Whether to enable or not the Rbd backend for Cinder
69 description: The iSCSI helper to use with cinder.
71 CinderLVMLoopDeviceSize:
73 description: The size of the loopback file used by the cinder LVM driver.
75 CinderNfsMountOptions:
78 Mount options for NFS mounts used by Cinder NFS backend. Effective
79 when CinderEnableNfsBackend is true.
84 NFS servers used by Cinder NFS backend. Effective when
85 CinderEnableNfsBackend is true.
86 type: comma_delimited_list
88 description: The password for the cinder service and db account, used by cinder-api.
93 description: Contains parameters to configure Cinder backends. Typically
94 set via parameter_defaults in the resource registry.
98 description: Number of workers for Cinder service.
100 controllerExtraConfig:
103 Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
105 ControllerExtraConfig:
108 Controller specific hiera configuration data to inject into the cluster.
113 A network mapped list of IPs to assign to Controllers in the following form:
115 "internal_api": ["a.b.c.d", "e.f.g.h"],
119 ControlVirtualInterface:
121 description: Interface where virtual ip will be assigned.
125 description: Enable IPv6 in Corosync
129 description: Set to True to enable debugging on all services.
133 description: Whether to enable fencing in Pacemaker or not.
137 description: Whether to use Galera instead of regular MariaDB.
141 description: Whether to deploy a LoadBalancer on the Controller
145 description: Whether to deploy Ceph Storage (OSD) on the Controller
149 description: Whether to enable Swift Storage on the Controller
154 Additional hieradata to inject into the cluster, note that
155 ControllerExtraConfig takes precedence over ExtraConfig.
160 Pacemaker fencing configuration. The JSON should have
161 the following structure:
165 "agent": "AGENT_NAME",
166 "host_mac": "HOST_MAC_ADDRESS",
167 "params": {"PARAM_NAME": "PARAM_VALUE"}
175 "agent": "fence_xvm",
176 "host_mac": "52:54:00:aa:bb:cc",
178 "multicast_address": "225.0.0.12",
179 "port": "baremetal_0",
181 "manage_key_file": true,
182 "key_file": "/etc/fence_xvm.key",
183 "key_file_password": "abcdef"
190 description: Flavor for control nodes to request when deploying.
193 - custom_constraint: nova.flavor
196 description: The short name of the Gnocchi backend to use. Should be one
197 of swift, rbd, or file
200 - allowed_values: ['swift', 'file', 'rbd']
201 GnocchiIndexerBackend:
203 description: The short name of the Gnocchi indexer backend to use.
209 description: The password for the gnocchi service and db account.
212 HAProxyStatsPassword:
213 description: Password for HAProxy stats endpoint
216 description: User for HAProxy stats endpoint
219 HAProxySyslogAddress:
221 description: Syslog address where HAproxy will send its log
224 description: The password for the Heat service and db account, used by the Heat services.
227 HeatStackDomainAdminPassword:
228 description: Password for heat_stack_domain_admin user.
231 HeatAuthEncryptionKey:
232 description: Auth encryption key for heat-engine
237 description: A list of IP/Hostname allowed to connect to horizon
238 type: comma_delimited_list
241 description: Number of workers for Heat service.
247 Whether to create cron job for purging soft deleted rows in the Heat database.
249 description: Secret key for Django
254 default: overcloud-control
256 - custom_constraint: glance.image
258 default: 'REBUILD_PRESERVE_EPHEMERAL'
259 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
261 InstanceNameTemplate:
262 default: 'instance-%08x'
263 description: Template string to be used to generate instance names
267 description: Name of an existing Nova key pair to enable SSH access to the instances
270 - custom_constraint: nova.keypair
274 description: Keystone region for endpoint
277 description: Whether to manage IPtables rules.
281 description: Enable IPv6 features in Memcached.
285 description: Whether IPtables rules should be purged before setting up the new ones.
292 description: The password for the sahara service account, used by sahara-api.
295 MysqlClusterUniquePart:
296 description: A unique identifier of the MySQL cluster the controller is in.
298 default: 'unset' # Has to be here because of the ignored empty value bug
299 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
301 # - length: {min: 4, max: 10}
302 MysqlInnodbBufferPoolSize:
304 Specifies the size of the buffer pool in megabytes. Setting to
305 zero should be interpreted as "no value" and will defer to the
310 description: Configures MySQL max_connections config setting
316 default: '' # Has to be here because of the ignored empty value bug
317 NeutronExternalNetworkBridge:
318 description: Name of bridge used for external network traffic.
321 NeutronBridgeMappings:
323 The OVS logical->physical bridge mappings to use. See the Neutron
324 documentation for details. Defaults to mapping br-ex - the external
325 bridge on hosts - to a physical name 'datacentre' which can be used
326 to create provider networks (and we use this for the default floating
327 network) - if changing this either use different post-install network
328 scripts or be sure to keep 'datacentre' as a mapping network name.
329 type: comma_delimited_list
330 default: "datacentre:br-ex"
331 NeutronDnsmasqOptions:
332 default: 'dhcp-option-force=26,1400'
333 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
335 NeutronEnableDHCPAgent:
336 description: Knob to enable/disable DHCP Agent
339 NeutronEnableL3Agent:
340 description: Knob to enable/disable L3 agent
343 NeutronEnableMetadataAgent:
344 description: Knob to enable/disable Metadata agent
347 NeutronEnableOVSAgent:
348 description: Knob to enable/disable OVS Agent
353 description: Agent mode for the neutron-l3-agent on the controller hosts
357 description: Whether to enable l3-agent HA
359 NeutronDhcpAgentsPerNetwork:
362 description: The number of neutron dhcp agents to schedule per network
365 description: Whether to configure Neutron Distributed Virtual Routers
367 NeutronMetadataProxySharedSecret:
368 description: Shared secret to prevent spoofing
374 The core plugin for Neutron. The value should be the entrypoint to be loaded
375 from neutron.core_plugins namespace.
377 NeutronServicePlugins:
378 default: "router,qos"
380 Comma-separated list of service plugin entrypoints to be loaded from the
381 neutron.service_plugins namespace.
382 type: comma_delimited_list
384 default: "vxlan,vlan,flat,gre"
386 Comma-separated list of network type driver entrypoints to be loaded.
387 type: comma_delimited_list
388 NeutronMechanismDrivers:
389 default: 'openvswitch'
391 The mechanism drivers for the Neutron tenant network.
392 type: comma_delimited_list
393 NeutronAllowL3AgentFailover:
395 description: Allow automatic l3-agent failover
397 NeutronEnableIsolatedMetadata:
399 description: If True, DHCP provide metadata route to VM.
401 NeutronEnableTunnelling:
407 Enable/disable the L2 population feature in the Neutron agents.
410 type: comma_delimited_list
411 default: 'datacentre'
412 description: If set, flat networks to configure in neutron plugins.
415 description: Whether to enable l3-agent HA
419 description: The tenant network type for Neutron.
420 type: comma_delimited_list
421 NeutronNetworkVLANRanges:
422 default: 'datacentre:1:1000'
424 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
425 Neutron documentation for permitted values. Defaults to permitting any
426 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
427 type: comma_delimited_list
429 description: The password for the neutron service and db account, used by neutron agents.
432 NeutronPublicInterface:
434 description: What interface to bridge onto br-ex for network nodes.
436 NeutronPublicInterfaceTag:
439 VLAN tag for creating a public VLAN. The tag will be used to
440 create an access port on the exterior bridge for each control plane node,
441 and that port will be given the IP address returned by neutron from the
442 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
443 overcloud.yaml to include the deployment of VLAN ports to the control
446 NeutronPublicInterfaceDefaultRoute:
448 description: A custom default route for the NeutronPublicInterface.
450 NeutronPublicInterfaceIP:
452 description: A custom IP address to put onto the NeutronPublicInterface.
454 NeutronPublicInterfaceRawDevice:
456 description: If set, the public interface is a vlan with this device as the raw device.
460 The default MTU for tenant networks. For VXLAN/GRE tunneling, this should
461 be at least 50 bytes smaller than the MTU on the physical network. This
462 value will be used to set the MTU on the virtual Ethernet device.
463 This number is related to the value of NeutronDnsmasqOptions, since that
464 will determine the MTU that is assigned to the VM host through DHCP.
470 The tunnel types for the Neutron tenant network.
471 type: comma_delimited_list
472 NeutronTunnelIdRanges:
474 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
475 of GRE tunnel IDs that are available for tenant network allocation
476 default: ["1:4094", ]
477 type: comma_delimited_list
480 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
481 of VXLAN VNI IDs that are available for tenant network allocation
482 default: ["1:4094", ]
483 type: comma_delimited_list
484 NeutronPluginExtensions:
485 default: "qos,port_security"
487 Comma-separated list of extensions enabled for the Neutron plugin.
488 type: comma_delimited_list
489 NeutronAgentExtensions:
492 Comma-separated list of extensions enabled for the Neutron agents.
493 type: comma_delimited_list
499 description: Number of workers for Neutron service.
504 Whether to create cron job for purging soft deleted rows in Nova database.
508 description: Enable IPv6 features in Nova
511 description: The password for the nova service and db account, used by nova-api.
516 description: Number of workers for Nova service.
520 description: Should MongoDb journaling be disabled
524 description: Enable IPv6 if Mongo DB VIP is IPv6
528 description: Comma-separated list of ntp servers
529 type: comma_delimited_list
532 description: The password for the 'pcsd' user.
534 PublicVirtualInterface:
537 Specifies the interface where the public-facing virtual ip will be assigned.
538 This should be int_public when a VLAN is being used.
542 default: '' # Has to be here because of the ignored empty value bug
545 default: '' # Has to be here because of the ignored empty value bug
548 description: The password for RabbitMQ
553 description: The username for RabbitMQ
558 Rabbit client subscriber parameter to specify
559 an SSL connection to the RabbitMQ host.
563 description: Set rabbit subscriber port, change this if using SSL
567 description: Configures RabbitMQ FD limit
571 description: Enable IPv6 in RabbitMQ
575 description: The password to access the Redis service
579 default: '' # Has to be here because of the ignored empty value bug
582 default: '' # Has to be here because of the ignored empty value bug
583 description: An IP address which is wrapped in brackets in case of IPv6
584 SnmpdReadonlyUserName:
585 default: ro_snmp_user
586 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
588 SnmpdReadonlyUserPassword:
589 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
593 description: A random string to be used as a salt when hashing to determine mappings
599 description: Value of mount_check in Swift account/container/object -server.conf
604 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
607 description: Partition Power to use when building Swift rings
611 description: Whether to manage Swift rings or not
614 description: The password for the swift service account, used by the swift proxy
624 description: How many replicas to use in the swift rings.
627 description: Number of workers for Swift service.
631 description: The timezone to be set on controller nodes.
633 UpgradeLevelNovaCompute:
635 description: Nova Compute upgrade level
637 VirtualIP: # DEPRECATED: use per service settings instead
639 default: '' # Has to be here because of the ignored empty value bug
655 EnablePackageInstall:
657 description: Set to true to enable package installation via Puppet
661 description: Mapping of service_name -> network name. Typically set
662 via parameter_defaults in the resource registry.
666 description: Mapping of service endpoint -> protocol. Typically set
667 via parameter_defaults in the resource registry.
673 Setting to a previously unused value during stack-update will trigger
674 package update on all nodes
677 default: '' # Defaults to Heat created hostname
681 description: Optional mapping to override hostnames
682 NetworkDeploymentActions:
683 type: comma_delimited_list
685 Heat action when to apply network configuration changes
690 SoftwareConfigTransport:
691 default: POLL_SERVER_CFN
693 How the server should receive the metadata required for software configuration.
696 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
701 The DNS domain used for the hosts. This should match the dhcp_domain
702 configured in the Undercloud neutron. Defaults to localdomain.
706 Extra properties or metadata passed to Nova for the created nodes in
707 the overcloud. It's accessible via the Nova metadata API.
711 description: Optional scheduler hints to pass to nova
713 ServiceConfigSettings:
719 description: Do not use deprecated params, they will be removed.
721 - controllerExtraConfig
726 type: OS::Nova::Server
728 image: {get_param: Image}
729 image_update_policy: {get_param: ImageUpdatePolicy}
730 flavor: {get_param: Flavor}
731 key_name: {get_param: KeyName}
734 user_data_format: SOFTWARE_CONFIG
735 user_data: {get_resource: UserData}
738 template: {get_param: Hostname}
739 params: {get_param: HostnameMap}
740 software_config_transport: {get_param: SoftwareConfigTransport}
741 metadata: {get_param: ServerMetadata}
742 scheduler_hints: {get_param: SchedulerHints}
744 # Combine the NodeAdminUserData and NodeUserData mime archives
746 type: OS::Heat::MultipartMime
749 - config: {get_resource: NodeAdminUserData}
751 - config: {get_resource: NodeUserData}
754 # Creates the "heat-admin" user if configured via the environment
755 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
757 type: OS::TripleO::NodeAdminUserData
759 # For optional operator additional userdata
760 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
762 type: OS::TripleO::NodeUserData
765 type: OS::TripleO::Controller::Ports::ExternalPort
767 IPPool: {get_param: ControllerIPs}
768 NodeIndex: {get_param: NodeIndex}
769 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
772 type: OS::TripleO::Controller::Ports::InternalApiPort
774 IPPool: {get_param: ControllerIPs}
775 NodeIndex: {get_param: NodeIndex}
776 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
779 type: OS::TripleO::Controller::Ports::StoragePort
781 IPPool: {get_param: ControllerIPs}
782 NodeIndex: {get_param: NodeIndex}
783 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
786 type: OS::TripleO::Controller::Ports::StorageMgmtPort
788 IPPool: {get_param: ControllerIPs}
789 NodeIndex: {get_param: NodeIndex}
790 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
793 type: OS::TripleO::Controller::Ports::TenantPort
795 IPPool: {get_param: ControllerIPs}
796 NodeIndex: {get_param: NodeIndex}
797 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
800 type: OS::TripleO::Controller::Ports::ManagementPort
802 IPPool: {get_param: ControllerIPs}
803 NodeIndex: {get_param: NodeIndex}
804 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
807 type: OS::TripleO::Network::Ports::NetIpMap
809 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
810 ExternalIp: {get_attr: [ExternalPort, ip_address]}
811 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
812 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
813 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
814 StorageIp: {get_attr: [StoragePort, ip_address]}
815 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
816 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
817 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
818 TenantIp: {get_attr: [TenantPort, ip_address]}
819 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
820 ManagementIp: {get_attr: [ManagementPort, ip_address]}
821 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
824 type: OS::TripleO::Network::Ports::NetIpSubnetMap
826 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
827 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
828 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
829 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
830 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
831 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
832 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
835 type: OS::TripleO::Controller::Net::SoftwareConfig
837 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
838 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
839 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
840 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
841 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
842 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
843 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
846 type: OS::TripleO::SoftwareDeployment
848 name: NetworkDeployment
849 config: {get_resource: NetworkConfig}
850 server: {get_resource: Controller}
851 actions: {get_param: NetworkDeploymentActions}
854 interface_name: {get_param: NeutronPublicInterface}
856 # Resource for site-specific injection of root certificate
858 depends_on: NetworkDeployment
859 type: OS::TripleO::NodeTLSCAData
861 server: {get_resource: Controller}
863 # Resource for site-specific passing of private keys/certificates
865 depends_on: NodeTLSCAData
866 type: OS::TripleO::NodeTLSData
868 server: {get_resource: Controller}
869 NodeIndex: {get_param: NodeIndex}
872 ControllerDeployment:
873 type: OS::TripleO::SoftwareDeployment
874 depends_on: NetworkDeployment
876 name: ControllerDeployment
877 config: {get_resource: ControllerConfig}
878 server: {get_resource: Controller}
880 bootstack_nodeid: {get_attr: [Controller, name]}
881 ceilometer_workers: {get_param: CeilometerWorkers}
882 cinder_workers: {get_param: CinderWorkers}
883 heat_workers: {get_param: HeatWorkers}
884 nova_workers: {get_param: NovaWorkers}
885 neutron_workers: {get_param: NeutronWorkers}
886 swift_workers: {get_param: SwiftWorkers}
887 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
888 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
889 neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
890 haproxy_log_address: {get_param: HAProxySyslogAddress}
891 haproxy_stats_password: {get_param: HAProxyStatsPassword}
892 haproxy_stats_user: {get_param: HAProxyStatsUser}
893 heat.watch_server_url:
897 - {get_param: HeatApiVirtualIPUri}
899 heat.metadata_server_url:
903 - {get_param: HeatApiVirtualIPUri}
905 heat.waitcondition_server_url:
909 - {get_param: HeatApiVirtualIPUri}
910 - ':8000/v1/waitcondition'
911 heat_public_url: {get_param: [EndpointMap, HeatPublic, uri]}
912 heat_internal_url: {get_param: [EndpointMap, HeatInternal, uri]}
913 heat_admin_url: {get_param: [EndpointMap, HeatAdmin, uri]}
914 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
915 heat_enable_db_purge: {get_param: HeatEnableDBPurge}
916 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
917 horizon_secret: {get_param: HorizonSecret}
918 admin_password: {get_param: AdminPassword}
919 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
920 debug: {get_param: Debug}
921 cinder_enable_db_purge: {get_param: CinderEnableDBPurge}
922 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
923 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
924 cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
929 SERVERS: {get_param: CinderNfsServers}
930 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
931 cinder_password: {get_param: CinderPassword}
932 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
933 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
934 cinder_backend_config: {get_param: CinderBackendConfig}
938 - - 'mysql+pymysql://cinder:'
939 - {get_param: CinderPassword}
941 - {get_param: MysqlVirtualIPUri}
943 cinder_public_url: {get_param: [EndpointMap, CinderPublic, uri]}
944 cinder_internal_url: {get_param: [EndpointMap, CinderInternal, uri]}
945 cinder_admin_url: {get_param: [EndpointMap, CinderAdmin, uri]}
946 cinder_public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]}
947 cinder_internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]}
948 cinder_admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]}
949 heat_password: {get_param: HeatPassword}
950 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
954 - - 'mysql+pymysql://heat:'
955 - {get_param: HeatPassword}
957 - {get_param: MysqlVirtualIPUri}
959 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
960 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
961 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
962 enable_fencing: {get_param: EnableFencing}
963 enable_galera: {get_param: EnableGalera}
964 enable_load_balancer: {get_param: EnableLoadBalancer}
965 enable_ceph_storage: {get_param: EnableCephStorage}
966 enable_swift_storage: {get_param: EnableSwiftStorage}
967 manage_firewall: {get_param: ManageFirewall}
968 purge_firewall_rules: {get_param: PurgeFirewallRules}
969 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
970 mysql_max_connections: {get_param: MysqlMaxConnections}
971 mysql_root_password: {get_param: MysqlRootPassword}
974 template: tripleo-CLUSTER
976 CLUSTER: {get_param: MysqlClusterUniquePart}
977 neutron_flat_networks:
981 NETWORKS: {get_param: NeutronFlatNetworks}
982 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
983 neutron_agent_mode: {get_param: NeutronAgentMode}
984 neutron_router_distributed: {get_param: NeutronDVR}
985 neutron_core_plugin: {get_param: NeutronCorePlugin}
986 neutron_service_plugins:
990 PLUGINS: {get_param: NeutronServicePlugins}
991 neutron_type_drivers:
995 DRIVERS: {get_param: NeutronTypeDrivers}
996 neutron_enable_dhcp_agent: {get_param: NeutronEnableDHCPAgent}
997 neutron_enable_l3_agent: {get_param: NeutronEnableL3Agent}
998 neutron_enable_metadata_agent: {get_param: NeutronEnableMetadataAgent}
999 neutron_enable_ovs_agent: {get_param: NeutronEnableOVSAgent}
1000 neutron_mechanism_drivers:
1002 template: MECHANISMS
1004 MECHANISMS: {get_param: NeutronMechanismDrivers}
1005 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
1006 neutron_l3_ha: {get_param: NeutronL3HA}
1007 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
1008 neutron_network_vlan_ranges:
1012 RANGES: {get_param: NeutronNetworkVLANRanges}
1013 neutron_bridge_mappings:
1017 MAPPINGS: {get_param: NeutronBridgeMappings}
1018 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
1019 neutron_public_interface: {get_param: NeutronPublicInterface}
1020 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
1021 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
1022 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
1023 neutron_tunnel_id_ranges:
1027 RANGES: {get_param: NeutronTunnelIdRanges}
1032 RANGES: {get_param: NeutronVniRanges}
1033 neutron_tenant_network_types:
1037 TYPES: {get_param: NeutronNetworkType}
1038 neutron_tunnel_types:
1042 TYPES: {get_param: NeutronTunnelTypes}
1043 neutron_plugin_extensions:
1045 template: PLUGIN_EXTENSIONS
1047 PLUGIN_EXTENSIONS: {get_param: NeutronPluginExtensions}
1048 neutron_agent_extensions:
1050 template: AGENT_EXTENSIONS
1052 AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
1053 neutron_password: {get_param: NeutronPassword}
1054 neutron_tenant_mtu: {get_param: NeutronTenantMtu}
1055 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
1059 - - 'mysql+pymysql://neutron:'
1060 - {get_param: NeutronPassword}
1062 - {get_param: MysqlVirtualIPUri}
1063 - '/ovs_neutron?charset=utf8'
1064 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
1065 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
1066 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
1067 neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
1068 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
1069 ceilometer_backend: {get_param: CeilometerBackend}
1070 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
1071 ceilometer_password: {get_param: CeilometerPassword}
1072 ceilometer_store_events: {get_param: CeilometerStoreEvents}
1073 aodh_password: {get_param: AodhPassword}
1074 aodh_internal_url: { get_param: [ EndpointMap, AodhInternal, uri ] }
1075 aodh_public_url: { get_param: [ EndpointMap, AodhPublic, uri ] }
1076 aodh_admin_url: { get_param: [ EndpointMap, AodhAdmin, uri ] }
1077 ceilometer_meter_dispatcher: {get_param: CeilometerMeterDispatcher}
1078 gnocchi_password: {get_param: GnocchiPassword}
1079 gnocchi_backend: {get_param: GnocchiBackend}
1080 gnocchi_indexer_backend: {get_param: GnocchiIndexerBackend}
1081 ceilometer_coordination_url:
1085 - {get_param: RedisPassword}
1087 - {get_param: RedisVirtualIPUri}
1092 - - 'mysql+pymysql://ceilometer:'
1093 - {get_param: CeilometerPassword}
1095 - {get_param: MysqlVirtualIPUri}
1100 - - 'mysql+pymysql://gnocchi:'
1101 - {get_param: GnocchiPassword}
1103 - {get_param: MysqlVirtualIPUri}
1105 gnocchi_internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]}
1106 gnocchi_public_url: { get_param: [ EndpointMap, GnocchiPublic, uri ] }
1107 gnocchi_admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] }
1108 ceilometer_public_url: {get_param: [EndpointMap, CeilometerPublic, uri]}
1109 ceilometer_internal_url: {get_param: [EndpointMap, CeilometerInternal, uri]}
1110 ceilometer_admin_url: {get_param: [EndpointMap, CeilometerAdmin, uri]}
1111 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
1112 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
1113 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
1114 nova_ipv6: {get_param: NovaIPv6}
1115 corosync_ipv6: {get_param: CorosyncIPv6}
1116 memcached_ipv6: {get_param: MemcachedIPv6}
1117 nova_password: {get_param: NovaPassword}
1121 - - 'mysql+pymysql://nova:'
1122 - {get_param: NovaPassword}
1124 - {get_param: MysqlVirtualIPUri}
1129 - - 'mysql+pymysql://nova_api:'
1130 - {get_param: NovaPassword}
1132 - {get_param: MysqlVirtualIPUri}
1134 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
1135 instance_name_template: {get_param: InstanceNameTemplate}
1136 nova_public_url: {get_param: [EndpointMap, NovaPublic, uri]}
1137 nova_internal_url: {get_param: [EndpointMap, NovaInternal, uri]}
1138 nova_admin_url: {get_param: [EndpointMap, NovaAdmin, uri]}
1139 nova_ec2_public_url: {get_param: [EndpointMap, NovaEC2Public, uri]}
1140 nova_ec2_internal_url: {get_param: [EndpointMap, NovaEC2Internal, uri]}
1141 nova_ec2_admin_url: {get_param: [EndpointMap, NovaEC2Admin, uri]}
1142 fencing_config: {get_param: FencingConfig}
1143 pcsd_password: {get_param: PcsdPassword}
1144 rabbit_username: {get_param: RabbitUserName}
1145 rabbit_password: {get_param: RabbitPassword}
1146 rabbit_cookie: {get_param: RabbitCookie}
1147 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
1148 rabbit_client_port: {get_param: RabbitClientPort}
1149 rabbit_ipv6: {get_param: RabbitIPv6}
1150 rabbit_fd_limit: {get_param: RabbitFDLimit}
1151 mongodb_no_journal: {get_param: MongoDbNoJournal}
1152 mongodb_ipv6: {get_param: MongoDbIPv6}
1153 ntp_servers: {get_param: NtpServer}
1154 timezone: {get_param: TimeZone}
1155 control_virtual_interface: {get_param: ControlVirtualInterface}
1156 public_virtual_interface: {get_param: PublicVirtualInterface}
1157 swift_hash_suffix: {get_param: SwiftHashSuffix}
1158 swift_password: {get_param: SwiftPassword}
1159 swift_part_power: {get_param: SwiftPartPower}
1160 swift_ring_build: {get_param: SwiftRingBuild}
1161 swift_replicas: {get_param: SwiftReplicas}
1162 swift_min_part_hours: {get_param: SwiftMinPartHours}
1163 swift_mount_check: {get_param: SwiftMountCheck}
1164 swift_public_url: {get_param: [EndpointMap, SwiftPublic, uri]}
1165 swift_internal_url: {get_param: [EndpointMap, SwiftInternal, uri]}
1166 swift_admin_url: {get_param: [EndpointMap, SwiftAdmin, uri]}
1167 swift_public_url_s3: {get_param: [EndpointMap, SwiftS3Public, uri]}
1168 swift_internal_url_s3: {get_param: [EndpointMap, SwiftS3Internal, uri]}
1169 swift_admin_url_s3: {get_param: [EndpointMap, SwiftS3Admin, uri]}
1170 enable_package_install: {get_param: EnablePackageInstall}
1171 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
1172 sahara_password: {get_param: SaharaPassword}
1173 sahara_public_url: {get_param: [EndpointMap, SaharaPublic, uri]}
1174 sahara_internal_url: {get_param: [EndpointMap, SaharaInternal, uri]}
1175 sahara_admin_url: {get_param: [EndpointMap, SaharaAdmin, uri]}
1179 - - 'mysql://sahara:'
1180 - {get_param: SaharaPassword}
1182 - {get_param: MysqlVirtualIPUri}
1184 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
1185 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1186 cinder_iscsi_network:
1190 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
1191 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
1192 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
1193 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
1194 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
1195 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
1196 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
1197 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
1198 keystone_region: {get_param: KeystoneRegion}
1199 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
1200 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
1201 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
1202 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
1203 aodh_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]}
1204 gnocchi_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]}
1205 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
1206 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
1207 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
1210 template: "['SUBNET']"
1212 SUBNET: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
1213 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
1214 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
1215 redis_password: {get_param: RedisPassword}
1216 redis_vip: {get_param: RedisVirtualIP}
1217 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
1218 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1219 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
1220 mysql_virtual_ip: {get_param: MysqlVirtualIP}
1221 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
1222 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1223 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1225 # Map heat metadata into hiera datafiles
1227 type: OS::Heat::StructuredConfig
1229 group: os-apply-config
1234 - heat_config_%{::deploy_config_name}
1235 - controller_extraconfig
1241 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
1242 - ceph_cluster # provided by CephClusterConfig
1244 - bootstrap_node # provided by BootstrapNodeConfig
1245 - all_nodes # provided by allNodesConfig
1246 - vip_data # provided by vip-config
1249 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
1250 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
1251 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
1252 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
1253 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
1254 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
1255 - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
1256 - midonet_data #Optionally provided by AllNodesExtraConfig
1257 - neutron_opencontrail_data # Optionally provided by ControllerExtraConfigPre
1258 - neutron_plumgrid_data # Optionally provided by ControllerExtraConfigPre
1259 merge_behavior: deeper
1262 mapped_data: {get_param: ServiceConfigSettings}
1263 controller_extraconfig:
1266 - {get_param: controllerExtraConfig}
1267 - {get_param: ControllerExtraConfig}
1269 mapped_data: {get_param: ExtraConfig}
1271 raw_data: {get_file: hieradata/common.yaml}
1273 raw_data: {get_file: hieradata/ceph.yaml}
1275 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
1276 ceph::profile::params::public_network: {get_input: ceph_public_network}
1277 ceph::profile::params::public_addr: {get_input: ceph_public_ip}
1279 raw_data: {get_file: hieradata/database.yaml}
1281 raw_data: {get_file: hieradata/object.yaml}
1283 raw_data: {get_file: hieradata/controller.yaml}
1284 mapped_data: # data supplied directly to this deployment configuration, etc
1285 bootstack_nodeid: {get_input: bootstack_nodeid}
1288 enable_fencing: {get_input: enable_fencing}
1289 enable_load_balancer: {get_input: enable_load_balancer}
1290 hacluster_pwd: {get_input: pcsd_password}
1291 corosync_ipv6: {get_input: corosync_ipv6}
1292 tripleo::fencing::config: {get_input: fencing_config}
1295 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
1296 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
1297 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
1298 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
1299 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
1300 swift::proxy::authtoken::admin_password: {get_input: swift_password}
1301 swift::proxy::workers: {get_input: swift_workers}
1302 tripleo::ringbuilder::build_ring: { get_input: swift_ring_build }
1303 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
1304 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
1305 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
1306 swift_mount_check: {get_input: swift_mount_check}
1307 swift::keystone::auth::public_url: {get_input: swift_public_url }
1308 swift::keystone::auth::internal_url: {get_input: swift_internal_url }
1309 swift::keystone::auth::admin_url: {get_input: swift_admin_url }
1310 swift::keystone::auth::public_url_s3: {get_input: swift_public_url_v3 }
1311 swift::keystone::auth::internal_url_s3: {get_input: swift_internal_url_v3 }
1312 swift::keystone::auth::admin_url_s3: {get_input: swift_admin_url_v3 }
1313 swift::keystone::auth::password: {get_input: swift_password }
1314 swift::keystone::auth::region: {get_input: keystone_region}
1317 cinder_enable_db_purge: {get_input: cinder_enable_db_purge}
1318 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
1319 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
1320 cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
1321 cinder_nfs_servers: {get_input: cinder_nfs_servers}
1322 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
1323 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
1324 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
1325 cinder::database_connection: {get_input: cinder_dsn}
1326 cinder::api::keystone_password: {get_input: cinder_password}
1327 cinder::api::auth_uri: {get_input: keystone_auth_uri}
1328 cinder::api::identity_uri: {get_input: keystone_identity_uri}
1329 cinder::api::bind_host: {get_input: cinder_api_network}
1330 cinder::rabbit_userid: {get_input: rabbit_username}
1331 cinder::rabbit_password: {get_input: rabbit_password}
1332 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1333 cinder::rabbit_port: {get_input: rabbit_client_port}
1334 cinder::debug: {get_input: debug}
1335 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
1336 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
1337 cinder_backend_config: {get_input: CinderBackendConfig}
1338 cinder::db::mysql::password: {get_input: cinder_password}
1339 cinder::keystone::auth::public_url: {get_input: cinder_public_url }
1340 cinder::keystone::auth::internal_url: {get_input: cinder_internal_url }
1341 cinder::keystone::auth::admin_url: {get_input: cinder_admin_url }
1342 cinder::keystone::auth::public_url_v2: {get_input: cinder_public_url_v2 }
1343 cinder::keystone::auth::internal_url_v2: {get_input: cinder_internal_url_v2 }
1344 cinder::keystone::auth::admin_url_v2: {get_input: cinder_admin_url_v2 }
1345 cinder::keystone::auth::password: {get_input: cinder_password }
1346 cinder::keystone::auth::region: {get_input: keystone_region}
1349 glance::api::bind_host: {get_input: glance_api_network}
1350 glance::registry::bind_host: {get_input: glance_registry_network}
1351 glance::keystone::auth::region: {get_input: keystone_region}
1354 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
1355 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
1356 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
1357 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
1358 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
1359 heat::rabbit_userid: {get_input: rabbit_username}
1360 heat::rabbit_password: {get_input: rabbit_password}
1361 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1362 heat::rabbit_port: {get_input: rabbit_client_port}
1363 heat::auth_uri: {get_input: keystone_auth_uri}
1364 heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
1365 heat::identity_uri: {get_input: keystone_identity_uri}
1366 heat::keystone_password: {get_input: heat_password}
1367 heat::api::bind_host: {get_input: heat_api_network}
1368 heat::api::workers: {get_input: heat_workers}
1369 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
1370 heat::api_cloudwatch::workers: {get_input: heat_workers}
1371 heat::api_cfn::bind_host: {get_input: heat_api_network}
1372 heat::api_cfn::workers: {get_input: heat_workers}
1373 heat::engine::num_engine_workers: {get_input: heat_workers}
1374 heat::database_connection: {get_input: heat_dsn}
1375 heat::debug: {get_input: debug}
1376 heat::db::mysql::password: {get_input: heat_password}
1377 heat_enable_db_purge: {get_input: heat_enable_db_purge}
1378 heat::keystone::domain::domain_password: {get_input: heat_stack_domain_admin_password}
1379 heat::keystone::auth::public_url: {get_input: heat_public_url }
1380 heat::keystone::auth::internal_url: {get_input: heat_internal_url }
1381 heat::keystone::auth::admin_url: {get_input: heat_admin_url }
1382 heat::keystone::auth::password: {get_input: heat_password }
1383 heat::keystone::auth::region: {get_input: keystone_region}
1386 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
1387 keystone::public_bind_host: {get_input: keystone_public_api_network}
1388 keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
1389 keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
1391 mongodb::server::bind_ip: {get_input: mongo_db_network}
1392 mongodb::server::nojournal: {get_input: mongodb_no_journal}
1393 mongodb::server::ipv6: {get_input: mongodb_ipv6}
1395 admin_password: {get_input: admin_password}
1396 enable_galera: {get_input: enable_galera}
1397 enable_ceph_storage: {get_input: enable_ceph_storage}
1398 enable_swift_storage: {get_input: enable_swift_storage}
1399 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
1400 mysql_max_connections: {get_input: mysql_max_connections}
1401 mysql::server::root_password: {get_input: mysql_root_password}
1402 mysql_cluster_name: {get_input: mysql_cluster_name}
1403 mysql_bind_host: {get_input: mysql_network}
1404 mysql_virtual_ip: {get_input: mysql_virtual_ip}
1407 neutron::bind_host: {get_input: neutron_api_network}
1408 neutron::rabbit_password: {get_input: rabbit_password}
1409 neutron::rabbit_user: {get_input: rabbit_username}
1410 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1411 neutron::rabbit_port: {get_input: rabbit_client_port}
1412 neutron::debug: {get_input: debug}
1413 neutron::server::auth_uri: {get_input: keystone_auth_uri}
1414 neutron::server::identity_uri: {get_input: keystone_identity_uri}
1415 neutron::server::database_connection: {get_input: neutron_dsn}
1416 neutron::server::api_workers: {get_input: neutron_workers}
1417 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
1418 neutron::network_device_mtu: {get_input: neutron_tenant_mtu}
1419 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
1420 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
1421 neutron::agents::dhcp::enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata}
1422 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
1423 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
1424 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1425 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
1426 neutron::agents::metadata::metadata_workers: {get_input: neutron_workers}
1427 neutron_agent_mode: {get_input: neutron_agent_mode}
1428 neutron_router_distributed: {get_input: neutron_router_distributed}
1429 neutron::core_plugin: {get_input: neutron_core_plugin}
1430 neutron::service_plugins: {get_input: neutron_service_plugins}
1431 neutron::enable_dhcp_agent: {get_input: neutron_enable_dhcp_agent}
1432 neutron::enable_l3_agent: {get_input: neutron_enable_l3_agent}
1433 neutron::enable_metadata_agent: {get_input: neutron_enable_metadata_agent}
1434 neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent}
1435 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
1436 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
1437 neutron::plugins::ml2::extension_drivers: {get_input: neutron_plugin_extensions}
1438 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
1439 neutron::server::l3_ha: {get_input: neutron_l3_ha}
1440 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
1441 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
1442 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
1443 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
1444 neutron::agents::ml2::ovs::bridge_mappings: {get_input: neutron_bridge_mappings}
1445 neutron_public_interface: {get_input: neutron_public_interface}
1446 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
1447 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
1448 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
1449 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
1450 neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types}
1451 neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions}
1452 neutron::server::auth_password: {get_input: neutron_password}
1453 neutron::agents::metadata::auth_password: {get_input: neutron_password}
1454 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
1455 neutron_dsn: {get_input: neutron_dsn}
1456 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1457 neutron::db::mysql::password: {get_input: neutron_password}
1458 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
1459 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
1460 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
1461 neutron::keystone::auth::password: {get_input: neutron_password }
1462 neutron::keystone::auth::region: {get_input: keystone_region}
1463 neutron::server::notifications::nova_url: {get_input: nova_internal_url}
1464 neutron::server::notifications::auth_url: {get_input: neutron_auth_url}
1465 neutron::server::notifications::tenant_name: 'service'
1466 neutron::server::notifications::project_name: 'service'
1467 neutron::server::notifications::password: {get_input: nova_password}
1470 ceilometer_backend: {get_input: ceilometer_backend}
1471 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1472 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1473 ceilometer::rabbit_userid: {get_input: rabbit_username}
1474 ceilometer::rabbit_password: {get_input: rabbit_password}
1475 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1476 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1477 ceilometer::debug: {get_input: debug}
1478 ceilometer::api::host: {get_input: ceilometer_api_network}
1479 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1480 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1481 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1482 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1483 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
1484 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1485 ceilometer::agent::notification::store_events: {get_input: ceilometer_store_events}
1486 ceilometer::db::mysql::password: {get_input: ceilometer_password}
1487 ceilometer::collector::meter_dispatcher: {get_input: ceilometer_meter_dispatcher}
1488 ceilometer::dispatcher::gnocchi::url: {get_input: gnocchi_internal_url }
1489 ceilometer::dispatcher::gnocchi::filter_project: 'service'
1490 ceilometer::dispatcher::gnocchi::archive_policy: 'low'
1491 ceilometer::dispatcher::gnocchi::resources_definition_file: 'gnocchi_resources.yaml'
1492 ceilometer::keystone::auth::public_url: {get_input: ceilometer_public_url }
1493 ceilometer::keystone::auth::internal_url: {get_input: ceilometer_internal_url }
1494 ceilometer::keystone::auth::admin_url: {get_input: ceilometer_admin_url }
1495 ceilometer::keystone::auth::password: {get_input: ceilometer_password }
1496 ceilometer::keystone::auth::region: {get_input: keystone_region}
1497 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1498 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1501 aodh::rabbit_userid: {get_input: rabbit_username}
1502 aodh::rabbit_password: {get_input: rabbit_password}
1503 aodh::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1504 aodh::rabbit_port: {get_input: rabbit_client_port}
1505 aodh::debug: {get_input: debug}
1506 aodh::wsgi::apache::ssl: false
1507 aodh::wsgi::apache::bind_host: {get_input: aodh_api_network}
1508 aodh::api::service_name: 'httpd'
1509 aodh::api::host: {get_input: aodh_api_network}
1510 aodh::api::keystone_password: {get_input: aodh_password}
1511 aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1512 aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1513 aodh::auth::auth_password: {get_input: aodh_password}
1514 aodh::db::mysql::password: {get_input: aodh_password}
1515 # for a migration path from ceilometer-alarm to aodh, we use the same database & coordination
1516 aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url}
1517 aodh::keystone::auth::public_url: {get_input: aodh_public_url }
1518 aodh::keystone::auth::internal_url: {get_input: aodh_internal_url }
1519 aodh::keystone::auth::admin_url: {get_input: aodh_admin_url }
1520 aodh::keystone::auth::password: {get_input: aodh_password }
1521 aodh::keystone::auth::region: {get_input: keystone_region}
1524 gnocchi_backend: {get_input: gnocchi_backend}
1525 gnocchi_indexer_backend: {get_input: gnocchi_indexer_backend}
1526 gnocchi_mysql_conn_string: {get_input: gnocchi_dsn}
1527 gnocchi::debug: {get_input: debug}
1528 gnocchi::wsgi::apache::ssl: false
1529 gnocchi::wsgi::apache::bind_host: {get_input: gnocchi_api_network}
1530 gnocchi::api::service_name: 'httpd'
1531 gnocchi::api::host: {get_input: gnocchi_api_network}
1532 gnocchi::api::keystone_password: {get_input: gnocchi_password}
1533 gnocchi::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1534 gnocchi::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1535 gnocchi::db::mysql::password: {get_input: gnocchi_password}
1536 gnocchi::storage::swift::swift_authurl: {get_input: keystone_auth_uri}
1537 gnocchi::storage::swift::swift_key: {get_input: gnocchi_password}
1538 gnocchi::keystone::auth::public_url: {get_input: gnocchi_public_url }
1539 gnocchi::keystone::auth::internal_url: {get_input: gnocchi_internal_url }
1540 gnocchi::keystone::auth::admin_url: {get_input: gnocchi_admin_url }
1541 gnocchi::keystone::auth::password: {get_input: gnocchi_password }
1542 gnocchi::keystone::auth::region: {get_input: keystone_region}
1545 nova::rabbit_userid: {get_input: rabbit_username}
1546 nova::rabbit_password: {get_input: rabbit_password}
1547 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1548 nova::rabbit_port: {get_input: rabbit_client_port}
1549 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
1550 nova::debug: {get_input: debug}
1551 nova::use_ipv6: {get_input: nova_ipv6}
1552 nova::api::auth_uri: {get_input: keystone_auth_uri}
1553 nova::api::identity_uri: {get_input: keystone_identity_uri}
1554 nova::api::api_bind_address: {get_input: nova_api_network}
1555 nova::api::metadata_listen: {get_input: nova_metadata_network}
1556 nova::api::admin_password: {get_input: nova_password}
1557 nova::api::osapi_compute_workers: {get_input: nova_workers}
1558 nova::api::ec2_workers: {get_input: nova_workers}
1559 nova::api::metadata_workers: {get_input: nova_workers}
1560 nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu}
1561 nova::database_connection: {get_input: nova_dsn}
1562 nova::api_database_connection: {get_input: nova_api_dsn}
1563 nova::glance_api_servers: {get_input: glance_api_servers}
1564 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1565 nova::api::instance_name_template: {get_input: instance_name_template}
1566 nova::network::neutron::neutron_password: {get_input: neutron_password}
1567 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1568 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
1569 nova::vncproxy::host: {get_input: nova_api_network}
1570 nova::db::mysql::password: {get_input: nova_password}
1571 nova::db::mysql_api::password: {get_input: nova_password}
1572 nova_enable_db_purge: {get_input: nova_enable_db_purge}
1573 nova::keystone::auth::public_url: {get_input: nova_public_url}
1574 nova::keystone::auth::internal_url: {get_input: nova_internal_url}
1575 nova::keystone::auth::admin_url: {get_input: nova_admin_url}
1576 nova::keystone::auth::ec2_public_url: {get_input: nova_ec2_public_url}
1577 nova::keystone::auth::ec2_internal_url: {get_input: nova_ec2_internal_url}
1578 nova::keystone::auth::ec2_admin_url: {get_input: nova_ec2_admin_url}
1579 nova::keystone::auth::password: {get_input: nova_password }
1580 nova::keystone::auth::region: {get_input: keystone_region}
1583 apache::mod::remoteip::proxy_ips: {get_input: horizon_subnet}
1584 apache::ip: {get_input: horizon_network}
1585 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1586 horizon::django_debug: {get_input: debug}
1587 horizon::secret_key: {get_input: horizon_secret}
1588 horizon::bind_address: {get_input: horizon_network}
1589 horizon::keystone_url: {get_input: keystone_auth_uri}
1592 sahara::host: {get_input: sahara_api_network}
1600 sahara::admin_password: {get_input: sahara_password}
1601 sahara::auth_uri: {get_input: keystone_auth_uri}
1602 sahara::admin_user: sahara
1603 sahara::identity_uri: {get_input: keystone_identity_uri}
1604 sahara::use_neutron: true
1605 sahara::database_connection: {get_input: sahara_dsn}
1606 sahara::debug: {get_input: debug}
1607 sahara::rpc_backend: rabbit
1608 sahara::rabbit_userid: {get_input: rabbit_username}
1609 sahara::rabbit_password: {get_input: rabbit_password}
1610 sahara::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1611 sahara::rabbit_port: {get_input: rabbit_client_port}
1612 sahara::db::mysql::password: {get_input: sahara_password}
1613 sahara::keystone::auth::public_url: {get_input: sahara_public_url }
1614 sahara::keystone::auth::internal_url: {get_input: sahara_internal_url }
1615 sahara::keystone::auth::admin_url: {get_input: sahara_admin_url }
1616 sahara::keystone::auth::password: {get_input: sahara_password }
1617 sahara::keystone::auth::region: {get_input: keystone_region}
1620 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1621 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1622 rabbitmq::file_limit: {get_input: rabbit_fd_limit}
1623 rabbitmq::default_user: {get_input: rabbit_username}
1624 rabbitmq::default_pass: {get_input: rabbit_password}
1625 rabbit_ipv6: {get_input: rabbit_ipv6}
1627 redis::bind: {get_input: redis_network}
1628 redis::requirepass: {get_input: redis_password}
1629 redis::masterauth: {get_input: redis_password}
1630 redis::sentinel_auth_pass: {get_input: redis_password}
1631 redis_vip: {get_input: redis_vip}
1633 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1634 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1636 memcached_ipv6: {get_input: memcached_ipv6}
1637 memcached::listen_ip: {get_input: memcached_network}
1638 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1639 ntp::servers: {get_input: ntp_servers}
1640 timezone::timezone: {get_input: timezone}
1641 control_virtual_interface: {get_input: control_virtual_interface}
1642 public_virtual_interface: {get_input: public_virtual_interface}
1643 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1644 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1645 tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address}
1646 tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1647 tripleo::loadbalancer::haproxy_stats_user: {get_input: haproxy_stats_user}
1648 tripleo::loadbalancer::haproxy_stats_password: {get_input: haproxy_stats_password}
1649 tripleo::loadbalancer::redis_password: {get_input: redis_password}
1650 tripleo::packages::enable_install: {get_input: enable_package_install}
1651 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1653 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1654 ControllerExtraConfigPre:
1655 depends_on: ControllerDeployment
1656 type: OS::TripleO::ControllerExtraConfigPre
1658 server: {get_resource: Controller}
1660 # Hook for site-specific additional pre-deployment config,
1661 # applying to all nodes, e.g node registration/unregistration
1663 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1664 type: OS::TripleO::NodeExtraConfig
1666 server: {get_resource: Controller}
1669 type: OS::TripleO::Tasks::PackageUpdate
1672 type: OS::Heat::SoftwareDeployment
1674 name: UpdateDeployment
1675 config: {get_resource: UpdateConfig}
1676 server: {get_resource: Controller}
1679 get_param: UpdateIdentifier
1683 description: IP address of the server in the ctlplane network
1684 value: {get_attr: [Controller, networks, ctlplane, 0]}
1685 external_ip_address:
1686 description: IP address of the server in the external network
1687 value: {get_attr: [ExternalPort, ip_address]}
1688 internal_api_ip_address:
1689 description: IP address of the server in the internal_api network
1690 value: {get_attr: [InternalApiPort, ip_address]}
1692 description: IP address of the server in the storage network
1693 value: {get_attr: [StoragePort, ip_address]}
1694 storage_mgmt_ip_address:
1695 description: IP address of the server in the storage_mgmt network
1696 value: {get_attr: [StorageMgmtPort, ip_address]}
1698 description: IP address of the server in the tenant network
1699 value: {get_attr: [TenantPort, ip_address]}
1700 management_ip_address:
1701 description: IP address of the server in the management network
1702 value: {get_attr: [ManagementPort, ip_address]}
1704 description: Hostname of the server
1705 value: {get_attr: [Controller, name]}
1708 Node object in the format {ip: ..., name: ...} format that the corosync
1711 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1712 name: {get_attr: [Controller, name]}
1715 Server's IP address and hostname in the /etc/hosts format
1719 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
1720 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
1721 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
1722 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
1723 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
1724 TENANTIP TENANTHOST.DOMAIN TENANTHOST
1725 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
1727 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1728 DOMAIN: {get_param: CloudDomain}
1729 PRIMARYHOST: {get_attr: [Controller, name]}
1730 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
1734 - - {get_attr: [Controller, name]}
1736 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
1740 - - {get_attr: [Controller, name]}
1742 STORAGEIP: {get_attr: [StoragePort, ip_address]}
1746 - - {get_attr: [Controller, name]}
1748 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
1752 - - {get_attr: [Controller, name]}
1754 TENANTIP: {get_attr: [TenantPort, ip_address]}
1758 - - {get_attr: [Controller, name]}
1760 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
1764 - - {get_attr: [Controller, name]}
1766 nova_server_resource:
1767 description: Heat resource handle for the Nova compute server
1769 {get_resource: Controller}
1771 description: Swift device formatted for swift-ring-builder
1774 template: 'r1z1-IP:%PORT%/d1'
1776 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1777 swift_proxy_memcache:
1778 description: Swift proxy-memcache value
1781 template: "IP:11211"
1783 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1785 description: identifier which changes if the controller configuration may need re-applying
1789 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1790 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1791 - {get_attr: [NodeTLSData, deploy_stdout]}
1792 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1793 - {get_param: UpdateIdentifier}
1794 tls_key_modulus_md5:
1795 description: MD5 checksum of the TLS Key Modulus
1796 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1797 tls_cert_modulus_md5:
1798 description: MD5 checksum of the TLS Certificate Modulus
1799 value: {get_attr: [NodeTLSData, cert_modulus_md5]}