1 heat_template_version: 2015-04-30
4 OpenStack controller node configured by Puppet.
9 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
14 description: The keystone auth secret and db password.
19 description: The ceilometer backend type.
21 CeilometerMeteringSecret:
23 description: Secret shared by the ceilometer services.
28 description: The password for the ceilometer service and db account.
31 CinderEnableNfsBackend:
33 description: Whether to enable or not the NFS backend for Cinder
35 CinderEnableIscsiBackend:
37 description: Whether to enable or not the Iscsi backend for Cinder
39 CinderEnableRbdBackend:
41 description: Whether to enable or not the Rbd backend for Cinder
45 description: The iSCSI helper to use with cinder.
47 CinderLVMLoopDeviceSize:
49 description: The size of the loopback file used by the cinder LVM driver.
51 CinderNfsMountOptions:
54 Mount options for NFS mounts used by Cinder NFS backend. Effective
55 when CinderEnableNfsBackend is true.
60 NFS servers used by Cinder NFS backend. Effective when
61 CinderEnableNfsBackend is true.
62 type: comma_delimited_list
65 description: The password for the cinder service and db account, used by cinder-api.
70 description: Contains parameters to configure Cinder backends. Typically
71 set via parameter_defaults in the resource registry.
75 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
77 ControllerExtraConfig:
80 Controller specific hiera configuration data to inject into the cluster.
82 ControlVirtualInterface:
84 description: Interface where virtual ip will be assigned.
88 description: Set to True to enable debugging on all services.
92 description: Whether to enable fencing in Pacemaker or not.
96 description: Whether to use Galera instead of regular MariaDB.
100 description: Whether to deploy Ceph Storage (OSD) on the Controller
104 description: Whether to enable Swift Storage on the Controller
109 Additional hieradata to inject into the cluster, note that
110 ControllerExtraConfig takes precedence over ExtraConfig.
115 Pacemaker fencing configuration. The JSON should have
116 the following structure:
120 "agent": "AGENT_NAME",
121 "host_mac": "HOST_MAC_ADDRESS",
122 "params": {"PARAM_NAME": "PARAM_VALUE"}
130 "agent": "fence_xvm",
131 "host_mac": "52:54:00:aa:bb:cc",
133 "multicast_address": "225.0.0.12",
134 "port": "baremetal_0",
136 "manage_key_file": true,
137 "key_file": "/etc/fence_xvm.key",
138 "key_file_password": "abcdef"
145 description: Flavor for control nodes to request when deploying.
148 - custom_constraint: nova.flavor
149 GlanceNotifierStrategy:
150 description: Strategy to use for Glance notification queue
154 description: The filepath of the file to use for logging messages from Glance.
159 description: The password for the glance service and db account, used by the glance services.
164 description: Glance port.
168 description: Protocol to use when connecting to glance, set to https for SSL.
172 description: The short name of the Glance backend to use. Should be one
173 of swift, rbd, or file
176 - allowed_values: ['swift', 'file', 'rbd']
179 description: The password for the Heat service and db account, used by the Heat services.
182 HeatStackDomainAdminPassword:
183 description: Password for heat_domain_admin user.
187 HeatAuthEncryptionKey:
188 description: Auth encryption key for heat-engine
191 description: Secret key for Django
195 default: overcloud-control
197 - custom_constraint: glance.image
199 default: 'REBUILD_PRESERVE_EPHEMERAL'
200 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
204 description: Name of an existing EC2 KeyPair to enable SSH access to the instances
207 - custom_constraint: nova.keypair
208 KeystoneCACertificate:
210 description: Keystone self-signed certificate authority certificate.
212 KeystoneSigningCertificate:
214 description: Keystone certificate for verifying token validity.
218 description: Keystone key for signing tokens.
221 KeystoneSSLCertificate:
223 description: Keystone certificate for verifying token validity.
225 KeystoneSSLCertificateKey:
227 description: Keystone key for signing tokens.
230 KeystoneNotificationDriver:
231 description: Comma-separated list of Oslo notification drivers used by Keystone
232 default: ['messaging']
233 type: comma_delimited_list
234 KeystoneNotificationFormat:
235 description: The Keystone notification format
239 - allowed_values: [ 'basic', 'cadf' ]
240 MysqlClusterUniquePart:
241 description: A unique identifier of the MySQL cluster the controller is in.
243 default: 'unset' # Has to be here because of the ignored empty value bug
244 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
246 # - length: {min: 4, max: 10}
247 MysqlInnodbBufferPoolSize:
249 Specifies the size of the buffer pool in megabytes. Setting to
250 zero should be interpreted as "no value" and will defer to the
255 description: Configures MySQL max_connections config setting
261 default: '' # Has to be here because of the ignored empty value bug
262 NeutronExternalNetworkBridge:
263 description: Name of bridge used for external network traffic.
266 NeutronBridgeMappings:
268 The OVS logical->physical bridge mappings to use. See the Neutron
269 documentation for details. Defaults to mapping br-ex - the external
270 bridge on hosts - to a physical name 'datacentre' which can be used
271 to create provider networks (and we use this for the default floating
272 network) - if changing this either use different post-install network
273 scripts or be sure to keep 'datacentre' as a mapping network name.
275 default: "datacentre:br-ex"
276 NeutronDnsmasqOptions:
277 default: 'dhcp-option-force=26,1400'
278 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
282 description: Agent mode for the neutron-l3-agent on the controller hosts
286 description: Whether to enable l3-agent HA
288 NeutronDhcpAgentsPerNetwork:
291 description: The number of neutron dhcp agents to schedule per network
294 description: Whether to configure Neutron Distributed Virtual Routers
296 NeutronMetadataProxySharedSecret:
298 description: Shared secret to prevent spoofing
303 The core plugin for Neutron. The value should be the entrypoint to be loaded
304 from neutron.core_plugins namespace.
306 NeutronServicePlugins:
309 Comma-separated list of service plugin entrypoints to be loaded from the
310 neutron.service_plugins namespace.
311 type: comma_delimited_list
313 default: "vxlan,vlan,flat,gre"
315 Comma-separated list of network type driver entrypoints to be loaded.
316 type: comma_delimited_list
317 NeutronMechanismDrivers:
318 default: 'openvswitch'
320 The mechanism drivers for the Neutron tenant network. To specify multiple
321 values, use a comma separated string, like so: 'openvswitch,l2_population'
323 NeutronAllowL3AgentFailover:
325 description: Allow automatic l3-agent failover
327 NeutronEnableTunnelling:
332 default: 'datacentre'
333 description: If set, flat networks to configure in neutron plugins.
336 description: Whether to enable l3-agent HA
340 description: The tenant network type for Neutron, either gre or vxlan.
342 NeutronNetworkVLANRanges:
343 default: 'datacentre'
345 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
346 Neutron documentation for permitted values. Defaults to permitting any
347 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
348 type: comma_delimited_list
351 description: The password for the neutron service and db account, used by neutron agents.
354 NeutronPublicInterface:
356 description: What interface to bridge onto br-ex for network nodes.
358 NeutronPublicInterfaceTag:
361 VLAN tag for creating a public VLAN. The tag will be used to
362 create an access port on the exterior bridge for each control plane node,
363 and that port will be given the IP address returned by neutron from the
364 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
365 overcloud.yaml to include the deployment of VLAN ports to the control
368 NeutronPublicInterfaceDefaultRoute:
370 description: A custom default route for the NeutronPublicInterface.
372 NeutronPublicInterfaceIP:
374 description: A custom IP address to put onto the NeutronPublicInterface.
376 NeutronPublicInterfaceRawDevice:
378 description: If set, the public interface is a vlan with this device as the raw device.
383 The tunnel types for the Neutron tenant network. To specify multiple
384 values, use a comma separated string, like so: 'gre,vxlan'
386 NeutronTunnelIdRanges:
388 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
389 of GRE tunnel IDs that are available for tenant network allocation
390 default: ["1:1000", ]
391 type: comma_delimited_list
394 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
395 of VXLAN VNI IDs that are available for tenant network allocation
396 default: ["1:1000", ]
397 type: comma_delimited_list
400 description: The password for the nova service and db account, used by nova-api.
405 description: Should MongoDb journaling be disabled
412 description: The password for the 'pcsd' user.
413 PublicVirtualInterface:
416 Specifies the interface where the public-facing virtual ip will be assigned.
417 This should be int_public when a VLAN is being used.
419 PublicVirtualIP: # DEPRECATED: use per service settings instead
421 default: '' # Has to be here because of the ignored empty value bug
424 default: '' # Has to be here because of the ignored empty value bug
428 description: The password for RabbitMQ
433 description: The username for RabbitMQ
438 Rabbit client subscriber parameter to specify
439 an SSL connection to the RabbitMQ host.
443 description: Set rabbit subscriber port, change this if using SSL
447 default: '' # Has to be here because of the ignored empty value bug
448 SnmpdReadonlyUserName:
449 default: ro_snmp_user
450 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
452 SnmpdReadonlyUserPassword:
454 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
459 description: If set, the contents of an SSL certificate authority file.
463 description: If set, the contents of an SSL certificate .crt file for encrypting SSL endpoints.
468 description: If set, the contents of an SSL certificate .key file for encrypting SSL endpoints.
473 description: A random string to be used as a salt when hashing to determine mappings
479 description: Value of mount_check in Swift account/container/object -server.conf
484 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
487 description: Partition Power to use when building Swift rings
491 description: The password for the swift service account, used by the swift proxy
498 description: How many replicas to use in the swift rings.
499 VirtualIP: # DEPRECATED: use per service settings instead
501 default: '' # Has to be here because of the ignored empty value bug
508 GlanceRegistryVirtualIP:
514 KeystoneAdminApiVirtualIP:
517 KeystonePublicApiVirtualIP:
523 EnablePackageInstall:
525 description: Set to true to enable package installation via Puppet
529 description: Mapping of service_name -> network name. Typically set
530 via parameter_defaults in the resource registry.
536 Setting to a previously unused value during stack-update will trigger
537 package update on all nodes
540 default: '' # Defaults to Heat created hostname
545 type: OS::Nova::Server
547 image: {get_param: Image}
548 image_update_policy: {get_param: ImageUpdatePolicy}
549 flavor: {get_param: Flavor}
550 key_name: {get_param: KeyName}
553 user_data_format: SOFTWARE_CONFIG
554 user_data: {get_resource: UserData}
555 name: {get_param: Hostname}
557 # Combine the NodeAdminUserData and NodeUserData mime archives
559 type: OS::Heat::MultipartMime
562 - config: {get_resource: NodeAdminUserData}
564 - config: {get_resource: NodeUserData}
567 # Creates the "heat-admin" user if configured via the environment
568 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
570 type: OS::TripleO::NodeAdminUserData
572 # For optional operator additional userdata
573 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
575 type: OS::TripleO::NodeUserData
578 type: OS::TripleO::Controller::Ports::ExternalPort
580 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
583 type: OS::TripleO::Controller::Ports::InternalApiPort
585 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
588 type: OS::TripleO::Controller::Ports::StoragePort
590 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
593 type: OS::TripleO::Controller::Ports::StorageMgmtPort
595 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
598 type: OS::TripleO::Controller::Ports::TenantPort
600 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
603 type: OS::TripleO::Network::Ports::NetIpMap
605 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
606 ExternalIp: {get_attr: [ExternalPort, ip_address]}
607 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
608 StorageIp: {get_attr: [StoragePort, ip_address]}
609 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
610 TenantIp: {get_attr: [TenantPort, ip_address]}
613 type: OS::TripleO::Network::Ports::NetIpSubnetMap
615 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
616 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
617 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
618 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
619 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
620 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
623 type: OS::TripleO::Controller::Net::SoftwareConfig
625 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
626 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
627 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
628 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
629 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
630 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
633 type: OS::TripleO::SoftwareDeployment
635 config: {get_resource: NetworkConfig}
636 server: {get_resource: Controller}
639 interface_name: {get_param: NeutronPublicInterface}
641 ControllerDeployment:
642 type: OS::TripleO::SoftwareDeployment
643 depends_on: NetworkDeployment
645 config: {get_resource: ControllerConfig}
646 server: {get_resource: Controller}
648 bootstack_nodeid: {get_attr: [Controller, name]}
649 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
650 heat.watch_server_url:
654 - {get_param: HeatApiVirtualIP}
656 heat.metadata_server_url:
660 - {get_param: HeatApiVirtualIP}
662 heat.waitcondition_server_url:
666 - {get_param: HeatApiVirtualIP}
667 - ':8000/v1/waitcondition'
668 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
669 horizon_secret: {get_param: HorizonSecret}
670 admin_password: {get_param: AdminPassword}
671 admin_token: {get_param: AdminToken}
672 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
673 debug: {get_param: Debug}
674 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
675 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
676 cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
679 template: "['SERVERS']"
684 - {get_param: CinderNfsServers}
685 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
686 cinder_password: {get_param: CinderPassword}
687 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
688 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
689 cinder_backend_config: {get_param: CinderBackendConfig}
693 - - 'mysql://cinder:'
694 - {get_param: CinderPassword}
696 - {get_param: MysqlVirtualIP}
698 glance_port: {get_param: GlancePort}
699 glance_password: {get_param: GlancePassword}
700 glance_backend: {get_param: GlanceBackend}
701 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
702 glance_log_file: {get_param: GlanceLogFile}
706 - - 'mysql://glance:'
707 - {get_param: GlancePassword}
709 - {get_param: MysqlVirtualIP}
711 heat_password: {get_param: HeatPassword}
712 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
717 - {get_param: HeatPassword}
719 - {get_param: MysqlVirtualIP}
721 keystone_auth_address: {list_join: ['', ['http://', {get_param: KeystonePublicApiVirtualIP} , ':5000/v2.0']]}
722 keystone_ca_certificate: {get_param: KeystoneCACertificate}
723 keystone_signing_key: {get_param: KeystoneSigningKey}
724 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
725 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
726 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
727 keystone_notification_driver: {get_param: KeystoneNotificationDriver}
728 keystone_notification_format: {get_param: KeystoneNotificationFormat}
732 - - 'mysql://keystone:'
733 - {get_param: AdminToken}
735 - {get_param: MysqlVirtualIP}
737 keystone_identity_uri:
741 - {get_param: KeystoneAdminApiVirtualIP}
747 - {get_param: KeystonePublicApiVirtualIP}
753 - {get_param: KeystonePublicApiVirtualIP}
754 - ':5000/v2.0/ec2tokens'
755 enable_fencing: {get_param: EnableFencing}
756 enable_galera: {get_param: EnableGalera}
757 enable_ceph_storage: {get_param: EnableCephStorage}
758 enable_swift_storage: {get_param: EnableSwiftStorage}
759 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
760 mysql_max_connections: {get_param: MysqlMaxConnections}
761 mysql_root_password: {get_param: MysqlRootPassword}
764 template: tripleo-CLUSTER
766 CLUSTER: {get_param: MysqlClusterUniquePart}
767 neutron_flat_networks: {get_param: NeutronFlatNetworks}
768 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
769 neutron_agent_mode: {get_param: NeutronAgentMode}
770 neutron_router_distributed: {get_param: NeutronDVR}
771 neutron_core_plugin: {get_param: NeutronCorePlugin}
772 neutron_service_plugins:
774 template: "['PLUGINS']"
779 - {get_param: NeutronServicePlugins}
780 neutron_type_drivers:
782 template: "['DRIVERS']"
787 - {get_param: NeutronTypeDrivers}
788 neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers}
789 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
790 neutron_l3_ha: {get_param: NeutronL3HA}
791 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
792 neutron_network_vlan_ranges:
794 template: "['RANGES']"
799 - {get_param: NeutronNetworkVLANRanges}
800 neutron_bridge_mappings: {get_param: NeutronBridgeMappings}
801 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
802 neutron_public_interface: {get_param: NeutronPublicInterface}
803 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
804 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
805 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
806 neutron_tenant_network_type: {get_param: NeutronNetworkType}
807 neutron_tunnel_types: {get_param: NeutronTunnelTypes}
808 neutron_tunnel_id_ranges:
810 template: "['RANGES']"
815 - {get_param: NeutronTunnelIdRanges}
818 template: "['RANGES']"
823 - {get_param: NeutronVniRanges}
824 neutron_password: {get_param: NeutronPassword}
825 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
829 - - 'mysql://neutron:'
830 - {get_param: NeutronPassword}
832 - {get_param: MysqlVirtualIP}
833 - '/ovs_neutron?charset=utf8'
838 - {get_param: NeutronApiVirtualIP}
840 neutron_admin_auth_url:
844 - {get_param: KeystoneAdminApiVirtualIP}
846 ceilometer_backend: {get_param: CeilometerBackend}
847 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
848 ceilometer_password: {get_param: CeilometerPassword}
849 ceilometer_coordination_url:
853 - {get_param: RedisVirtualIP}
858 - - 'mysql://ceilometer:unset@'
859 - {get_param: MysqlVirtualIP}
861 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
862 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
863 nova_password: {get_param: NovaPassword}
868 - {get_param: NovaPassword}
870 - {get_param: MysqlVirtualIP}
872 fencing_config: {get_param: FencingConfig}
873 pcsd_password: {get_param: PcsdPassword}
874 rabbit_username: {get_param: RabbitUserName}
875 rabbit_password: {get_param: RabbitPassword}
876 rabbit_cookie: {get_param: RabbitCookie}
877 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
878 rabbit_client_port: {get_param: RabbitClientPort}
879 mongodb_no_journal: {get_param: MongoDbNoJournal}
882 template: '["server"]'
884 server: {get_param: NtpServer}
885 control_virtual_interface: {get_param: ControlVirtualInterface}
886 public_virtual_interface: {get_param: PublicVirtualInterface}
887 swift_hash_suffix: {get_param: SwiftHashSuffix}
888 swift_password: {get_param: SwiftPassword}
889 swift_part_power: {get_param: SwiftPartPower}
890 swift_replicas: {get_param: SwiftReplicas}
891 swift_min_part_hours: {get_param: SwiftMinPartHours}
892 swift_mount_check: {get_param: SwiftMountCheck}
893 enable_package_install: {get_param: EnablePackageInstall}
894 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
895 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
896 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
897 cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
898 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
899 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
900 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
904 - - {get_param: GlanceProtocol}
906 - {get_param: GlanceApiVirtualIP}
908 - {get_param: GlancePort}
909 glance_registry_host: {get_param: GlanceRegistryVirtualIP}
910 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
911 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
912 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
913 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
914 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
915 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
916 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
917 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
918 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
919 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
920 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
921 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
922 redis_vip: {get_param: RedisVirtualIP}
923 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
924 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
925 mysql_virtual_ip: {get_param: MysqlVirtualIP}
926 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
927 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
928 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
930 # Map heat metadata into hiera datafiles
932 type: OS::Heat::StructuredConfig
934 group: os-apply-config
939 - heat_config_%{::deploy_config_name}
940 - controller_extraconfig
945 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
946 - ceph_cluster # provided by CephClusterConfig
948 - bootstrap_node # provided by BootstrapNodeConfig
949 - all_nodes # provided by allNodesConfig
950 - vip_data # provided by vip-config
953 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
954 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
955 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
956 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
958 controller_extraconfig:
959 mapped_data: {get_param: ControllerExtraConfig}
961 mapped_data: {get_param: ExtraConfig}
963 raw_data: {get_file: hieradata/common.yaml}
965 raw_data: {get_file: hieradata/ceph.yaml}
967 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
968 ceph::profile::params::public_network: {get_input: ceph_public_network}
969 ceph::mon::public_addr: {get_input: ceph_public_ip}
971 raw_data: {get_file: hieradata/database.yaml}
973 raw_data: {get_file: hieradata/object.yaml}
975 raw_data: {get_file: hieradata/controller.yaml}
976 mapped_data: # data supplied directly to this deployment configuration, etc
977 bootstack_nodeid: {get_input: bootstack_nodeid}
980 enable_fencing: {get_input: enable_fencing}
981 hacluster_pwd: {get_input: pcsd_password}
982 tripleo::fencing::config: {get_input: fencing_config}
985 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
986 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
987 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
988 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
989 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
990 swift::proxy::authtoken::admin_password: {get_input: swift_password}
991 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
992 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
993 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
994 swift_mount_check: {get_input: swift_mount_check}
996 # NOTE(dprince): build_ring support is currently not wired in.
997 # See: https://review.openstack.org/#/c/109225/
998 tripleo::ringbuilder::build_ring: True
1001 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
1002 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
1003 cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
1004 cinder_nfs_servers: {get_input: cinder_nfs_servers}
1005 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
1006 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
1007 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
1008 cinder::database_connection: {get_input: cinder_dsn}
1009 cinder::api::keystone_password: {get_input: cinder_password}
1010 cinder::api::auth_uri: {get_input: keystone_auth_uri}
1011 cinder::api::identity_uri: {get_input: keystone_identity_uri}
1012 cinder::api::bind_host: {get_input: cinder_api_network}
1013 cinder::rabbit_userid: {get_input: rabbit_username}
1014 cinder::rabbit_password: {get_input: rabbit_password}
1015 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1016 cinder::rabbit_port: {get_input: rabbit_client_port}
1017 cinder::debug: {get_input: debug}
1018 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
1019 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
1020 cinder_backend_config: {get_input: CinderBackendConfig}
1021 cinder::db::mysql::password: {get_input: cinder_password}
1024 glance::api::bind_port: {get_input: glance_port}
1025 glance::api::bind_host: {get_input: glance_api_network}
1026 glance::api::auth_uri: {get_input: keystone_auth_uri}
1027 glance::api::identity_uri: {get_input: keystone_identity_uri}
1028 glance::api::registry_host: {get_input: glance_registry_host}
1029 glance::api::keystone_password: {get_input: glance_password}
1030 glance::api::debug: {get_input: debug}
1031 glance_notifier_strategy: {get_input: glance_notifier_strategy}
1032 glance_log_file: {get_input: glance_log_file}
1033 glance_log_file: {get_input: glance_log_file}
1034 glance::api::database_connection: {get_input: glance_dsn}
1035 glance::registry::keystone_password: {get_input: glance_password}
1036 glance::registry::database_connection: {get_input: glance_dsn}
1037 glance::registry::bind_host: {get_input: glance_registry_network}
1038 glance::registry::auth_uri: {get_input: keystone_auth_uri}
1039 glance::registry::identity_uri: {get_input: keystone_identity_uri}
1040 glance::registry::debug: {get_input: debug}
1041 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_address}
1042 glance::backend::swift::swift_store_user: service:glance
1043 glance::backend::swift::swift_store_key: {get_input: glance_password}
1044 glance_backend: {get_input: glance_backend}
1045 glance::db::mysql::password: {get_input: glance_password}
1048 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
1049 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
1050 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
1051 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
1052 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
1053 heat::rabbit_userid: {get_input: rabbit_username}
1054 heat::rabbit_password: {get_input: rabbit_password}
1055 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1056 heat::rabbit_port: {get_input: rabbit_client_port}
1057 heat::auth_uri: {get_input: keystone_auth_uri}
1058 heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
1059 heat::identity_uri: {get_input: keystone_identity_uri}
1060 heat::keystone_password: {get_input: heat_password}
1061 heat::api::bind_host: {get_input: heat_api_network}
1062 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
1063 heat::api_cfn::bind_host: {get_input: heat_api_network}
1064 heat::database_connection: {get_input: heat_dsn}
1065 heat::debug: {get_input: debug}
1066 heat::db::mysql::password: {get_input: heat_password}
1069 keystone::admin_token: {get_input: admin_token}
1070 keystone_ca_certificate: {get_input: keystone_ca_certificate}
1071 keystone_signing_key: {get_input: keystone_signing_key}
1072 keystone_signing_certificate: {get_input: keystone_signing_certificate}
1073 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
1074 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
1075 keystone::database_connection: {get_input: keystone_dsn}
1076 keystone::public_bind_host: {get_input: keystone_public_api_network}
1077 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
1078 keystone::debug: {get_input: debug}
1079 keystone::db::mysql::password: {get_input: admin_token}
1080 keystone::rabbit_userid: {get_input: rabbit_username}
1081 keystone::rabbit_password: {get_input: rabbit_password}
1082 keystone::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1083 keystone::rabbit_port: {get_input: rabbit_client_port}
1084 keystone::notification_driver: {get_input: keystone_notification_driver}
1085 keystone::notification_format: {get_input: keystone_notification_format}
1087 mongodb::server::bind_ip: {get_input: mongo_db_network}
1088 mongodb::server::nojournal: {get_input: mongodb_no_journal}
1090 admin_password: {get_input: admin_password}
1091 enable_galera: {get_input: enable_galera}
1092 enable_ceph_storage: {get_input: enable_ceph_storage}
1093 enable_swift_storage: {get_input: enable_swift_storage}
1094 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
1095 mysql_max_connections: {get_input: mysql_max_connections}
1096 mysql::server::root_password: {get_input: mysql_root_password}
1097 mysql_cluster_name: {get_input: mysql_cluster_name}
1098 mysql_bind_host: {get_input: mysql_network}
1099 mysql_virtual_ip: {get_input: mysql_virtual_ip}
1102 neutron::bind_host: {get_input: neutron_api_network}
1103 neutron::rabbit_password: {get_input: rabbit_password}
1104 neutron::rabbit_user: {get_input: rabbit_user}
1105 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1106 neutron::rabbit_port: {get_input: rabbit_client_port}
1107 neutron::debug: {get_input: debug}
1108 neutron::server::auth_uri: {get_input: keystone_auth_uri}
1109 neutron::server::identity_uri: {get_input: keystone_identity_uri}
1110 neutron::server::database_connection: {get_input: neutron_dsn}
1111 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
1112 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
1113 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
1114 neutron_flat_networks: {get_input: neutron_flat_networks}
1115 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1116 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
1117 neutron_agent_mode: {get_input: neutron_agent_mode}
1118 neutron_router_distributed: {get_input: neutron_router_distributed}
1119 neutron::core_plugin: {get_input: neutron_core_plugin}
1120 neutron::service_plugins: {get_input: neutron_service_plugins}
1121 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
1122 neutron_mechanism_drivers: {get_input: neutron_mechanism_drivers}
1123 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
1124 neutron::server::l3_ha: {get_input: neutron_l3_ha}
1125 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
1126 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
1127 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
1128 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
1129 neutron_bridge_mappings: {get_input: neutron_bridge_mappings}
1130 neutron_public_interface: {get_input: neutron_public_interface}
1131 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
1132 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
1133 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
1134 neutron_tenant_network_type: {get_input: neutron_tenant_network_type}
1135 neutron_tunnel_types: {get_input: neutron_tunnel_types}
1136 neutron::server::auth_password: {get_input: neutron_password}
1137 neutron::agents::metadata::auth_password: {get_input: neutron_password}
1138 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
1139 neutron_dsn: {get_input: neutron_dsn}
1140 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1141 neutron::db::mysql::password: {get_input: neutron_password}
1144 ceilometer_backend: {get_input: ceilometer_backend}
1145 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1146 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1147 ceilometer::rabbit_userid: {get_input: rabbit_username}
1148 ceilometer::rabbit_password: {get_input: rabbit_password}
1149 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1150 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1151 ceilometer::debug: {get_input: debug}
1152 ceilometer::api::host: {get_input: ceilometer_api_network}
1153 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1154 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1155 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1156 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1157 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_address}
1158 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1159 ceilometer::db::mysql::password: {get_input: ceilometer_password}
1160 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1161 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1164 nova::rabbit_userid: {get_input: rabbit_username}
1165 nova::rabbit_password: {get_input: rabbit_password}
1166 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1167 nova::rabbit_port: {get_input: rabbit_client_port}
1168 nova::debug: {get_input: debug}
1169 nova::api::auth_uri: {get_input: keystone_auth_uri}
1170 nova::api::identity_uri: {get_input: keystone_identity_uri}
1171 nova::api::api_bind_address: {get_input: nova_api_network}
1172 nova::api::metadata_listen: {get_input: nova_metadata_network}
1173 nova::api::admin_password: {get_input: nova_password}
1174 nova::database_connection: {get_input: nova_dsn}
1175 nova::glance_api_servers: {get_input: glance_api_servers}
1176 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1177 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
1178 nova::network::neutron::neutron_url: {get_input: neutron_url}
1179 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
1180 nova::vncproxy::host: {get_input: nova_api_network}
1181 nova::db::mysql::password: {get_input: nova_password}
1184 apache::ip: {get_input: horizon_network}
1185 horizon::django_debug: {get_input: debug}
1186 horizon::secret_key: {get_input: horizon_secret}
1187 horizon::bind_address: {get_input: horizon_network}
1188 horizon::keystone_url: {get_input: keystone_auth_uri}
1191 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1192 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1194 redis::bind: {get_input: redis_network}
1195 redis_vip: {get_input: redis_vip}
1197 memcached::listen_ip: {get_input: memcached_network}
1198 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1199 ntp::servers: {get_input: ntp_servers}
1200 control_virtual_interface: {get_input: control_virtual_interface}
1201 public_virtual_interface: {get_input: public_virtual_interface}
1202 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1203 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1204 tripleo::packages::enable_install: {get_input: enable_package_install}
1205 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1207 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1208 ControllerExtraConfigPre:
1209 depends_on: ControllerDeployment
1210 type: OS::TripleO::ControllerExtraConfigPre
1212 server: {get_resource: Controller}
1214 # Hook for site-specific additional pre-deployment config,
1215 # applying to all nodes, e.g node registration/unregistration
1217 depends_on: ControllerExtraConfigPre
1218 type: OS::TripleO::NodeExtraConfig
1220 server: {get_resource: Controller}
1223 type: OS::TripleO::Tasks::PackageUpdate
1226 type: OS::Heat::SoftwareDeployment
1228 config: {get_resource: UpdateConfig}
1229 server: {get_resource: Controller}
1232 get_param: UpdateIdentifier
1236 description: IP address of the server in the ctlplane network
1237 value: {get_attr: [Controller, networks, ctlplane, 0]}
1238 external_ip_address:
1239 description: IP address of the server in the external network
1240 value: {get_attr: [ExternalPort, ip_address]}
1241 internal_api_ip_address:
1242 description: IP address of the server in the internal_api network
1243 value: {get_attr: [InternalApiPort, ip_address]}
1245 description: IP address of the server in the storage network
1246 value: {get_attr: [StoragePort, ip_address]}
1247 storage_mgmt_ip_address:
1248 description: IP address of the server in the storage_mgmt network
1249 value: {get_attr: [StorageMgmtPort, ip_address]}
1251 description: IP address of the server in the tenant network
1252 value: {get_attr: [TenantPort, ip_address]}
1254 description: Hostname of the server
1255 value: {get_attr: [Controller, name]}
1258 Node object in the format {ip: ..., name: ...} format that the corosync
1261 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1262 name: {get_attr: [Controller, name]}
1265 Server's IP address and hostname in the /etc/hosts format
1268 template: IP HOST.localdomain HOST CLOUDNAME
1270 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1271 HOST: {get_attr: [Controller, name]}
1272 CLOUDNAME: {get_param: CloudName}
1273 nova_server_resource:
1274 description: Heat resource handle for the Nova compute server
1276 {get_resource: Controller}
1278 description: Swift device formatted for swift-ring-builder
1281 template: 'r1z1-IP:%PORT%/d1'
1283 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1284 swift_proxy_memcache:
1285 description: Swift proxy-memcache value
1288 template: "IP:11211"
1290 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1292 description: identifier which changes if the controller configuration may need re-applying
1296 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1297 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1298 - {get_param: UpdateIdentifier}
Code Review / apex-tripleo-heat-templates.git / blob