1 heat_template_version: 2016-04-08
4 OpenStack controller node configured by Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
12 description: The password for the aodh services.
15 controllerExtraConfig:
18 Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
20 ControllerExtraConfig:
23 Controller specific hiera configuration data to inject into the cluster.
28 A network mapped list of IPs to assign to Controllers in the following form:
30 "internal_api": ["a.b.c.d", "e.f.g.h"],
34 ControlVirtualInterface:
36 description: Interface where virtual ip will be assigned.
40 description: Enable IPv6 in Corosync
44 description: Set to True to enable debugging on all services.
48 description: Whether to enable fencing in Pacemaker or not.
52 description: Whether to use Galera instead of regular MariaDB.
56 description: Whether to deploy a LoadBalancer on the Controller
61 Additional hieradata to inject into the cluster, note that
62 ControllerExtraConfig takes precedence over ExtraConfig.
67 Pacemaker fencing configuration. The JSON should have
68 the following structure:
72 "agent": "AGENT_NAME",
73 "host_mac": "HOST_MAC_ADDRESS",
74 "params": {"PARAM_NAME": "PARAM_VALUE"}
83 "host_mac": "52:54:00:aa:bb:cc",
85 "multicast_address": "225.0.0.12",
86 "port": "baremetal_0",
88 "manage_key_file": true,
89 "key_file": "/etc/fence_xvm.key",
90 "key_file_password": "abcdef"
97 description: Flavor for control nodes to request when deploying.
100 - custom_constraint: nova.flavor
103 description: The short name of the Gnocchi backend to use. Should be one
104 of swift, rbd, or file
107 - allowed_values: ['swift', 'file', 'rbd']
108 GnocchiIndexerBackend:
110 description: The short name of the Gnocchi indexer backend to use.
113 description: The password for the gnocchi service and db account.
116 HAProxyStatsPassword:
117 description: Password for HAProxy stats endpoint
120 description: User for HAProxy stats endpoint
123 HAProxySyslogAddress:
125 description: Syslog address where HAproxy will send its log
127 HeatAuthEncryptionKey:
128 description: Auth encryption key for heat-engine
132 description: Secret key for Django
137 default: overcloud-control
139 - custom_constraint: glance.image
141 default: 'REBUILD_PRESERVE_EPHEMERAL'
142 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
144 InstanceNameTemplate:
145 default: 'instance-%08x'
146 description: Template string to be used to generate instance names
150 description: Name of an existing Nova key pair to enable SSH access to the instances
153 - custom_constraint: nova.keypair
157 description: Keystone region for endpoint
160 description: Whether to manage IPtables rules.
164 description: Enable IPv6 features in Memcached.
168 description: Whether IPtables rules should be purged before setting up the new ones.
170 MysqlClusterUniquePart:
171 description: A unique identifier of the MySQL cluster the controller is in.
173 default: 'unset' # Has to be here because of the ignored empty value bug
174 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
176 # - length: {min: 4, max: 10}
177 MysqlInnodbBufferPoolSize:
179 Specifies the size of the buffer pool in megabytes. Setting to
180 zero should be interpreted as "no value" and will defer to the
185 description: Configures MySQL max_connections config setting
188 MysqlClustercheckPassword:
194 default: '' # Has to be here because of the ignored empty value bug
195 NeutronMetadataProxySharedSecret:
196 description: Shared secret to prevent spoofing
200 description: The password for the neutron service and db account, used by neutron agents.
203 NeutronPublicInterface:
205 description: What interface to bridge onto br-ex for network nodes.
210 Whether to create cron job for purging soft deleted rows in Nova database.
214 description: Enable IPv6 features in Nova
217 description: The password for the nova service and db account, used by nova-api.
222 description: The password for the 'pcsd' user.
224 PublicVirtualInterface:
227 Specifies the interface where the public-facing virtual ip will be assigned.
228 This should be int_public when a VLAN is being used.
232 default: '' # Has to be here because of the ignored empty value bug
235 description: The password for RabbitMQ
240 description: The username for RabbitMQ
245 Rabbit client subscriber parameter to specify
246 an SSL connection to the RabbitMQ host.
250 description: Set rabbit subscriber port, change this if using SSL
253 description: The password for Redis
258 default: '' # Has to be here because of the ignored empty value bug
261 default: '' # Has to be here because of the ignored empty value bug
262 description: An IP address which is wrapped in brackets in case of IPv6
264 description: A random string to be used as a salt when hashing to determine mappings
271 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
274 description: Partition Power to use when building Swift rings
278 description: Whether to manage Swift rings or not
283 description: How many replicas to use in the swift rings.
284 UpgradeLevelNovaCompute:
286 description: Nova Compute upgrade level
291 EnablePackageInstall:
293 description: Set to true to enable package installation via Puppet
297 description: Mapping of service_name -> network name. Typically set
298 via parameter_defaults in the resource registry.
302 description: Mapping of service endpoint -> protocol. Typically set
303 via parameter_defaults in the resource registry.
309 Setting to a previously unused value during stack-update will trigger
310 package update on all nodes
313 default: '' # Defaults to Heat created hostname
317 description: Optional mapping to override hostnames
318 NetworkDeploymentActions:
319 type: comma_delimited_list
321 Heat action when to apply network configuration changes
326 SoftwareConfigTransport:
327 default: POLL_SERVER_CFN
329 How the server should receive the metadata required for software configuration.
332 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
337 The DNS domain used for the hosts. This should match the dhcp_domain
338 configured in the Undercloud neutron. Defaults to localdomain.
342 Extra properties or metadata passed to Nova for the created nodes in
343 the overcloud. It's accessible via the Nova metadata API.
347 description: Optional scheduler hints to pass to nova
349 ServiceConfigSettings:
354 description: Command which will be run whenever configuration data changes
355 default: os-refresh-config --timeout 14400
359 description: Do not use deprecated params, they will be removed.
361 - controllerExtraConfig
366 type: OS::TripleO::Server
369 command: {get_param: ConfigCommand}
371 image: {get_param: Image}
372 image_update_policy: {get_param: ImageUpdatePolicy}
373 flavor: {get_param: Flavor}
374 key_name: {get_param: KeyName}
377 user_data_format: SOFTWARE_CONFIG
378 user_data: {get_resource: UserData}
381 template: {get_param: Hostname}
382 params: {get_param: HostnameMap}
383 software_config_transport: {get_param: SoftwareConfigTransport}
384 metadata: {get_param: ServerMetadata}
385 scheduler_hints: {get_param: SchedulerHints}
387 # Combine the NodeAdminUserData and NodeUserData mime archives
389 type: OS::Heat::MultipartMime
392 - config: {get_resource: NodeAdminUserData}
394 - config: {get_resource: NodeUserData}
397 # Creates the "heat-admin" user if configured via the environment
398 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
400 type: OS::TripleO::NodeAdminUserData
402 # For optional operator additional userdata
403 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
405 type: OS::TripleO::NodeUserData
408 type: OS::TripleO::Controller::Ports::ExternalPort
410 IPPool: {get_param: ControllerIPs}
411 NodeIndex: {get_param: NodeIndex}
412 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
415 type: OS::TripleO::Controller::Ports::InternalApiPort
417 IPPool: {get_param: ControllerIPs}
418 NodeIndex: {get_param: NodeIndex}
419 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
422 type: OS::TripleO::Controller::Ports::StoragePort
424 IPPool: {get_param: ControllerIPs}
425 NodeIndex: {get_param: NodeIndex}
426 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
429 type: OS::TripleO::Controller::Ports::StorageMgmtPort
431 IPPool: {get_param: ControllerIPs}
432 NodeIndex: {get_param: NodeIndex}
433 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
436 type: OS::TripleO::Controller::Ports::TenantPort
438 IPPool: {get_param: ControllerIPs}
439 NodeIndex: {get_param: NodeIndex}
440 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
443 type: OS::TripleO::Controller::Ports::ManagementPort
445 IPPool: {get_param: ControllerIPs}
446 NodeIndex: {get_param: NodeIndex}
447 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
450 type: OS::TripleO::Network::Ports::NetIpMap
452 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
453 ExternalIp: {get_attr: [ExternalPort, ip_address]}
454 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
455 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
456 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
457 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
458 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
459 StorageIp: {get_attr: [StoragePort, ip_address]}
460 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
461 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
462 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
463 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
464 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
465 TenantIp: {get_attr: [TenantPort, ip_address]}
466 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
467 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
468 ManagementIp: {get_attr: [ManagementPort, ip_address]}
469 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
470 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
473 type: OS::TripleO::Controller::Net::SoftwareConfig
475 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
476 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
477 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
478 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
479 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
480 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
481 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
484 type: OS::TripleO::SoftwareDeployment
486 name: NetworkDeployment
487 config: {get_resource: NetworkConfig}
488 server: {get_resource: Controller}
489 actions: {get_param: NetworkDeploymentActions}
492 interface_name: {get_param: NeutronPublicInterface}
494 # Resource for site-specific injection of root certificate
496 depends_on: NetworkDeployment
497 type: OS::TripleO::NodeTLSCAData
499 server: {get_resource: Controller}
501 # Resource for site-specific passing of private keys/certificates
503 depends_on: NodeTLSCAData
504 type: OS::TripleO::NodeTLSData
506 server: {get_resource: Controller}
507 NodeIndex: {get_param: NodeIndex}
510 ControllerDeployment:
511 type: OS::TripleO::SoftwareDeployment
512 depends_on: NetworkDeployment
514 name: ControllerDeployment
515 config: {get_resource: ControllerConfig}
516 server: {get_resource: Controller}
518 bootstack_nodeid: {get_attr: [Controller, name]}
519 haproxy_log_address: {get_param: HAProxySyslogAddress}
520 haproxy_stats_password: {get_param: HAProxyStatsPassword}
521 haproxy_stats_user: {get_param: HAProxyStatsUser}
522 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
523 horizon_secret: {get_param: HorizonSecret}
524 admin_password: {get_param: AdminPassword}
525 debug: {get_param: Debug}
526 cinder_public_url: {get_param: [EndpointMap, CinderPublic, uri]}
527 cinder_internal_url: {get_param: [EndpointMap, CinderInternal, uri]}
528 cinder_admin_url: {get_param: [EndpointMap, CinderAdmin, uri]}
529 cinder_public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]}
530 cinder_internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]}
531 cinder_admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]}
532 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
533 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
534 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
535 enable_fencing: {get_param: EnableFencing}
536 enable_galera: {get_param: EnableGalera}
537 enable_load_balancer: {get_param: EnableLoadBalancer}
538 manage_firewall: {get_param: ManageFirewall}
539 purge_firewall_rules: {get_param: PurgeFirewallRules}
540 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
541 mysql_max_connections: {get_param: MysqlMaxConnections}
542 mysql_root_password: {get_param: MysqlRootPassword}
543 mysql_clustercheck_password: {get_param: MysqlClustercheckPassword}
546 template: tripleo-CLUSTER
548 CLUSTER: {get_param: MysqlClusterUniquePart}
549 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
550 neutron_password: {get_param: NeutronPassword}
551 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
552 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
553 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
554 neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
555 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
556 aodh_password: {get_param: AodhPassword}
557 aodh_internal_url: { get_param: [ EndpointMap, AodhInternal, uri ] }
558 aodh_public_url: { get_param: [ EndpointMap, AodhPublic, uri ] }
559 aodh_admin_url: { get_param: [ EndpointMap, AodhAdmin, uri ] }
560 gnocchi_password: {get_param: GnocchiPassword}
561 gnocchi_backend: {get_param: GnocchiBackend}
562 gnocchi_indexer_backend: {get_param: GnocchiIndexerBackend}
563 ceilometer_coordination_url:
567 - {get_param: RedisPassword}
569 - {get_param: RedisVirtualIPUri}
574 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
576 - {get_param: GnocchiPassword}
578 - {get_param: [EndpointMap, MysqlInternal, host]}
583 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
585 - {get_param: AodhPassword}
587 - {get_param: [EndpointMap, MysqlInternal, host]}
589 gnocchi_internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]}
590 gnocchi_public_url: { get_param: [ EndpointMap, GnocchiPublic, uri ] }
591 gnocchi_admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] }
592 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
593 nova_ipv6: {get_param: NovaIPv6}
594 corosync_ipv6: {get_param: CorosyncIPv6}
595 memcached_ipv6: {get_param: MemcachedIPv6}
596 nova_password: {get_param: NovaPassword}
600 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
602 - {get_param: NovaPassword}
604 - {get_param: [EndpointMap, MysqlInternal, host]}
609 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
611 - {get_param: NovaPassword}
613 - {get_param: [EndpointMap, MysqlInternal, host]}
615 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
616 instance_name_template: {get_param: InstanceNameTemplate}
617 nova_public_url: {get_param: [EndpointMap, NovaPublic, uri]}
618 nova_internal_url: {get_param: [EndpointMap, NovaInternal, uri]}
619 nova_admin_url: {get_param: [EndpointMap, NovaAdmin, uri]}
620 fencing_config: {get_param: FencingConfig}
621 pcsd_password: {get_param: PcsdPassword}
622 rabbit_username: {get_param: RabbitUserName}
623 rabbit_password: {get_param: RabbitPassword}
624 rabbit_cookie: {get_param: RabbitCookie}
625 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
626 rabbit_client_port: {get_param: RabbitClientPort}
627 control_virtual_interface: {get_param: ControlVirtualInterface}
628 public_virtual_interface: {get_param: PublicVirtualInterface}
629 swift_hash_suffix: {get_param: SwiftHashSuffix}
630 swift_part_power: {get_param: SwiftPartPower}
631 swift_ring_build: {get_param: SwiftRingBuild}
632 swift_replicas: {get_param: SwiftReplicas}
633 swift_min_part_hours: {get_param: SwiftMinPartHours}
634 enable_package_install: {get_param: EnablePackageInstall}
635 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
636 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
637 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
638 cinder_iscsi_network:
642 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
643 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
644 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
645 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
646 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
647 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
648 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
649 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
650 keystone_region: {get_param: KeystoneRegion}
651 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
652 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
653 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
654 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
655 aodh_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]}
656 gnocchi_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]}
657 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
658 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
659 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
662 template: "['SUBNET']"
664 SUBNET: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
665 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
666 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
667 redis_vip: {get_param: RedisVirtualIP}
668 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
669 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
670 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
671 mysql_virtual_ip: {get_param: MysqlVirtualIP}
672 ceph_cluster_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
673 ceph_public_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
674 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
675 ironic_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]}
677 # Map heat metadata into hiera datafiles
679 type: OS::Heat::StructuredConfig
681 group: os-apply-config
686 - heat_config_%{::deploy_config_name}
687 - controller_extraconfig
693 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
694 - ceph_cluster # provided by CephClusterConfig
696 - bootstrap_node # provided by BootstrapNodeConfig
697 - all_nodes # provided by allNodesConfig
698 - vip_data # provided by vip-config
702 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
703 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
704 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
705 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
706 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
707 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
708 - midonet_data #Optionally provided by AllNodesExtraConfig
709 merge_behavior: deeper
712 mapped_data: {get_param: ServiceConfigSettings}
713 controller_extraconfig:
716 - {get_param: controllerExtraConfig}
717 - {get_param: ControllerExtraConfig}
719 mapped_data: {get_param: ExtraConfig}
721 raw_data: {get_file: hieradata/common.yaml}
724 net_ip_map: {get_attr: [NetIpMap, net_ip_map]}
725 net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]}
726 net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]}
728 raw_data: {get_file: hieradata/ceph.yaml}
730 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
731 ceph::profile::params::public_network: {get_input: ceph_public_network}
732 ceph::profile::params::public_addr: {get_input: ceph_public_ip}
734 raw_data: {get_file: hieradata/database.yaml}
736 raw_data: {get_file: hieradata/object.yaml}
738 raw_data: {get_file: hieradata/controller.yaml}
739 mapped_data: # data supplied directly to this deployment configuration, etc
740 bootstack_nodeid: {get_input: bootstack_nodeid}
743 enable_fencing: {get_input: enable_fencing}
744 enable_load_balancer: {get_input: enable_load_balancer}
745 hacluster_pwd: {get_input: pcsd_password}
746 corosync_ipv6: {get_input: corosync_ipv6}
747 tripleo::fencing::config: {get_input: fencing_config}
750 # FIXME: need to move proxy_local_net_ip into swift-proxy.yaml
751 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
752 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
753 swift::swift_hash_path_suffix: {get_input: swift_hash_suffix}
754 tripleo::ringbuilder::build_ring: { get_input: swift_ring_build }
755 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
756 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
757 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
760 tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: {get_input: cinder_iscsi_network}
761 cinder::api::bind_host: {get_input: cinder_api_network}
762 cinder::keystone::auth::public_url: {get_input: cinder_public_url }
763 cinder::keystone::auth::internal_url: {get_input: cinder_internal_url }
764 cinder::keystone::auth::admin_url: {get_input: cinder_admin_url }
765 cinder::keystone::auth::public_url_v2: {get_input: cinder_public_url_v2 }
766 cinder::keystone::auth::internal_url_v2: {get_input: cinder_internal_url_v2 }
767 cinder::keystone::auth::admin_url_v2: {get_input: cinder_admin_url_v2 }
768 cinder::keystone::auth::password: {get_input: cinder_password }
769 cinder::keystone::auth::region: {get_input: keystone_region}
772 glance::api::bind_host: {get_input: glance_api_network}
773 glance::registry::bind_host: {get_input: glance_registry_network}
774 glance::keystone::auth::region: {get_input: keystone_region}
777 heat::api::bind_host: {get_input: heat_api_network}
778 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
779 heat::api_cfn::bind_host: {get_input: heat_api_network}
780 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
783 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
784 keystone::public_bind_host: {get_input: keystone_public_api_network}
785 keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
786 keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
789 mongodb::server::bind_ip: {get_input: mongo_db_network}
792 admin_password: {get_input: admin_password}
793 enable_galera: {get_input: enable_galera}
794 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
795 mysql_max_connections: {get_input: mysql_max_connections}
796 mysql::server::root_password: {get_input: mysql_root_password}
797 mysql_clustercheck_password: {get_input: mysql_clustercheck_password}
798 mysql_cluster_name: {get_input: mysql_cluster_name}
799 mysql_bind_host: {get_input: mysql_network}
800 mysql_virtual_ip: {get_input: mysql_virtual_ip}
803 neutron::bind_host: {get_input: neutron_api_network}
804 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
805 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
806 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
807 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
808 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
809 neutron::keystone::auth::password: {get_input: neutron_password }
810 neutron::keystone::auth::region: {get_input: keystone_region}
813 ceilometer::api::host: {get_input: ceilometer_api_network}
814 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
815 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
818 aodh_mysql_conn_string: {get_input: aodh_dsn}
819 aodh::rabbit_userid: {get_input: rabbit_username}
820 aodh::rabbit_password: {get_input: rabbit_password}
821 aodh::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
822 aodh::rabbit_port: {get_input: rabbit_client_port}
823 aodh::debug: {get_input: debug}
824 aodh::wsgi::apache::ssl: false
825 aodh::wsgi::apache::bind_host: {get_input: aodh_api_network}
826 aodh::api::service_name: 'httpd'
827 aodh::api::host: {get_input: aodh_api_network}
828 aodh::api::keystone_password: {get_input: aodh_password}
829 aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri}
830 aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri}
831 aodh::auth::auth_url: {get_input: keystone_auth_uri}
832 aodh::auth::auth_password: {get_input: aodh_password}
833 aodh::db::mysql::password: {get_input: aodh_password}
834 # for a migration path from ceilometer-alarm to aodh, we use the same database & coordination
835 aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url}
836 aodh::keystone::auth::public_url: {get_input: aodh_public_url }
837 aodh::keystone::auth::internal_url: {get_input: aodh_internal_url }
838 aodh::keystone::auth::admin_url: {get_input: aodh_admin_url }
839 aodh::keystone::auth::password: {get_input: aodh_password }
840 aodh::keystone::auth::region: {get_input: keystone_region}
843 gnocchi_backend: {get_input: gnocchi_backend}
844 gnocchi_indexer_backend: {get_input: gnocchi_indexer_backend}
845 gnocchi_mysql_conn_string: {get_input: gnocchi_dsn}
846 gnocchi::debug: {get_input: debug}
847 gnocchi::wsgi::apache::ssl: false
848 gnocchi::wsgi::apache::bind_host: {get_input: gnocchi_api_network}
849 gnocchi::api::service_name: 'httpd'
850 gnocchi::api::host: {get_input: gnocchi_api_network}
851 gnocchi::api::keystone_password: {get_input: gnocchi_password}
852 gnocchi::api::keystone_auth_uri: {get_input: keystone_auth_uri}
853 gnocchi::api::keystone_identity_uri: {get_input: keystone_identity_uri}
854 gnocchi::db::mysql::password: {get_input: gnocchi_password}
855 gnocchi::storage::swift::swift_authurl: {get_input: keystone_auth_uri}
856 gnocchi::storage::swift::swift_key: {get_input: gnocchi_password}
857 gnocchi::keystone::auth::public_url: {get_input: gnocchi_public_url }
858 gnocchi::keystone::auth::internal_url: {get_input: gnocchi_internal_url }
859 gnocchi::keystone::auth::admin_url: {get_input: gnocchi_admin_url }
860 gnocchi::keystone::auth::password: {get_input: gnocchi_password }
861 gnocchi::keystone::auth::region: {get_input: keystone_region}
864 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
865 nova::use_ipv6: {get_input: nova_ipv6}
866 nova::api::auth_uri: {get_input: keystone_auth_uri}
867 nova::api::identity_uri: {get_input: keystone_identity_uri}
868 nova::api::api_bind_address: {get_input: nova_api_network}
869 nova::api::metadata_listen: {get_input: nova_metadata_network}
870 nova::api::admin_password: {get_input: nova_password}
871 nova::database_connection: {get_input: nova_dsn}
872 nova::api_database_connection: {get_input: nova_api_dsn}
873 nova::glance_api_servers: {get_input: glance_api_servers}
874 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
875 nova::api::instance_name_template: {get_input: instance_name_template}
876 nova::network::neutron::neutron_password: {get_input: neutron_password}
877 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
878 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
879 nova::vncproxy::host: {get_input: nova_api_network}
880 nova::db::mysql::password: {get_input: nova_password}
881 nova::db::mysql_api::password: {get_input: nova_password}
882 nova_enable_db_purge: {get_input: nova_enable_db_purge}
883 nova::keystone::auth::public_url: {get_input: nova_public_url}
884 nova::keystone::auth::internal_url: {get_input: nova_internal_url}
885 nova::keystone::auth::admin_url: {get_input: nova_admin_url}
886 nova::keystone::auth::password: {get_input: nova_password }
887 nova::keystone::auth::region: {get_input: keystone_region}
890 apache::mod::remoteip::proxy_ips: {get_input: horizon_subnet}
891 apache::ip: {get_input: horizon_network}
892 horizon::django_debug: {get_input: debug}
893 horizon::secret_key: {get_input: horizon_secret}
894 horizon::bind_address: {get_input: horizon_network}
895 horizon::keystone_url: {get_input: keystone_auth_uri}
898 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
899 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
901 redis::bind: {get_input: redis_network}
902 redis_vip: {get_input: redis_vip}
904 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
905 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
907 memcached_ipv6: {get_input: memcached_ipv6}
908 memcached::listen_ip: {get_input: memcached_network}
909 control_virtual_interface: {get_input: control_virtual_interface}
910 public_virtual_interface: {get_input: public_virtual_interface}
911 tripleo::keepalived::control_virtual_interface: {get_input: control_virtual_interface}
912 tripleo::keepalived::public_virtual_interface: {get_input: public_virtual_interface}
913 tripleo::haproxy::control_virtual_interface: {get_input: control_virtual_interface}
914 tripleo::haproxy::public_virtual_interface: {get_input: public_virtual_interface}
915 tripleo::haproxy::haproxy_log_address: {get_input: haproxy_log_address}
916 tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
917 tripleo::haproxy::haproxy_stats_user: {get_input: haproxy_stats_user}
918 tripleo::haproxy::haproxy_stats_password: {get_input: haproxy_stats_password}
919 tripleo::haproxy::redis_password: {get_input: redis_password}
920 tripleo::packages::enable_install: {get_input: enable_package_install}
921 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
923 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
924 ControllerExtraConfigPre:
925 depends_on: ControllerDeployment
926 type: OS::TripleO::ControllerExtraConfigPre
928 server: {get_resource: Controller}
930 # Hook for site-specific additional pre-deployment config,
931 # applying to all nodes, e.g node registration/unregistration
933 depends_on: [ControllerExtraConfigPre, NodeTLSData]
934 type: OS::TripleO::NodeExtraConfig
936 server: {get_resource: Controller}
939 type: OS::TripleO::Tasks::PackageUpdate
942 type: OS::Heat::SoftwareDeployment
944 name: UpdateDeployment
945 config: {get_resource: UpdateConfig}
946 server: {get_resource: Controller}
949 get_param: UpdateIdentifier
953 description: IP address of the server in the ctlplane network
954 value: {get_attr: [Controller, networks, ctlplane, 0]}
956 description: IP address of the server in the external network
957 value: {get_attr: [ExternalPort, ip_address]}
958 internal_api_ip_address:
959 description: IP address of the server in the internal_api network
960 value: {get_attr: [InternalApiPort, ip_address]}
962 description: IP address of the server in the storage network
963 value: {get_attr: [StoragePort, ip_address]}
964 storage_mgmt_ip_address:
965 description: IP address of the server in the storage_mgmt network
966 value: {get_attr: [StorageMgmtPort, ip_address]}
968 description: IP address of the server in the tenant network
969 value: {get_attr: [TenantPort, ip_address]}
970 management_ip_address:
971 description: IP address of the server in the management network
972 value: {get_attr: [ManagementPort, ip_address]}
974 description: Hostname of the server
975 value: {get_attr: [Controller, name]}
978 Server's IP address and hostname in the /etc/hosts format
982 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
983 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
984 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
985 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
986 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
987 TENANTIP TENANTHOST.DOMAIN TENANTHOST
988 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
990 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
991 DOMAIN: {get_param: CloudDomain}
992 PRIMARYHOST: {get_attr: [Controller, name]}
993 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
997 - - {get_attr: [Controller, name]}
999 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
1003 - - {get_attr: [Controller, name]}
1005 STORAGEIP: {get_attr: [StoragePort, ip_address]}
1009 - - {get_attr: [Controller, name]}
1011 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
1015 - - {get_attr: [Controller, name]}
1017 TENANTIP: {get_attr: [TenantPort, ip_address]}
1021 - - {get_attr: [Controller, name]}
1023 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
1027 - - {get_attr: [Controller, name]}
1029 nova_server_resource:
1030 description: Heat resource handle for the Nova compute server
1032 {get_resource: Controller}
1034 description: Swift device formatted for swift-ring-builder
1037 template: 'r1z1-IP:%PORT%/d1'
1039 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1040 swift_proxy_memcache:
1041 description: Swift proxy-memcache value
1044 template: "IP:11211"
1046 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1047 tls_key_modulus_md5:
1048 description: MD5 checksum of the TLS Key Modulus
1049 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1050 tls_cert_modulus_md5:
1051 description: MD5 checksum of the TLS Certificate Modulus
1052 value: {get_attr: [NodeTLSData, cert_modulus_md5]}