1 heat_template_version: 2016-04-08
4 OpenStack controller node configured by Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
12 description: The password for the aodh services.
15 controllerExtraConfig:
18 Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
20 ControllerExtraConfig:
23 Controller specific hiera configuration data to inject into the cluster.
28 A network mapped list of IPs to assign to Controllers in the following form:
30 "internal_api": ["a.b.c.d", "e.f.g.h"],
34 ControlVirtualInterface:
36 description: Interface where virtual ip will be assigned.
40 description: Enable IPv6 in Corosync
44 description: Set to True to enable debugging on all services.
48 description: Whether to enable fencing in Pacemaker or not.
52 description: Whether to use Galera instead of regular MariaDB.
56 description: Whether to deploy a LoadBalancer on the Controller
61 Additional hieradata to inject into the cluster, note that
62 ControllerExtraConfig takes precedence over ExtraConfig.
67 Pacemaker fencing configuration. The JSON should have
68 the following structure:
72 "agent": "AGENT_NAME",
73 "host_mac": "HOST_MAC_ADDRESS",
74 "params": {"PARAM_NAME": "PARAM_VALUE"}
83 "host_mac": "52:54:00:aa:bb:cc",
85 "multicast_address": "225.0.0.12",
86 "port": "baremetal_0",
88 "manage_key_file": true,
89 "key_file": "/etc/fence_xvm.key",
90 "key_file_password": "abcdef"
97 description: Flavor for control nodes to request when deploying.
100 - custom_constraint: nova.flavor
101 HAProxyStatsPassword:
102 description: Password for HAProxy stats endpoint
105 description: User for HAProxy stats endpoint
108 HAProxySyslogAddress:
110 description: Syslog address where HAproxy will send its log
112 HeatAuthEncryptionKey:
113 description: Auth encryption key for heat-engine
117 description: Secret key for Django
122 default: overcloud-control
124 - custom_constraint: glance.image
126 default: 'REBUILD_PRESERVE_EPHEMERAL'
127 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
129 InstanceNameTemplate:
130 default: 'instance-%08x'
131 description: Template string to be used to generate instance names
135 description: Name of an existing Nova key pair to enable SSH access to the instances
138 - custom_constraint: nova.keypair
142 description: Keystone region for endpoint
145 description: Whether to manage IPtables rules.
149 description: Enable IPv6 features in Memcached.
153 description: Whether IPtables rules should be purged before setting up the new ones.
155 MysqlClusterUniquePart:
156 description: A unique identifier of the MySQL cluster the controller is in.
158 default: 'unset' # Has to be here because of the ignored empty value bug
159 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
161 # - length: {min: 4, max: 10}
162 MysqlInnodbBufferPoolSize:
164 Specifies the size of the buffer pool in megabytes. Setting to
165 zero should be interpreted as "no value" and will defer to the
170 description: Configures MySQL max_connections config setting
173 MysqlClustercheckPassword:
179 default: '' # Has to be here because of the ignored empty value bug
180 NeutronMetadataProxySharedSecret:
181 description: Shared secret to prevent spoofing
185 description: The password for the neutron service and db account, used by neutron agents.
188 NeutronPublicInterface:
190 description: What interface to bridge onto br-ex for network nodes.
195 Whether to create cron job for purging soft deleted rows in Nova database.
199 description: Enable IPv6 features in Nova
202 description: The password for the nova service and db account, used by nova-api.
207 description: The password for the 'pcsd' user.
209 PublicVirtualInterface:
212 Specifies the interface where the public-facing virtual ip will be assigned.
213 This should be int_public when a VLAN is being used.
217 default: '' # Has to be here because of the ignored empty value bug
220 description: The password for RabbitMQ
225 description: The username for RabbitMQ
230 Rabbit client subscriber parameter to specify
231 an SSL connection to the RabbitMQ host.
235 description: Set rabbit subscriber port, change this if using SSL
238 description: The password for Redis
243 default: '' # Has to be here because of the ignored empty value bug
246 default: '' # Has to be here because of the ignored empty value bug
247 description: An IP address which is wrapped in brackets in case of IPv6
249 description: A random string to be used as a salt when hashing to determine mappings
256 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
259 description: Partition Power to use when building Swift rings
263 description: Whether to manage Swift rings or not
268 description: How many replicas to use in the swift rings.
269 UpgradeLevelNovaCompute:
271 description: Nova Compute upgrade level
276 EnablePackageInstall:
278 description: Set to true to enable package installation via Puppet
282 description: Mapping of service_name -> network name. Typically set
283 via parameter_defaults in the resource registry.
287 description: Mapping of service endpoint -> protocol. Typically set
288 via parameter_defaults in the resource registry.
294 Setting to a previously unused value during stack-update will trigger
295 package update on all nodes
298 default: '' # Defaults to Heat created hostname
302 description: Optional mapping to override hostnames
303 NetworkDeploymentActions:
304 type: comma_delimited_list
306 Heat action when to apply network configuration changes
311 SoftwareConfigTransport:
312 default: POLL_SERVER_CFN
314 How the server should receive the metadata required for software configuration.
317 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
322 The DNS domain used for the hosts. This should match the dhcp_domain
323 configured in the Undercloud neutron. Defaults to localdomain.
327 Extra properties or metadata passed to Nova for the created nodes in
328 the overcloud. It's accessible via the Nova metadata API.
332 description: Optional scheduler hints to pass to nova
334 ServiceConfigSettings:
338 type: comma_delimited_list
342 description: Command which will be run whenever configuration data changes
343 default: os-refresh-config --timeout 14400
347 description: Do not use deprecated params, they will be removed.
349 - controllerExtraConfig
354 type: OS::TripleO::Server
357 command: {get_param: ConfigCommand}
359 image: {get_param: Image}
360 image_update_policy: {get_param: ImageUpdatePolicy}
361 flavor: {get_param: Flavor}
362 key_name: {get_param: KeyName}
365 user_data_format: SOFTWARE_CONFIG
366 user_data: {get_resource: UserData}
369 template: {get_param: Hostname}
370 params: {get_param: HostnameMap}
371 software_config_transport: {get_param: SoftwareConfigTransport}
372 metadata: {get_param: ServerMetadata}
373 scheduler_hints: {get_param: SchedulerHints}
375 # Combine the NodeAdminUserData and NodeUserData mime archives
377 type: OS::Heat::MultipartMime
380 - config: {get_resource: NodeAdminUserData}
382 - config: {get_resource: NodeUserData}
385 # Creates the "heat-admin" user if configured via the environment
386 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
388 type: OS::TripleO::NodeAdminUserData
390 # For optional operator additional userdata
391 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
393 type: OS::TripleO::NodeUserData
396 type: OS::TripleO::Controller::Ports::ExternalPort
398 IPPool: {get_param: ControllerIPs}
399 NodeIndex: {get_param: NodeIndex}
400 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
403 type: OS::TripleO::Controller::Ports::InternalApiPort
405 IPPool: {get_param: ControllerIPs}
406 NodeIndex: {get_param: NodeIndex}
407 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
410 type: OS::TripleO::Controller::Ports::StoragePort
412 IPPool: {get_param: ControllerIPs}
413 NodeIndex: {get_param: NodeIndex}
414 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
417 type: OS::TripleO::Controller::Ports::StorageMgmtPort
419 IPPool: {get_param: ControllerIPs}
420 NodeIndex: {get_param: NodeIndex}
421 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
424 type: OS::TripleO::Controller::Ports::TenantPort
426 IPPool: {get_param: ControllerIPs}
427 NodeIndex: {get_param: NodeIndex}
428 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
431 type: OS::TripleO::Controller::Ports::ManagementPort
433 IPPool: {get_param: ControllerIPs}
434 NodeIndex: {get_param: NodeIndex}
435 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
438 type: OS::TripleO::Network::Ports::NetIpMap
440 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
441 ExternalIp: {get_attr: [ExternalPort, ip_address]}
442 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
443 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
444 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
445 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
446 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
447 StorageIp: {get_attr: [StoragePort, ip_address]}
448 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
449 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
450 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
451 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
452 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
453 TenantIp: {get_attr: [TenantPort, ip_address]}
454 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
455 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
456 ManagementIp: {get_attr: [ManagementPort, ip_address]}
457 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
458 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
461 type: OS::TripleO::Controller::Net::SoftwareConfig
463 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
464 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
465 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
466 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
467 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
468 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
469 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
472 type: OS::TripleO::SoftwareDeployment
474 name: NetworkDeployment
475 config: {get_resource: NetworkConfig}
476 server: {get_resource: Controller}
477 actions: {get_param: NetworkDeploymentActions}
480 interface_name: {get_param: NeutronPublicInterface}
482 # Resource for site-specific injection of root certificate
484 depends_on: NetworkDeployment
485 type: OS::TripleO::NodeTLSCAData
487 server: {get_resource: Controller}
489 # Resource for site-specific passing of private keys/certificates
491 depends_on: NodeTLSCAData
492 type: OS::TripleO::NodeTLSData
494 server: {get_resource: Controller}
495 NodeIndex: {get_param: NodeIndex}
498 ControllerDeployment:
499 type: OS::TripleO::SoftwareDeployment
500 depends_on: NetworkDeployment
502 name: ControllerDeployment
503 config: {get_resource: ControllerConfig}
504 server: {get_resource: Controller}
506 bootstack_nodeid: {get_attr: [Controller, name]}
507 haproxy_log_address: {get_param: HAProxySyslogAddress}
508 haproxy_stats_password: {get_param: HAProxyStatsPassword}
509 haproxy_stats_user: {get_param: HAProxyStatsUser}
510 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
511 horizon_secret: {get_param: HorizonSecret}
512 admin_password: {get_param: AdminPassword}
513 debug: {get_param: Debug}
514 cinder_public_url: {get_param: [EndpointMap, CinderPublic, uri]}
515 cinder_internal_url: {get_param: [EndpointMap, CinderInternal, uri]}
516 cinder_admin_url: {get_param: [EndpointMap, CinderAdmin, uri]}
517 cinder_public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]}
518 cinder_internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]}
519 cinder_admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]}
520 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
521 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
522 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
523 enable_fencing: {get_param: EnableFencing}
524 enable_galera: {get_param: EnableGalera}
525 enable_load_balancer: {get_param: EnableLoadBalancer}
526 manage_firewall: {get_param: ManageFirewall}
527 purge_firewall_rules: {get_param: PurgeFirewallRules}
528 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
529 mysql_max_connections: {get_param: MysqlMaxConnections}
530 mysql_root_password: {get_param: MysqlRootPassword}
531 mysql_clustercheck_password: {get_param: MysqlClustercheckPassword}
534 template: tripleo-CLUSTER
536 CLUSTER: {get_param: MysqlClusterUniquePart}
537 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
538 neutron_password: {get_param: NeutronPassword}
539 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
540 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
541 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
542 neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
543 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
544 aodh_password: {get_param: AodhPassword}
545 aodh_internal_url: { get_param: [ EndpointMap, AodhInternal, uri ] }
546 aodh_public_url: { get_param: [ EndpointMap, AodhPublic, uri ] }
547 aodh_admin_url: { get_param: [ EndpointMap, AodhAdmin, uri ] }
548 ceilometer_coordination_url:
552 - {get_param: RedisPassword}
554 - {get_param: RedisVirtualIPUri}
559 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
561 - {get_param: AodhPassword}
563 - {get_param: [EndpointMap, MysqlInternal, host]}
565 gnocchi_internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]}
566 gnocchi_public_url: { get_param: [ EndpointMap, GnocchiPublic, uri ] }
567 gnocchi_admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] }
568 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
569 nova_ipv6: {get_param: NovaIPv6}
570 corosync_ipv6: {get_param: CorosyncIPv6}
571 memcached_ipv6: {get_param: MemcachedIPv6}
572 nova_password: {get_param: NovaPassword}
576 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
578 - {get_param: NovaPassword}
580 - {get_param: [EndpointMap, MysqlInternal, host]}
585 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
587 - {get_param: NovaPassword}
589 - {get_param: [EndpointMap, MysqlInternal, host]}
591 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
592 instance_name_template: {get_param: InstanceNameTemplate}
593 nova_public_url: {get_param: [EndpointMap, NovaPublic, uri]}
594 nova_internal_url: {get_param: [EndpointMap, NovaInternal, uri]}
595 nova_admin_url: {get_param: [EndpointMap, NovaAdmin, uri]}
596 fencing_config: {get_param: FencingConfig}
597 pcsd_password: {get_param: PcsdPassword}
598 rabbit_username: {get_param: RabbitUserName}
599 rabbit_password: {get_param: RabbitPassword}
600 rabbit_cookie: {get_param: RabbitCookie}
601 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
602 rabbit_client_port: {get_param: RabbitClientPort}
603 control_virtual_interface: {get_param: ControlVirtualInterface}
604 public_virtual_interface: {get_param: PublicVirtualInterface}
605 swift_hash_suffix: {get_param: SwiftHashSuffix}
606 swift_part_power: {get_param: SwiftPartPower}
607 swift_ring_build: {get_param: SwiftRingBuild}
608 swift_replicas: {get_param: SwiftReplicas}
609 swift_min_part_hours: {get_param: SwiftMinPartHours}
610 enable_package_install: {get_param: EnablePackageInstall}
611 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
612 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
613 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
614 cinder_iscsi_network:
618 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
619 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
620 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
621 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
622 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
623 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
624 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
625 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
626 keystone_region: {get_param: KeystoneRegion}
627 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
628 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
629 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
630 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
631 aodh_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]}
632 gnocchi_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]}
633 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
634 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
635 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
638 template: "['SUBNET']"
640 SUBNET: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
641 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
642 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
643 redis_vip: {get_param: RedisVirtualIP}
644 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
645 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
646 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
647 mysql_virtual_ip: {get_param: MysqlVirtualIP}
648 ceph_cluster_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
649 ceph_public_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
650 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
651 ironic_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]}
653 # Map heat metadata into hiera datafiles
655 type: OS::Heat::StructuredConfig
657 group: os-apply-config
662 - heat_config_%{::deploy_config_name}
663 - controller_extraconfig
670 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
671 - ceph_cluster # provided by CephClusterConfig
673 - bootstrap_node # provided by BootstrapNodeConfig
674 - all_nodes # provided by allNodesConfig
675 - vip_data # provided by vip-config
679 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
680 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
681 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
682 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
683 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
684 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
685 - midonet_data #Optionally provided by AllNodesExtraConfig
686 merge_behavior: deeper
690 service_names: {get_param: ServiceNames}
692 mapped_data: {get_param: ServiceConfigSettings}
693 controller_extraconfig:
696 - {get_param: controllerExtraConfig}
697 - {get_param: ControllerExtraConfig}
699 mapped_data: {get_param: ExtraConfig}
701 raw_data: {get_file: hieradata/common.yaml}
704 net_ip_map: {get_attr: [NetIpMap, net_ip_map]}
705 net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]}
706 net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]}
708 raw_data: {get_file: hieradata/ceph.yaml}
710 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
711 ceph::profile::params::public_network: {get_input: ceph_public_network}
712 ceph::profile::params::public_addr: {get_input: ceph_public_ip}
714 raw_data: {get_file: hieradata/database.yaml}
716 raw_data: {get_file: hieradata/object.yaml}
718 raw_data: {get_file: hieradata/controller.yaml}
719 mapped_data: # data supplied directly to this deployment configuration, etc
720 bootstack_nodeid: {get_input: bootstack_nodeid}
723 enable_fencing: {get_input: enable_fencing}
724 enable_load_balancer: {get_input: enable_load_balancer}
725 hacluster_pwd: {get_input: pcsd_password}
726 corosync_ipv6: {get_input: corosync_ipv6}
727 tripleo::fencing::config: {get_input: fencing_config}
730 # FIXME: need to move proxy_local_net_ip into swift-proxy.yaml
731 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
732 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
733 swift::swift_hash_path_suffix: {get_input: swift_hash_suffix}
734 tripleo::ringbuilder::build_ring: { get_input: swift_ring_build }
735 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
736 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
737 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
740 tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: {get_input: cinder_iscsi_network}
741 cinder::api::bind_host: {get_input: cinder_api_network}
742 cinder::keystone::auth::public_url: {get_input: cinder_public_url }
743 cinder::keystone::auth::internal_url: {get_input: cinder_internal_url }
744 cinder::keystone::auth::admin_url: {get_input: cinder_admin_url }
745 cinder::keystone::auth::public_url_v2: {get_input: cinder_public_url_v2 }
746 cinder::keystone::auth::internal_url_v2: {get_input: cinder_internal_url_v2 }
747 cinder::keystone::auth::admin_url_v2: {get_input: cinder_admin_url_v2 }
748 cinder::keystone::auth::password: {get_input: cinder_password }
749 cinder::keystone::auth::region: {get_input: keystone_region}
752 glance::api::bind_host: {get_input: glance_api_network}
753 glance::registry::bind_host: {get_input: glance_registry_network}
754 glance::keystone::auth::region: {get_input: keystone_region}
757 heat::api::bind_host: {get_input: heat_api_network}
758 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
759 heat::api_cfn::bind_host: {get_input: heat_api_network}
760 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
763 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
764 keystone::public_bind_host: {get_input: keystone_public_api_network}
765 keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
766 keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
769 mongodb::server::bind_ip: {get_input: mongo_db_network}
772 admin_password: {get_input: admin_password}
773 enable_galera: {get_input: enable_galera}
774 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
775 mysql_max_connections: {get_input: mysql_max_connections}
776 mysql::server::root_password: {get_input: mysql_root_password}
777 mysql_clustercheck_password: {get_input: mysql_clustercheck_password}
778 mysql_cluster_name: {get_input: mysql_cluster_name}
779 mysql_bind_host: {get_input: mysql_network}
780 mysql_virtual_ip: {get_input: mysql_virtual_ip}
783 neutron::bind_host: {get_input: neutron_api_network}
784 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
785 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
786 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
787 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
788 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
789 neutron::keystone::auth::password: {get_input: neutron_password }
790 neutron::keystone::auth::region: {get_input: keystone_region}
793 ceilometer::api::host: {get_input: ceilometer_api_network}
794 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
795 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
798 aodh_mysql_conn_string: {get_input: aodh_dsn}
799 aodh::rabbit_userid: {get_input: rabbit_username}
800 aodh::rabbit_password: {get_input: rabbit_password}
801 aodh::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
802 aodh::rabbit_port: {get_input: rabbit_client_port}
803 aodh::debug: {get_input: debug}
804 aodh::wsgi::apache::ssl: false
805 aodh::wsgi::apache::bind_host: {get_input: aodh_api_network}
806 aodh::api::service_name: 'httpd'
807 aodh::api::host: {get_input: aodh_api_network}
808 aodh::api::keystone_password: {get_input: aodh_password}
809 aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri}
810 aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri}
811 aodh::auth::auth_url: {get_input: keystone_auth_uri}
812 aodh::auth::auth_password: {get_input: aodh_password}
813 aodh::db::mysql::password: {get_input: aodh_password}
814 # for a migration path from ceilometer-alarm to aodh, we use the same database & coordination
815 aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url}
816 aodh::keystone::auth::public_url: {get_input: aodh_public_url }
817 aodh::keystone::auth::internal_url: {get_input: aodh_internal_url }
818 aodh::keystone::auth::admin_url: {get_input: aodh_admin_url }
819 aodh::keystone::auth::password: {get_input: aodh_password }
820 aodh::keystone::auth::region: {get_input: keystone_region}
823 gnocchi::wsgi::apache::bind_host: {get_input: gnocchi_api_network}
824 gnocchi::api::host: {get_input: gnocchi_api_network}
825 gnocchi::api::keystone_auth_uri: {get_input: keystone_auth_uri}
826 gnocchi::api::keystone_identity_uri: {get_input: keystone_identity_uri}
827 gnocchi::storage::swift::swift_authurl: {get_input: keystone_auth_uri}
828 gnocchi::keystone::auth::public_url: {get_input: gnocchi_public_url }
829 gnocchi::keystone::auth::internal_url: {get_input: gnocchi_internal_url }
830 gnocchi::keystone::auth::admin_url: {get_input: gnocchi_admin_url }
831 gnocchi::keystone::auth::region: {get_input: keystone_region}
834 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
835 nova::use_ipv6: {get_input: nova_ipv6}
836 nova::api::auth_uri: {get_input: keystone_auth_uri}
837 nova::api::identity_uri: {get_input: keystone_identity_uri}
838 nova::api::api_bind_address: {get_input: nova_api_network}
839 nova::api::metadata_listen: {get_input: nova_metadata_network}
840 nova::api::admin_password: {get_input: nova_password}
841 nova::database_connection: {get_input: nova_dsn}
842 nova::api_database_connection: {get_input: nova_api_dsn}
843 nova::glance_api_servers: {get_input: glance_api_servers}
844 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
845 nova::api::instance_name_template: {get_input: instance_name_template}
846 nova::network::neutron::neutron_password: {get_input: neutron_password}
847 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
848 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
849 nova::vncproxy::host: {get_input: nova_api_network}
850 nova::db::mysql::password: {get_input: nova_password}
851 nova::db::mysql_api::password: {get_input: nova_password}
852 nova_enable_db_purge: {get_input: nova_enable_db_purge}
853 nova::keystone::auth::public_url: {get_input: nova_public_url}
854 nova::keystone::auth::internal_url: {get_input: nova_internal_url}
855 nova::keystone::auth::admin_url: {get_input: nova_admin_url}
856 nova::keystone::auth::password: {get_input: nova_password }
857 nova::keystone::auth::region: {get_input: keystone_region}
860 apache::mod::remoteip::proxy_ips: {get_input: horizon_subnet}
861 apache::ip: {get_input: horizon_network}
862 horizon::django_debug: {get_input: debug}
863 horizon::secret_key: {get_input: horizon_secret}
864 horizon::bind_address: {get_input: horizon_network}
865 horizon::keystone_url: {get_input: keystone_auth_uri}
868 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
869 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
871 redis::bind: {get_input: redis_network}
872 redis_vip: {get_input: redis_vip}
874 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
875 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
877 memcached_ipv6: {get_input: memcached_ipv6}
878 memcached::listen_ip: {get_input: memcached_network}
879 control_virtual_interface: {get_input: control_virtual_interface}
880 public_virtual_interface: {get_input: public_virtual_interface}
881 tripleo::keepalived::control_virtual_interface: {get_input: control_virtual_interface}
882 tripleo::keepalived::public_virtual_interface: {get_input: public_virtual_interface}
883 tripleo::haproxy::control_virtual_interface: {get_input: control_virtual_interface}
884 tripleo::haproxy::public_virtual_interface: {get_input: public_virtual_interface}
885 tripleo::haproxy::haproxy_log_address: {get_input: haproxy_log_address}
886 tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
887 tripleo::haproxy::haproxy_stats_user: {get_input: haproxy_stats_user}
888 tripleo::haproxy::haproxy_stats_password: {get_input: haproxy_stats_password}
889 tripleo::haproxy::redis_password: {get_input: redis_password}
890 tripleo::packages::enable_install: {get_input: enable_package_install}
891 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
893 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
894 ControllerExtraConfigPre:
895 depends_on: ControllerDeployment
896 type: OS::TripleO::ControllerExtraConfigPre
898 server: {get_resource: Controller}
900 # Hook for site-specific additional pre-deployment config,
901 # applying to all nodes, e.g node registration/unregistration
903 depends_on: [ControllerExtraConfigPre, NodeTLSData]
904 type: OS::TripleO::NodeExtraConfig
906 server: {get_resource: Controller}
909 type: OS::TripleO::Tasks::PackageUpdate
912 type: OS::Heat::SoftwareDeployment
914 name: UpdateDeployment
915 config: {get_resource: UpdateConfig}
916 server: {get_resource: Controller}
919 get_param: UpdateIdentifier
923 description: IP address of the server in the ctlplane network
924 value: {get_attr: [Controller, networks, ctlplane, 0]}
926 description: IP address of the server in the external network
927 value: {get_attr: [ExternalPort, ip_address]}
928 internal_api_ip_address:
929 description: IP address of the server in the internal_api network
930 value: {get_attr: [InternalApiPort, ip_address]}
932 description: IP address of the server in the storage network
933 value: {get_attr: [StoragePort, ip_address]}
934 storage_mgmt_ip_address:
935 description: IP address of the server in the storage_mgmt network
936 value: {get_attr: [StorageMgmtPort, ip_address]}
938 description: IP address of the server in the tenant network
939 value: {get_attr: [TenantPort, ip_address]}
940 management_ip_address:
941 description: IP address of the server in the management network
942 value: {get_attr: [ManagementPort, ip_address]}
944 description: Hostname of the server
945 value: {get_attr: [Controller, name]}
948 Server's IP address and hostname in the /etc/hosts format
952 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
953 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
954 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
955 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
956 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
957 TENANTIP TENANTHOST.DOMAIN TENANTHOST
958 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
960 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
961 DOMAIN: {get_param: CloudDomain}
962 PRIMARYHOST: {get_attr: [Controller, name]}
963 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
967 - - {get_attr: [Controller, name]}
969 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
973 - - {get_attr: [Controller, name]}
975 STORAGEIP: {get_attr: [StoragePort, ip_address]}
979 - - {get_attr: [Controller, name]}
981 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
985 - - {get_attr: [Controller, name]}
987 TENANTIP: {get_attr: [TenantPort, ip_address]}
991 - - {get_attr: [Controller, name]}
993 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
997 - - {get_attr: [Controller, name]}
999 nova_server_resource:
1000 description: Heat resource handle for the Nova compute server
1002 {get_resource: Controller}
1004 description: Swift device formatted for swift-ring-builder
1007 template: 'r1z1-IP:%PORT%/d1'
1009 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1010 swift_proxy_memcache:
1011 description: Swift proxy-memcache value
1014 template: "IP:11211"
1016 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1017 tls_key_modulus_md5:
1018 description: MD5 checksum of the TLS Key Modulus
1019 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1020 tls_cert_modulus_md5:
1021 description: MD5 checksum of the TLS Certificate Modulus
1022 value: {get_attr: [NodeTLSData, cert_modulus_md5]}