1 heat_template_version: 2016-04-08
4 OpenStack controller node configured by Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
12 description: The password for the aodh services.
15 controllerExtraConfig:
18 Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
20 ControllerExtraConfig:
23 Controller specific hiera configuration data to inject into the cluster.
28 A network mapped list of IPs to assign to Controllers in the following form:
30 "internal_api": ["a.b.c.d", "e.f.g.h"],
34 ControlVirtualInterface:
36 description: Interface where virtual ip will be assigned.
40 description: Enable IPv6 in Corosync
44 description: Set to True to enable debugging on all services.
48 description: Whether to enable fencing in Pacemaker or not.
52 description: Whether to use Galera instead of regular MariaDB.
56 description: Whether to deploy a LoadBalancer on the Controller
61 Additional hieradata to inject into the cluster, note that
62 ControllerExtraConfig takes precedence over ExtraConfig.
67 Pacemaker fencing configuration. The JSON should have
68 the following structure:
72 "agent": "AGENT_NAME",
73 "host_mac": "HOST_MAC_ADDRESS",
74 "params": {"PARAM_NAME": "PARAM_VALUE"}
83 "host_mac": "52:54:00:aa:bb:cc",
85 "multicast_address": "225.0.0.12",
86 "port": "baremetal_0",
88 "manage_key_file": true,
89 "key_file": "/etc/fence_xvm.key",
90 "key_file_password": "abcdef"
96 OvercloudControlFlavor:
97 description: Flavor for control nodes to request when deploying.
101 - custom_constraint: nova.flavor
102 HAProxyStatsPassword:
103 description: Password for HAProxy stats endpoint
106 description: User for HAProxy stats endpoint
109 HAProxySyslogAddress:
111 description: Syslog address where HAproxy will send its log
113 HeatAuthEncryptionKey:
114 description: Auth encryption key for heat-engine
118 description: Secret key for Django
123 default: overcloud-full
125 - custom_constraint: glance.image
127 default: 'REBUILD_PRESERVE_EPHEMERAL'
128 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
130 InstanceNameTemplate:
131 default: 'instance-%08x'
132 description: Template string to be used to generate instance names
136 description: Name of an existing Nova key pair to enable SSH access to the instances
139 - custom_constraint: nova.keypair
143 description: Keystone region for endpoint
146 description: Whether to manage IPtables rules.
150 description: Enable IPv6 features in Memcached.
154 description: Whether IPtables rules should be purged before setting up the new ones.
156 MysqlClusterUniquePart:
157 description: A unique identifier of the MySQL cluster the controller is in.
159 default: 'unset' # Has to be here because of the ignored empty value bug
160 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
162 # - length: {min: 4, max: 10}
163 MysqlInnodbBufferPoolSize:
165 Specifies the size of the buffer pool in megabytes. Setting to
166 zero should be interpreted as "no value" and will defer to the
171 description: Configures MySQL max_connections config setting
174 MysqlClustercheckPassword:
180 default: '' # Has to be here because of the ignored empty value bug
181 NeutronMetadataProxySharedSecret:
182 description: Shared secret to prevent spoofing
186 description: The password for the neutron service and db account, used by neutron agents.
189 NeutronPublicInterface:
191 description: What interface to bridge onto br-ex for network nodes.
196 Whether to create cron job for purging soft deleted rows in Nova database.
200 description: Enable IPv6 features in Nova
203 description: The password for the nova service and db account, used by nova-api.
208 description: The password for the 'pcsd' user.
210 PublicVirtualInterface:
213 Specifies the interface where the public-facing virtual ip will be assigned.
214 This should be int_public when a VLAN is being used.
218 default: '' # Has to be here because of the ignored empty value bug
221 description: The password for RabbitMQ
226 description: The username for RabbitMQ
231 Rabbit client subscriber parameter to specify
232 an SSL connection to the RabbitMQ host.
236 description: Set rabbit subscriber port, change this if using SSL
239 description: The password for Redis
244 default: '' # Has to be here because of the ignored empty value bug
247 default: '' # Has to be here because of the ignored empty value bug
248 description: An IP address which is wrapped in brackets in case of IPv6
250 description: A random string to be used as a salt when hashing to determine mappings
254 UpgradeLevelNovaCompute:
256 description: Nova Compute upgrade level
261 EnablePackageInstall:
263 description: Set to true to enable package installation via Puppet
267 description: Mapping of service_name -> network name. Typically set
268 via parameter_defaults in the resource registry.
272 description: Mapping of service endpoint -> protocol. Typically set
273 via parameter_defaults in the resource registry.
279 Setting to a previously unused value during stack-update will trigger
280 package update on all nodes
283 default: '' # Defaults to Heat created hostname
287 description: Optional mapping to override hostnames
288 NetworkDeploymentActions:
289 type: comma_delimited_list
291 Heat action when to apply network configuration changes
296 SoftwareConfigTransport:
297 default: POLL_SERVER_CFN
299 How the server should receive the metadata required for software configuration.
302 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
307 The DNS domain used for the hosts. This should match the dhcp_domain
308 configured in the Undercloud neutron. Defaults to localdomain.
312 Extra properties or metadata passed to Nova for the created nodes in
313 the overcloud. It's accessible via the Nova metadata API.
315 ControllerSchedulerHints:
317 description: Optional scheduler hints to pass to nova
319 ServiceConfigSettings:
323 type: comma_delimited_list
327 description: Command which will be run whenever configuration data changes
328 default: os-refresh-config --timeout 14400
332 description: Do not use deprecated params, they will be removed.
334 - controllerExtraConfig
339 type: OS::TripleO::Server
342 command: {get_param: ConfigCommand}
344 image: {get_param: controllerImage}
345 image_update_policy: {get_param: ImageUpdatePolicy}
346 flavor: {get_param: OvercloudControlFlavor}
347 key_name: {get_param: KeyName}
350 user_data_format: SOFTWARE_CONFIG
351 user_data: {get_resource: UserData}
354 template: {get_param: Hostname}
355 params: {get_param: HostnameMap}
356 software_config_transport: {get_param: SoftwareConfigTransport}
357 metadata: {get_param: ServerMetadata}
358 scheduler_hints: {get_param: ControllerSchedulerHints}
360 # Combine the NodeAdminUserData and NodeUserData mime archives
362 type: OS::Heat::MultipartMime
365 - config: {get_resource: NodeAdminUserData}
367 - config: {get_resource: NodeUserData}
370 # Creates the "heat-admin" user if configured via the environment
371 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
373 type: OS::TripleO::NodeAdminUserData
375 # For optional operator additional userdata
376 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
378 type: OS::TripleO::NodeUserData
381 type: OS::TripleO::Controller::Ports::ExternalPort
383 IPPool: {get_param: ControllerIPs}
384 NodeIndex: {get_param: NodeIndex}
385 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
388 type: OS::TripleO::Controller::Ports::InternalApiPort
390 IPPool: {get_param: ControllerIPs}
391 NodeIndex: {get_param: NodeIndex}
392 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
395 type: OS::TripleO::Controller::Ports::StoragePort
397 IPPool: {get_param: ControllerIPs}
398 NodeIndex: {get_param: NodeIndex}
399 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
402 type: OS::TripleO::Controller::Ports::StorageMgmtPort
404 IPPool: {get_param: ControllerIPs}
405 NodeIndex: {get_param: NodeIndex}
406 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
409 type: OS::TripleO::Controller::Ports::TenantPort
411 IPPool: {get_param: ControllerIPs}
412 NodeIndex: {get_param: NodeIndex}
413 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
416 type: OS::TripleO::Controller::Ports::ManagementPort
418 IPPool: {get_param: ControllerIPs}
419 NodeIndex: {get_param: NodeIndex}
420 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
423 type: OS::TripleO::Network::Ports::NetIpMap
425 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
426 ExternalIp: {get_attr: [ExternalPort, ip_address]}
427 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
428 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
429 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
430 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
431 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
432 StorageIp: {get_attr: [StoragePort, ip_address]}
433 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
434 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
435 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
436 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
437 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
438 TenantIp: {get_attr: [TenantPort, ip_address]}
439 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
440 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
441 ManagementIp: {get_attr: [ManagementPort, ip_address]}
442 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
443 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
446 type: OS::TripleO::Controller::Net::SoftwareConfig
448 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
449 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
450 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
451 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
452 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
453 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
454 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
457 type: OS::TripleO::SoftwareDeployment
459 name: NetworkDeployment
460 config: {get_resource: NetworkConfig}
461 server: {get_resource: Controller}
462 actions: {get_param: NetworkDeploymentActions}
465 interface_name: {get_param: NeutronPublicInterface}
467 # Resource for site-specific injection of root certificate
469 depends_on: NetworkDeployment
470 type: OS::TripleO::NodeTLSCAData
472 server: {get_resource: Controller}
474 # Resource for site-specific passing of private keys/certificates
476 depends_on: NodeTLSCAData
477 type: OS::TripleO::NodeTLSData
479 server: {get_resource: Controller}
480 NodeIndex: {get_param: NodeIndex}
483 ControllerDeployment:
484 type: OS::TripleO::SoftwareDeployment
485 depends_on: NetworkDeployment
487 name: ControllerDeployment
488 config: {get_resource: ControllerConfig}
489 server: {get_resource: Controller}
491 bootstack_nodeid: {get_attr: [Controller, name]}
492 haproxy_log_address: {get_param: HAProxySyslogAddress}
493 haproxy_stats_password: {get_param: HAProxyStatsPassword}
494 haproxy_stats_user: {get_param: HAProxyStatsUser}
495 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
496 horizon_secret: {get_param: HorizonSecret}
497 admin_password: {get_param: AdminPassword}
498 debug: {get_param: Debug}
499 cinder_public_url: {get_param: [EndpointMap, CinderPublic, uri]}
500 cinder_internal_url: {get_param: [EndpointMap, CinderInternal, uri]}
501 cinder_admin_url: {get_param: [EndpointMap, CinderAdmin, uri]}
502 cinder_public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]}
503 cinder_internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]}
504 cinder_admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]}
505 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
506 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
507 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
508 enable_fencing: {get_param: EnableFencing}
509 enable_galera: {get_param: EnableGalera}
510 enable_load_balancer: {get_param: EnableLoadBalancer}
511 manage_firewall: {get_param: ManageFirewall}
512 purge_firewall_rules: {get_param: PurgeFirewallRules}
513 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
514 mysql_max_connections: {get_param: MysqlMaxConnections}
515 mysql_root_password: {get_param: MysqlRootPassword}
516 mysql_clustercheck_password: {get_param: MysqlClustercheckPassword}
519 template: tripleo-CLUSTER
521 CLUSTER: {get_param: MysqlClusterUniquePart}
522 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
523 neutron_password: {get_param: NeutronPassword}
524 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
525 neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
526 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
527 aodh_internal_url: { get_param: [ EndpointMap, AodhInternal, uri ] }
528 aodh_public_url: { get_param: [ EndpointMap, AodhPublic, uri ] }
529 aodh_admin_url: { get_param: [ EndpointMap, AodhAdmin, uri ] }
530 ceilometer_coordination_url:
534 - {get_param: RedisPassword}
536 - {get_param: RedisVirtualIPUri}
538 gnocchi_internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]}
539 gnocchi_public_url: { get_param: [ EndpointMap, GnocchiPublic, uri ] }
540 gnocchi_admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] }
541 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
542 nova_ipv6: {get_param: NovaIPv6}
543 corosync_ipv6: {get_param: CorosyncIPv6}
544 memcached_ipv6: {get_param: MemcachedIPv6}
545 nova_password: {get_param: NovaPassword}
546 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
547 instance_name_template: {get_param: InstanceNameTemplate}
548 nova_public_url: {get_param: [EndpointMap, NovaPublic, uri]}
549 nova_internal_url: {get_param: [EndpointMap, NovaInternal, uri]}
550 nova_admin_url: {get_param: [EndpointMap, NovaAdmin, uri]}
551 fencing_config: {get_param: FencingConfig}
552 pcsd_password: {get_param: PcsdPassword}
553 rabbit_username: {get_param: RabbitUserName}
554 rabbit_password: {get_param: RabbitPassword}
555 rabbit_cookie: {get_param: RabbitCookie}
556 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
557 rabbit_client_port: {get_param: RabbitClientPort}
558 control_virtual_interface: {get_param: ControlVirtualInterface}
559 public_virtual_interface: {get_param: PublicVirtualInterface}
560 swift_hash_suffix: {get_param: SwiftHashSuffix}
561 enable_package_install: {get_param: EnablePackageInstall}
562 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
563 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
564 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
565 cinder_iscsi_network:
569 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
570 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
571 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
572 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
573 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
574 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
575 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
576 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
577 keystone_region: {get_param: KeystoneRegion}
578 manila_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ManilaApiNetwork]}]}
579 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
580 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
581 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
582 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
583 aodh_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]}
584 gnocchi_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]}
585 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
586 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
587 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
590 template: "['SUBNET']"
592 SUBNET: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
593 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
594 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
595 redis_vip: {get_param: RedisVirtualIP}
596 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
597 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
598 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
599 mysql_virtual_ip: {get_param: MysqlVirtualIP}
600 ceph_cluster_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
601 ceph_public_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
602 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
603 ironic_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]}
605 # Map heat metadata into hiera datafiles
607 type: OS::Heat::StructuredConfig
609 group: os-apply-config
614 - heat_config_%{::deploy_config_name}
615 - controller_extraconfig
621 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
622 - ceph_cluster # provided by CephClusterConfig
624 - bootstrap_node # provided by BootstrapNodeConfig
625 - all_nodes # provided by allNodesConfig
626 - vip_data # provided by vip-config
629 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
630 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
631 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
632 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
633 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
634 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
635 - midonet_data #Optionally provided by AllNodesExtraConfig
636 merge_behavior: deeper
640 service_names: {get_param: ServiceNames}
642 mapped_data: {get_param: ServiceConfigSettings}
643 controller_extraconfig:
646 - {get_param: controllerExtraConfig}
647 - {get_param: ControllerExtraConfig}
649 mapped_data: {get_param: ExtraConfig}
652 net_ip_map: {get_attr: [NetIpMap, net_ip_map]}
653 net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]}
654 net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]}
656 raw_data: {get_file: hieradata/ceph.yaml}
658 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
659 ceph::profile::params::public_network: {get_input: ceph_public_network}
660 ceph::profile::params::public_addr: {get_input: ceph_public_ip}
662 raw_data: {get_file: hieradata/object.yaml}
664 raw_data: {get_file: hieradata/controller.yaml}
665 mapped_data: # data supplied directly to this deployment configuration, etc
666 bootstack_nodeid: {get_input: bootstack_nodeid}
669 enable_fencing: {get_input: enable_fencing}
670 enable_load_balancer: {get_input: enable_load_balancer}
671 hacluster_pwd: {get_input: pcsd_password}
672 corosync_ipv6: {get_input: corosync_ipv6}
673 tripleo::fencing::config: {get_input: fencing_config}
676 # FIXME: need to move proxy_local_net_ip into swift-proxy.yaml
677 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
678 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
679 swift::swift_hash_path_suffix: {get_input: swift_hash_suffix}
682 tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: {get_input: cinder_iscsi_network}
683 cinder::api::bind_host: {get_input: cinder_api_network}
684 cinder::keystone::auth::public_url: {get_input: cinder_public_url }
685 cinder::keystone::auth::internal_url: {get_input: cinder_internal_url }
686 cinder::keystone::auth::admin_url: {get_input: cinder_admin_url }
687 cinder::keystone::auth::public_url_v2: {get_input: cinder_public_url_v2 }
688 cinder::keystone::auth::internal_url_v2: {get_input: cinder_internal_url_v2 }
689 cinder::keystone::auth::admin_url_v2: {get_input: cinder_admin_url_v2 }
690 cinder::keystone::auth::password: {get_input: cinder_password }
691 cinder::keystone::auth::region: {get_input: keystone_region}
694 glance::api::bind_host: {get_input: glance_api_network}
695 glance::registry::bind_host: {get_input: glance_registry_network}
696 glance::keystone::auth::region: {get_input: keystone_region}
699 heat::api::bind_host: {get_input: heat_api_network}
700 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
701 heat::api_cfn::bind_host: {get_input: heat_api_network}
702 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
705 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
706 keystone::public_bind_host: {get_input: keystone_public_api_network}
707 keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
708 keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
711 manila::api::bind_host: {get_input: manila_api_network}
714 mongodb::server::bind_ip: {get_input: mongo_db_network}
717 admin_password: {get_input: admin_password}
718 enable_galera: {get_input: enable_galera}
719 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
720 mysql_max_connections: {get_input: mysql_max_connections}
721 mysql::server::root_password: {get_input: mysql_root_password}
722 mysql_clustercheck_password: {get_input: mysql_clustercheck_password}
723 mysql_cluster_name: {get_input: mysql_cluster_name}
724 mysql_bind_host: {get_input: mysql_network}
725 mysql_virtual_ip: {get_input: mysql_virtual_ip}
728 neutron::bind_host: {get_input: neutron_api_network}
729 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
730 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
733 aodh::api::host: {get_input: aodh_api_network}
734 aodh::wsgi::apache::bind_host: {get_input: aodh_api_network}
737 ceilometer::api::host: {get_input: ceilometer_api_network}
738 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
739 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
742 gnocchi::wsgi::apache::bind_host: {get_input: gnocchi_api_network}
743 gnocchi::api::host: {get_input: gnocchi_api_network}
744 gnocchi::api::keystone_auth_uri: {get_input: keystone_auth_uri}
745 gnocchi::api::keystone_identity_uri: {get_input: keystone_identity_uri}
746 gnocchi::storage::swift::swift_authurl: {get_input: keystone_auth_uri}
747 gnocchi::keystone::auth::public_url: {get_input: gnocchi_public_url }
748 gnocchi::keystone::auth::internal_url: {get_input: gnocchi_internal_url }
749 gnocchi::keystone::auth::admin_url: {get_input: gnocchi_admin_url }
750 gnocchi::keystone::auth::region: {get_input: keystone_region}
753 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
754 nova::use_ipv6: {get_input: nova_ipv6}
755 nova::api::auth_uri: {get_input: keystone_auth_uri}
756 nova::api::identity_uri: {get_input: keystone_identity_uri}
757 nova::api::api_bind_address: {get_input: nova_api_network}
758 nova::api::metadata_listen: {get_input: nova_metadata_network}
759 nova::api::admin_password: {get_input: nova_password}
760 nova::glance_api_servers: {get_input: glance_api_servers}
761 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
762 nova::api::instance_name_template: {get_input: instance_name_template}
763 nova::network::neutron::neutron_password: {get_input: neutron_password}
764 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
765 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
766 nova::vncproxy::host: {get_input: nova_api_network}
767 nova_enable_db_purge: {get_input: nova_enable_db_purge}
768 nova::keystone::auth::public_url: {get_input: nova_public_url}
769 nova::keystone::auth::internal_url: {get_input: nova_internal_url}
770 nova::keystone::auth::admin_url: {get_input: nova_admin_url}
771 nova::keystone::auth::password: {get_input: nova_password }
772 nova::keystone::auth::region: {get_input: keystone_region}
775 apache::mod::remoteip::proxy_ips: {get_input: horizon_subnet}
776 apache::ip: {get_input: horizon_network}
777 horizon::django_debug: {get_input: debug}
778 horizon::secret_key: {get_input: horizon_secret}
779 horizon::bind_address: {get_input: horizon_network}
780 horizon::keystone_url: {get_input: keystone_auth_uri}
783 sahara::host: {get_input: sahara_api_network}
786 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
787 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
789 redis::bind: {get_input: redis_network}
790 redis_vip: {get_input: redis_vip}
792 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
793 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
795 memcached_ipv6: {get_input: memcached_ipv6}
796 memcached::listen_ip: {get_input: memcached_network}
797 control_virtual_interface: {get_input: control_virtual_interface}
798 public_virtual_interface: {get_input: public_virtual_interface}
799 tripleo::keepalived::control_virtual_interface: {get_input: control_virtual_interface}
800 tripleo::keepalived::public_virtual_interface: {get_input: public_virtual_interface}
801 tripleo::haproxy::control_virtual_interface: {get_input: control_virtual_interface}
802 tripleo::haproxy::public_virtual_interface: {get_input: public_virtual_interface}
803 tripleo::haproxy::haproxy_log_address: {get_input: haproxy_log_address}
804 tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
805 tripleo::haproxy::haproxy_stats_user: {get_input: haproxy_stats_user}
806 tripleo::haproxy::haproxy_stats_password: {get_input: haproxy_stats_password}
807 tripleo::haproxy::redis_password: {get_input: redis_password}
808 tripleo::packages::enable_install: {get_input: enable_package_install}
809 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
811 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
812 ControllerExtraConfigPre:
813 depends_on: ControllerDeployment
814 type: OS::TripleO::ControllerExtraConfigPre
816 server: {get_resource: Controller}
818 # Hook for site-specific additional pre-deployment config,
819 # applying to all nodes, e.g node registration/unregistration
821 depends_on: [ControllerExtraConfigPre, NodeTLSData]
822 type: OS::TripleO::NodeExtraConfig
824 server: {get_resource: Controller}
827 type: OS::TripleO::Tasks::PackageUpdate
830 type: OS::Heat::SoftwareDeployment
832 name: UpdateDeployment
833 config: {get_resource: UpdateConfig}
834 server: {get_resource: Controller}
837 get_param: UpdateIdentifier
841 description: IP address of the server in the ctlplane network
842 value: {get_attr: [Controller, networks, ctlplane, 0]}
844 description: IP address of the server in the external network
845 value: {get_attr: [ExternalPort, ip_address]}
846 internal_api_ip_address:
847 description: IP address of the server in the internal_api network
848 value: {get_attr: [InternalApiPort, ip_address]}
850 description: IP address of the server in the storage network
851 value: {get_attr: [StoragePort, ip_address]}
852 storage_mgmt_ip_address:
853 description: IP address of the server in the storage_mgmt network
854 value: {get_attr: [StorageMgmtPort, ip_address]}
856 description: IP address of the server in the tenant network
857 value: {get_attr: [TenantPort, ip_address]}
858 management_ip_address:
859 description: IP address of the server in the management network
860 value: {get_attr: [ManagementPort, ip_address]}
862 description: Hostname of the server
863 value: {get_attr: [Controller, name]}
866 Server's IP address and hostname in the /etc/hosts format
870 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
871 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
872 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
873 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
874 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
875 TENANTIP TENANTHOST.DOMAIN TENANTHOST
876 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
878 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
879 DOMAIN: {get_param: CloudDomain}
880 PRIMARYHOST: {get_attr: [Controller, name]}
881 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
885 - - {get_attr: [Controller, name]}
887 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
891 - - {get_attr: [Controller, name]}
893 STORAGEIP: {get_attr: [StoragePort, ip_address]}
897 - - {get_attr: [Controller, name]}
899 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
903 - - {get_attr: [Controller, name]}
905 TENANTIP: {get_attr: [TenantPort, ip_address]}
909 - - {get_attr: [Controller, name]}
911 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
915 - - {get_attr: [Controller, name]}
917 nova_server_resource:
918 description: Heat resource handle for the Nova compute server
920 {get_resource: Controller}
922 description: Swift device formatted for swift-ring-builder
925 template: 'r1z1-IP:%PORT%/d1'
927 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
928 swift_proxy_memcache:
929 description: Swift proxy-memcache value
934 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
936 description: MD5 checksum of the TLS Key Modulus
937 value: {get_attr: [NodeTLSData, key_modulus_md5]}
938 tls_cert_modulus_md5:
939 description: MD5 checksum of the TLS Certificate Modulus
940 value: {get_attr: [NodeTLSData, cert_modulus_md5]}