1 heat_template_version: 2015-10-15
4 OpenStack controller node configured by Puppet.
8 default: 'admin@example.com'
9 description: The email for the keystone admin account.
13 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
17 description: The keystone auth secret and db password.
20 CeilometerApiVirtualIP:
25 description: The ceilometer backend type.
27 CeilometerMeteringSecret:
28 description: Secret shared by the ceilometer services.
32 description: The password for the ceilometer service and db account.
40 description: Number of workers for Ceilometer service.
45 Whether to create cron job for purging soft deleted rows in Cinder database.
47 CinderEnableNfsBackend:
49 description: Whether to enable or not the NFS backend for Cinder
51 CinderEnableIscsiBackend:
53 description: Whether to enable or not the Iscsi backend for Cinder
55 CinderEnableRbdBackend:
57 description: Whether to enable or not the Rbd backend for Cinder
61 description: The iSCSI helper to use with cinder.
63 CinderLVMLoopDeviceSize:
65 description: The size of the loopback file used by the cinder LVM driver.
67 CinderNfsMountOptions:
70 Mount options for NFS mounts used by Cinder NFS backend. Effective
71 when CinderEnableNfsBackend is true.
76 NFS servers used by Cinder NFS backend. Effective when
77 CinderEnableNfsBackend is true.
78 type: comma_delimited_list
80 description: The password for the cinder service and db account, used by cinder-api.
85 description: Contains parameters to configure Cinder backends. Typically
86 set via parameter_defaults in the resource registry.
90 description: Number of workers for Cinder service.
94 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
96 ControllerExtraConfig:
99 Controller specific hiera configuration data to inject into the cluster.
104 A network mapped list of IPs to assign to Controllers in the following form:
106 "internal_api": ["a.b.c.d", "e.f.g.h"],
110 ControlVirtualInterface:
112 description: Interface where virtual ip will be assigned.
116 description: Set to True to enable debugging on all services.
120 description: Whether to enable fencing in Pacemaker or not.
124 description: Whether to use Galera instead of regular MariaDB.
128 description: Whether to deploy a LoadBalancer on the Controller
132 description: Whether to deploy Ceph Storage (OSD) on the Controller
136 description: Whether to enable Swift Storage on the Controller
141 Additional hieradata to inject into the cluster, note that
142 ControllerExtraConfig takes precedence over ExtraConfig.
147 Pacemaker fencing configuration. The JSON should have
148 the following structure:
152 "agent": "AGENT_NAME",
153 "host_mac": "HOST_MAC_ADDRESS",
154 "params": {"PARAM_NAME": "PARAM_VALUE"}
162 "agent": "fence_xvm",
163 "host_mac": "52:54:00:aa:bb:cc",
165 "multicast_address": "225.0.0.12",
166 "port": "baremetal_0",
168 "manage_key_file": true,
169 "key_file": "/etc/fence_xvm.key",
170 "key_file_password": "abcdef"
177 description: Flavor for control nodes to request when deploying.
180 - custom_constraint: nova.flavor
181 GlanceNotifierStrategy:
182 description: Strategy to use for Glance notification queue
186 description: The filepath of the file to use for logging messages from Glance.
190 description: The password for the glance service and db account, used by the glance services.
195 description: The short name of the Glance backend to use. Should be one
196 of swift, rbd, or file
199 - allowed_values: ['swift', 'file', 'rbd']
200 GlanceFilePcmkDevice:
203 An exported storage device that should be mounted by Pacemaker
204 as Glance storage. Effective when GlanceFilePcmkManage is true.
206 GlanceFilePcmkFstype:
209 Filesystem type for Pacemaker mount used as Glance storage.
210 Effective when GlanceFilePcmkManage is true.
212 GlanceFilePcmkManage:
215 Whether to make Glance file backend a mount managed by Pacemaker.
216 Effective when GlanceBackend is 'file'.
218 GlanceFilePcmkOptions:
221 Mount options for Pacemaker mount used as Glance storage.
222 Effective when GlanceFilePcmkManage is true.
224 HAProxySyslogAddress:
226 description: Syslog address where HAproxy will send its log
230 description: Number of workers for Glance service.
233 description: The password for the Heat service and db account, used by the Heat services.
236 HeatStackDomainAdminPassword:
237 description: Password for heat_domain_admin user.
240 HeatAuthEncryptionKey:
241 description: Auth encryption key for heat-engine
246 description: A list of IP/Hostname allowed to connect to horizon
247 type: comma_delimited_list
250 description: Number of workers for Heat service.
253 description: Secret key for Django
258 default: overcloud-control
260 - custom_constraint: glance.image
262 default: 'REBUILD_PRESERVE_EPHEMERAL'
263 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
265 InstanceNameTemplate:
266 default: 'instance-%08x'
267 description: Template string to be used to generate instance names
271 description: Name of an existing Nova key pair to enable SSH access to the instances
274 - custom_constraint: nova.keypair
275 KeystoneCACertificate:
277 description: Keystone self-signed certificate authority certificate.
279 KeystoneEnableDBPurge:
282 Whether to create cron job for purging soft deleted rows in Keystone database.
284 KeystoneSigningCertificate:
286 description: Keystone certificate for verifying token validity.
290 description: Keystone key for signing tokens.
293 KeystoneSSLCertificate:
295 description: Keystone certificate for verifying token validity.
297 KeystoneSSLCertificateKey:
299 description: Keystone key for signing tokens.
302 KeystoneNotificationDriver:
303 description: Comma-separated list of Oslo notification drivers used by Keystone
304 default: ['messaging']
305 type: comma_delimited_list
306 KeystoneNotificationFormat:
307 description: The Keystone notification format
311 - allowed_values: [ 'basic', 'cadf' ]
315 description: Keystone region for endpoint
318 description: Whether to manage IPtables rules.
322 description: Whether IPtables rules should be purged before setting up the new ones.
326 description: Number of workers for Keystone service.
328 MysqlClusterUniquePart:
329 description: A unique identifier of the MySQL cluster the controller is in.
331 default: 'unset' # Has to be here because of the ignored empty value bug
332 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
334 # - length: {min: 4, max: 10}
335 MysqlInnodbBufferPoolSize:
337 Specifies the size of the buffer pool in megabytes. Setting to
338 zero should be interpreted as "no value" and will defer to the
343 description: Configures MySQL max_connections config setting
349 default: '' # Has to be here because of the ignored empty value bug
350 NeutronExternalNetworkBridge:
351 description: Name of bridge used for external network traffic.
354 NeutronBridgeMappings:
356 The OVS logical->physical bridge mappings to use. See the Neutron
357 documentation for details. Defaults to mapping br-ex - the external
358 bridge on hosts - to a physical name 'datacentre' which can be used
359 to create provider networks (and we use this for the default floating
360 network) - if changing this either use different post-install network
361 scripts or be sure to keep 'datacentre' as a mapping network name.
362 type: comma_delimited_list
363 default: "datacentre:br-ex"
364 NeutronDnsmasqOptions:
365 default: 'dhcp-option-force=26,1400'
366 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
368 NeutronEnableDHCPAgent:
369 description: Knob to enable/disable DHCP Agent
372 NeutronEnableL3Agent:
373 description: Knob to enable/disable L3 agent
376 NeutronEnableMetadataAgent:
377 description: Knob to enable/disable Metadata agent
380 NeutronEnableOVSAgent:
381 description: Knob to enable/disable OVS Agent
386 description: Agent mode for the neutron-l3-agent on the controller hosts
390 description: Whether to enable l3-agent HA
392 NeutronDhcpAgentsPerNetwork:
395 description: The number of neutron dhcp agents to schedule per network
398 description: Whether to configure Neutron Distributed Virtual Routers
400 NeutronMetadataProxySharedSecret:
401 description: Shared secret to prevent spoofing
407 The core plugin for Neutron. The value should be the entrypoint to be loaded
408 from neutron.core_plugins namespace.
410 NeutronServicePlugins:
411 default: "router,qos"
413 Comma-separated list of service plugin entrypoints to be loaded from the
414 neutron.service_plugins namespace.
415 type: comma_delimited_list
417 default: "vxlan,vlan,flat,gre"
419 Comma-separated list of network type driver entrypoints to be loaded.
420 type: comma_delimited_list
421 NeutronMechanismDrivers:
422 default: 'openvswitch'
424 The mechanism drivers for the Neutron tenant network.
425 type: comma_delimited_list
426 NeutronAllowL3AgentFailover:
428 description: Allow automatic l3-agent failover
430 NeutronEnableIsolatedMetadata:
432 description: If True, DHCP provide metadata route to VM.
434 NeutronEnableTunnelling:
440 Enable/disable the L2 population feature in the Neutron agents.
443 type: comma_delimited_list
444 default: 'datacentre'
445 description: If set, flat networks to configure in neutron plugins.
448 description: Whether to enable l3-agent HA
452 description: The tenant network type for Neutron.
453 type: comma_delimited_list
454 NeutronNetworkVLANRanges:
455 default: 'datacentre:1:1000'
457 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
458 Neutron documentation for permitted values. Defaults to permitting any
459 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
460 type: comma_delimited_list
462 description: The password for the neutron service and db account, used by neutron agents.
465 NeutronPublicInterface:
467 description: What interface to bridge onto br-ex for network nodes.
469 NeutronPublicInterfaceTag:
472 VLAN tag for creating a public VLAN. The tag will be used to
473 create an access port on the exterior bridge for each control plane node,
474 and that port will be given the IP address returned by neutron from the
475 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
476 overcloud.yaml to include the deployment of VLAN ports to the control
479 NeutronPublicInterfaceDefaultRoute:
481 description: A custom default route for the NeutronPublicInterface.
483 NeutronPublicInterfaceIP:
485 description: A custom IP address to put onto the NeutronPublicInterface.
487 NeutronPublicInterfaceRawDevice:
489 description: If set, the public interface is a vlan with this device as the raw device.
494 The tunnel types for the Neutron tenant network.
495 type: comma_delimited_list
496 NeutronTunnelIdRanges:
498 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
499 of GRE tunnel IDs that are available for tenant network allocation
500 default: ["1:1000", ]
501 type: comma_delimited_list
504 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
505 of VXLAN VNI IDs that are available for tenant network allocation
506 default: ["1:1000", ]
507 type: comma_delimited_list
508 NeutronPluginExtensions:
511 Comma-separated list of extensions enabled for the Neutron plugin.
512 type: comma_delimited_list
513 NeutronAgentExtensions:
516 Comma-separated list of extensions enabled for the Neutron agents.
517 type: comma_delimited_list
523 description: Number of workers for Neutron service.
528 Whether to create cron job for purging soft deleted rows in Nova database.
531 description: The password for the nova service and db account, used by nova-api.
536 description: Number of workers for Nova service.
540 description: Should MongoDb journaling be disabled
544 description: Comma-separated list of ntp servers
545 type: comma_delimited_list
548 description: The password for the 'pcsd' user.
550 PublicVirtualInterface:
553 Specifies the interface where the public-facing virtual ip will be assigned.
554 This should be int_public when a VLAN is being used.
558 default: '' # Has to be here because of the ignored empty value bug
561 default: '' # Has to be here because of the ignored empty value bug
565 description: The password for RabbitMQ
570 description: The username for RabbitMQ
575 Rabbit client subscriber parameter to specify
576 an SSL connection to the RabbitMQ host.
580 description: Set rabbit subscriber port, change this if using SSL
584 description: Configures RabbitMQ FD limit
588 default: '' # Has to be here because of the ignored empty value bug
589 SnmpdReadonlyUserName:
590 default: ro_snmp_user
591 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
593 SnmpdReadonlyUserPassword:
594 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
598 description: A random string to be used as a salt when hashing to determine mappings
604 description: Value of mount_check in Swift account/container/object -server.conf
609 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
612 description: Partition Power to use when building Swift rings
615 description: The password for the swift service account, used by the swift proxy
625 description: How many replicas to use in the swift rings.
628 description: Number of workers for Swift service.
632 description: The timezone to be set on controller nodes.
634 VirtualIP: # DEPRECATED: use per service settings instead
636 default: '' # Has to be here because of the ignored empty value bug
643 GlanceRegistryVirtualIP:
649 KeystoneAdminApiVirtualIP:
652 KeystonePublicApiVirtualIP:
658 EnablePackageInstall:
660 description: Set to true to enable package installation via Puppet
664 description: Mapping of service_name -> network name. Typically set
665 via parameter_defaults in the resource registry.
669 description: Mapping of service endpoint -> protocol. Typically set
670 via parameter_defaults in the resource registry.
676 Setting to a previously unused value during stack-update will trigger
677 package update on all nodes
680 default: '' # Defaults to Heat created hostname
681 NetworkDeploymentActions:
682 type: comma_delimited_list
684 Heat action when to apply network configuration changes
689 SoftwareConfigTransport:
690 default: POLL_SERVER_CFN
692 How the server should receive the metadata required for software configuration.
695 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
700 The DNS domain used for the hosts. This should match the dhcp_domain
701 configured in the Undercloud neutron. Defaults to localdomain.
705 Extra properties or metadata passed to Nova for the created nodes in
706 the overcloud. It's accessible via the Nova metadata API.
710 description: Optional scheduler hints to pass to nova
716 type: OS::Nova::Server
718 image: {get_param: Image}
719 image_update_policy: {get_param: ImageUpdatePolicy}
720 flavor: {get_param: Flavor}
721 key_name: {get_param: KeyName}
724 user_data_format: SOFTWARE_CONFIG
725 user_data: {get_resource: UserData}
726 name: {get_param: Hostname}
727 software_config_transport: {get_param: SoftwareConfigTransport}
728 metadata: {get_param: ServerMetadata}
729 scheduler_hints: {get_param: SchedulerHints}
731 # Combine the NodeAdminUserData and NodeUserData mime archives
733 type: OS::Heat::MultipartMime
736 - config: {get_resource: NodeAdminUserData}
738 - config: {get_resource: NodeUserData}
741 # Creates the "heat-admin" user if configured via the environment
742 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
744 type: OS::TripleO::NodeAdminUserData
746 # For optional operator additional userdata
747 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
749 type: OS::TripleO::NodeUserData
752 type: OS::TripleO::Controller::Ports::ExternalPort
754 IPPool: {get_param: ControllerIPs}
755 NodeIndex: {get_param: NodeIndex}
756 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
759 type: OS::TripleO::Controller::Ports::InternalApiPort
761 IPPool: {get_param: ControllerIPs}
762 NodeIndex: {get_param: NodeIndex}
763 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
766 type: OS::TripleO::Controller::Ports::StoragePort
768 IPPool: {get_param: ControllerIPs}
769 NodeIndex: {get_param: NodeIndex}
770 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
773 type: OS::TripleO::Controller::Ports::StorageMgmtPort
775 IPPool: {get_param: ControllerIPs}
776 NodeIndex: {get_param: NodeIndex}
777 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
780 type: OS::TripleO::Controller::Ports::TenantPort
782 IPPool: {get_param: ControllerIPs}
783 NodeIndex: {get_param: NodeIndex}
784 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
787 type: OS::TripleO::Controller::Ports::ManagementPort
789 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
792 type: OS::TripleO::Network::Ports::NetIpMap
794 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
795 ExternalIp: {get_attr: [ExternalPort, ip_address]}
796 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
797 StorageIp: {get_attr: [StoragePort, ip_address]}
798 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
799 TenantIp: {get_attr: [TenantPort, ip_address]}
800 ManagementIp: {get_attr: [ManagementPort, ip_address]}
803 type: OS::TripleO::Network::Ports::NetIpSubnetMap
805 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
806 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
807 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
808 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
809 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
810 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
811 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
814 type: OS::TripleO::Controller::Net::SoftwareConfig
816 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
817 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
818 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
819 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
820 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
821 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
822 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
825 type: OS::TripleO::SoftwareDeployment
827 config: {get_resource: NetworkConfig}
828 server: {get_resource: Controller}
829 actions: {get_param: NetworkDeploymentActions}
832 interface_name: {get_param: NeutronPublicInterface}
834 # Resource for site-specific injection of root certificate
836 depends_on: NetworkDeployment
837 type: OS::TripleO::NodeTLSCAData
839 server: {get_resource: Controller}
841 # Resource for site-specific passing of private keys/certificates
843 depends_on: NodeTLSCAData
844 type: OS::TripleO::NodeTLSData
846 server: {get_resource: Controller}
847 NodeIndex: {get_param: NodeIndex}
849 ControllerDeployment:
850 type: OS::TripleO::SoftwareDeployment
851 depends_on: NetworkDeployment
853 config: {get_resource: ControllerConfig}
854 server: {get_resource: Controller}
856 bootstack_nodeid: {get_attr: [Controller, name]}
857 ceilometer_workers: {get_param: CeilometerWorkers}
858 cinder_workers: {get_param: CinderWorkers}
859 glance_workers: {get_param: GlanceWorkers}
860 heat_workers: {get_param: HeatWorkers}
861 keystone_workers: {get_param: KeystoneWorkers}
862 nova_workers: {get_param: NovaWorkers}
863 neutron_workers: {get_param: NeutronWorkers}
864 swift_workers: {get_param: SwiftWorkers}
865 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
866 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
867 neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
868 haproxy_log_address: {get_param: HAProxySyslogAddress}
869 heat.watch_server_url:
873 - {get_param: HeatApiVirtualIP}
875 heat.metadata_server_url:
879 - {get_param: HeatApiVirtualIP}
881 heat.waitcondition_server_url:
885 - {get_param: HeatApiVirtualIP}
886 - ':8000/v1/waitcondition'
887 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
888 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
889 horizon_secret: {get_param: HorizonSecret}
890 admin_email: {get_param: AdminEmail}
891 admin_password: {get_param: AdminPassword}
892 admin_token: {get_param: AdminToken}
893 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
894 debug: {get_param: Debug}
895 cinder_enable_db_purge: {get_param: CinderEnableDBPurge}
896 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
897 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
898 cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
903 SERVERS: {get_param: CinderNfsServers}
904 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
905 cinder_password: {get_param: CinderPassword}
906 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
907 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
908 cinder_backend_config: {get_param: CinderBackendConfig}
912 - - 'mysql://cinder:'
913 - {get_param: CinderPassword}
915 - {get_param: MysqlVirtualIP}
917 glance_port: {get_param: [EndpointMap, GlanceInternal, port]}
918 glance_password: {get_param: GlancePassword}
919 glance_backend: {get_param: GlanceBackend}
920 glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice}
921 glance_file_pcmk_fstype: {get_param: GlanceFilePcmkFstype}
922 glance_file_pcmk_manage: {get_param: GlanceFilePcmkManage}
923 glance_file_pcmk_options: {get_param: GlanceFilePcmkOptions}
924 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
925 glance_log_file: {get_param: GlanceLogFile}
929 - - 'mysql://glance:'
930 - {get_param: GlancePassword}
932 - {get_param: MysqlVirtualIP}
934 heat_password: {get_param: HeatPassword}
935 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
940 - {get_param: HeatPassword}
942 - {get_param: MysqlVirtualIP}
944 keystone_ca_certificate: {get_param: KeystoneCACertificate}
945 keystone_signing_key: {get_param: KeystoneSigningKey}
946 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
947 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
948 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
949 keystone_notification_driver: {get_param: KeystoneNotificationDriver}
950 keystone_notification_format: {get_param: KeystoneNotificationFormat}
951 keystone_enable_db_purge: {get_param: KeystoneEnableDBPurge}
955 - - 'mysql://keystone:'
956 - {get_param: AdminToken}
958 - {get_param: MysqlVirtualIP}
960 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
961 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
962 keystone_public_url: { get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
963 keystone_internal_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
964 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
965 enable_fencing: {get_param: EnableFencing}
966 enable_galera: {get_param: EnableGalera}
967 enable_load_balancer: {get_param: EnableLoadBalancer}
968 enable_ceph_storage: {get_param: EnableCephStorage}
969 enable_swift_storage: {get_param: EnableSwiftStorage}
970 manage_firewall: {get_param: ManageFirewall}
971 purge_firewall_rules: {get_param: PurgeFirewallRules}
972 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
973 mysql_max_connections: {get_param: MysqlMaxConnections}
974 mysql_root_password: {get_param: MysqlRootPassword}
977 template: tripleo-CLUSTER
979 CLUSTER: {get_param: MysqlClusterUniquePart}
980 neutron_flat_networks:
984 NETWORKS: {get_param: NeutronFlatNetworks}
985 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
986 neutron_agent_mode: {get_param: NeutronAgentMode}
987 neutron_router_distributed: {get_param: NeutronDVR}
988 neutron_core_plugin: {get_param: NeutronCorePlugin}
989 neutron_service_plugins:
993 PLUGINS: {get_param: NeutronServicePlugins}
994 neutron_type_drivers:
998 DRIVERS: {get_param: NeutronTypeDrivers}
999 neutron_enable_dhcp_agent: {get_param: NeutronEnableDHCPAgent}
1000 neutron_enable_l3_agent: {get_param: NeutronEnableL3Agent}
1001 neutron_enable_metadata_agent: {get_param: NeutronEnableMetadataAgent}
1002 neutron_enable_ovs_agent: {get_param: NeutronEnableOVSAgent}
1003 neutron_mechanism_drivers:
1005 template: MECHANISMS
1007 MECHANISMS: {get_param: NeutronMechanismDrivers}
1008 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
1009 neutron_l3_ha: {get_param: NeutronL3HA}
1010 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
1011 neutron_network_vlan_ranges:
1015 RANGES: {get_param: NeutronNetworkVLANRanges}
1016 neutron_bridge_mappings:
1020 MAPPINGS: {get_param: NeutronBridgeMappings}
1021 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
1022 neutron_public_interface: {get_param: NeutronPublicInterface}
1023 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
1024 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
1025 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
1026 neutron_tunnel_id_ranges:
1030 RANGES: {get_param: NeutronTunnelIdRanges}
1035 RANGES: {get_param: NeutronVniRanges}
1036 neutron_tenant_network_types:
1040 TYPES: {get_param: NeutronNetworkType}
1041 neutron_tunnel_types:
1045 TYPES: {get_param: NeutronTunnelTypes}
1046 neutron_plugin_extensions:
1048 template: PLUGIN_EXTENSIONS
1050 PLUGIN_EXTENSIONS: {get_param: NeutronPluginExtensions}
1051 neutron_agent_extensions:
1053 template: AGENT_EXTENSIONS
1055 AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
1056 neutron_password: {get_param: NeutronPassword}
1057 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
1061 - - 'mysql://neutron:'
1062 - {get_param: NeutronPassword}
1064 - {get_param: MysqlVirtualIP}
1065 - '/ovs_neutron?charset=utf8'
1066 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
1067 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
1068 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
1069 neutron_admin_auth_url: { get_param: [ EndpointMap, KeystoneAdmin, uri ] }
1070 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
1071 ceilometer_backend: {get_param: CeilometerBackend}
1072 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
1073 ceilometer_password: {get_param: CeilometerPassword}
1074 ceilometer_coordination_url:
1078 - {get_param: RedisVirtualIP}
1083 - - 'mysql://ceilometer:'
1084 - {get_param: CeilometerPassword}
1086 - {get_param: MysqlVirtualIP}
1088 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
1089 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
1090 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
1091 nova_password: {get_param: NovaPassword}
1096 - {get_param: NovaPassword}
1098 - {get_param: MysqlVirtualIP}
1100 instance_name_template: {get_param: InstanceNameTemplate}
1101 fencing_config: {get_param: FencingConfig}
1102 pcsd_password: {get_param: PcsdPassword}
1103 rabbit_username: {get_param: RabbitUserName}
1104 rabbit_password: {get_param: RabbitPassword}
1105 rabbit_cookie: {get_param: RabbitCookie}
1106 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
1107 rabbit_client_port: {get_param: RabbitClientPort}
1108 mongodb_no_journal: {get_param: MongoDbNoJournal}
1109 # We need to force this into quotes or hiera will return integer causing
1110 # the puppet module validation regexp to fail.
1111 # Remove when: https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/401
1116 LIMIT: {get_param: RabbitFDLimit}
1117 ntp_servers: {get_param: NtpServer}
1118 timezone: {get_param: TimeZone}
1119 control_virtual_interface: {get_param: ControlVirtualInterface}
1120 public_virtual_interface: {get_param: PublicVirtualInterface}
1121 swift_hash_suffix: {get_param: SwiftHashSuffix}
1122 swift_password: {get_param: SwiftPassword}
1123 swift_part_power: {get_param: SwiftPartPower}
1124 swift_replicas: {get_param: SwiftReplicas}
1125 swift_min_part_hours: {get_param: SwiftMinPartHours}
1126 swift_mount_check: {get_param: SwiftMountCheck}
1127 enable_package_install: {get_param: EnablePackageInstall}
1128 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
1129 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
1130 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1131 cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
1132 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
1133 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
1134 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
1135 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
1136 glance_registry_host: {get_param: GlanceRegistryVirtualIP}
1137 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
1138 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
1139 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
1140 keystone_region: {get_param: KeystoneRegion}
1141 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
1142 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
1143 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
1144 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
1145 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
1146 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
1147 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
1148 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
1149 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
1150 redis_vip: {get_param: RedisVirtualIP}
1151 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1152 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
1153 mysql_virtual_ip: {get_param: MysqlVirtualIP}
1154 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
1155 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1156 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1158 # Map heat metadata into hiera datafiles
1160 type: OS::Heat::StructuredConfig
1162 group: os-apply-config
1167 - heat_config_%{::deploy_config_name}
1168 - controller_extraconfig
1173 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
1174 - ceph_cluster # provided by CephClusterConfig
1176 - bootstrap_node # provided by BootstrapNodeConfig
1177 - all_nodes # provided by allNodesConfig
1178 - vip_data # provided by vip-config
1181 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
1182 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
1183 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
1184 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
1185 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
1186 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
1187 - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
1188 - midonet_data #Optionally provided by AllNodesExtraConfig
1190 controller_extraconfig:
1191 mapped_data: {get_param: ControllerExtraConfig}
1193 mapped_data: {get_param: ExtraConfig}
1195 raw_data: {get_file: hieradata/common.yaml}
1197 raw_data: {get_file: hieradata/ceph.yaml}
1199 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
1200 ceph::profile::params::public_network: {get_input: ceph_public_network}
1201 ceph::mon::public_addr: {get_input: ceph_public_ip}
1203 raw_data: {get_file: hieradata/database.yaml}
1205 raw_data: {get_file: hieradata/object.yaml}
1207 raw_data: {get_file: hieradata/controller.yaml}
1208 mapped_data: # data supplied directly to this deployment configuration, etc
1209 bootstack_nodeid: {get_input: bootstack_nodeid}
1212 enable_fencing: {get_input: enable_fencing}
1213 enable_load_balancer: {get_input: enable_load_balancer}
1214 hacluster_pwd: {get_input: pcsd_password}
1215 tripleo::fencing::config: {get_input: fencing_config}
1218 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
1219 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
1220 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
1221 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
1222 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
1223 swift::proxy::authtoken::admin_password: {get_input: swift_password}
1224 swift::proxy::workers: {get_input: swift_workers}
1225 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
1226 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
1227 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
1228 swift_mount_check: {get_input: swift_mount_check}
1230 # NOTE(dprince): build_ring support is currently not wired in.
1231 # See: https://review.openstack.org/#/c/109225/
1232 tripleo::ringbuilder::build_ring: True
1235 cinder_enable_db_purge: {get_input: cinder_enable_db_purge}
1236 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
1237 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
1238 cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
1239 cinder_nfs_servers: {get_input: cinder_nfs_servers}
1240 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
1241 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
1242 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
1243 cinder::database_connection: {get_input: cinder_dsn}
1244 cinder::api::keystone_password: {get_input: cinder_password}
1245 cinder::api::auth_uri: {get_input: keystone_auth_uri}
1246 cinder::api::identity_uri: {get_input: keystone_identity_uri}
1247 cinder::api::bind_host: {get_input: cinder_api_network}
1248 cinder::rabbit_userid: {get_input: rabbit_username}
1249 cinder::rabbit_password: {get_input: rabbit_password}
1250 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1251 cinder::rabbit_port: {get_input: rabbit_client_port}
1252 cinder::debug: {get_input: debug}
1253 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
1254 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
1255 cinder_backend_config: {get_input: CinderBackendConfig}
1256 cinder::db::mysql::password: {get_input: cinder_password}
1259 glance::api::bind_port: {get_input: glance_port}
1260 glance::api::bind_host: {get_input: glance_api_network}
1261 glance::api::auth_uri: {get_input: keystone_auth_uri}
1262 glance::api::identity_uri: {get_input: keystone_identity_uri}
1263 glance::api::registry_host: {get_input: glance_registry_host}
1264 glance::api::keystone_password: {get_input: glance_password}
1265 glance::api::debug: {get_input: debug}
1266 glance::api::workers: {get_input: glance_workers}
1267 glance_notifier_strategy: {get_input: glance_notifier_strategy}
1268 glance_log_file: {get_input: glance_log_file}
1269 glance_log_file: {get_input: glance_log_file}
1270 glance::api::database_connection: {get_input: glance_dsn}
1271 glance::registry::keystone_password: {get_input: glance_password}
1272 glance::registry::database_connection: {get_input: glance_dsn}
1273 glance::registry::bind_host: {get_input: glance_registry_network}
1274 glance::registry::auth_uri: {get_input: keystone_auth_uri}
1275 glance::registry::identity_uri: {get_input: keystone_identity_uri}
1276 glance::registry::debug: {get_input: debug}
1277 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_uri}
1278 glance::registry::workers: {get_input: glance_workers}
1279 glance::backend::swift::swift_store_user: service:glance
1280 glance::backend::swift::swift_store_key: {get_input: glance_password}
1281 glance_backend: {get_input: glance_backend}
1282 glance::db::mysql::password: {get_input: glance_password}
1283 glance_file_pcmk_device: {get_input: glance_file_pcmk_device}
1284 glance_file_pcmk_fstype: {get_input: glance_file_pcmk_fstype}
1285 glance_file_pcmk_manage: {get_input: glance_file_pcmk_manage}
1286 glance_file_pcmk_options: {get_input: glance_file_pcmk_options}
1289 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
1290 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
1291 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
1292 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
1293 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
1294 heat::rabbit_userid: {get_input: rabbit_username}
1295 heat::rabbit_password: {get_input: rabbit_password}
1296 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1297 heat::rabbit_port: {get_input: rabbit_client_port}
1298 heat::auth_uri: {get_input: keystone_auth_uri}
1299 heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
1300 heat::identity_uri: {get_input: keystone_identity_uri}
1301 heat::keystone_password: {get_input: heat_password}
1302 heat::api::bind_host: {get_input: heat_api_network}
1303 heat::api::workers: {get_input: heat_workers}
1304 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
1305 heat::api_cloudwatch::workers: {get_input: heat_workers}
1306 heat::api_cfn::bind_host: {get_input: heat_api_network}
1307 heat::api_cfn::workers: {get_input: heat_workers}
1308 heat::database_connection: {get_input: heat_dsn}
1309 heat::debug: {get_input: debug}
1310 heat::db::mysql::password: {get_input: heat_password}
1313 keystone::admin_token: {get_input: admin_token}
1314 keystone_ca_certificate: {get_input: keystone_ca_certificate}
1315 keystone_signing_key: {get_input: keystone_signing_key}
1316 keystone_signing_certificate: {get_input: keystone_signing_certificate}
1317 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
1318 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
1319 keystone::database_connection: {get_input: keystone_dsn}
1320 keystone::public_bind_host: {get_input: keystone_public_api_network}
1321 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
1322 keystone::debug: {get_input: debug}
1323 keystone::db::mysql::password: {get_input: admin_token}
1324 keystone::rabbit_userid: {get_input: rabbit_username}
1325 keystone::rabbit_password: {get_input: rabbit_password}
1326 keystone::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1327 keystone::rabbit_port: {get_input: rabbit_client_port}
1328 keystone::notification_driver: {get_input: keystone_notification_driver}
1329 keystone::notification_format: {get_input: keystone_notification_format}
1330 keystone::roles::admin::email: {get_input: admin_email}
1331 keystone::roles::admin::password: {get_input: admin_password}
1332 keystone::endpoint::public_url: {get_input: keystone_public_url}
1333 keystone::endpoint::internal_url: {get_input: keystone_internal_url}
1334 keystone::endpoint::admin_url: {get_input: keystone_identity_uri}
1335 keystone::endpoint::region: {get_input: keystone_region}
1336 keystone::admin_workers: {get_input: keystone_workers}
1337 keystone::public_workers: {get_input: keystone_workers}
1338 keystone_enable_db_purge: {get_input: keystone_enable_db_purge}
1339 keystone::public_endpoint: {get_input: keystone_public_url}
1341 mongodb::server::bind_ip: {get_input: mongo_db_network}
1342 mongodb::server::nojournal: {get_input: mongodb_no_journal}
1344 admin_password: {get_input: admin_password}
1345 enable_galera: {get_input: enable_galera}
1346 enable_ceph_storage: {get_input: enable_ceph_storage}
1347 enable_swift_storage: {get_input: enable_swift_storage}
1348 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
1349 mysql_max_connections: {get_input: mysql_max_connections}
1350 mysql::server::root_password: {get_input: mysql_root_password}
1351 mysql_cluster_name: {get_input: mysql_cluster_name}
1352 mysql_bind_host: {get_input: mysql_network}
1353 mysql_virtual_ip: {get_input: mysql_virtual_ip}
1356 neutron::bind_host: {get_input: neutron_api_network}
1357 neutron::rabbit_password: {get_input: rabbit_password}
1358 neutron::rabbit_user: {get_input: rabbit_username}
1359 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1360 neutron::rabbit_port: {get_input: rabbit_client_port}
1361 neutron::debug: {get_input: debug}
1362 neutron::server::auth_uri: {get_input: keystone_auth_uri}
1363 neutron::server::identity_uri: {get_input: keystone_identity_uri}
1364 neutron::server::database_connection: {get_input: neutron_dsn}
1365 neutron::server::api_workers: {get_input: neutron_workers}
1366 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
1367 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
1368 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
1369 neutron::agents::dhcp::enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata}
1370 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
1371 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
1372 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1373 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
1374 neutron::agents::metadata::metadata_workers: {get_input: neutron_workers}
1375 neutron_agent_mode: {get_input: neutron_agent_mode}
1376 neutron_router_distributed: {get_input: neutron_router_distributed}
1377 neutron::core_plugin: {get_input: neutron_core_plugin}
1378 neutron::service_plugins: {get_input: neutron_service_plugins}
1379 neutron::enable_dhcp_agent: {get_input: neutron_enable_dhcp_agent}
1380 neutron::enable_l3_agent: {get_input: neutron_enable_l3_agent}
1381 neutron::enable_metadata_agent: {get_input: neutron_enable_metadata_agent}
1382 neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent}
1383 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
1384 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
1385 neutron::plugins::ml2::extension_drivers: {get_input: neutron_plugin_extensions}
1386 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
1387 neutron::server::l3_ha: {get_input: neutron_l3_ha}
1388 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
1389 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
1390 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
1391 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
1392 neutron::agents::ml2::ovs:bridge_mappings: {get_input: neutron_bridge_mappings}
1393 neutron_public_interface: {get_input: neutron_public_interface}
1394 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
1395 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
1396 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
1397 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
1398 neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types}
1399 neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions}
1400 neutron::server::auth_password: {get_input: neutron_password}
1401 neutron::agents::metadata::auth_password: {get_input: neutron_password}
1402 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
1403 neutron_dsn: {get_input: neutron_dsn}
1404 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1405 neutron::db::mysql::password: {get_input: neutron_password}
1406 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
1407 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
1408 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
1409 neutron::keystone::auth::password: {get_input: neutron_password }
1410 neutron::keystone::auth::region: {get_input: keystone_region}
1411 neutron::server::notifications::nova_url: {get_input: nova_internal_url}
1412 neutron::server::notifications::auth_url: {get_input: neutron_admin_auth_url}
1413 neutron::server::notifications::tenant_name: 'service'
1414 neutron::server::notifications::password: {get_input: nova_password}
1417 ceilometer_backend: {get_input: ceilometer_backend}
1418 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1419 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1420 ceilometer::rabbit_userid: {get_input: rabbit_username}
1421 ceilometer::rabbit_password: {get_input: rabbit_password}
1422 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1423 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1424 ceilometer::debug: {get_input: debug}
1425 ceilometer::api::host: {get_input: ceilometer_api_network}
1426 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1427 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1428 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1429 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1430 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
1431 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1432 ceilometer::db::mysql::password: {get_input: ceilometer_password}
1433 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1434 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1437 nova::rabbit_userid: {get_input: rabbit_username}
1438 nova::rabbit_password: {get_input: rabbit_password}
1439 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1440 nova::rabbit_port: {get_input: rabbit_client_port}
1441 nova::debug: {get_input: debug}
1442 nova::api::auth_uri: {get_input: keystone_auth_uri}
1443 nova::api::identity_uri: {get_input: keystone_identity_uri}
1444 nova::api::api_bind_address: {get_input: nova_api_network}
1445 nova::api::metadata_listen: {get_input: nova_metadata_network}
1446 nova::api::admin_password: {get_input: nova_password}
1447 nova::api::osapi_compute_workers: {get_input: nova_workers}
1448 nova::api::ec2_workers: {get_input: nova_workers}
1449 nova::api::metadata_workers: {get_input: nova_workers}
1450 nova::database_connection: {get_input: nova_dsn}
1451 nova::glance_api_servers: {get_input: glance_api_servers}
1452 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1453 nova::api::instance_name_template: {get_input: instance_name_template}
1454 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
1455 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1456 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
1457 nova::vncproxy::host: {get_input: nova_api_network}
1458 nova::db::mysql::password: {get_input: nova_password}
1459 nova_enable_db_purge: {get_input: nova_enable_db_purge}
1462 apache::ip: {get_input: horizon_network}
1463 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1464 horizon::django_debug: {get_input: debug}
1465 horizon::secret_key: {get_input: horizon_secret}
1466 horizon::bind_address: {get_input: horizon_network}
1467 horizon::keystone_url: {get_input: keystone_auth_uri}
1470 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1471 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1472 rabbitmq::file_limit: {get_input: rabbit_fd_limit}
1473 rabbitmq::default_user: {get_input: rabbit_username}
1474 rabbitmq::default_pass: {get_input: rabbit_password}
1476 redis::bind: {get_input: redis_network}
1477 redis_vip: {get_input: redis_vip}
1479 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1480 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1482 memcached::listen_ip: {get_input: memcached_network}
1483 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1484 ntp::servers: {get_input: ntp_servers}
1485 timezone::timezone: {get_input: timezone}
1486 control_virtual_interface: {get_input: control_virtual_interface}
1487 public_virtual_interface: {get_input: public_virtual_interface}
1488 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1489 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1490 tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address}
1491 tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1492 tripleo::packages::enable_install: {get_input: enable_package_install}
1493 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1495 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1496 ControllerExtraConfigPre:
1497 depends_on: ControllerDeployment
1498 type: OS::TripleO::ControllerExtraConfigPre
1500 server: {get_resource: Controller}
1502 # Hook for site-specific additional pre-deployment config,
1503 # applying to all nodes, e.g node registration/unregistration
1505 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1506 type: OS::TripleO::NodeExtraConfig
1508 server: {get_resource: Controller}
1511 type: OS::TripleO::Tasks::PackageUpdate
1514 type: OS::Heat::SoftwareDeployment
1516 config: {get_resource: UpdateConfig}
1517 server: {get_resource: Controller}
1520 get_param: UpdateIdentifier
1524 description: IP address of the server in the ctlplane network
1525 value: {get_attr: [Controller, networks, ctlplane, 0]}
1526 external_ip_address:
1527 description: IP address of the server in the external network
1528 value: {get_attr: [ExternalPort, ip_address]}
1529 internal_api_ip_address:
1530 description: IP address of the server in the internal_api network
1531 value: {get_attr: [InternalApiPort, ip_address]}
1533 description: IP address of the server in the storage network
1534 value: {get_attr: [StoragePort, ip_address]}
1535 storage_mgmt_ip_address:
1536 description: IP address of the server in the storage_mgmt network
1537 value: {get_attr: [StorageMgmtPort, ip_address]}
1539 description: IP address of the server in the tenant network
1540 value: {get_attr: [TenantPort, ip_address]}
1541 management_ip_address:
1542 description: IP address of the server in the management network
1543 value: {get_attr: [ManagementPort, ip_address]}
1545 description: Hostname of the server
1546 value: {get_attr: [Controller, name]}
1549 Node object in the format {ip: ..., name: ...} format that the corosync
1552 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1553 name: {get_attr: [Controller, name]}
1556 Server's IP address and hostname in the /etc/hosts format
1559 template: IP HOST.DOMAIN HOST CLOUDNAME
1561 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1562 DOMAIN: {get_param: CloudDomain}
1563 HOST: {get_attr: [Controller, name]}
1564 CLOUDNAME: {get_param: CloudName}
1565 nova_server_resource:
1566 description: Heat resource handle for the Nova compute server
1568 {get_resource: Controller}
1570 description: Swift device formatted for swift-ring-builder
1573 template: 'r1z1-IP:%PORT%/d1'
1575 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1576 swift_proxy_memcache:
1577 description: Swift proxy-memcache value
1580 template: "IP:11211"
1582 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1584 description: identifier which changes if the controller configuration may need re-applying
1588 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1589 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1590 - {get_attr: [NodeTLSData, deploy_stdout]}
1591 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1592 - {get_param: UpdateIdentifier}
1593 tls_key_modulus_md5:
1594 description: MD5 checksum of the TLS Key Modulus
1595 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1596 tls_cert_modulus_md5:
1597 description: MD5 checksum of the TLS Certificate Modulus
1598 value: {get_attr: [NodeTLSData, cert_modulus_md5]}