1 heat_template_version: 2016-04-08
4 OpenStack controller node configured by Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
15 description: The password for the aodh services.
18 #TODO(composable Redis): Remove the Redis password param
19 #As is used by ceilometer
20 CeilometerApiVirtualIP:
25 description: The ceilometer backend type.
27 CeilometerMeteringSecret:
28 description: Secret shared by the ceilometer services.
32 description: The password for the ceilometer service and db account.
35 CeilometerStoreEvents:
37 description: Whether to store events in ceilometer.
39 CeilometerMeterDispatcher:
41 description: Dispatcher to process meter data
44 - allowed_values: ['gnocchi', 'database']
50 description: Number of workers for Ceilometer service.
52 controllerExtraConfig:
55 Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
57 ControllerExtraConfig:
60 Controller specific hiera configuration data to inject into the cluster.
65 A network mapped list of IPs to assign to Controllers in the following form:
67 "internal_api": ["a.b.c.d", "e.f.g.h"],
71 ControlVirtualInterface:
73 description: Interface where virtual ip will be assigned.
77 description: Enable IPv6 in Corosync
81 description: Set to True to enable debugging on all services.
85 description: Whether to enable fencing in Pacemaker or not.
89 description: Whether to use Galera instead of regular MariaDB.
93 description: Whether to deploy a LoadBalancer on the Controller
97 description: Whether to deploy Ceph Storage (OSD) on the Controller
102 Additional hieradata to inject into the cluster, note that
103 ControllerExtraConfig takes precedence over ExtraConfig.
108 Pacemaker fencing configuration. The JSON should have
109 the following structure:
113 "agent": "AGENT_NAME",
114 "host_mac": "HOST_MAC_ADDRESS",
115 "params": {"PARAM_NAME": "PARAM_VALUE"}
123 "agent": "fence_xvm",
124 "host_mac": "52:54:00:aa:bb:cc",
126 "multicast_address": "225.0.0.12",
127 "port": "baremetal_0",
129 "manage_key_file": true,
130 "key_file": "/etc/fence_xvm.key",
131 "key_file_password": "abcdef"
138 description: Flavor for control nodes to request when deploying.
141 - custom_constraint: nova.flavor
144 description: The short name of the Gnocchi backend to use. Should be one
145 of swift, rbd, or file
148 - allowed_values: ['swift', 'file', 'rbd']
149 GnocchiIndexerBackend:
151 description: The short name of the Gnocchi indexer backend to use.
157 description: The password for the gnocchi service and db account.
160 HAProxyStatsPassword:
161 description: Password for HAProxy stats endpoint
164 description: User for HAProxy stats endpoint
167 HAProxySyslogAddress:
169 description: Syslog address where HAproxy will send its log
171 HeatAuthEncryptionKey:
172 description: Auth encryption key for heat-engine
177 description: A list of IP/Hostname allowed to connect to horizon
178 type: comma_delimited_list
180 description: Secret key for Django
185 default: overcloud-control
187 - custom_constraint: glance.image
189 default: 'REBUILD_PRESERVE_EPHEMERAL'
190 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
192 InstanceNameTemplate:
193 default: 'instance-%08x'
194 description: Template string to be used to generate instance names
198 description: Name of an existing Nova key pair to enable SSH access to the instances
201 - custom_constraint: nova.keypair
205 description: Keystone region for endpoint
208 description: Whether to manage IPtables rules.
212 description: Enable IPv6 features in Memcached.
216 description: Whether IPtables rules should be purged before setting up the new ones.
221 MysqlClusterUniquePart:
222 description: A unique identifier of the MySQL cluster the controller is in.
224 default: 'unset' # Has to be here because of the ignored empty value bug
225 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
227 # - length: {min: 4, max: 10}
228 MysqlInnodbBufferPoolSize:
230 Specifies the size of the buffer pool in megabytes. Setting to
231 zero should be interpreted as "no value" and will defer to the
236 description: Configures MySQL max_connections config setting
239 MysqlClustercheckPassword:
245 default: '' # Has to be here because of the ignored empty value bug
246 NeutronMetadataProxySharedSecret:
247 description: Shared secret to prevent spoofing
251 description: The password for the neutron service and db account, used by neutron agents.
254 NeutronPublicInterface:
256 description: What interface to bridge onto br-ex for network nodes.
260 The default MTU for tenant networks. For VXLAN/GRE tunneling, this should
261 be at least 50 bytes smaller than the MTU on the physical network. This
262 value will be used to set the MTU on the virtual Ethernet device.
263 This number is related to the value of NeutronDnsmasqOptions, since that
264 will determine the MTU that is assigned to the VM host through DHCP.
273 Whether to create cron job for purging soft deleted rows in Nova database.
277 description: Enable IPv6 features in Nova
280 description: The password for the nova service and db account, used by nova-api.
285 description: The password for the 'pcsd' user.
287 PublicVirtualInterface:
290 Specifies the interface where the public-facing virtual ip will be assigned.
291 This should be int_public when a VLAN is being used.
295 default: '' # Has to be here because of the ignored empty value bug
298 default: '' # Has to be here because of the ignored empty value bug
301 description: The password for RabbitMQ
306 description: The username for RabbitMQ
311 Rabbit client subscriber parameter to specify
312 an SSL connection to the RabbitMQ host.
316 description: Set rabbit subscriber port, change this if using SSL
319 description: The password for Redis
324 default: '' # Has to be here because of the ignored empty value bug
327 default: '' # Has to be here because of the ignored empty value bug
328 description: An IP address which is wrapped in brackets in case of IPv6
330 description: A random string to be used as a salt when hashing to determine mappings
337 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
340 description: Partition Power to use when building Swift rings
344 description: Whether to manage Swift rings or not
352 description: How many replicas to use in the swift rings.
355 description: The timezone to be set on controller nodes.
357 UpgradeLevelNovaCompute:
359 description: Nova Compute upgrade level
361 VirtualIP: # DEPRECATED: use per service settings instead
363 default: '' # Has to be here because of the ignored empty value bug
376 EnablePackageInstall:
378 description: Set to true to enable package installation via Puppet
382 description: Mapping of service_name -> network name. Typically set
383 via parameter_defaults in the resource registry.
387 description: Mapping of service endpoint -> protocol. Typically set
388 via parameter_defaults in the resource registry.
394 Setting to a previously unused value during stack-update will trigger
395 package update on all nodes
398 default: '' # Defaults to Heat created hostname
402 description: Optional mapping to override hostnames
403 NetworkDeploymentActions:
404 type: comma_delimited_list
406 Heat action when to apply network configuration changes
411 SoftwareConfigTransport:
412 default: POLL_SERVER_CFN
414 How the server should receive the metadata required for software configuration.
417 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
422 The DNS domain used for the hosts. This should match the dhcp_domain
423 configured in the Undercloud neutron. Defaults to localdomain.
427 Extra properties or metadata passed to Nova for the created nodes in
428 the overcloud. It's accessible via the Nova metadata API.
432 description: Optional scheduler hints to pass to nova
434 ServiceConfigSettings:
440 description: Do not use deprecated params, they will be removed.
442 - controllerExtraConfig
447 type: OS::Nova::Server
449 image: {get_param: Image}
450 image_update_policy: {get_param: ImageUpdatePolicy}
451 flavor: {get_param: Flavor}
452 key_name: {get_param: KeyName}
455 user_data_format: SOFTWARE_CONFIG
456 user_data: {get_resource: UserData}
459 template: {get_param: Hostname}
460 params: {get_param: HostnameMap}
461 software_config_transport: {get_param: SoftwareConfigTransport}
462 metadata: {get_param: ServerMetadata}
463 scheduler_hints: {get_param: SchedulerHints}
465 # Combine the NodeAdminUserData and NodeUserData mime archives
467 type: OS::Heat::MultipartMime
470 - config: {get_resource: NodeAdminUserData}
472 - config: {get_resource: NodeUserData}
475 # Creates the "heat-admin" user if configured via the environment
476 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
478 type: OS::TripleO::NodeAdminUserData
480 # For optional operator additional userdata
481 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
483 type: OS::TripleO::NodeUserData
486 type: OS::TripleO::Controller::Ports::ExternalPort
488 IPPool: {get_param: ControllerIPs}
489 NodeIndex: {get_param: NodeIndex}
490 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
493 type: OS::TripleO::Controller::Ports::InternalApiPort
495 IPPool: {get_param: ControllerIPs}
496 NodeIndex: {get_param: NodeIndex}
497 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
500 type: OS::TripleO::Controller::Ports::StoragePort
502 IPPool: {get_param: ControllerIPs}
503 NodeIndex: {get_param: NodeIndex}
504 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
507 type: OS::TripleO::Controller::Ports::StorageMgmtPort
509 IPPool: {get_param: ControllerIPs}
510 NodeIndex: {get_param: NodeIndex}
511 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
514 type: OS::TripleO::Controller::Ports::TenantPort
516 IPPool: {get_param: ControllerIPs}
517 NodeIndex: {get_param: NodeIndex}
518 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
521 type: OS::TripleO::Controller::Ports::ManagementPort
523 IPPool: {get_param: ControllerIPs}
524 NodeIndex: {get_param: NodeIndex}
525 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
528 type: OS::TripleO::Network::Ports::NetIpMap
530 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
531 ExternalIp: {get_attr: [ExternalPort, ip_address]}
532 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
533 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
534 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
535 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
536 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
537 StorageIp: {get_attr: [StoragePort, ip_address]}
538 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
539 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
540 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
541 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
542 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
543 TenantIp: {get_attr: [TenantPort, ip_address]}
544 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
545 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
546 ManagementIp: {get_attr: [ManagementPort, ip_address]}
547 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
548 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
551 type: OS::TripleO::Controller::Net::SoftwareConfig
553 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
554 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
555 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
556 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
557 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
558 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
559 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
562 type: OS::TripleO::SoftwareDeployment
564 name: NetworkDeployment
565 config: {get_resource: NetworkConfig}
566 server: {get_resource: Controller}
567 actions: {get_param: NetworkDeploymentActions}
570 interface_name: {get_param: NeutronPublicInterface}
572 # Resource for site-specific injection of root certificate
574 depends_on: NetworkDeployment
575 type: OS::TripleO::NodeTLSCAData
577 server: {get_resource: Controller}
579 # Resource for site-specific passing of private keys/certificates
581 depends_on: NodeTLSCAData
582 type: OS::TripleO::NodeTLSData
584 server: {get_resource: Controller}
585 NodeIndex: {get_param: NodeIndex}
588 ControllerDeployment:
589 type: OS::TripleO::SoftwareDeployment
590 depends_on: NetworkDeployment
592 name: ControllerDeployment
593 config: {get_resource: ControllerConfig}
594 server: {get_resource: Controller}
596 bootstack_nodeid: {get_attr: [Controller, name]}
597 ceilometer_workers: {get_param: CeilometerWorkers}
598 haproxy_log_address: {get_param: HAProxySyslogAddress}
599 haproxy_stats_password: {get_param: HAProxyStatsPassword}
600 haproxy_stats_user: {get_param: HAProxyStatsUser}
601 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
602 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
603 horizon_secret: {get_param: HorizonSecret}
604 admin_password: {get_param: AdminPassword}
605 debug: {get_param: Debug}
606 cinder_public_url: {get_param: [EndpointMap, CinderPublic, uri]}
607 cinder_internal_url: {get_param: [EndpointMap, CinderInternal, uri]}
608 cinder_admin_url: {get_param: [EndpointMap, CinderAdmin, uri]}
609 cinder_public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]}
610 cinder_internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]}
611 cinder_admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]}
612 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
613 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
614 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
615 enable_fencing: {get_param: EnableFencing}
616 enable_galera: {get_param: EnableGalera}
617 enable_load_balancer: {get_param: EnableLoadBalancer}
618 enable_ceph_storage: {get_param: EnableCephStorage}
619 manage_firewall: {get_param: ManageFirewall}
620 purge_firewall_rules: {get_param: PurgeFirewallRules}
621 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
622 mysql_max_connections: {get_param: MysqlMaxConnections}
623 mysql_root_password: {get_param: MysqlRootPassword}
624 mysql_clustercheck_password: {get_param: MysqlClustercheckPassword}
627 template: tripleo-CLUSTER
629 CLUSTER: {get_param: MysqlClusterUniquePart}
630 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
631 neutron_password: {get_param: NeutronPassword}
632 neutron_tenant_mtu: {get_param: NeutronTenantMtu}
633 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
634 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
635 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
636 neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
637 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
638 ceilometer_backend: {get_param: CeilometerBackend}
639 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
640 ceilometer_password: {get_param: CeilometerPassword}
641 ceilometer_store_events: {get_param: CeilometerStoreEvents}
642 aodh_password: {get_param: AodhPassword}
643 aodh_internal_url: { get_param: [ EndpointMap, AodhInternal, uri ] }
644 aodh_public_url: { get_param: [ EndpointMap, AodhPublic, uri ] }
645 aodh_admin_url: { get_param: [ EndpointMap, AodhAdmin, uri ] }
646 ceilometer_meter_dispatcher: {get_param: CeilometerMeterDispatcher}
647 gnocchi_password: {get_param: GnocchiPassword}
648 gnocchi_backend: {get_param: GnocchiBackend}
649 gnocchi_indexer_backend: {get_param: GnocchiIndexerBackend}
650 ceilometer_coordination_url:
654 - {get_param: RedisPassword}
656 - {get_param: RedisVirtualIPUri}
661 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
663 - {get_param: CeilometerPassword}
665 - {get_param: [EndpointMap, MysqlInternal, host]}
670 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
672 - {get_param: GnocchiPassword}
674 - {get_param: [EndpointMap, MysqlInternal, host]}
679 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
681 - {get_param: AodhPassword}
683 - {get_param: [EndpointMap, MysqlInternal, host]}
685 gnocchi_internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]}
686 gnocchi_public_url: { get_param: [ EndpointMap, GnocchiPublic, uri ] }
687 gnocchi_admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] }
688 ceilometer_public_url: {get_param: [EndpointMap, CeilometerPublic, uri]}
689 ceilometer_internal_url: {get_param: [EndpointMap, CeilometerInternal, uri]}
690 ceilometer_admin_url: {get_param: [EndpointMap, CeilometerAdmin, uri]}
691 ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
692 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
693 nova_ipv6: {get_param: NovaIPv6}
694 corosync_ipv6: {get_param: CorosyncIPv6}
695 memcached_ipv6: {get_param: MemcachedIPv6}
696 nova_password: {get_param: NovaPassword}
700 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
702 - {get_param: NovaPassword}
704 - {get_param: [EndpointMap, MysqlInternal, host]}
709 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
711 - {get_param: NovaPassword}
713 - {get_param: [EndpointMap, MysqlInternal, host]}
715 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
716 instance_name_template: {get_param: InstanceNameTemplate}
717 nova_public_url: {get_param: [EndpointMap, NovaPublic, uri]}
718 nova_internal_url: {get_param: [EndpointMap, NovaInternal, uri]}
719 nova_admin_url: {get_param: [EndpointMap, NovaAdmin, uri]}
720 fencing_config: {get_param: FencingConfig}
721 pcsd_password: {get_param: PcsdPassword}
722 rabbit_username: {get_param: RabbitUserName}
723 rabbit_password: {get_param: RabbitPassword}
724 rabbit_cookie: {get_param: RabbitCookie}
725 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
726 rabbit_client_port: {get_param: RabbitClientPort}
727 timezone: {get_param: TimeZone}
728 control_virtual_interface: {get_param: ControlVirtualInterface}
729 public_virtual_interface: {get_param: PublicVirtualInterface}
730 swift_hash_suffix: {get_param: SwiftHashSuffix}
731 swift_part_power: {get_param: SwiftPartPower}
732 swift_ring_build: {get_param: SwiftRingBuild}
733 swift_replicas: {get_param: SwiftReplicas}
734 swift_min_part_hours: {get_param: SwiftMinPartHours}
735 enable_package_install: {get_param: EnablePackageInstall}
736 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
737 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
738 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
739 cinder_iscsi_network:
743 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
744 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
745 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
746 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
747 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
748 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
749 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
750 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
751 keystone_region: {get_param: KeystoneRegion}
752 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
753 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
754 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
755 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
756 aodh_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]}
757 gnocchi_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]}
758 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
759 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
760 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
763 template: "['SUBNET']"
765 SUBNET: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
766 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
767 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
768 redis_vip: {get_param: RedisVirtualIP}
769 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
770 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
771 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
772 mysql_virtual_ip: {get_param: MysqlVirtualIP}
773 ceph_cluster_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
774 ceph_public_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
775 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
777 # Map heat metadata into hiera datafiles
779 type: OS::Heat::StructuredConfig
781 group: os-apply-config
786 - heat_config_%{::deploy_config_name}
787 - controller_extraconfig
793 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
794 - ceph_cluster # provided by CephClusterConfig
796 - bootstrap_node # provided by BootstrapNodeConfig
797 - all_nodes # provided by allNodesConfig
798 - vip_data # provided by vip-config
802 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
803 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
804 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
805 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
806 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
807 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
808 - midonet_data #Optionally provided by AllNodesExtraConfig
809 merge_behavior: deeper
812 mapped_data: {get_param: ServiceConfigSettings}
813 controller_extraconfig:
816 - {get_param: controllerExtraConfig}
817 - {get_param: ControllerExtraConfig}
819 mapped_data: {get_param: ExtraConfig}
821 raw_data: {get_file: hieradata/common.yaml}
824 net_ip_map: {get_attr: [NetIpMap, net_ip_map]}
825 net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]}
826 net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]}
828 raw_data: {get_file: hieradata/ceph.yaml}
830 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
831 ceph::profile::params::public_network: {get_input: ceph_public_network}
832 ceph::profile::params::public_addr: {get_input: ceph_public_ip}
834 raw_data: {get_file: hieradata/database.yaml}
836 raw_data: {get_file: hieradata/object.yaml}
838 raw_data: {get_file: hieradata/controller.yaml}
839 mapped_data: # data supplied directly to this deployment configuration, etc
840 bootstack_nodeid: {get_input: bootstack_nodeid}
843 enable_fencing: {get_input: enable_fencing}
844 enable_load_balancer: {get_input: enable_load_balancer}
845 hacluster_pwd: {get_input: pcsd_password}
846 corosync_ipv6: {get_input: corosync_ipv6}
847 tripleo::fencing::config: {get_input: fencing_config}
850 # FIXME: need to move proxy_local_net_ip into swift-proxy.yaml
851 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
852 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
853 swift::swift_hash_path_suffix: {get_input: swift_hash_suffix}
854 tripleo::ringbuilder::build_ring: { get_input: swift_ring_build }
855 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
856 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
857 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
860 tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: {get_input: cinder_iscsi_network}
861 cinder::api::bind_host: {get_input: cinder_api_network}
862 cinder::keystone::auth::public_url: {get_input: cinder_public_url }
863 cinder::keystone::auth::internal_url: {get_input: cinder_internal_url }
864 cinder::keystone::auth::admin_url: {get_input: cinder_admin_url }
865 cinder::keystone::auth::public_url_v2: {get_input: cinder_public_url_v2 }
866 cinder::keystone::auth::internal_url_v2: {get_input: cinder_internal_url_v2 }
867 cinder::keystone::auth::admin_url_v2: {get_input: cinder_admin_url_v2 }
868 cinder::keystone::auth::password: {get_input: cinder_password }
869 cinder::keystone::auth::region: {get_input: keystone_region}
872 glance::api::bind_host: {get_input: glance_api_network}
873 glance::registry::bind_host: {get_input: glance_registry_network}
874 glance::keystone::auth::region: {get_input: keystone_region}
877 heat::api::bind_host: {get_input: heat_api_network}
878 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
879 heat::api_cfn::bind_host: {get_input: heat_api_network}
880 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
883 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
884 keystone::public_bind_host: {get_input: keystone_public_api_network}
885 keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
886 keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
889 mongodb::server::bind_ip: {get_input: mongo_db_network}
892 admin_password: {get_input: admin_password}
893 enable_galera: {get_input: enable_galera}
894 enable_ceph_storage: {get_input: enable_ceph_storage}
895 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
896 mysql_max_connections: {get_input: mysql_max_connections}
897 mysql::server::root_password: {get_input: mysql_root_password}
898 mysql_clustercheck_password: {get_input: mysql_clustercheck_password}
899 mysql_cluster_name: {get_input: mysql_cluster_name}
900 mysql_bind_host: {get_input: mysql_network}
901 mysql_virtual_ip: {get_input: mysql_virtual_ip}
904 neutron::bind_host: {get_input: neutron_api_network}
905 neutron::network_device_mtu: {get_input: neutron_tenant_mtu}
906 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
907 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
908 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
909 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
910 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
911 neutron::keystone::auth::password: {get_input: neutron_password }
912 neutron::keystone::auth::region: {get_input: keystone_region}
915 ceilometer_backend: {get_input: ceilometer_backend}
916 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
917 ceilometer::telemetry_secret: {get_input: ceilometer_metering_secret}
918 ceilometer::rabbit_userid: {get_input: rabbit_username}
919 ceilometer::rabbit_password: {get_input: rabbit_password}
920 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
921 ceilometer::rabbit_port: {get_input: rabbit_client_port}
922 ceilometer::debug: {get_input: debug}
923 ceilometer::api::host: {get_input: ceilometer_api_network}
924 ceilometer::api::keystone_password: {get_input: ceilometer_password}
925 ceilometer::api::auth_uri: {get_input: keystone_auth_uri}
926 ceilometer::api::identity_uri: {get_input: keystone_identity_uri}
927 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
928 ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url}
929 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
930 ceilometer::agent::notification::store_events: {get_input: ceilometer_store_events}
931 ceilometer::db::mysql::password: {get_input: ceilometer_password}
932 ceilometer::collector::meter_dispatcher: {get_input: ceilometer_meter_dispatcher}
933 ceilometer::dispatcher::gnocchi::url: {get_input: gnocchi_internal_url }
934 ceilometer::dispatcher::gnocchi::filter_project: 'service'
935 ceilometer::dispatcher::gnocchi::archive_policy: 'low'
936 ceilometer::dispatcher::gnocchi::resources_definition_file: 'gnocchi_resources.yaml'
937 ceilometer::keystone::auth::public_url: {get_input: ceilometer_public_url }
938 ceilometer::keystone::auth::internal_url: {get_input: ceilometer_internal_url }
939 ceilometer::keystone::auth::admin_url: {get_input: ceilometer_admin_url }
940 ceilometer::keystone::auth::password: {get_input: ceilometer_password }
941 ceilometer::keystone::auth::region: {get_input: keystone_region}
942 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
943 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
946 aodh_mysql_conn_string: {get_input: aodh_dsn}
947 aodh::rabbit_userid: {get_input: rabbit_username}
948 aodh::rabbit_password: {get_input: rabbit_password}
949 aodh::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
950 aodh::rabbit_port: {get_input: rabbit_client_port}
951 aodh::debug: {get_input: debug}
952 aodh::wsgi::apache::ssl: false
953 aodh::wsgi::apache::bind_host: {get_input: aodh_api_network}
954 aodh::api::service_name: 'httpd'
955 aodh::api::host: {get_input: aodh_api_network}
956 aodh::api::keystone_password: {get_input: aodh_password}
957 aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri}
958 aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri}
959 aodh::auth::auth_url: {get_input: keystone_auth_uri}
960 aodh::auth::auth_password: {get_input: aodh_password}
961 aodh::db::mysql::password: {get_input: aodh_password}
962 # for a migration path from ceilometer-alarm to aodh, we use the same database & coordination
963 aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url}
964 aodh::keystone::auth::public_url: {get_input: aodh_public_url }
965 aodh::keystone::auth::internal_url: {get_input: aodh_internal_url }
966 aodh::keystone::auth::admin_url: {get_input: aodh_admin_url }
967 aodh::keystone::auth::password: {get_input: aodh_password }
968 aodh::keystone::auth::region: {get_input: keystone_region}
971 gnocchi_backend: {get_input: gnocchi_backend}
972 gnocchi_indexer_backend: {get_input: gnocchi_indexer_backend}
973 gnocchi_mysql_conn_string: {get_input: gnocchi_dsn}
974 gnocchi::debug: {get_input: debug}
975 gnocchi::wsgi::apache::ssl: false
976 gnocchi::wsgi::apache::bind_host: {get_input: gnocchi_api_network}
977 gnocchi::api::service_name: 'httpd'
978 gnocchi::api::host: {get_input: gnocchi_api_network}
979 gnocchi::api::keystone_password: {get_input: gnocchi_password}
980 gnocchi::api::keystone_auth_uri: {get_input: keystone_auth_uri}
981 gnocchi::api::keystone_identity_uri: {get_input: keystone_identity_uri}
982 gnocchi::db::mysql::password: {get_input: gnocchi_password}
983 gnocchi::storage::swift::swift_authurl: {get_input: keystone_auth_uri}
984 gnocchi::storage::swift::swift_key: {get_input: gnocchi_password}
985 gnocchi::keystone::auth::public_url: {get_input: gnocchi_public_url }
986 gnocchi::keystone::auth::internal_url: {get_input: gnocchi_internal_url }
987 gnocchi::keystone::auth::admin_url: {get_input: gnocchi_admin_url }
988 gnocchi::keystone::auth::password: {get_input: gnocchi_password }
989 gnocchi::keystone::auth::region: {get_input: keystone_region}
992 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
993 nova::use_ipv6: {get_input: nova_ipv6}
994 nova::api::auth_uri: {get_input: keystone_auth_uri}
995 nova::api::identity_uri: {get_input: keystone_identity_uri}
996 nova::api::api_bind_address: {get_input: nova_api_network}
997 nova::api::metadata_listen: {get_input: nova_metadata_network}
998 nova::api::admin_password: {get_input: nova_password}
999 nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu}
1000 nova::database_connection: {get_input: nova_dsn}
1001 nova::api_database_connection: {get_input: nova_api_dsn}
1002 nova::glance_api_servers: {get_input: glance_api_servers}
1003 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1004 nova::api::instance_name_template: {get_input: instance_name_template}
1005 nova::network::neutron::neutron_password: {get_input: neutron_password}
1006 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1007 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
1008 nova::vncproxy::host: {get_input: nova_api_network}
1009 nova::db::mysql::password: {get_input: nova_password}
1010 nova::db::mysql_api::password: {get_input: nova_password}
1011 nova_enable_db_purge: {get_input: nova_enable_db_purge}
1012 nova::keystone::auth::public_url: {get_input: nova_public_url}
1013 nova::keystone::auth::internal_url: {get_input: nova_internal_url}
1014 nova::keystone::auth::admin_url: {get_input: nova_admin_url}
1015 nova::keystone::auth::password: {get_input: nova_password }
1016 nova::keystone::auth::region: {get_input: keystone_region}
1019 apache::mod::remoteip::proxy_ips: {get_input: horizon_subnet}
1020 apache::ip: {get_input: horizon_network}
1021 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1022 horizon::django_debug: {get_input: debug}
1023 horizon::secret_key: {get_input: horizon_secret}
1024 horizon::bind_address: {get_input: horizon_network}
1025 horizon::keystone_url: {get_input: keystone_auth_uri}
1028 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1029 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1031 redis::bind: {get_input: redis_network}
1032 redis_vip: {get_input: redis_vip}
1034 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1035 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1037 memcached_ipv6: {get_input: memcached_ipv6}
1038 memcached::listen_ip: {get_input: memcached_network}
1039 timezone::timezone: {get_input: timezone}
1040 control_virtual_interface: {get_input: control_virtual_interface}
1041 public_virtual_interface: {get_input: public_virtual_interface}
1042 tripleo::keepalived::control_virtual_interface: {get_input: control_virtual_interface}
1043 tripleo::keepalived::public_virtual_interface: {get_input: public_virtual_interface}
1044 tripleo::haproxy::control_virtual_interface: {get_input: control_virtual_interface}
1045 tripleo::haproxy::public_virtual_interface: {get_input: public_virtual_interface}
1046 tripleo::haproxy::haproxy_log_address: {get_input: haproxy_log_address}
1047 tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1048 tripleo::haproxy::haproxy_stats_user: {get_input: haproxy_stats_user}
1049 tripleo::haproxy::haproxy_stats_password: {get_input: haproxy_stats_password}
1050 tripleo::haproxy::redis_password: {get_input: redis_password}
1051 tripleo::packages::enable_install: {get_input: enable_package_install}
1052 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1054 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1055 ControllerExtraConfigPre:
1056 depends_on: ControllerDeployment
1057 type: OS::TripleO::ControllerExtraConfigPre
1059 server: {get_resource: Controller}
1061 # Hook for site-specific additional pre-deployment config,
1062 # applying to all nodes, e.g node registration/unregistration
1064 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1065 type: OS::TripleO::NodeExtraConfig
1067 server: {get_resource: Controller}
1070 type: OS::TripleO::Tasks::PackageUpdate
1073 type: OS::Heat::SoftwareDeployment
1075 name: UpdateDeployment
1076 config: {get_resource: UpdateConfig}
1077 server: {get_resource: Controller}
1080 get_param: UpdateIdentifier
1084 description: IP address of the server in the ctlplane network
1085 value: {get_attr: [Controller, networks, ctlplane, 0]}
1086 external_ip_address:
1087 description: IP address of the server in the external network
1088 value: {get_attr: [ExternalPort, ip_address]}
1089 internal_api_ip_address:
1090 description: IP address of the server in the internal_api network
1091 value: {get_attr: [InternalApiPort, ip_address]}
1093 description: IP address of the server in the storage network
1094 value: {get_attr: [StoragePort, ip_address]}
1095 storage_mgmt_ip_address:
1096 description: IP address of the server in the storage_mgmt network
1097 value: {get_attr: [StorageMgmtPort, ip_address]}
1099 description: IP address of the server in the tenant network
1100 value: {get_attr: [TenantPort, ip_address]}
1101 management_ip_address:
1102 description: IP address of the server in the management network
1103 value: {get_attr: [ManagementPort, ip_address]}
1105 description: Hostname of the server
1106 value: {get_attr: [Controller, name]}
1109 Server's IP address and hostname in the /etc/hosts format
1113 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
1114 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
1115 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
1116 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
1117 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
1118 TENANTIP TENANTHOST.DOMAIN TENANTHOST
1119 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
1121 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1122 DOMAIN: {get_param: CloudDomain}
1123 PRIMARYHOST: {get_attr: [Controller, name]}
1124 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
1128 - - {get_attr: [Controller, name]}
1130 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
1134 - - {get_attr: [Controller, name]}
1136 STORAGEIP: {get_attr: [StoragePort, ip_address]}
1140 - - {get_attr: [Controller, name]}
1142 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
1146 - - {get_attr: [Controller, name]}
1148 TENANTIP: {get_attr: [TenantPort, ip_address]}
1152 - - {get_attr: [Controller, name]}
1154 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
1158 - - {get_attr: [Controller, name]}
1160 nova_server_resource:
1161 description: Heat resource handle for the Nova compute server
1163 {get_resource: Controller}
1165 description: Swift device formatted for swift-ring-builder
1168 template: 'r1z1-IP:%PORT%/d1'
1170 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1171 swift_proxy_memcache:
1172 description: Swift proxy-memcache value
1175 template: "IP:11211"
1177 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1179 description: identifier which changes if the controller configuration may need re-applying
1183 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1184 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1185 - {get_attr: [NodeTLSData, deploy_stdout]}
1186 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1187 - {get_param: UpdateIdentifier}
1188 tls_key_modulus_md5:
1189 description: MD5 checksum of the TLS Key Modulus
1190 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1191 tls_cert_modulus_md5:
1192 description: MD5 checksum of the TLS Certificate Modulus
1193 value: {get_attr: [NodeTLSData, cert_modulus_md5]}