1 heat_template_version: 2015-04-30
4 OpenStack controller node configured by Puppet.
9 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
14 description: The keystone auth secret and db password.
19 description: The ceilometer backend type.
21 CeilometerMeteringSecret:
23 description: Secret shared by the ceilometer services.
28 description: The password for the ceilometer service and db account.
31 CinderEnableNfsBackend:
33 description: Whether to enable or not the NFS backend for Cinder
35 CinderEnableIscsiBackend:
37 description: Whether to enable or not the Iscsi backend for Cinder
39 CinderEnableRbdBackend:
41 description: Whether to enable or not the Rbd backend for Cinder
45 description: The iSCSI helper to use with cinder.
47 CinderLVMLoopDeviceSize:
49 description: The size of the loopback file used by the cinder LVM driver.
51 CinderNfsMountOptions:
54 Mount options for NFS mounts used by Cinder NFS backend. Effective
55 when CinderEnableNfsBackend is true.
60 NFS servers used by Cinder NFS backend. Effective when
61 CinderEnableNfsBackend is true.
62 type: comma_delimited_list
65 description: The password for the cinder service and db account, used by cinder-api.
70 description: Contains parameters to configure Cinder backends. Typically
71 set via parameter_defaults in the resource registry.
75 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
77 ControllerExtraConfig:
80 Controller specific hiera configuration data to inject into the cluster.
82 ControlVirtualInterface:
84 description: Interface where virtual ip will be assigned.
88 description: Set to True to enable debugging on all services.
92 description: Whether to enable fencing in Pacemaker or not.
96 description: Whether to use Galera instead of regular MariaDB.
100 description: Whether to deploy Ceph Storage (OSD) on the Controller
104 description: Whether to enable Swift Storage on the Controller
109 Additional hieradata to inject into the cluster, note that
110 ControllerExtraConfig takes precedence over ExtraConfig.
115 Pacemaker fencing configuration. The JSON should have
116 the following structure:
120 "agent": "AGENT_NAME",
121 "host_mac": "HOST_MAC_ADDRESS",
122 "params": {"PARAM_NAME": "PARAM_VALUE"}
130 "agent": "fence_xvm",
131 "host_mac": "52:54:00:aa:bb:cc",
133 "multicast_address": "225.0.0.12",
134 "port": "baremetal_0",
136 "manage_key_file": true,
137 "key_file": "/etc/fence_xvm.key",
138 "key_file_password": "abcdef"
145 description: Flavor for control nodes to request when deploying.
148 - custom_constraint: nova.flavor
149 GlanceNotifierStrategy:
150 description: Strategy to use for Glance notification queue
154 description: The filepath of the file to use for logging messages from Glance.
159 description: The password for the glance service and db account, used by the glance services.
164 description: Glance port.
168 description: Protocol to use when connecting to glance, set to https for SSL.
172 description: The short name of the Glance backend to use. Should be one
173 of swift, rbd, or file
176 - allowed_values: ['swift', 'file', 'rbd']
179 description: The password for the Heat service and db account, used by the Heat services.
182 HeatStackDomainAdminPassword:
183 description: Password for heat_domain_admin user.
187 HeatAuthEncryptionKey:
188 description: Auth encryption key for heat-engine
192 description: A list of IP/Hostname allowed to connect to horizon
193 type: comma_delimited_list
195 description: Secret key for Django
199 default: overcloud-control
201 - custom_constraint: glance.image
203 default: 'REBUILD_PRESERVE_EPHEMERAL'
204 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
208 description: Name of an existing EC2 KeyPair to enable SSH access to the instances
211 - custom_constraint: nova.keypair
212 KeystoneCACertificate:
214 description: Keystone self-signed certificate authority certificate.
216 KeystoneSigningCertificate:
218 description: Keystone certificate for verifying token validity.
222 description: Keystone key for signing tokens.
225 KeystoneSSLCertificate:
227 description: Keystone certificate for verifying token validity.
229 KeystoneSSLCertificateKey:
231 description: Keystone key for signing tokens.
234 KeystoneNotificationDriver:
235 description: Comma-separated list of Oslo notification drivers used by Keystone
236 default: ['messaging']
237 type: comma_delimited_list
238 KeystoneNotificationFormat:
239 description: The Keystone notification format
243 - allowed_values: [ 'basic', 'cadf' ]
244 MysqlClusterUniquePart:
245 description: A unique identifier of the MySQL cluster the controller is in.
247 default: 'unset' # Has to be here because of the ignored empty value bug
248 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
250 # - length: {min: 4, max: 10}
251 MysqlInnodbBufferPoolSize:
253 Specifies the size of the buffer pool in megabytes. Setting to
254 zero should be interpreted as "no value" and will defer to the
259 description: Configures MySQL max_connections config setting
265 default: '' # Has to be here because of the ignored empty value bug
266 NeutronExternalNetworkBridge:
267 description: Name of bridge used for external network traffic.
270 NeutronBridgeMappings:
272 The OVS logical->physical bridge mappings to use. See the Neutron
273 documentation for details. Defaults to mapping br-ex - the external
274 bridge on hosts - to a physical name 'datacentre' which can be used
275 to create provider networks (and we use this for the default floating
276 network) - if changing this either use different post-install network
277 scripts or be sure to keep 'datacentre' as a mapping network name.
279 default: "datacentre:br-ex"
280 NeutronDnsmasqOptions:
281 default: 'dhcp-option-force=26,1400'
282 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
286 description: Agent mode for the neutron-l3-agent on the controller hosts
290 description: Whether to enable l3-agent HA
292 NeutronDhcpAgentsPerNetwork:
295 description: The number of neutron dhcp agents to schedule per network
298 description: Whether to configure Neutron Distributed Virtual Routers
300 NeutronMetadataProxySharedSecret:
302 description: Shared secret to prevent spoofing
307 The core plugin for Neutron. The value should be the entrypoint to be loaded
308 from neutron.core_plugins namespace.
310 NeutronServicePlugins:
313 Comma-separated list of service plugin entrypoints to be loaded from the
314 neutron.service_plugins namespace.
315 type: comma_delimited_list
317 default: "vxlan,vlan,flat,gre"
319 Comma-separated list of network type driver entrypoints to be loaded.
320 type: comma_delimited_list
321 NeutronMechanismDrivers:
322 default: 'openvswitch'
324 The mechanism drivers for the Neutron tenant network. To specify multiple
325 values, use a comma separated string, like so: 'openvswitch,l2_population'
327 NeutronAllowL3AgentFailover:
329 description: Allow automatic l3-agent failover
331 NeutronEnableTunnelling:
336 default: 'datacentre'
337 description: If set, flat networks to configure in neutron plugins.
340 description: Whether to enable l3-agent HA
344 description: The tenant network type for Neutron, either gre or vxlan.
346 NeutronNetworkVLANRanges:
347 default: 'datacentre'
349 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
350 Neutron documentation for permitted values. Defaults to permitting any
351 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
352 type: comma_delimited_list
355 description: The password for the neutron service and db account, used by neutron agents.
358 NeutronPublicInterface:
360 description: What interface to bridge onto br-ex for network nodes.
362 NeutronPublicInterfaceTag:
365 VLAN tag for creating a public VLAN. The tag will be used to
366 create an access port on the exterior bridge for each control plane node,
367 and that port will be given the IP address returned by neutron from the
368 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
369 overcloud.yaml to include the deployment of VLAN ports to the control
372 NeutronPublicInterfaceDefaultRoute:
374 description: A custom default route for the NeutronPublicInterface.
376 NeutronPublicInterfaceIP:
378 description: A custom IP address to put onto the NeutronPublicInterface.
380 NeutronPublicInterfaceRawDevice:
382 description: If set, the public interface is a vlan with this device as the raw device.
387 The tunnel types for the Neutron tenant network. To specify multiple
388 values, use a comma separated string, like so: 'gre,vxlan'
390 NeutronTunnelIdRanges:
392 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
393 of GRE tunnel IDs that are available for tenant network allocation
394 default: ["1:1000", ]
395 type: comma_delimited_list
398 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
399 of VXLAN VNI IDs that are available for tenant network allocation
400 default: ["1:1000", ]
401 type: comma_delimited_list
404 description: The password for the nova service and db account, used by nova-api.
409 description: Should MongoDb journaling be disabled
416 description: The password for the 'pcsd' user.
417 PublicVirtualInterface:
420 Specifies the interface where the public-facing virtual ip will be assigned.
421 This should be int_public when a VLAN is being used.
423 PublicVirtualIP: # DEPRECATED: use per service settings instead
425 default: '' # Has to be here because of the ignored empty value bug
428 default: '' # Has to be here because of the ignored empty value bug
432 description: The password for RabbitMQ
437 description: The username for RabbitMQ
442 Rabbit client subscriber parameter to specify
443 an SSL connection to the RabbitMQ host.
447 description: Set rabbit subscriber port, change this if using SSL
451 default: '' # Has to be here because of the ignored empty value bug
452 SnmpdReadonlyUserName:
453 default: ro_snmp_user
454 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
456 SnmpdReadonlyUserPassword:
458 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
463 description: If set, the contents of an SSL certificate authority file.
467 description: If set, the contents of an SSL certificate .crt file for encrypting SSL endpoints.
472 description: If set, the contents of an SSL certificate .key file for encrypting SSL endpoints.
477 description: A random string to be used as a salt when hashing to determine mappings
483 description: Value of mount_check in Swift account/container/object -server.conf
488 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
491 description: Partition Power to use when building Swift rings
495 description: The password for the swift service account, used by the swift proxy
502 description: How many replicas to use in the swift rings.
503 VirtualIP: # DEPRECATED: use per service settings instead
505 default: '' # Has to be here because of the ignored empty value bug
512 GlanceRegistryVirtualIP:
518 KeystoneAdminApiVirtualIP:
521 KeystonePublicApiVirtualIP:
527 EnablePackageInstall:
529 description: Set to true to enable package installation via Puppet
533 description: Mapping of service_name -> network name. Typically set
534 via parameter_defaults in the resource registry.
540 Setting to a previously unused value during stack-update will trigger
541 package update on all nodes
544 default: '' # Defaults to Heat created hostname
549 type: OS::Nova::Server
551 image: {get_param: Image}
552 image_update_policy: {get_param: ImageUpdatePolicy}
553 flavor: {get_param: Flavor}
554 key_name: {get_param: KeyName}
557 user_data_format: SOFTWARE_CONFIG
558 user_data: {get_resource: UserData}
559 name: {get_param: Hostname}
561 # Combine the NodeAdminUserData and NodeUserData mime archives
563 type: OS::Heat::MultipartMime
566 - config: {get_resource: NodeAdminUserData}
568 - config: {get_resource: NodeUserData}
571 # Creates the "heat-admin" user if configured via the environment
572 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
574 type: OS::TripleO::NodeAdminUserData
576 # For optional operator additional userdata
577 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
579 type: OS::TripleO::NodeUserData
582 type: OS::TripleO::Controller::Ports::ExternalPort
584 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
587 type: OS::TripleO::Controller::Ports::InternalApiPort
589 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
592 type: OS::TripleO::Controller::Ports::StoragePort
594 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
597 type: OS::TripleO::Controller::Ports::StorageMgmtPort
599 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
602 type: OS::TripleO::Controller::Ports::TenantPort
604 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
607 type: OS::TripleO::Network::Ports::NetIpMap
609 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
610 ExternalIp: {get_attr: [ExternalPort, ip_address]}
611 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
612 StorageIp: {get_attr: [StoragePort, ip_address]}
613 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
614 TenantIp: {get_attr: [TenantPort, ip_address]}
617 type: OS::TripleO::Network::Ports::NetIpSubnetMap
619 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
620 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
621 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
622 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
623 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
624 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
627 type: OS::TripleO::Controller::Net::SoftwareConfig
629 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
630 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
631 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
632 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
633 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
634 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
637 type: OS::TripleO::SoftwareDeployment
639 config: {get_resource: NetworkConfig}
640 server: {get_resource: Controller}
643 interface_name: {get_param: NeutronPublicInterface}
645 ControllerDeployment:
646 type: OS::TripleO::SoftwareDeployment
647 depends_on: NetworkDeployment
649 config: {get_resource: ControllerConfig}
650 server: {get_resource: Controller}
652 bootstack_nodeid: {get_attr: [Controller, name]}
653 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
654 heat.watch_server_url:
658 - {get_param: HeatApiVirtualIP}
660 heat.metadata_server_url:
664 - {get_param: HeatApiVirtualIP}
666 heat.waitcondition_server_url:
670 - {get_param: HeatApiVirtualIP}
671 - ':8000/v1/waitcondition'
672 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
673 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
674 horizon_secret: {get_param: HorizonSecret}
675 admin_password: {get_param: AdminPassword}
676 admin_token: {get_param: AdminToken}
677 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
678 debug: {get_param: Debug}
679 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
680 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
681 cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
684 template: "['SERVERS']"
689 - {get_param: CinderNfsServers}
690 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
691 cinder_password: {get_param: CinderPassword}
692 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
693 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
694 cinder_backend_config: {get_param: CinderBackendConfig}
698 - - 'mysql://cinder:'
699 - {get_param: CinderPassword}
701 - {get_param: MysqlVirtualIP}
703 glance_port: {get_param: GlancePort}
704 glance_password: {get_param: GlancePassword}
705 glance_backend: {get_param: GlanceBackend}
706 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
707 glance_log_file: {get_param: GlanceLogFile}
711 - - 'mysql://glance:'
712 - {get_param: GlancePassword}
714 - {get_param: MysqlVirtualIP}
716 heat_password: {get_param: HeatPassword}
717 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
722 - {get_param: HeatPassword}
724 - {get_param: MysqlVirtualIP}
726 keystone_auth_address: {list_join: ['', ['http://', {get_param: KeystonePublicApiVirtualIP} , ':5000/v2.0']]}
727 keystone_ca_certificate: {get_param: KeystoneCACertificate}
728 keystone_signing_key: {get_param: KeystoneSigningKey}
729 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
730 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
731 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
732 keystone_notification_driver: {get_param: KeystoneNotificationDriver}
733 keystone_notification_format: {get_param: KeystoneNotificationFormat}
737 - - 'mysql://keystone:'
738 - {get_param: AdminToken}
740 - {get_param: MysqlVirtualIP}
742 keystone_identity_uri:
746 - {get_param: KeystoneAdminApiVirtualIP}
752 - {get_param: KeystonePublicApiVirtualIP}
758 - {get_param: KeystonePublicApiVirtualIP}
759 - ':5000/v2.0/ec2tokens'
760 enable_fencing: {get_param: EnableFencing}
761 enable_galera: {get_param: EnableGalera}
762 enable_ceph_storage: {get_param: EnableCephStorage}
763 enable_swift_storage: {get_param: EnableSwiftStorage}
764 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
765 mysql_max_connections: {get_param: MysqlMaxConnections}
766 mysql_root_password: {get_param: MysqlRootPassword}
769 template: tripleo-CLUSTER
771 CLUSTER: {get_param: MysqlClusterUniquePart}
772 neutron_flat_networks: {get_param: NeutronFlatNetworks}
773 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
774 neutron_agent_mode: {get_param: NeutronAgentMode}
775 neutron_router_distributed: {get_param: NeutronDVR}
776 neutron_core_plugin: {get_param: NeutronCorePlugin}
777 neutron_service_plugins:
779 template: "['PLUGINS']"
784 - {get_param: NeutronServicePlugins}
785 neutron_type_drivers:
787 template: "['DRIVERS']"
792 - {get_param: NeutronTypeDrivers}
793 neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers}
794 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
795 neutron_l3_ha: {get_param: NeutronL3HA}
796 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
797 neutron_network_vlan_ranges:
799 template: "['RANGES']"
804 - {get_param: NeutronNetworkVLANRanges}
805 neutron_bridge_mappings: {get_param: NeutronBridgeMappings}
806 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
807 neutron_public_interface: {get_param: NeutronPublicInterface}
808 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
809 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
810 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
811 neutron_tenant_network_type: {get_param: NeutronNetworkType}
812 neutron_tunnel_types: {get_param: NeutronTunnelTypes}
813 neutron_tunnel_id_ranges:
815 template: "['RANGES']"
820 - {get_param: NeutronTunnelIdRanges}
823 template: "['RANGES']"
828 - {get_param: NeutronVniRanges}
829 neutron_password: {get_param: NeutronPassword}
830 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
834 - - 'mysql://neutron:'
835 - {get_param: NeutronPassword}
837 - {get_param: MysqlVirtualIP}
838 - '/ovs_neutron?charset=utf8'
843 - {get_param: NeutronApiVirtualIP}
845 neutron_admin_auth_url:
849 - {get_param: KeystoneAdminApiVirtualIP}
851 ceilometer_backend: {get_param: CeilometerBackend}
852 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
853 ceilometer_password: {get_param: CeilometerPassword}
854 ceilometer_coordination_url:
858 - {get_param: RedisVirtualIP}
863 - - 'mysql://ceilometer:unset@'
864 - {get_param: MysqlVirtualIP}
866 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
867 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
868 nova_password: {get_param: NovaPassword}
873 - {get_param: NovaPassword}
875 - {get_param: MysqlVirtualIP}
877 fencing_config: {get_param: FencingConfig}
878 pcsd_password: {get_param: PcsdPassword}
879 rabbit_username: {get_param: RabbitUserName}
880 rabbit_password: {get_param: RabbitPassword}
881 rabbit_cookie: {get_param: RabbitCookie}
882 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
883 rabbit_client_port: {get_param: RabbitClientPort}
884 mongodb_no_journal: {get_param: MongoDbNoJournal}
887 template: '["server"]'
889 server: {get_param: NtpServer}
890 control_virtual_interface: {get_param: ControlVirtualInterface}
891 public_virtual_interface: {get_param: PublicVirtualInterface}
892 swift_hash_suffix: {get_param: SwiftHashSuffix}
893 swift_password: {get_param: SwiftPassword}
894 swift_part_power: {get_param: SwiftPartPower}
895 swift_replicas: {get_param: SwiftReplicas}
896 swift_min_part_hours: {get_param: SwiftMinPartHours}
897 swift_mount_check: {get_param: SwiftMountCheck}
898 enable_package_install: {get_param: EnablePackageInstall}
899 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
900 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
901 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
902 cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
903 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
904 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
905 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
909 - - {get_param: GlanceProtocol}
911 - {get_param: GlanceApiVirtualIP}
913 - {get_param: GlancePort}
914 glance_registry_host: {get_param: GlanceRegistryVirtualIP}
915 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
916 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
917 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
918 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
919 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
920 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
921 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
922 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
923 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
924 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
925 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
926 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
927 redis_vip: {get_param: RedisVirtualIP}
928 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
929 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
930 mysql_virtual_ip: {get_param: MysqlVirtualIP}
931 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
932 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
933 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
935 # Map heat metadata into hiera datafiles
937 type: OS::Heat::StructuredConfig
939 group: os-apply-config
944 - heat_config_%{::deploy_config_name}
945 - controller_extraconfig
950 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
951 - ceph_cluster # provided by CephClusterConfig
953 - bootstrap_node # provided by BootstrapNodeConfig
954 - all_nodes # provided by allNodesConfig
955 - vip_data # provided by vip-config
958 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
959 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
960 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
961 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
963 controller_extraconfig:
964 mapped_data: {get_param: ControllerExtraConfig}
966 mapped_data: {get_param: ExtraConfig}
968 raw_data: {get_file: hieradata/common.yaml}
970 raw_data: {get_file: hieradata/ceph.yaml}
972 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
973 ceph::profile::params::public_network: {get_input: ceph_public_network}
974 ceph::mon::public_addr: {get_input: ceph_public_ip}
976 raw_data: {get_file: hieradata/database.yaml}
978 raw_data: {get_file: hieradata/object.yaml}
980 raw_data: {get_file: hieradata/controller.yaml}
981 mapped_data: # data supplied directly to this deployment configuration, etc
982 bootstack_nodeid: {get_input: bootstack_nodeid}
985 enable_fencing: {get_input: enable_fencing}
986 hacluster_pwd: {get_input: pcsd_password}
987 tripleo::fencing::config: {get_input: fencing_config}
990 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
991 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
992 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
993 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
994 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
995 swift::proxy::authtoken::admin_password: {get_input: swift_password}
996 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
997 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
998 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
999 swift_mount_check: {get_input: swift_mount_check}
1001 # NOTE(dprince): build_ring support is currently not wired in.
1002 # See: https://review.openstack.org/#/c/109225/
1003 tripleo::ringbuilder::build_ring: True
1006 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
1007 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
1008 cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
1009 cinder_nfs_servers: {get_input: cinder_nfs_servers}
1010 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
1011 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
1012 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
1013 cinder::database_connection: {get_input: cinder_dsn}
1014 cinder::api::keystone_password: {get_input: cinder_password}
1015 cinder::api::auth_uri: {get_input: keystone_auth_uri}
1016 cinder::api::identity_uri: {get_input: keystone_identity_uri}
1017 cinder::api::bind_host: {get_input: cinder_api_network}
1018 cinder::rabbit_userid: {get_input: rabbit_username}
1019 cinder::rabbit_password: {get_input: rabbit_password}
1020 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1021 cinder::rabbit_port: {get_input: rabbit_client_port}
1022 cinder::debug: {get_input: debug}
1023 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
1024 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
1025 cinder_backend_config: {get_input: CinderBackendConfig}
1026 cinder::db::mysql::password: {get_input: cinder_password}
1029 glance::api::bind_port: {get_input: glance_port}
1030 glance::api::bind_host: {get_input: glance_api_network}
1031 glance::api::auth_uri: {get_input: keystone_auth_uri}
1032 glance::api::identity_uri: {get_input: keystone_identity_uri}
1033 glance::api::registry_host: {get_input: glance_registry_host}
1034 glance::api::keystone_password: {get_input: glance_password}
1035 glance::api::debug: {get_input: debug}
1036 glance_notifier_strategy: {get_input: glance_notifier_strategy}
1037 glance_log_file: {get_input: glance_log_file}
1038 glance_log_file: {get_input: glance_log_file}
1039 glance::api::database_connection: {get_input: glance_dsn}
1040 glance::registry::keystone_password: {get_input: glance_password}
1041 glance::registry::database_connection: {get_input: glance_dsn}
1042 glance::registry::bind_host: {get_input: glance_registry_network}
1043 glance::registry::auth_uri: {get_input: keystone_auth_uri}
1044 glance::registry::identity_uri: {get_input: keystone_identity_uri}
1045 glance::registry::debug: {get_input: debug}
1046 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_address}
1047 glance::backend::swift::swift_store_user: service:glance
1048 glance::backend::swift::swift_store_key: {get_input: glance_password}
1049 glance_backend: {get_input: glance_backend}
1050 glance::db::mysql::password: {get_input: glance_password}
1053 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
1054 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
1055 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
1056 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
1057 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
1058 heat::rabbit_userid: {get_input: rabbit_username}
1059 heat::rabbit_password: {get_input: rabbit_password}
1060 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1061 heat::rabbit_port: {get_input: rabbit_client_port}
1062 heat::auth_uri: {get_input: keystone_auth_uri}
1063 heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
1064 heat::identity_uri: {get_input: keystone_identity_uri}
1065 heat::keystone_password: {get_input: heat_password}
1066 heat::api::bind_host: {get_input: heat_api_network}
1067 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
1068 heat::api_cfn::bind_host: {get_input: heat_api_network}
1069 heat::database_connection: {get_input: heat_dsn}
1070 heat::debug: {get_input: debug}
1071 heat::db::mysql::password: {get_input: heat_password}
1074 keystone::admin_token: {get_input: admin_token}
1075 keystone_ca_certificate: {get_input: keystone_ca_certificate}
1076 keystone_signing_key: {get_input: keystone_signing_key}
1077 keystone_signing_certificate: {get_input: keystone_signing_certificate}
1078 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
1079 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
1080 keystone::database_connection: {get_input: keystone_dsn}
1081 keystone::public_bind_host: {get_input: keystone_public_api_network}
1082 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
1083 keystone::debug: {get_input: debug}
1084 keystone::db::mysql::password: {get_input: admin_token}
1085 keystone::rabbit_userid: {get_input: rabbit_username}
1086 keystone::rabbit_password: {get_input: rabbit_password}
1087 keystone::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1088 keystone::rabbit_port: {get_input: rabbit_client_port}
1089 keystone::notification_driver: {get_input: keystone_notification_driver}
1090 keystone::notification_format: {get_input: keystone_notification_format}
1092 mongodb::server::bind_ip: {get_input: mongo_db_network}
1093 mongodb::server::nojournal: {get_input: mongodb_no_journal}
1095 admin_password: {get_input: admin_password}
1096 enable_galera: {get_input: enable_galera}
1097 enable_ceph_storage: {get_input: enable_ceph_storage}
1098 enable_swift_storage: {get_input: enable_swift_storage}
1099 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
1100 mysql_max_connections: {get_input: mysql_max_connections}
1101 mysql::server::root_password: {get_input: mysql_root_password}
1102 mysql_cluster_name: {get_input: mysql_cluster_name}
1103 mysql_bind_host: {get_input: mysql_network}
1104 mysql_virtual_ip: {get_input: mysql_virtual_ip}
1107 neutron::bind_host: {get_input: neutron_api_network}
1108 neutron::rabbit_password: {get_input: rabbit_password}
1109 neutron::rabbit_user: {get_input: rabbit_user}
1110 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1111 neutron::rabbit_port: {get_input: rabbit_client_port}
1112 neutron::debug: {get_input: debug}
1113 neutron::server::auth_uri: {get_input: keystone_auth_uri}
1114 neutron::server::identity_uri: {get_input: keystone_identity_uri}
1115 neutron::server::database_connection: {get_input: neutron_dsn}
1116 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
1117 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
1118 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
1119 neutron_flat_networks: {get_input: neutron_flat_networks}
1120 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1121 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
1122 neutron_agent_mode: {get_input: neutron_agent_mode}
1123 neutron_router_distributed: {get_input: neutron_router_distributed}
1124 neutron::core_plugin: {get_input: neutron_core_plugin}
1125 neutron::service_plugins: {get_input: neutron_service_plugins}
1126 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
1127 neutron_mechanism_drivers: {get_input: neutron_mechanism_drivers}
1128 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
1129 neutron::server::l3_ha: {get_input: neutron_l3_ha}
1130 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
1131 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
1132 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
1133 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
1134 neutron_bridge_mappings: {get_input: neutron_bridge_mappings}
1135 neutron_public_interface: {get_input: neutron_public_interface}
1136 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
1137 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
1138 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
1139 neutron_tenant_network_type: {get_input: neutron_tenant_network_type}
1140 neutron_tunnel_types: {get_input: neutron_tunnel_types}
1141 neutron::server::auth_password: {get_input: neutron_password}
1142 neutron::agents::metadata::auth_password: {get_input: neutron_password}
1143 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
1144 neutron_dsn: {get_input: neutron_dsn}
1145 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1146 neutron::db::mysql::password: {get_input: neutron_password}
1149 ceilometer_backend: {get_input: ceilometer_backend}
1150 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1151 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1152 ceilometer::rabbit_userid: {get_input: rabbit_username}
1153 ceilometer::rabbit_password: {get_input: rabbit_password}
1154 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1155 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1156 ceilometer::debug: {get_input: debug}
1157 ceilometer::api::host: {get_input: ceilometer_api_network}
1158 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1159 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1160 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1161 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1162 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_address}
1163 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1164 ceilometer::db::mysql::password: {get_input: ceilometer_password}
1165 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1166 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1169 nova::rabbit_userid: {get_input: rabbit_username}
1170 nova::rabbit_password: {get_input: rabbit_password}
1171 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1172 nova::rabbit_port: {get_input: rabbit_client_port}
1173 nova::debug: {get_input: debug}
1174 nova::api::auth_uri: {get_input: keystone_auth_uri}
1175 nova::api::identity_uri: {get_input: keystone_identity_uri}
1176 nova::api::api_bind_address: {get_input: nova_api_network}
1177 nova::api::metadata_listen: {get_input: nova_metadata_network}
1178 nova::api::admin_password: {get_input: nova_password}
1179 nova::database_connection: {get_input: nova_dsn}
1180 nova::glance_api_servers: {get_input: glance_api_servers}
1181 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1182 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
1183 nova::network::neutron::neutron_url: {get_input: neutron_url}
1184 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
1185 nova::vncproxy::host: {get_input: nova_api_network}
1186 nova::db::mysql::password: {get_input: nova_password}
1189 apache::ip: {get_input: horizon_network}
1190 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1191 horizon::django_debug: {get_input: debug}
1192 horizon::secret_key: {get_input: horizon_secret}
1193 horizon::bind_address: {get_input: horizon_network}
1194 horizon::keystone_url: {get_input: keystone_auth_uri}
1197 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1198 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1200 redis::bind: {get_input: redis_network}
1201 redis_vip: {get_input: redis_vip}
1203 memcached::listen_ip: {get_input: memcached_network}
1204 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1205 ntp::servers: {get_input: ntp_servers}
1206 control_virtual_interface: {get_input: control_virtual_interface}
1207 public_virtual_interface: {get_input: public_virtual_interface}
1208 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1209 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1210 tripleo::packages::enable_install: {get_input: enable_package_install}
1211 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1213 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1214 ControllerExtraConfigPre:
1215 depends_on: ControllerDeployment
1216 type: OS::TripleO::ControllerExtraConfigPre
1218 server: {get_resource: Controller}
1220 # Hook for site-specific additional pre-deployment config,
1221 # applying to all nodes, e.g node registration/unregistration
1223 depends_on: ControllerExtraConfigPre
1224 type: OS::TripleO::NodeExtraConfig
1226 server: {get_resource: Controller}
1229 type: OS::TripleO::Tasks::PackageUpdate
1232 type: OS::Heat::SoftwareDeployment
1234 config: {get_resource: UpdateConfig}
1235 server: {get_resource: Controller}
1238 get_param: UpdateIdentifier
1242 description: IP address of the server in the ctlplane network
1243 value: {get_attr: [Controller, networks, ctlplane, 0]}
1244 external_ip_address:
1245 description: IP address of the server in the external network
1246 value: {get_attr: [ExternalPort, ip_address]}
1247 internal_api_ip_address:
1248 description: IP address of the server in the internal_api network
1249 value: {get_attr: [InternalApiPort, ip_address]}
1251 description: IP address of the server in the storage network
1252 value: {get_attr: [StoragePort, ip_address]}
1253 storage_mgmt_ip_address:
1254 description: IP address of the server in the storage_mgmt network
1255 value: {get_attr: [StorageMgmtPort, ip_address]}
1257 description: IP address of the server in the tenant network
1258 value: {get_attr: [TenantPort, ip_address]}
1260 description: Hostname of the server
1261 value: {get_attr: [Controller, name]}
1264 Node object in the format {ip: ..., name: ...} format that the corosync
1267 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1268 name: {get_attr: [Controller, name]}
1271 Server's IP address and hostname in the /etc/hosts format
1274 template: IP HOST.localdomain HOST CLOUDNAME
1276 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1277 HOST: {get_attr: [Controller, name]}
1278 CLOUDNAME: {get_param: CloudName}
1279 nova_server_resource:
1280 description: Heat resource handle for the Nova compute server
1282 {get_resource: Controller}
1284 description: Swift device formatted for swift-ring-builder
1287 template: 'r1z1-IP:%PORT%/d1'
1289 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1290 swift_proxy_memcache:
1291 description: Swift proxy-memcache value
1294 template: "IP:11211"
1296 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1298 description: identifier which changes if the controller configuration may need re-applying
1302 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1303 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1304 - {get_param: UpdateIdentifier}
Code Review / apex-tripleo-heat-templates.git / blob