1 heat_template_version: 2016-04-08
4 OpenStack controller node configured by Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
15 description: The password for the aodh services.
18 #TODO(composable Redis): Remove the Redis password param
19 #As is used by ceilometer
20 CeilometerApiVirtualIP:
27 controllerExtraConfig:
30 Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
32 ControllerExtraConfig:
35 Controller specific hiera configuration data to inject into the cluster.
40 A network mapped list of IPs to assign to Controllers in the following form:
42 "internal_api": ["a.b.c.d", "e.f.g.h"],
46 ControlVirtualInterface:
48 description: Interface where virtual ip will be assigned.
52 description: Enable IPv6 in Corosync
56 description: Set to True to enable debugging on all services.
60 description: Whether to enable fencing in Pacemaker or not.
64 description: Whether to use Galera instead of regular MariaDB.
68 description: Whether to deploy a LoadBalancer on the Controller
72 description: Whether to deploy Ceph Storage (OSD) on the Controller
76 description: Whether to enable Swift Storage on the Controller
81 Additional hieradata to inject into the cluster, note that
82 ControllerExtraConfig takes precedence over ExtraConfig.
87 Pacemaker fencing configuration. The JSON should have
88 the following structure:
92 "agent": "AGENT_NAME",
93 "host_mac": "HOST_MAC_ADDRESS",
94 "params": {"PARAM_NAME": "PARAM_VALUE"}
102 "agent": "fence_xvm",
103 "host_mac": "52:54:00:aa:bb:cc",
105 "multicast_address": "225.0.0.12",
106 "port": "baremetal_0",
108 "manage_key_file": true,
109 "key_file": "/etc/fence_xvm.key",
110 "key_file_password": "abcdef"
117 description: Flavor for control nodes to request when deploying.
120 - custom_constraint: nova.flavor
123 description: The short name of the Gnocchi backend to use. Should be one
124 of swift, rbd, or file
127 - allowed_values: ['swift', 'file', 'rbd']
128 GnocchiIndexerBackend:
130 description: The short name of the Gnocchi indexer backend to use.
136 description: The password for the gnocchi service and db account.
139 HAProxyStatsPassword:
140 description: Password for HAProxy stats endpoint
143 description: User for HAProxy stats endpoint
146 HAProxySyslogAddress:
148 description: Syslog address where HAproxy will send its log
150 HeatAuthEncryptionKey:
151 description: Auth encryption key for heat-engine
156 description: A list of IP/Hostname allowed to connect to horizon
157 type: comma_delimited_list
159 description: Secret key for Django
164 default: overcloud-control
166 - custom_constraint: glance.image
168 default: 'REBUILD_PRESERVE_EPHEMERAL'
169 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
171 InstanceNameTemplate:
172 default: 'instance-%08x'
173 description: Template string to be used to generate instance names
177 description: Name of an existing Nova key pair to enable SSH access to the instances
180 - custom_constraint: nova.keypair
184 description: Keystone region for endpoint
187 description: Whether to manage IPtables rules.
191 description: Enable IPv6 features in Memcached.
195 description: Whether IPtables rules should be purged before setting up the new ones.
200 MysqlClusterUniquePart:
201 description: A unique identifier of the MySQL cluster the controller is in.
203 default: 'unset' # Has to be here because of the ignored empty value bug
204 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
206 # - length: {min: 4, max: 10}
207 MysqlInnodbBufferPoolSize:
209 Specifies the size of the buffer pool in megabytes. Setting to
210 zero should be interpreted as "no value" and will defer to the
215 description: Configures MySQL max_connections config setting
218 MysqlClustercheckPassword:
224 default: '' # Has to be here because of the ignored empty value bug
225 NeutronMetadataProxySharedSecret:
226 description: Shared secret to prevent spoofing
230 description: The password for the neutron service and db account, used by neutron agents.
233 NeutronPublicInterface:
235 description: What interface to bridge onto br-ex for network nodes.
239 The default MTU for tenant networks. For VXLAN/GRE tunneling, this should
240 be at least 50 bytes smaller than the MTU on the physical network. This
241 value will be used to set the MTU on the virtual Ethernet device.
242 This number is related to the value of NeutronDnsmasqOptions, since that
243 will determine the MTU that is assigned to the VM host through DHCP.
252 Whether to create cron job for purging soft deleted rows in Nova database.
256 description: Enable IPv6 features in Nova
259 description: The password for the nova service and db account, used by nova-api.
264 description: The password for the 'pcsd' user.
266 PublicVirtualInterface:
269 Specifies the interface where the public-facing virtual ip will be assigned.
270 This should be int_public when a VLAN is being used.
274 default: '' # Has to be here because of the ignored empty value bug
277 default: '' # Has to be here because of the ignored empty value bug
280 description: The password for RabbitMQ
285 description: The username for RabbitMQ
290 Rabbit client subscriber parameter to specify
291 an SSL connection to the RabbitMQ host.
295 description: Set rabbit subscriber port, change this if using SSL
298 description: The password for Redis
303 default: '' # Has to be here because of the ignored empty value bug
306 default: '' # Has to be here because of the ignored empty value bug
307 description: An IP address which is wrapped in brackets in case of IPv6
308 SnmpdReadonlyUserName:
309 default: ro_snmp_user
310 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
312 SnmpdReadonlyUserPassword:
313 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
317 description: A random string to be used as a salt when hashing to determine mappings
323 description: Value of mount_check in Swift account/container/object -server.conf
328 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
331 description: Partition Power to use when building Swift rings
335 description: Whether to manage Swift rings or not
343 description: How many replicas to use in the swift rings.
346 description: The timezone to be set on controller nodes.
348 UpgradeLevelNovaCompute:
350 description: Nova Compute upgrade level
352 VirtualIP: # DEPRECATED: use per service settings instead
354 default: '' # Has to be here because of the ignored empty value bug
367 EnablePackageInstall:
369 description: Set to true to enable package installation via Puppet
373 description: Mapping of service_name -> network name. Typically set
374 via parameter_defaults in the resource registry.
378 description: Mapping of service endpoint -> protocol. Typically set
379 via parameter_defaults in the resource registry.
385 Setting to a previously unused value during stack-update will trigger
386 package update on all nodes
389 default: '' # Defaults to Heat created hostname
393 description: Optional mapping to override hostnames
394 NetworkDeploymentActions:
395 type: comma_delimited_list
397 Heat action when to apply network configuration changes
402 SoftwareConfigTransport:
403 default: POLL_SERVER_CFN
405 How the server should receive the metadata required for software configuration.
408 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
413 The DNS domain used for the hosts. This should match the dhcp_domain
414 configured in the Undercloud neutron. Defaults to localdomain.
418 Extra properties or metadata passed to Nova for the created nodes in
419 the overcloud. It's accessible via the Nova metadata API.
423 description: Optional scheduler hints to pass to nova
425 ServiceConfigSettings:
431 description: Do not use deprecated params, they will be removed.
433 - controllerExtraConfig
438 type: OS::Nova::Server
440 image: {get_param: Image}
441 image_update_policy: {get_param: ImageUpdatePolicy}
442 flavor: {get_param: Flavor}
443 key_name: {get_param: KeyName}
446 user_data_format: SOFTWARE_CONFIG
447 user_data: {get_resource: UserData}
450 template: {get_param: Hostname}
451 params: {get_param: HostnameMap}
452 software_config_transport: {get_param: SoftwareConfigTransport}
453 metadata: {get_param: ServerMetadata}
454 scheduler_hints: {get_param: SchedulerHints}
456 # Combine the NodeAdminUserData and NodeUserData mime archives
458 type: OS::Heat::MultipartMime
461 - config: {get_resource: NodeAdminUserData}
463 - config: {get_resource: NodeUserData}
466 # Creates the "heat-admin" user if configured via the environment
467 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
469 type: OS::TripleO::NodeAdminUserData
471 # For optional operator additional userdata
472 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
474 type: OS::TripleO::NodeUserData
477 type: OS::TripleO::Controller::Ports::ExternalPort
479 IPPool: {get_param: ControllerIPs}
480 NodeIndex: {get_param: NodeIndex}
481 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
484 type: OS::TripleO::Controller::Ports::InternalApiPort
486 IPPool: {get_param: ControllerIPs}
487 NodeIndex: {get_param: NodeIndex}
488 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
491 type: OS::TripleO::Controller::Ports::StoragePort
493 IPPool: {get_param: ControllerIPs}
494 NodeIndex: {get_param: NodeIndex}
495 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
498 type: OS::TripleO::Controller::Ports::StorageMgmtPort
500 IPPool: {get_param: ControllerIPs}
501 NodeIndex: {get_param: NodeIndex}
502 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
505 type: OS::TripleO::Controller::Ports::TenantPort
507 IPPool: {get_param: ControllerIPs}
508 NodeIndex: {get_param: NodeIndex}
509 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
512 type: OS::TripleO::Controller::Ports::ManagementPort
514 IPPool: {get_param: ControllerIPs}
515 NodeIndex: {get_param: NodeIndex}
516 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
519 type: OS::TripleO::Network::Ports::NetIpMap
521 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
522 ExternalIp: {get_attr: [ExternalPort, ip_address]}
523 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
524 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
525 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
526 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
527 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
528 StorageIp: {get_attr: [StoragePort, ip_address]}
529 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
530 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
531 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
532 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
533 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
534 TenantIp: {get_attr: [TenantPort, ip_address]}
535 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
536 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
537 ManagementIp: {get_attr: [ManagementPort, ip_address]}
538 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
539 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
542 type: OS::TripleO::Controller::Net::SoftwareConfig
544 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
545 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
546 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
547 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
548 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
549 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
550 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
553 type: OS::TripleO::SoftwareDeployment
555 name: NetworkDeployment
556 config: {get_resource: NetworkConfig}
557 server: {get_resource: Controller}
558 actions: {get_param: NetworkDeploymentActions}
561 interface_name: {get_param: NeutronPublicInterface}
563 # Resource for site-specific injection of root certificate
565 depends_on: NetworkDeployment
566 type: OS::TripleO::NodeTLSCAData
568 server: {get_resource: Controller}
570 # Resource for site-specific passing of private keys/certificates
572 depends_on: NodeTLSCAData
573 type: OS::TripleO::NodeTLSData
575 server: {get_resource: Controller}
576 NodeIndex: {get_param: NodeIndex}
579 ControllerDeployment:
580 type: OS::TripleO::SoftwareDeployment
581 depends_on: NetworkDeployment
583 name: ControllerDeployment
584 config: {get_resource: ControllerConfig}
585 server: {get_resource: Controller}
587 bootstack_nodeid: {get_attr: [Controller, name]}
588 haproxy_log_address: {get_param: HAProxySyslogAddress}
589 haproxy_stats_password: {get_param: HAProxyStatsPassword}
590 haproxy_stats_user: {get_param: HAProxyStatsUser}
591 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
592 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
593 horizon_secret: {get_param: HorizonSecret}
594 admin_password: {get_param: AdminPassword}
595 debug: {get_param: Debug}
596 cinder_public_url: {get_param: [EndpointMap, CinderPublic, uri]}
597 cinder_internal_url: {get_param: [EndpointMap, CinderInternal, uri]}
598 cinder_admin_url: {get_param: [EndpointMap, CinderAdmin, uri]}
599 cinder_public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]}
600 cinder_internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]}
601 cinder_admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]}
602 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
603 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
604 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
605 enable_fencing: {get_param: EnableFencing}
606 enable_galera: {get_param: EnableGalera}
607 enable_load_balancer: {get_param: EnableLoadBalancer}
608 enable_ceph_storage: {get_param: EnableCephStorage}
609 enable_swift_storage: {get_param: EnableSwiftStorage}
610 manage_firewall: {get_param: ManageFirewall}
611 purge_firewall_rules: {get_param: PurgeFirewallRules}
612 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
613 mysql_max_connections: {get_param: MysqlMaxConnections}
614 mysql_root_password: {get_param: MysqlRootPassword}
615 mysql_clustercheck_password: {get_param: MysqlClustercheckPassword}
618 template: tripleo-CLUSTER
620 CLUSTER: {get_param: MysqlClusterUniquePart}
621 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
622 neutron_password: {get_param: NeutronPassword}
623 neutron_tenant_mtu: {get_param: NeutronTenantMtu}
624 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
625 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
626 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
627 neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
628 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
629 aodh_password: {get_param: AodhPassword}
630 aodh_internal_url: { get_param: [ EndpointMap, AodhInternal, uri ] }
631 aodh_public_url: { get_param: [ EndpointMap, AodhPublic, uri ] }
632 aodh_admin_url: { get_param: [ EndpointMap, AodhAdmin, uri ] }
633 gnocchi_password: {get_param: GnocchiPassword}
634 gnocchi_backend: {get_param: GnocchiBackend}
635 gnocchi_indexer_backend: {get_param: GnocchiIndexerBackend}
636 ceilometer_coordination_url:
640 - {get_param: RedisPassword}
642 - {get_param: RedisVirtualIPUri}
647 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
649 - {get_param: GnocchiPassword}
651 - {get_param: [EndpointMap, MysqlInternal, host]}
656 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
658 - {get_param: AodhPassword}
660 - {get_param: [EndpointMap, MysqlInternal, host]}
662 gnocchi_internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]}
663 gnocchi_public_url: { get_param: [ EndpointMap, GnocchiPublic, uri ] }
664 gnocchi_admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] }
665 ceilometer_public_url: {get_param: [EndpointMap, CeilometerPublic, uri]}
666 ceilometer_internal_url: {get_param: [EndpointMap, CeilometerInternal, uri]}
667 ceilometer_admin_url: {get_param: [EndpointMap, CeilometerAdmin, uri]}
668 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
669 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
670 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
671 nova_ipv6: {get_param: NovaIPv6}
672 corosync_ipv6: {get_param: CorosyncIPv6}
673 memcached_ipv6: {get_param: MemcachedIPv6}
674 nova_password: {get_param: NovaPassword}
678 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
680 - {get_param: NovaPassword}
682 - {get_param: [EndpointMap, MysqlInternal, host]}
687 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
689 - {get_param: NovaPassword}
691 - {get_param: [EndpointMap, MysqlInternal, host]}
693 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
694 instance_name_template: {get_param: InstanceNameTemplate}
695 nova_public_url: {get_param: [EndpointMap, NovaPublic, uri]}
696 nova_internal_url: {get_param: [EndpointMap, NovaInternal, uri]}
697 nova_admin_url: {get_param: [EndpointMap, NovaAdmin, uri]}
698 fencing_config: {get_param: FencingConfig}
699 pcsd_password: {get_param: PcsdPassword}
700 rabbit_username: {get_param: RabbitUserName}
701 rabbit_password: {get_param: RabbitPassword}
702 rabbit_cookie: {get_param: RabbitCookie}
703 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
704 rabbit_client_port: {get_param: RabbitClientPort}
705 timezone: {get_param: TimeZone}
706 control_virtual_interface: {get_param: ControlVirtualInterface}
707 public_virtual_interface: {get_param: PublicVirtualInterface}
708 swift_hash_suffix: {get_param: SwiftHashSuffix}
709 swift_part_power: {get_param: SwiftPartPower}
710 swift_ring_build: {get_param: SwiftRingBuild}
711 swift_replicas: {get_param: SwiftReplicas}
712 swift_min_part_hours: {get_param: SwiftMinPartHours}
713 swift_mount_check: {get_param: SwiftMountCheck}
714 enable_package_install: {get_param: EnablePackageInstall}
715 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
716 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
717 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
718 cinder_iscsi_network:
722 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
723 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
724 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
725 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
726 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
727 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
728 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
729 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
730 keystone_region: {get_param: KeystoneRegion}
731 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
732 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
733 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
734 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
735 aodh_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]}
736 gnocchi_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]}
737 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
738 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
739 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
742 template: "['SUBNET']"
744 SUBNET: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
745 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
746 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
747 redis_vip: {get_param: RedisVirtualIP}
748 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
749 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
750 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
751 mysql_virtual_ip: {get_param: MysqlVirtualIP}
752 ceph_cluster_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
753 ceph_public_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
754 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
756 # Map heat metadata into hiera datafiles
758 type: OS::Heat::StructuredConfig
760 group: os-apply-config
765 - heat_config_%{::deploy_config_name}
766 - controller_extraconfig
772 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
773 - ceph_cluster # provided by CephClusterConfig
775 - bootstrap_node # provided by BootstrapNodeConfig
776 - all_nodes # provided by allNodesConfig
777 - vip_data # provided by vip-config
781 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
782 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
783 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
784 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
785 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
786 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
787 - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
788 - midonet_data #Optionally provided by AllNodesExtraConfig
789 - neutron_opencontrail_data # Optionally provided by ControllerExtraConfigPre
790 merge_behavior: deeper
793 mapped_data: {get_param: ServiceConfigSettings}
794 controller_extraconfig:
797 - {get_param: controllerExtraConfig}
798 - {get_param: ControllerExtraConfig}
800 mapped_data: {get_param: ExtraConfig}
802 raw_data: {get_file: hieradata/common.yaml}
805 net_ip_map: {get_attr: [NetIpMap, net_ip_map]}
806 net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]}
807 net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]}
809 raw_data: {get_file: hieradata/ceph.yaml}
811 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
812 ceph::profile::params::public_network: {get_input: ceph_public_network}
813 ceph::profile::params::public_addr: {get_input: ceph_public_ip}
815 raw_data: {get_file: hieradata/database.yaml}
817 raw_data: {get_file: hieradata/object.yaml}
819 raw_data: {get_file: hieradata/controller.yaml}
820 mapped_data: # data supplied directly to this deployment configuration, etc
821 bootstack_nodeid: {get_input: bootstack_nodeid}
824 enable_fencing: {get_input: enable_fencing}
825 enable_load_balancer: {get_input: enable_load_balancer}
826 hacluster_pwd: {get_input: pcsd_password}
827 corosync_ipv6: {get_input: corosync_ipv6}
828 tripleo::fencing::config: {get_input: fencing_config}
831 # FIXME: need to move proxy_local_net_ip into swift-proxy.yaml
832 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
833 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
834 swift::swift_hash_path_suffix: {get_input: swift_hash_suffix}
835 tripleo::ringbuilder::build_ring: { get_input: swift_ring_build }
836 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
837 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
838 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
839 swift_mount_check: {get_input: swift_mount_check}
842 tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: {get_input: cinder_iscsi_network}
843 cinder::api::bind_host: {get_input: cinder_api_network}
844 cinder::keystone::auth::public_url: {get_input: cinder_public_url }
845 cinder::keystone::auth::internal_url: {get_input: cinder_internal_url }
846 cinder::keystone::auth::admin_url: {get_input: cinder_admin_url }
847 cinder::keystone::auth::public_url_v2: {get_input: cinder_public_url_v2 }
848 cinder::keystone::auth::internal_url_v2: {get_input: cinder_internal_url_v2 }
849 cinder::keystone::auth::admin_url_v2: {get_input: cinder_admin_url_v2 }
850 cinder::keystone::auth::password: {get_input: cinder_password }
851 cinder::keystone::auth::region: {get_input: keystone_region}
854 glance::api::bind_host: {get_input: glance_api_network}
855 glance::registry::bind_host: {get_input: glance_registry_network}
856 glance::keystone::auth::region: {get_input: keystone_region}
859 heat::api::bind_host: {get_input: heat_api_network}
860 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
861 heat::api_cfn::bind_host: {get_input: heat_api_network}
862 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
865 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
866 keystone::public_bind_host: {get_input: keystone_public_api_network}
867 keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
868 keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
871 mongodb::server::bind_ip: {get_input: mongo_db_network}
874 admin_password: {get_input: admin_password}
875 enable_galera: {get_input: enable_galera}
876 enable_ceph_storage: {get_input: enable_ceph_storage}
877 enable_swift_storage: {get_input: enable_swift_storage}
878 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
879 mysql_max_connections: {get_input: mysql_max_connections}
880 mysql::server::root_password: {get_input: mysql_root_password}
881 mysql_clustercheck_password: {get_input: mysql_clustercheck_password}
882 mysql_cluster_name: {get_input: mysql_cluster_name}
883 mysql_bind_host: {get_input: mysql_network}
884 mysql_virtual_ip: {get_input: mysql_virtual_ip}
887 neutron::bind_host: {get_input: neutron_api_network}
888 neutron::network_device_mtu: {get_input: neutron_tenant_mtu}
889 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
890 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
891 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
892 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
893 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
894 neutron::keystone::auth::password: {get_input: neutron_password }
895 neutron::keystone::auth::region: {get_input: keystone_region}
898 ceilometer::api::host: {get_input: ceilometer_api_network}
899 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
900 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
903 aodh_mysql_conn_string: {get_input: aodh_dsn}
904 aodh::rabbit_userid: {get_input: rabbit_username}
905 aodh::rabbit_password: {get_input: rabbit_password}
906 aodh::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
907 aodh::rabbit_port: {get_input: rabbit_client_port}
908 aodh::debug: {get_input: debug}
909 aodh::wsgi::apache::ssl: false
910 aodh::wsgi::apache::bind_host: {get_input: aodh_api_network}
911 aodh::api::service_name: 'httpd'
912 aodh::api::host: {get_input: aodh_api_network}
913 aodh::api::keystone_password: {get_input: aodh_password}
914 aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri}
915 aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri}
916 aodh::auth::auth_url: {get_input: keystone_auth_uri}
917 aodh::auth::auth_password: {get_input: aodh_password}
918 aodh::db::mysql::password: {get_input: aodh_password}
919 # for a migration path from ceilometer-alarm to aodh, we use the same database & coordination
920 aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url}
921 aodh::keystone::auth::public_url: {get_input: aodh_public_url }
922 aodh::keystone::auth::internal_url: {get_input: aodh_internal_url }
923 aodh::keystone::auth::admin_url: {get_input: aodh_admin_url }
924 aodh::keystone::auth::password: {get_input: aodh_password }
925 aodh::keystone::auth::region: {get_input: keystone_region}
928 gnocchi_backend: {get_input: gnocchi_backend}
929 gnocchi_indexer_backend: {get_input: gnocchi_indexer_backend}
930 gnocchi_mysql_conn_string: {get_input: gnocchi_dsn}
931 gnocchi::debug: {get_input: debug}
932 gnocchi::wsgi::apache::ssl: false
933 gnocchi::wsgi::apache::bind_host: {get_input: gnocchi_api_network}
934 gnocchi::api::service_name: 'httpd'
935 gnocchi::api::host: {get_input: gnocchi_api_network}
936 gnocchi::api::keystone_password: {get_input: gnocchi_password}
937 gnocchi::api::keystone_auth_uri: {get_input: keystone_auth_uri}
938 gnocchi::api::keystone_identity_uri: {get_input: keystone_identity_uri}
939 gnocchi::db::mysql::password: {get_input: gnocchi_password}
940 gnocchi::storage::swift::swift_authurl: {get_input: keystone_auth_uri}
941 gnocchi::storage::swift::swift_key: {get_input: gnocchi_password}
942 gnocchi::keystone::auth::public_url: {get_input: gnocchi_public_url }
943 gnocchi::keystone::auth::internal_url: {get_input: gnocchi_internal_url }
944 gnocchi::keystone::auth::admin_url: {get_input: gnocchi_admin_url }
945 gnocchi::keystone::auth::password: {get_input: gnocchi_password }
946 gnocchi::keystone::auth::region: {get_input: keystone_region}
949 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
950 nova::use_ipv6: {get_input: nova_ipv6}
951 nova::api::auth_uri: {get_input: keystone_auth_uri}
952 nova::api::identity_uri: {get_input: keystone_identity_uri}
953 nova::api::api_bind_address: {get_input: nova_api_network}
954 nova::api::metadata_listen: {get_input: nova_metadata_network}
955 nova::api::admin_password: {get_input: nova_password}
956 nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu}
957 nova::database_connection: {get_input: nova_dsn}
958 nova::api_database_connection: {get_input: nova_api_dsn}
959 nova::glance_api_servers: {get_input: glance_api_servers}
960 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
961 nova::api::instance_name_template: {get_input: instance_name_template}
962 nova::network::neutron::neutron_password: {get_input: neutron_password}
963 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
964 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
965 nova::vncproxy::host: {get_input: nova_api_network}
966 nova::db::mysql::password: {get_input: nova_password}
967 nova::db::mysql_api::password: {get_input: nova_password}
968 nova_enable_db_purge: {get_input: nova_enable_db_purge}
969 nova::keystone::auth::public_url: {get_input: nova_public_url}
970 nova::keystone::auth::internal_url: {get_input: nova_internal_url}
971 nova::keystone::auth::admin_url: {get_input: nova_admin_url}
972 nova::keystone::auth::password: {get_input: nova_password }
973 nova::keystone::auth::region: {get_input: keystone_region}
976 apache::mod::remoteip::proxy_ips: {get_input: horizon_subnet}
977 apache::ip: {get_input: horizon_network}
978 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
979 horizon::django_debug: {get_input: debug}
980 horizon::secret_key: {get_input: horizon_secret}
981 horizon::bind_address: {get_input: horizon_network}
982 horizon::keystone_url: {get_input: keystone_auth_uri}
985 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
986 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
988 redis::bind: {get_input: redis_network}
989 redis_vip: {get_input: redis_vip}
991 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
992 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
994 memcached_ipv6: {get_input: memcached_ipv6}
995 memcached::listen_ip: {get_input: memcached_network}
996 timezone::timezone: {get_input: timezone}
997 control_virtual_interface: {get_input: control_virtual_interface}
998 public_virtual_interface: {get_input: public_virtual_interface}
999 tripleo::keepalived::control_virtual_interface: {get_input: control_virtual_interface}
1000 tripleo::keepalived::public_virtual_interface: {get_input: public_virtual_interface}
1001 tripleo::haproxy::control_virtual_interface: {get_input: control_virtual_interface}
1002 tripleo::haproxy::public_virtual_interface: {get_input: public_virtual_interface}
1003 tripleo::haproxy::haproxy_log_address: {get_input: haproxy_log_address}
1004 tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1005 tripleo::haproxy::haproxy_stats_user: {get_input: haproxy_stats_user}
1006 tripleo::haproxy::haproxy_stats_password: {get_input: haproxy_stats_password}
1007 tripleo::haproxy::redis_password: {get_input: redis_password}
1008 tripleo::packages::enable_install: {get_input: enable_package_install}
1009 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1011 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1012 ControllerExtraConfigPre:
1013 depends_on: ControllerDeployment
1014 type: OS::TripleO::ControllerExtraConfigPre
1016 server: {get_resource: Controller}
1018 # Hook for site-specific additional pre-deployment config,
1019 # applying to all nodes, e.g node registration/unregistration
1021 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1022 type: OS::TripleO::NodeExtraConfig
1024 server: {get_resource: Controller}
1027 type: OS::TripleO::Tasks::PackageUpdate
1030 type: OS::Heat::SoftwareDeployment
1032 name: UpdateDeployment
1033 config: {get_resource: UpdateConfig}
1034 server: {get_resource: Controller}
1037 get_param: UpdateIdentifier
1041 description: IP address of the server in the ctlplane network
1042 value: {get_attr: [Controller, networks, ctlplane, 0]}
1043 external_ip_address:
1044 description: IP address of the server in the external network
1045 value: {get_attr: [ExternalPort, ip_address]}
1046 internal_api_ip_address:
1047 description: IP address of the server in the internal_api network
1048 value: {get_attr: [InternalApiPort, ip_address]}
1050 description: IP address of the server in the storage network
1051 value: {get_attr: [StoragePort, ip_address]}
1052 storage_mgmt_ip_address:
1053 description: IP address of the server in the storage_mgmt network
1054 value: {get_attr: [StorageMgmtPort, ip_address]}
1056 description: IP address of the server in the tenant network
1057 value: {get_attr: [TenantPort, ip_address]}
1058 management_ip_address:
1059 description: IP address of the server in the management network
1060 value: {get_attr: [ManagementPort, ip_address]}
1062 description: Hostname of the server
1063 value: {get_attr: [Controller, name]}
1066 Server's IP address and hostname in the /etc/hosts format
1070 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
1071 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
1072 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
1073 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
1074 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
1075 TENANTIP TENANTHOST.DOMAIN TENANTHOST
1076 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
1078 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1079 DOMAIN: {get_param: CloudDomain}
1080 PRIMARYHOST: {get_attr: [Controller, name]}
1081 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
1085 - - {get_attr: [Controller, name]}
1087 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
1091 - - {get_attr: [Controller, name]}
1093 STORAGEIP: {get_attr: [StoragePort, ip_address]}
1097 - - {get_attr: [Controller, name]}
1099 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
1103 - - {get_attr: [Controller, name]}
1105 TENANTIP: {get_attr: [TenantPort, ip_address]}
1109 - - {get_attr: [Controller, name]}
1111 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
1115 - - {get_attr: [Controller, name]}
1117 nova_server_resource:
1118 description: Heat resource handle for the Nova compute server
1120 {get_resource: Controller}
1122 description: Swift device formatted for swift-ring-builder
1125 template: 'r1z1-IP:%PORT%/d1'
1127 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1128 swift_proxy_memcache:
1129 description: Swift proxy-memcache value
1132 template: "IP:11211"
1134 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1136 description: identifier which changes if the controller configuration may need re-applying
1140 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1141 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1142 - {get_attr: [NodeTLSData, deploy_stdout]}
1143 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1144 - {get_param: UpdateIdentifier}
1145 tls_key_modulus_md5:
1146 description: MD5 checksum of the TLS Key Modulus
1147 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1148 tls_cert_modulus_md5:
1149 description: MD5 checksum of the TLS Certificate Modulus
1150 value: {get_attr: [NodeTLSData, cert_modulus_md5]}
Code Review / apex-tripleo-heat-templates.git / blob