1 heat_template_version: 2016-04-08
4 OpenStack controller node configured by Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
15 description: The password for the aodh services.
18 #TODO(composable Redis): Remove the Redis password param
19 #As is used by ceilometer
20 CeilometerApiVirtualIP:
25 description: The ceilometer backend type.
27 CeilometerMeteringSecret:
28 description: Secret shared by the ceilometer services.
32 description: The password for the ceilometer service and db account.
35 CeilometerStoreEvents:
37 description: Whether to store events in ceilometer.
39 CeilometerMeterDispatcher:
41 description: Dispatcher to process meter data
44 - allowed_values: ['gnocchi', 'database']
50 description: Number of workers for Ceilometer service.
52 controllerExtraConfig:
55 Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
57 ControllerExtraConfig:
60 Controller specific hiera configuration data to inject into the cluster.
65 A network mapped list of IPs to assign to Controllers in the following form:
67 "internal_api": ["a.b.c.d", "e.f.g.h"],
71 ControlVirtualInterface:
73 description: Interface where virtual ip will be assigned.
77 description: Enable IPv6 in Corosync
81 description: Set to True to enable debugging on all services.
85 description: Whether to enable fencing in Pacemaker or not.
89 description: Whether to use Galera instead of regular MariaDB.
93 description: Whether to deploy a LoadBalancer on the Controller
97 description: Whether to deploy Ceph Storage (OSD) on the Controller
101 description: Whether to enable Swift Storage on the Controller
106 Additional hieradata to inject into the cluster, note that
107 ControllerExtraConfig takes precedence over ExtraConfig.
112 Pacemaker fencing configuration. The JSON should have
113 the following structure:
117 "agent": "AGENT_NAME",
118 "host_mac": "HOST_MAC_ADDRESS",
119 "params": {"PARAM_NAME": "PARAM_VALUE"}
127 "agent": "fence_xvm",
128 "host_mac": "52:54:00:aa:bb:cc",
130 "multicast_address": "225.0.0.12",
131 "port": "baremetal_0",
133 "manage_key_file": true,
134 "key_file": "/etc/fence_xvm.key",
135 "key_file_password": "abcdef"
142 description: Flavor for control nodes to request when deploying.
145 - custom_constraint: nova.flavor
148 description: The short name of the Gnocchi backend to use. Should be one
149 of swift, rbd, or file
152 - allowed_values: ['swift', 'file', 'rbd']
153 GnocchiIndexerBackend:
155 description: The short name of the Gnocchi indexer backend to use.
161 description: The password for the gnocchi service and db account.
164 HAProxyStatsPassword:
165 description: Password for HAProxy stats endpoint
168 description: User for HAProxy stats endpoint
171 HAProxySyslogAddress:
173 description: Syslog address where HAproxy will send its log
175 HeatAuthEncryptionKey:
176 description: Auth encryption key for heat-engine
181 description: A list of IP/Hostname allowed to connect to horizon
182 type: comma_delimited_list
184 description: Secret key for Django
189 default: overcloud-control
191 - custom_constraint: glance.image
193 default: 'REBUILD_PRESERVE_EPHEMERAL'
194 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
196 InstanceNameTemplate:
197 default: 'instance-%08x'
198 description: Template string to be used to generate instance names
202 description: Name of an existing Nova key pair to enable SSH access to the instances
205 - custom_constraint: nova.keypair
209 description: Keystone region for endpoint
212 description: Whether to manage IPtables rules.
216 description: Enable IPv6 features in Memcached.
220 description: Whether IPtables rules should be purged before setting up the new ones.
225 MysqlClusterUniquePart:
226 description: A unique identifier of the MySQL cluster the controller is in.
228 default: 'unset' # Has to be here because of the ignored empty value bug
229 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
231 # - length: {min: 4, max: 10}
232 MysqlInnodbBufferPoolSize:
234 Specifies the size of the buffer pool in megabytes. Setting to
235 zero should be interpreted as "no value" and will defer to the
240 description: Configures MySQL max_connections config setting
243 MysqlClustercheckPassword:
249 default: '' # Has to be here because of the ignored empty value bug
250 NeutronMetadataProxySharedSecret:
251 description: Shared secret to prevent spoofing
255 description: The password for the neutron service and db account, used by neutron agents.
258 NeutronPublicInterface:
260 description: What interface to bridge onto br-ex for network nodes.
264 The default MTU for tenant networks. For VXLAN/GRE tunneling, this should
265 be at least 50 bytes smaller than the MTU on the physical network. This
266 value will be used to set the MTU on the virtual Ethernet device.
267 This number is related to the value of NeutronDnsmasqOptions, since that
268 will determine the MTU that is assigned to the VM host through DHCP.
277 Whether to create cron job for purging soft deleted rows in Nova database.
281 description: Enable IPv6 features in Nova
284 description: The password for the nova service and db account, used by nova-api.
289 description: Comma-separated list of ntp servers
290 type: comma_delimited_list
293 description: The password for the 'pcsd' user.
295 PublicVirtualInterface:
298 Specifies the interface where the public-facing virtual ip will be assigned.
299 This should be int_public when a VLAN is being used.
303 default: '' # Has to be here because of the ignored empty value bug
306 default: '' # Has to be here because of the ignored empty value bug
309 description: The password for RabbitMQ
314 description: The username for RabbitMQ
319 Rabbit client subscriber parameter to specify
320 an SSL connection to the RabbitMQ host.
324 description: Set rabbit subscriber port, change this if using SSL
327 description: The password for Redis
332 default: '' # Has to be here because of the ignored empty value bug
335 default: '' # Has to be here because of the ignored empty value bug
336 description: An IP address which is wrapped in brackets in case of IPv6
337 SnmpdReadonlyUserName:
338 default: ro_snmp_user
339 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
341 SnmpdReadonlyUserPassword:
342 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
346 description: A random string to be used as a salt when hashing to determine mappings
352 description: Value of mount_check in Swift account/container/object -server.conf
357 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
360 description: Partition Power to use when building Swift rings
364 description: Whether to manage Swift rings or not
372 description: How many replicas to use in the swift rings.
375 description: The timezone to be set on controller nodes.
377 UpgradeLevelNovaCompute:
379 description: Nova Compute upgrade level
381 VirtualIP: # DEPRECATED: use per service settings instead
383 default: '' # Has to be here because of the ignored empty value bug
396 EnablePackageInstall:
398 description: Set to true to enable package installation via Puppet
402 description: Mapping of service_name -> network name. Typically set
403 via parameter_defaults in the resource registry.
407 description: Mapping of service endpoint -> protocol. Typically set
408 via parameter_defaults in the resource registry.
414 Setting to a previously unused value during stack-update will trigger
415 package update on all nodes
418 default: '' # Defaults to Heat created hostname
422 description: Optional mapping to override hostnames
423 NetworkDeploymentActions:
424 type: comma_delimited_list
426 Heat action when to apply network configuration changes
431 SoftwareConfigTransport:
432 default: POLL_SERVER_CFN
434 How the server should receive the metadata required for software configuration.
437 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
442 The DNS domain used for the hosts. This should match the dhcp_domain
443 configured in the Undercloud neutron. Defaults to localdomain.
447 Extra properties or metadata passed to Nova for the created nodes in
448 the overcloud. It's accessible via the Nova metadata API.
452 description: Optional scheduler hints to pass to nova
454 ServiceConfigSettings:
460 description: Do not use deprecated params, they will be removed.
462 - controllerExtraConfig
467 type: OS::Nova::Server
469 image: {get_param: Image}
470 image_update_policy: {get_param: ImageUpdatePolicy}
471 flavor: {get_param: Flavor}
472 key_name: {get_param: KeyName}
475 user_data_format: SOFTWARE_CONFIG
476 user_data: {get_resource: UserData}
479 template: {get_param: Hostname}
480 params: {get_param: HostnameMap}
481 software_config_transport: {get_param: SoftwareConfigTransport}
482 metadata: {get_param: ServerMetadata}
483 scheduler_hints: {get_param: SchedulerHints}
485 # Combine the NodeAdminUserData and NodeUserData mime archives
487 type: OS::Heat::MultipartMime
490 - config: {get_resource: NodeAdminUserData}
492 - config: {get_resource: NodeUserData}
495 # Creates the "heat-admin" user if configured via the environment
496 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
498 type: OS::TripleO::NodeAdminUserData
500 # For optional operator additional userdata
501 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
503 type: OS::TripleO::NodeUserData
506 type: OS::TripleO::Controller::Ports::ExternalPort
508 IPPool: {get_param: ControllerIPs}
509 NodeIndex: {get_param: NodeIndex}
510 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
513 type: OS::TripleO::Controller::Ports::InternalApiPort
515 IPPool: {get_param: ControllerIPs}
516 NodeIndex: {get_param: NodeIndex}
517 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
520 type: OS::TripleO::Controller::Ports::StoragePort
522 IPPool: {get_param: ControllerIPs}
523 NodeIndex: {get_param: NodeIndex}
524 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
527 type: OS::TripleO::Controller::Ports::StorageMgmtPort
529 IPPool: {get_param: ControllerIPs}
530 NodeIndex: {get_param: NodeIndex}
531 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
534 type: OS::TripleO::Controller::Ports::TenantPort
536 IPPool: {get_param: ControllerIPs}
537 NodeIndex: {get_param: NodeIndex}
538 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
541 type: OS::TripleO::Controller::Ports::ManagementPort
543 IPPool: {get_param: ControllerIPs}
544 NodeIndex: {get_param: NodeIndex}
545 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
548 type: OS::TripleO::Network::Ports::NetIpMap
550 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
551 ExternalIp: {get_attr: [ExternalPort, ip_address]}
552 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
553 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
554 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
555 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
556 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
557 StorageIp: {get_attr: [StoragePort, ip_address]}
558 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
559 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
560 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
561 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
562 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
563 TenantIp: {get_attr: [TenantPort, ip_address]}
564 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
565 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
566 ManagementIp: {get_attr: [ManagementPort, ip_address]}
567 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
568 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
571 type: OS::TripleO::Controller::Net::SoftwareConfig
573 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
574 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
575 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
576 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
577 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
578 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
579 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
582 type: OS::TripleO::SoftwareDeployment
584 name: NetworkDeployment
585 config: {get_resource: NetworkConfig}
586 server: {get_resource: Controller}
587 actions: {get_param: NetworkDeploymentActions}
590 interface_name: {get_param: NeutronPublicInterface}
592 # Resource for site-specific injection of root certificate
594 depends_on: NetworkDeployment
595 type: OS::TripleO::NodeTLSCAData
597 server: {get_resource: Controller}
599 # Resource for site-specific passing of private keys/certificates
601 depends_on: NodeTLSCAData
602 type: OS::TripleO::NodeTLSData
604 server: {get_resource: Controller}
605 NodeIndex: {get_param: NodeIndex}
608 ControllerDeployment:
609 type: OS::TripleO::SoftwareDeployment
610 depends_on: NetworkDeployment
612 name: ControllerDeployment
613 config: {get_resource: ControllerConfig}
614 server: {get_resource: Controller}
616 bootstack_nodeid: {get_attr: [Controller, name]}
617 ceilometer_workers: {get_param: CeilometerWorkers}
618 haproxy_log_address: {get_param: HAProxySyslogAddress}
619 haproxy_stats_password: {get_param: HAProxyStatsPassword}
620 haproxy_stats_user: {get_param: HAProxyStatsUser}
621 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
622 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
623 horizon_secret: {get_param: HorizonSecret}
624 admin_password: {get_param: AdminPassword}
625 debug: {get_param: Debug}
626 cinder_public_url: {get_param: [EndpointMap, CinderPublic, uri]}
627 cinder_internal_url: {get_param: [EndpointMap, CinderInternal, uri]}
628 cinder_admin_url: {get_param: [EndpointMap, CinderAdmin, uri]}
629 cinder_public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]}
630 cinder_internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]}
631 cinder_admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]}
632 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
633 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
634 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
635 enable_fencing: {get_param: EnableFencing}
636 enable_galera: {get_param: EnableGalera}
637 enable_load_balancer: {get_param: EnableLoadBalancer}
638 enable_ceph_storage: {get_param: EnableCephStorage}
639 enable_swift_storage: {get_param: EnableSwiftStorage}
640 manage_firewall: {get_param: ManageFirewall}
641 purge_firewall_rules: {get_param: PurgeFirewallRules}
642 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
643 mysql_max_connections: {get_param: MysqlMaxConnections}
644 mysql_root_password: {get_param: MysqlRootPassword}
645 mysql_clustercheck_password: {get_param: MysqlClustercheckPassword}
648 template: tripleo-CLUSTER
650 CLUSTER: {get_param: MysqlClusterUniquePart}
651 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
652 neutron_password: {get_param: NeutronPassword}
653 neutron_tenant_mtu: {get_param: NeutronTenantMtu}
654 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
655 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
656 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
657 neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
658 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
659 ceilometer_backend: {get_param: CeilometerBackend}
660 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
661 ceilometer_password: {get_param: CeilometerPassword}
662 ceilometer_store_events: {get_param: CeilometerStoreEvents}
663 aodh_password: {get_param: AodhPassword}
664 aodh_internal_url: { get_param: [ EndpointMap, AodhInternal, uri ] }
665 aodh_public_url: { get_param: [ EndpointMap, AodhPublic, uri ] }
666 aodh_admin_url: { get_param: [ EndpointMap, AodhAdmin, uri ] }
667 ceilometer_meter_dispatcher: {get_param: CeilometerMeterDispatcher}
668 gnocchi_password: {get_param: GnocchiPassword}
669 gnocchi_backend: {get_param: GnocchiBackend}
670 gnocchi_indexer_backend: {get_param: GnocchiIndexerBackend}
671 ceilometer_coordination_url:
675 - {get_param: RedisPassword}
677 - {get_param: RedisVirtualIPUri}
682 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
684 - {get_param: CeilometerPassword}
686 - {get_param: [EndpointMap, MysqlInternal, host]}
691 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
693 - {get_param: GnocchiPassword}
695 - {get_param: [EndpointMap, MysqlInternal, host]}
700 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
702 - {get_param: AodhPassword}
704 - {get_param: [EndpointMap, MysqlInternal, host]}
706 gnocchi_internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]}
707 gnocchi_public_url: { get_param: [ EndpointMap, GnocchiPublic, uri ] }
708 gnocchi_admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] }
709 ceilometer_public_url: {get_param: [EndpointMap, CeilometerPublic, uri]}
710 ceilometer_internal_url: {get_param: [EndpointMap, CeilometerInternal, uri]}
711 ceilometer_admin_url: {get_param: [EndpointMap, CeilometerAdmin, uri]}
712 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
713 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
714 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
715 nova_ipv6: {get_param: NovaIPv6}
716 corosync_ipv6: {get_param: CorosyncIPv6}
717 memcached_ipv6: {get_param: MemcachedIPv6}
718 nova_password: {get_param: NovaPassword}
722 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
724 - {get_param: NovaPassword}
726 - {get_param: [EndpointMap, MysqlInternal, host]}
731 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
733 - {get_param: NovaPassword}
735 - {get_param: [EndpointMap, MysqlInternal, host]}
737 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
738 instance_name_template: {get_param: InstanceNameTemplate}
739 nova_public_url: {get_param: [EndpointMap, NovaPublic, uri]}
740 nova_internal_url: {get_param: [EndpointMap, NovaInternal, uri]}
741 nova_admin_url: {get_param: [EndpointMap, NovaAdmin, uri]}
742 fencing_config: {get_param: FencingConfig}
743 pcsd_password: {get_param: PcsdPassword}
744 rabbit_username: {get_param: RabbitUserName}
745 rabbit_password: {get_param: RabbitPassword}
746 rabbit_cookie: {get_param: RabbitCookie}
747 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
748 rabbit_client_port: {get_param: RabbitClientPort}
749 ntp_servers: {get_param: NtpServer}
750 timezone: {get_param: TimeZone}
751 control_virtual_interface: {get_param: ControlVirtualInterface}
752 public_virtual_interface: {get_param: PublicVirtualInterface}
753 swift_hash_suffix: {get_param: SwiftHashSuffix}
754 swift_part_power: {get_param: SwiftPartPower}
755 swift_ring_build: {get_param: SwiftRingBuild}
756 swift_replicas: {get_param: SwiftReplicas}
757 swift_min_part_hours: {get_param: SwiftMinPartHours}
758 swift_mount_check: {get_param: SwiftMountCheck}
759 enable_package_install: {get_param: EnablePackageInstall}
760 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
761 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
762 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
763 cinder_iscsi_network:
767 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
768 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
769 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
770 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
771 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
772 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
773 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
774 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
775 keystone_region: {get_param: KeystoneRegion}
776 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
777 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
778 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
779 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
780 aodh_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]}
781 gnocchi_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]}
782 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
783 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
784 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
787 template: "['SUBNET']"
789 SUBNET: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
790 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
791 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
792 redis_vip: {get_param: RedisVirtualIP}
793 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
794 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
795 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
796 mysql_virtual_ip: {get_param: MysqlVirtualIP}
797 ceph_cluster_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
798 ceph_public_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
799 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
801 # Map heat metadata into hiera datafiles
803 type: OS::Heat::StructuredConfig
805 group: os-apply-config
810 - heat_config_%{::deploy_config_name}
811 - controller_extraconfig
817 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
818 - ceph_cluster # provided by CephClusterConfig
820 - bootstrap_node # provided by BootstrapNodeConfig
821 - all_nodes # provided by allNodesConfig
822 - vip_data # provided by vip-config
826 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
827 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
828 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
829 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
830 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
831 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
832 - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
833 - midonet_data #Optionally provided by AllNodesExtraConfig
834 - neutron_opencontrail_data # Optionally provided by ControllerExtraConfigPre
835 merge_behavior: deeper
838 mapped_data: {get_param: ServiceConfigSettings}
839 controller_extraconfig:
842 - {get_param: controllerExtraConfig}
843 - {get_param: ControllerExtraConfig}
845 mapped_data: {get_param: ExtraConfig}
847 raw_data: {get_file: hieradata/common.yaml}
850 net_ip_map: {get_attr: [NetIpMap, net_ip_map]}
851 net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]}
852 net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]}
854 raw_data: {get_file: hieradata/ceph.yaml}
856 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
857 ceph::profile::params::public_network: {get_input: ceph_public_network}
858 ceph::profile::params::public_addr: {get_input: ceph_public_ip}
860 raw_data: {get_file: hieradata/database.yaml}
862 raw_data: {get_file: hieradata/object.yaml}
864 raw_data: {get_file: hieradata/controller.yaml}
865 mapped_data: # data supplied directly to this deployment configuration, etc
866 bootstack_nodeid: {get_input: bootstack_nodeid}
869 enable_fencing: {get_input: enable_fencing}
870 enable_load_balancer: {get_input: enable_load_balancer}
871 hacluster_pwd: {get_input: pcsd_password}
872 corosync_ipv6: {get_input: corosync_ipv6}
873 tripleo::fencing::config: {get_input: fencing_config}
876 # FIXME: need to move proxy_local_net_ip into swift-proxy.yaml
877 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
878 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
879 swift::swift_hash_path_suffix: {get_input: swift_hash_suffix}
880 tripleo::ringbuilder::build_ring: { get_input: swift_ring_build }
881 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
882 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
883 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
884 swift_mount_check: {get_input: swift_mount_check}
887 tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: {get_input: cinder_iscsi_network}
888 cinder::api::bind_host: {get_input: cinder_api_network}
889 cinder::keystone::auth::public_url: {get_input: cinder_public_url }
890 cinder::keystone::auth::internal_url: {get_input: cinder_internal_url }
891 cinder::keystone::auth::admin_url: {get_input: cinder_admin_url }
892 cinder::keystone::auth::public_url_v2: {get_input: cinder_public_url_v2 }
893 cinder::keystone::auth::internal_url_v2: {get_input: cinder_internal_url_v2 }
894 cinder::keystone::auth::admin_url_v2: {get_input: cinder_admin_url_v2 }
895 cinder::keystone::auth::password: {get_input: cinder_password }
896 cinder::keystone::auth::region: {get_input: keystone_region}
899 glance::api::bind_host: {get_input: glance_api_network}
900 glance::registry::bind_host: {get_input: glance_registry_network}
901 glance::keystone::auth::region: {get_input: keystone_region}
904 heat::api::bind_host: {get_input: heat_api_network}
905 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
906 heat::api_cfn::bind_host: {get_input: heat_api_network}
907 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
910 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
911 keystone::public_bind_host: {get_input: keystone_public_api_network}
912 keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
913 keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
916 mongodb::server::bind_ip: {get_input: mongo_db_network}
919 admin_password: {get_input: admin_password}
920 enable_galera: {get_input: enable_galera}
921 enable_ceph_storage: {get_input: enable_ceph_storage}
922 enable_swift_storage: {get_input: enable_swift_storage}
923 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
924 mysql_max_connections: {get_input: mysql_max_connections}
925 mysql::server::root_password: {get_input: mysql_root_password}
926 mysql_clustercheck_password: {get_input: mysql_clustercheck_password}
927 mysql_cluster_name: {get_input: mysql_cluster_name}
928 mysql_bind_host: {get_input: mysql_network}
929 mysql_virtual_ip: {get_input: mysql_virtual_ip}
932 neutron::bind_host: {get_input: neutron_api_network}
933 neutron::network_device_mtu: {get_input: neutron_tenant_mtu}
934 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
935 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
936 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
937 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
938 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
939 neutron::keystone::auth::password: {get_input: neutron_password }
940 neutron::keystone::auth::region: {get_input: keystone_region}
943 ceilometer_backend: {get_input: ceilometer_backend}
944 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
945 ceilometer::telemetry_secret: {get_input: ceilometer_metering_secret}
946 ceilometer::rabbit_userid: {get_input: rabbit_username}
947 ceilometer::rabbit_password: {get_input: rabbit_password}
948 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
949 ceilometer::rabbit_port: {get_input: rabbit_client_port}
950 ceilometer::debug: {get_input: debug}
951 ceilometer::api::host: {get_input: ceilometer_api_network}
952 ceilometer::api::keystone_password: {get_input: ceilometer_password}
953 ceilometer::api::auth_uri: {get_input: keystone_auth_uri}
954 ceilometer::api::identity_uri: {get_input: keystone_identity_uri}
955 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
956 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
957 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
958 ceilometer::agent::notification::store_events: {get_input: ceilometer_store_events}
959 ceilometer::db::mysql::password: {get_input: ceilometer_password}
960 ceilometer::collector::meter_dispatcher: {get_input: ceilometer_meter_dispatcher}
961 ceilometer::dispatcher::gnocchi::url: {get_input: gnocchi_internal_url }
962 ceilometer::dispatcher::gnocchi::filter_project: 'service'
963 ceilometer::dispatcher::gnocchi::archive_policy: 'low'
964 ceilometer::dispatcher::gnocchi::resources_definition_file: 'gnocchi_resources.yaml'
965 ceilometer::keystone::auth::public_url: {get_input: ceilometer_public_url }
966 ceilometer::keystone::auth::internal_url: {get_input: ceilometer_internal_url }
967 ceilometer::keystone::auth::admin_url: {get_input: ceilometer_admin_url }
968 ceilometer::keystone::auth::password: {get_input: ceilometer_password }
969 ceilometer::keystone::auth::region: {get_input: keystone_region}
970 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
971 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
974 aodh_mysql_conn_string: {get_input: aodh_dsn}
975 aodh::rabbit_userid: {get_input: rabbit_username}
976 aodh::rabbit_password: {get_input: rabbit_password}
977 aodh::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
978 aodh::rabbit_port: {get_input: rabbit_client_port}
979 aodh::debug: {get_input: debug}
980 aodh::wsgi::apache::ssl: false
981 aodh::wsgi::apache::bind_host: {get_input: aodh_api_network}
982 aodh::api::service_name: 'httpd'
983 aodh::api::host: {get_input: aodh_api_network}
984 aodh::api::keystone_password: {get_input: aodh_password}
985 aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri}
986 aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri}
987 aodh::auth::auth_url: {get_input: keystone_auth_uri}
988 aodh::auth::auth_password: {get_input: aodh_password}
989 aodh::db::mysql::password: {get_input: aodh_password}
990 # for a migration path from ceilometer-alarm to aodh, we use the same database & coordination
991 aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url}
992 aodh::keystone::auth::public_url: {get_input: aodh_public_url }
993 aodh::keystone::auth::internal_url: {get_input: aodh_internal_url }
994 aodh::keystone::auth::admin_url: {get_input: aodh_admin_url }
995 aodh::keystone::auth::password: {get_input: aodh_password }
996 aodh::keystone::auth::region: {get_input: keystone_region}
999 gnocchi_backend: {get_input: gnocchi_backend}
1000 gnocchi_indexer_backend: {get_input: gnocchi_indexer_backend}
1001 gnocchi_mysql_conn_string: {get_input: gnocchi_dsn}
1002 gnocchi::debug: {get_input: debug}
1003 gnocchi::wsgi::apache::ssl: false
1004 gnocchi::wsgi::apache::bind_host: {get_input: gnocchi_api_network}
1005 gnocchi::api::service_name: 'httpd'
1006 gnocchi::api::host: {get_input: gnocchi_api_network}
1007 gnocchi::api::keystone_password: {get_input: gnocchi_password}
1008 gnocchi::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1009 gnocchi::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1010 gnocchi::db::mysql::password: {get_input: gnocchi_password}
1011 gnocchi::storage::swift::swift_authurl: {get_input: keystone_auth_uri}
1012 gnocchi::storage::swift::swift_key: {get_input: gnocchi_password}
1013 gnocchi::keystone::auth::public_url: {get_input: gnocchi_public_url }
1014 gnocchi::keystone::auth::internal_url: {get_input: gnocchi_internal_url }
1015 gnocchi::keystone::auth::admin_url: {get_input: gnocchi_admin_url }
1016 gnocchi::keystone::auth::password: {get_input: gnocchi_password }
1017 gnocchi::keystone::auth::region: {get_input: keystone_region}
1020 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
1021 nova::use_ipv6: {get_input: nova_ipv6}
1022 nova::api::auth_uri: {get_input: keystone_auth_uri}
1023 nova::api::identity_uri: {get_input: keystone_identity_uri}
1024 nova::api::api_bind_address: {get_input: nova_api_network}
1025 nova::api::metadata_listen: {get_input: nova_metadata_network}
1026 nova::api::admin_password: {get_input: nova_password}
1027 nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu}
1028 nova::database_connection: {get_input: nova_dsn}
1029 nova::api_database_connection: {get_input: nova_api_dsn}
1030 nova::glance_api_servers: {get_input: glance_api_servers}
1031 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1032 nova::api::instance_name_template: {get_input: instance_name_template}
1033 nova::network::neutron::neutron_password: {get_input: neutron_password}
1034 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1035 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
1036 nova::vncproxy::host: {get_input: nova_api_network}
1037 nova::db::mysql::password: {get_input: nova_password}
1038 nova::db::mysql_api::password: {get_input: nova_password}
1039 nova_enable_db_purge: {get_input: nova_enable_db_purge}
1040 nova::keystone::auth::public_url: {get_input: nova_public_url}
1041 nova::keystone::auth::internal_url: {get_input: nova_internal_url}
1042 nova::keystone::auth::admin_url: {get_input: nova_admin_url}
1043 nova::keystone::auth::password: {get_input: nova_password }
1044 nova::keystone::auth::region: {get_input: keystone_region}
1047 apache::mod::remoteip::proxy_ips: {get_input: horizon_subnet}
1048 apache::ip: {get_input: horizon_network}
1049 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1050 horizon::django_debug: {get_input: debug}
1051 horizon::secret_key: {get_input: horizon_secret}
1052 horizon::bind_address: {get_input: horizon_network}
1053 horizon::keystone_url: {get_input: keystone_auth_uri}
1056 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1057 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1059 redis::bind: {get_input: redis_network}
1060 redis_vip: {get_input: redis_vip}
1062 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1063 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1065 memcached_ipv6: {get_input: memcached_ipv6}
1066 memcached::listen_ip: {get_input: memcached_network}
1067 ntp::servers: {get_input: ntp_servers}
1068 timezone::timezone: {get_input: timezone}
1069 control_virtual_interface: {get_input: control_virtual_interface}
1070 public_virtual_interface: {get_input: public_virtual_interface}
1071 tripleo::keepalived::control_virtual_interface: {get_input: control_virtual_interface}
1072 tripleo::keepalived::public_virtual_interface: {get_input: public_virtual_interface}
1073 tripleo::haproxy::control_virtual_interface: {get_input: control_virtual_interface}
1074 tripleo::haproxy::public_virtual_interface: {get_input: public_virtual_interface}
1075 tripleo::haproxy::haproxy_log_address: {get_input: haproxy_log_address}
1076 tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1077 tripleo::haproxy::haproxy_stats_user: {get_input: haproxy_stats_user}
1078 tripleo::haproxy::haproxy_stats_password: {get_input: haproxy_stats_password}
1079 tripleo::haproxy::redis_password: {get_input: redis_password}
1080 tripleo::packages::enable_install: {get_input: enable_package_install}
1081 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1083 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1084 ControllerExtraConfigPre:
1085 depends_on: ControllerDeployment
1086 type: OS::TripleO::ControllerExtraConfigPre
1088 server: {get_resource: Controller}
1090 # Hook for site-specific additional pre-deployment config,
1091 # applying to all nodes, e.g node registration/unregistration
1093 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1094 type: OS::TripleO::NodeExtraConfig
1096 server: {get_resource: Controller}
1099 type: OS::TripleO::Tasks::PackageUpdate
1102 type: OS::Heat::SoftwareDeployment
1104 name: UpdateDeployment
1105 config: {get_resource: UpdateConfig}
1106 server: {get_resource: Controller}
1109 get_param: UpdateIdentifier
1113 description: IP address of the server in the ctlplane network
1114 value: {get_attr: [Controller, networks, ctlplane, 0]}
1115 external_ip_address:
1116 description: IP address of the server in the external network
1117 value: {get_attr: [ExternalPort, ip_address]}
1118 internal_api_ip_address:
1119 description: IP address of the server in the internal_api network
1120 value: {get_attr: [InternalApiPort, ip_address]}
1122 description: IP address of the server in the storage network
1123 value: {get_attr: [StoragePort, ip_address]}
1124 storage_mgmt_ip_address:
1125 description: IP address of the server in the storage_mgmt network
1126 value: {get_attr: [StorageMgmtPort, ip_address]}
1128 description: IP address of the server in the tenant network
1129 value: {get_attr: [TenantPort, ip_address]}
1130 management_ip_address:
1131 description: IP address of the server in the management network
1132 value: {get_attr: [ManagementPort, ip_address]}
1134 description: Hostname of the server
1135 value: {get_attr: [Controller, name]}
1138 Server's IP address and hostname in the /etc/hosts format
1142 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
1143 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
1144 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
1145 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
1146 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
1147 TENANTIP TENANTHOST.DOMAIN TENANTHOST
1148 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
1150 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1151 DOMAIN: {get_param: CloudDomain}
1152 PRIMARYHOST: {get_attr: [Controller, name]}
1153 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
1157 - - {get_attr: [Controller, name]}
1159 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
1163 - - {get_attr: [Controller, name]}
1165 STORAGEIP: {get_attr: [StoragePort, ip_address]}
1169 - - {get_attr: [Controller, name]}
1171 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
1175 - - {get_attr: [Controller, name]}
1177 TENANTIP: {get_attr: [TenantPort, ip_address]}
1181 - - {get_attr: [Controller, name]}
1183 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
1187 - - {get_attr: [Controller, name]}
1189 nova_server_resource:
1190 description: Heat resource handle for the Nova compute server
1192 {get_resource: Controller}
1194 description: Swift device formatted for swift-ring-builder
1197 template: 'r1z1-IP:%PORT%/d1'
1199 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1200 swift_proxy_memcache:
1201 description: Swift proxy-memcache value
1204 template: "IP:11211"
1206 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1208 description: identifier which changes if the controller configuration may need re-applying
1212 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1213 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1214 - {get_attr: [NodeTLSData, deploy_stdout]}
1215 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1216 - {get_param: UpdateIdentifier}
1217 tls_key_modulus_md5:
1218 description: MD5 checksum of the TLS Key Modulus
1219 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1220 tls_cert_modulus_md5:
1221 description: MD5 checksum of the TLS Certificate Modulus
1222 value: {get_attr: [NodeTLSData, cert_modulus_md5]}