1 heat_template_version: 2016-04-08
4 OpenStack controller node configured by Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
12 description: The password for the aodh services.
15 #TODO(composable Redis): Remove the Redis password param
16 #As is used by ceilometer
19 description: The ceilometer backend type.
21 CeilometerMeteringSecret:
22 description: Secret shared by the ceilometer services.
26 description: The password for the ceilometer service and db account.
29 CeilometerStoreEvents:
31 description: Whether to store events in ceilometer.
33 CeilometerMeterDispatcher:
35 description: Dispatcher to process meter data
38 - allowed_values: ['gnocchi', 'database']
41 description: Number of workers for Ceilometer service.
43 controllerExtraConfig:
46 Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
48 ControllerExtraConfig:
51 Controller specific hiera configuration data to inject into the cluster.
56 A network mapped list of IPs to assign to Controllers in the following form:
58 "internal_api": ["a.b.c.d", "e.f.g.h"],
62 ControlVirtualInterface:
64 description: Interface where virtual ip will be assigned.
68 description: Enable IPv6 in Corosync
72 description: Set to True to enable debugging on all services.
76 description: Whether to enable fencing in Pacemaker or not.
80 description: Whether to use Galera instead of regular MariaDB.
84 description: Whether to deploy a LoadBalancer on the Controller
88 description: Whether to deploy Ceph Storage (OSD) on the Controller
93 Additional hieradata to inject into the cluster, note that
94 ControllerExtraConfig takes precedence over ExtraConfig.
99 Pacemaker fencing configuration. The JSON should have
100 the following structure:
104 "agent": "AGENT_NAME",
105 "host_mac": "HOST_MAC_ADDRESS",
106 "params": {"PARAM_NAME": "PARAM_VALUE"}
114 "agent": "fence_xvm",
115 "host_mac": "52:54:00:aa:bb:cc",
117 "multicast_address": "225.0.0.12",
118 "port": "baremetal_0",
120 "manage_key_file": true,
121 "key_file": "/etc/fence_xvm.key",
122 "key_file_password": "abcdef"
129 description: Flavor for control nodes to request when deploying.
132 - custom_constraint: nova.flavor
135 description: The short name of the Gnocchi backend to use. Should be one
136 of swift, rbd, or file
139 - allowed_values: ['swift', 'file', 'rbd']
140 GnocchiIndexerBackend:
142 description: The short name of the Gnocchi indexer backend to use.
145 description: The password for the gnocchi service and db account.
148 HAProxyStatsPassword:
149 description: Password for HAProxy stats endpoint
152 description: User for HAProxy stats endpoint
155 HAProxySyslogAddress:
157 description: Syslog address where HAproxy will send its log
159 HeatAuthEncryptionKey:
160 description: Auth encryption key for heat-engine
165 description: A list of IP/Hostname allowed to connect to horizon
166 type: comma_delimited_list
168 description: Secret key for Django
173 default: overcloud-control
175 - custom_constraint: glance.image
177 default: 'REBUILD_PRESERVE_EPHEMERAL'
178 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
180 InstanceNameTemplate:
181 default: 'instance-%08x'
182 description: Template string to be used to generate instance names
186 description: Name of an existing Nova key pair to enable SSH access to the instances
189 - custom_constraint: nova.keypair
193 description: Keystone region for endpoint
196 description: Whether to manage IPtables rules.
200 description: Enable IPv6 features in Memcached.
204 description: Whether IPtables rules should be purged before setting up the new ones.
206 MysqlClusterUniquePart:
207 description: A unique identifier of the MySQL cluster the controller is in.
209 default: 'unset' # Has to be here because of the ignored empty value bug
210 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
212 # - length: {min: 4, max: 10}
213 MysqlInnodbBufferPoolSize:
215 Specifies the size of the buffer pool in megabytes. Setting to
216 zero should be interpreted as "no value" and will defer to the
221 description: Configures MySQL max_connections config setting
224 MysqlClustercheckPassword:
230 default: '' # Has to be here because of the ignored empty value bug
231 NeutronMetadataProxySharedSecret:
232 description: Shared secret to prevent spoofing
236 description: The password for the neutron service and db account, used by neutron agents.
239 NeutronPublicInterface:
241 description: What interface to bridge onto br-ex for network nodes.
245 The default MTU for tenant networks. For VXLAN/GRE tunneling, this should
246 be at least 50 bytes smaller than the MTU on the physical network. This
247 value will be used to set the MTU on the virtual Ethernet device.
248 This number is related to the value of NeutronDnsmasqOptions, since that
249 will determine the MTU that is assigned to the VM host through DHCP.
255 Whether to create cron job for purging soft deleted rows in Nova database.
259 description: Enable IPv6 features in Nova
262 description: The password for the nova service and db account, used by nova-api.
267 description: The password for the 'pcsd' user.
269 PublicVirtualInterface:
272 Specifies the interface where the public-facing virtual ip will be assigned.
273 This should be int_public when a VLAN is being used.
277 default: '' # Has to be here because of the ignored empty value bug
280 description: The password for RabbitMQ
285 description: The username for RabbitMQ
290 Rabbit client subscriber parameter to specify
291 an SSL connection to the RabbitMQ host.
295 description: Set rabbit subscriber port, change this if using SSL
298 description: The password for Redis
303 default: '' # Has to be here because of the ignored empty value bug
306 default: '' # Has to be here because of the ignored empty value bug
307 description: An IP address which is wrapped in brackets in case of IPv6
309 description: A random string to be used as a salt when hashing to determine mappings
316 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
319 description: Partition Power to use when building Swift rings
323 description: Whether to manage Swift rings or not
328 description: How many replicas to use in the swift rings.
331 description: The timezone to be set on controller nodes.
333 UpgradeLevelNovaCompute:
335 description: Nova Compute upgrade level
340 EnablePackageInstall:
342 description: Set to true to enable package installation via Puppet
346 description: Mapping of service_name -> network name. Typically set
347 via parameter_defaults in the resource registry.
351 description: Mapping of service endpoint -> protocol. Typically set
352 via parameter_defaults in the resource registry.
358 Setting to a previously unused value during stack-update will trigger
359 package update on all nodes
362 default: '' # Defaults to Heat created hostname
366 description: Optional mapping to override hostnames
367 NetworkDeploymentActions:
368 type: comma_delimited_list
370 Heat action when to apply network configuration changes
375 SoftwareConfigTransport:
376 default: POLL_SERVER_CFN
378 How the server should receive the metadata required for software configuration.
381 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
386 The DNS domain used for the hosts. This should match the dhcp_domain
387 configured in the Undercloud neutron. Defaults to localdomain.
391 Extra properties or metadata passed to Nova for the created nodes in
392 the overcloud. It's accessible via the Nova metadata API.
396 description: Optional scheduler hints to pass to nova
398 ServiceConfigSettings:
404 description: Do not use deprecated params, they will be removed.
406 - controllerExtraConfig
411 type: OS::Nova::Server
413 image: {get_param: Image}
414 image_update_policy: {get_param: ImageUpdatePolicy}
415 flavor: {get_param: Flavor}
416 key_name: {get_param: KeyName}
419 user_data_format: SOFTWARE_CONFIG
420 user_data: {get_resource: UserData}
423 template: {get_param: Hostname}
424 params: {get_param: HostnameMap}
425 software_config_transport: {get_param: SoftwareConfigTransport}
426 metadata: {get_param: ServerMetadata}
427 scheduler_hints: {get_param: SchedulerHints}
429 # Combine the NodeAdminUserData and NodeUserData mime archives
431 type: OS::Heat::MultipartMime
434 - config: {get_resource: NodeAdminUserData}
436 - config: {get_resource: NodeUserData}
439 # Creates the "heat-admin" user if configured via the environment
440 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
442 type: OS::TripleO::NodeAdminUserData
444 # For optional operator additional userdata
445 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
447 type: OS::TripleO::NodeUserData
450 type: OS::TripleO::Controller::Ports::ExternalPort
452 IPPool: {get_param: ControllerIPs}
453 NodeIndex: {get_param: NodeIndex}
454 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
457 type: OS::TripleO::Controller::Ports::InternalApiPort
459 IPPool: {get_param: ControllerIPs}
460 NodeIndex: {get_param: NodeIndex}
461 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
464 type: OS::TripleO::Controller::Ports::StoragePort
466 IPPool: {get_param: ControllerIPs}
467 NodeIndex: {get_param: NodeIndex}
468 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
471 type: OS::TripleO::Controller::Ports::StorageMgmtPort
473 IPPool: {get_param: ControllerIPs}
474 NodeIndex: {get_param: NodeIndex}
475 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
478 type: OS::TripleO::Controller::Ports::TenantPort
480 IPPool: {get_param: ControllerIPs}
481 NodeIndex: {get_param: NodeIndex}
482 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
485 type: OS::TripleO::Controller::Ports::ManagementPort
487 IPPool: {get_param: ControllerIPs}
488 NodeIndex: {get_param: NodeIndex}
489 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
492 type: OS::TripleO::Network::Ports::NetIpMap
494 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
495 ExternalIp: {get_attr: [ExternalPort, ip_address]}
496 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
497 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
498 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
499 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
500 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
501 StorageIp: {get_attr: [StoragePort, ip_address]}
502 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
503 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
504 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
505 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
506 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
507 TenantIp: {get_attr: [TenantPort, ip_address]}
508 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
509 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
510 ManagementIp: {get_attr: [ManagementPort, ip_address]}
511 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
512 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
515 type: OS::TripleO::Controller::Net::SoftwareConfig
517 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
518 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
519 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
520 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
521 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
522 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
523 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
526 type: OS::TripleO::SoftwareDeployment
528 name: NetworkDeployment
529 config: {get_resource: NetworkConfig}
530 server: {get_resource: Controller}
531 actions: {get_param: NetworkDeploymentActions}
534 interface_name: {get_param: NeutronPublicInterface}
536 # Resource for site-specific injection of root certificate
538 depends_on: NetworkDeployment
539 type: OS::TripleO::NodeTLSCAData
541 server: {get_resource: Controller}
543 # Resource for site-specific passing of private keys/certificates
545 depends_on: NodeTLSCAData
546 type: OS::TripleO::NodeTLSData
548 server: {get_resource: Controller}
549 NodeIndex: {get_param: NodeIndex}
552 ControllerDeployment:
553 type: OS::TripleO::SoftwareDeployment
554 depends_on: NetworkDeployment
556 name: ControllerDeployment
557 config: {get_resource: ControllerConfig}
558 server: {get_resource: Controller}
560 bootstack_nodeid: {get_attr: [Controller, name]}
561 ceilometer_workers: {get_param: CeilometerWorkers}
562 haproxy_log_address: {get_param: HAProxySyslogAddress}
563 haproxy_stats_password: {get_param: HAProxyStatsPassword}
564 haproxy_stats_user: {get_param: HAProxyStatsUser}
565 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
566 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
567 horizon_secret: {get_param: HorizonSecret}
568 admin_password: {get_param: AdminPassword}
569 debug: {get_param: Debug}
570 cinder_public_url: {get_param: [EndpointMap, CinderPublic, uri]}
571 cinder_internal_url: {get_param: [EndpointMap, CinderInternal, uri]}
572 cinder_admin_url: {get_param: [EndpointMap, CinderAdmin, uri]}
573 cinder_public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]}
574 cinder_internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]}
575 cinder_admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]}
576 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
577 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
578 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
579 enable_fencing: {get_param: EnableFencing}
580 enable_galera: {get_param: EnableGalera}
581 enable_load_balancer: {get_param: EnableLoadBalancer}
582 enable_ceph_storage: {get_param: EnableCephStorage}
583 manage_firewall: {get_param: ManageFirewall}
584 purge_firewall_rules: {get_param: PurgeFirewallRules}
585 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
586 mysql_max_connections: {get_param: MysqlMaxConnections}
587 mysql_root_password: {get_param: MysqlRootPassword}
588 mysql_clustercheck_password: {get_param: MysqlClustercheckPassword}
591 template: tripleo-CLUSTER
593 CLUSTER: {get_param: MysqlClusterUniquePart}
594 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
595 neutron_password: {get_param: NeutronPassword}
596 neutron_tenant_mtu: {get_param: NeutronTenantMtu}
597 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
598 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
599 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
600 neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
601 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
602 ceilometer_backend: {get_param: CeilometerBackend}
603 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
604 ceilometer_password: {get_param: CeilometerPassword}
605 ceilometer_store_events: {get_param: CeilometerStoreEvents}
606 aodh_password: {get_param: AodhPassword}
607 aodh_internal_url: { get_param: [ EndpointMap, AodhInternal, uri ] }
608 aodh_public_url: { get_param: [ EndpointMap, AodhPublic, uri ] }
609 aodh_admin_url: { get_param: [ EndpointMap, AodhAdmin, uri ] }
610 ceilometer_meter_dispatcher: {get_param: CeilometerMeterDispatcher}
611 gnocchi_password: {get_param: GnocchiPassword}
612 gnocchi_backend: {get_param: GnocchiBackend}
613 gnocchi_indexer_backend: {get_param: GnocchiIndexerBackend}
614 ceilometer_coordination_url:
618 - {get_param: RedisPassword}
620 - {get_param: RedisVirtualIPUri}
625 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
627 - {get_param: CeilometerPassword}
629 - {get_param: [EndpointMap, MysqlInternal, host]}
634 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
636 - {get_param: GnocchiPassword}
638 - {get_param: [EndpointMap, MysqlInternal, host]}
643 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
645 - {get_param: AodhPassword}
647 - {get_param: [EndpointMap, MysqlInternal, host]}
649 gnocchi_internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]}
650 gnocchi_public_url: { get_param: [ EndpointMap, GnocchiPublic, uri ] }
651 gnocchi_admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] }
652 ceilometer_public_url: {get_param: [EndpointMap, CeilometerPublic, uri]}
653 ceilometer_internal_url: {get_param: [EndpointMap, CeilometerInternal, uri]}
654 ceilometer_admin_url: {get_param: [EndpointMap, CeilometerAdmin, uri]}
655 ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri_no_suffix]}
656 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
657 nova_ipv6: {get_param: NovaIPv6}
658 corosync_ipv6: {get_param: CorosyncIPv6}
659 memcached_ipv6: {get_param: MemcachedIPv6}
660 nova_password: {get_param: NovaPassword}
664 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
666 - {get_param: NovaPassword}
668 - {get_param: [EndpointMap, MysqlInternal, host]}
673 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
675 - {get_param: NovaPassword}
677 - {get_param: [EndpointMap, MysqlInternal, host]}
679 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
680 instance_name_template: {get_param: InstanceNameTemplate}
681 nova_public_url: {get_param: [EndpointMap, NovaPublic, uri]}
682 nova_internal_url: {get_param: [EndpointMap, NovaInternal, uri]}
683 nova_admin_url: {get_param: [EndpointMap, NovaAdmin, uri]}
684 fencing_config: {get_param: FencingConfig}
685 pcsd_password: {get_param: PcsdPassword}
686 rabbit_username: {get_param: RabbitUserName}
687 rabbit_password: {get_param: RabbitPassword}
688 rabbit_cookie: {get_param: RabbitCookie}
689 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
690 rabbit_client_port: {get_param: RabbitClientPort}
691 timezone: {get_param: TimeZone}
692 control_virtual_interface: {get_param: ControlVirtualInterface}
693 public_virtual_interface: {get_param: PublicVirtualInterface}
694 swift_hash_suffix: {get_param: SwiftHashSuffix}
695 swift_part_power: {get_param: SwiftPartPower}
696 swift_ring_build: {get_param: SwiftRingBuild}
697 swift_replicas: {get_param: SwiftReplicas}
698 swift_min_part_hours: {get_param: SwiftMinPartHours}
699 enable_package_install: {get_param: EnablePackageInstall}
700 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
701 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
702 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
703 cinder_iscsi_network:
707 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
708 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
709 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
710 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
711 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
712 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
713 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
714 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
715 keystone_region: {get_param: KeystoneRegion}
716 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
717 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
718 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
719 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
720 aodh_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]}
721 gnocchi_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]}
722 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
723 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
724 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
727 template: "['SUBNET']"
729 SUBNET: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
730 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
731 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
732 redis_vip: {get_param: RedisVirtualIP}
733 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
734 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
735 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
736 mysql_virtual_ip: {get_param: MysqlVirtualIP}
737 ceph_cluster_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
738 ceph_public_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
739 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
740 ironic_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]}
742 # Map heat metadata into hiera datafiles
744 type: OS::Heat::StructuredConfig
746 group: os-apply-config
751 - heat_config_%{::deploy_config_name}
752 - controller_extraconfig
758 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
759 - ceph_cluster # provided by CephClusterConfig
761 - bootstrap_node # provided by BootstrapNodeConfig
762 - all_nodes # provided by allNodesConfig
763 - vip_data # provided by vip-config
767 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
768 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
769 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
770 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
771 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
772 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
773 - midonet_data #Optionally provided by AllNodesExtraConfig
774 merge_behavior: deeper
777 mapped_data: {get_param: ServiceConfigSettings}
778 controller_extraconfig:
781 - {get_param: controllerExtraConfig}
782 - {get_param: ControllerExtraConfig}
784 mapped_data: {get_param: ExtraConfig}
786 raw_data: {get_file: hieradata/common.yaml}
789 net_ip_map: {get_attr: [NetIpMap, net_ip_map]}
790 net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]}
791 net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]}
793 raw_data: {get_file: hieradata/ceph.yaml}
795 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
796 ceph::profile::params::public_network: {get_input: ceph_public_network}
797 ceph::profile::params::public_addr: {get_input: ceph_public_ip}
799 raw_data: {get_file: hieradata/database.yaml}
801 raw_data: {get_file: hieradata/object.yaml}
803 raw_data: {get_file: hieradata/controller.yaml}
804 mapped_data: # data supplied directly to this deployment configuration, etc
805 bootstack_nodeid: {get_input: bootstack_nodeid}
808 enable_fencing: {get_input: enable_fencing}
809 enable_load_balancer: {get_input: enable_load_balancer}
810 hacluster_pwd: {get_input: pcsd_password}
811 corosync_ipv6: {get_input: corosync_ipv6}
812 tripleo::fencing::config: {get_input: fencing_config}
815 # FIXME: need to move proxy_local_net_ip into swift-proxy.yaml
816 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
817 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
818 swift::swift_hash_path_suffix: {get_input: swift_hash_suffix}
819 tripleo::ringbuilder::build_ring: { get_input: swift_ring_build }
820 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
821 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
822 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
825 tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: {get_input: cinder_iscsi_network}
826 cinder::api::bind_host: {get_input: cinder_api_network}
827 cinder::keystone::auth::public_url: {get_input: cinder_public_url }
828 cinder::keystone::auth::internal_url: {get_input: cinder_internal_url }
829 cinder::keystone::auth::admin_url: {get_input: cinder_admin_url }
830 cinder::keystone::auth::public_url_v2: {get_input: cinder_public_url_v2 }
831 cinder::keystone::auth::internal_url_v2: {get_input: cinder_internal_url_v2 }
832 cinder::keystone::auth::admin_url_v2: {get_input: cinder_admin_url_v2 }
833 cinder::keystone::auth::password: {get_input: cinder_password }
834 cinder::keystone::auth::region: {get_input: keystone_region}
837 glance::api::bind_host: {get_input: glance_api_network}
838 glance::registry::bind_host: {get_input: glance_registry_network}
839 glance::keystone::auth::region: {get_input: keystone_region}
842 heat::api::bind_host: {get_input: heat_api_network}
843 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
844 heat::api_cfn::bind_host: {get_input: heat_api_network}
845 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
848 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
849 keystone::public_bind_host: {get_input: keystone_public_api_network}
850 keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
851 keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
854 mongodb::server::bind_ip: {get_input: mongo_db_network}
857 admin_password: {get_input: admin_password}
858 enable_galera: {get_input: enable_galera}
859 enable_ceph_storage: {get_input: enable_ceph_storage}
860 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
861 mysql_max_connections: {get_input: mysql_max_connections}
862 mysql::server::root_password: {get_input: mysql_root_password}
863 mysql_clustercheck_password: {get_input: mysql_clustercheck_password}
864 mysql_cluster_name: {get_input: mysql_cluster_name}
865 mysql_bind_host: {get_input: mysql_network}
866 mysql_virtual_ip: {get_input: mysql_virtual_ip}
869 neutron::bind_host: {get_input: neutron_api_network}
870 neutron::network_device_mtu: {get_input: neutron_tenant_mtu}
871 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
872 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
873 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
874 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
875 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
876 neutron::keystone::auth::password: {get_input: neutron_password }
877 neutron::keystone::auth::region: {get_input: keystone_region}
880 ceilometer_backend: {get_input: ceilometer_backend}
881 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
882 ceilometer::telemetry_secret: {get_input: ceilometer_metering_secret}
883 ceilometer::rabbit_userid: {get_input: rabbit_username}
884 ceilometer::rabbit_password: {get_input: rabbit_password}
885 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
886 ceilometer::rabbit_port: {get_input: rabbit_client_port}
887 ceilometer::debug: {get_input: debug}
888 ceilometer::api::host: {get_input: ceilometer_api_network}
889 ceilometer::api::keystone_password: {get_input: ceilometer_password}
890 ceilometer::api::auth_uri: {get_input: keystone_auth_uri}
891 ceilometer::api::identity_uri: {get_input: keystone_identity_uri}
892 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
893 ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url}
894 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
895 ceilometer::agent::notification::store_events: {get_input: ceilometer_store_events}
896 ceilometer::db::mysql::password: {get_input: ceilometer_password}
897 ceilometer::collector::meter_dispatcher: {get_input: ceilometer_meter_dispatcher}
898 ceilometer::dispatcher::gnocchi::url: {get_input: gnocchi_internal_url }
899 ceilometer::dispatcher::gnocchi::filter_project: 'service'
900 ceilometer::dispatcher::gnocchi::archive_policy: 'low'
901 ceilometer::dispatcher::gnocchi::resources_definition_file: 'gnocchi_resources.yaml'
902 ceilometer::keystone::auth::public_url: {get_input: ceilometer_public_url }
903 ceilometer::keystone::auth::internal_url: {get_input: ceilometer_internal_url }
904 ceilometer::keystone::auth::admin_url: {get_input: ceilometer_admin_url }
905 ceilometer::keystone::auth::password: {get_input: ceilometer_password }
906 ceilometer::keystone::auth::region: {get_input: keystone_region}
907 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
908 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
911 aodh_mysql_conn_string: {get_input: aodh_dsn}
912 aodh::rabbit_userid: {get_input: rabbit_username}
913 aodh::rabbit_password: {get_input: rabbit_password}
914 aodh::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
915 aodh::rabbit_port: {get_input: rabbit_client_port}
916 aodh::debug: {get_input: debug}
917 aodh::wsgi::apache::ssl: false
918 aodh::wsgi::apache::bind_host: {get_input: aodh_api_network}
919 aodh::api::service_name: 'httpd'
920 aodh::api::host: {get_input: aodh_api_network}
921 aodh::api::keystone_password: {get_input: aodh_password}
922 aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri}
923 aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri}
924 aodh::auth::auth_url: {get_input: keystone_auth_uri}
925 aodh::auth::auth_password: {get_input: aodh_password}
926 aodh::db::mysql::password: {get_input: aodh_password}
927 # for a migration path from ceilometer-alarm to aodh, we use the same database & coordination
928 aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url}
929 aodh::keystone::auth::public_url: {get_input: aodh_public_url }
930 aodh::keystone::auth::internal_url: {get_input: aodh_internal_url }
931 aodh::keystone::auth::admin_url: {get_input: aodh_admin_url }
932 aodh::keystone::auth::password: {get_input: aodh_password }
933 aodh::keystone::auth::region: {get_input: keystone_region}
936 gnocchi_backend: {get_input: gnocchi_backend}
937 gnocchi_indexer_backend: {get_input: gnocchi_indexer_backend}
938 gnocchi_mysql_conn_string: {get_input: gnocchi_dsn}
939 gnocchi::debug: {get_input: debug}
940 gnocchi::wsgi::apache::ssl: false
941 gnocchi::wsgi::apache::bind_host: {get_input: gnocchi_api_network}
942 gnocchi::api::service_name: 'httpd'
943 gnocchi::api::host: {get_input: gnocchi_api_network}
944 gnocchi::api::keystone_password: {get_input: gnocchi_password}
945 gnocchi::api::keystone_auth_uri: {get_input: keystone_auth_uri}
946 gnocchi::api::keystone_identity_uri: {get_input: keystone_identity_uri}
947 gnocchi::db::mysql::password: {get_input: gnocchi_password}
948 gnocchi::storage::swift::swift_authurl: {get_input: keystone_auth_uri}
949 gnocchi::storage::swift::swift_key: {get_input: gnocchi_password}
950 gnocchi::keystone::auth::public_url: {get_input: gnocchi_public_url }
951 gnocchi::keystone::auth::internal_url: {get_input: gnocchi_internal_url }
952 gnocchi::keystone::auth::admin_url: {get_input: gnocchi_admin_url }
953 gnocchi::keystone::auth::password: {get_input: gnocchi_password }
954 gnocchi::keystone::auth::region: {get_input: keystone_region}
957 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
958 nova::use_ipv6: {get_input: nova_ipv6}
959 nova::api::auth_uri: {get_input: keystone_auth_uri}
960 nova::api::identity_uri: {get_input: keystone_identity_uri}
961 nova::api::api_bind_address: {get_input: nova_api_network}
962 nova::api::metadata_listen: {get_input: nova_metadata_network}
963 nova::api::admin_password: {get_input: nova_password}
964 nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu}
965 nova::database_connection: {get_input: nova_dsn}
966 nova::api_database_connection: {get_input: nova_api_dsn}
967 nova::glance_api_servers: {get_input: glance_api_servers}
968 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
969 nova::api::instance_name_template: {get_input: instance_name_template}
970 nova::network::neutron::neutron_password: {get_input: neutron_password}
971 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
972 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
973 nova::vncproxy::host: {get_input: nova_api_network}
974 nova::db::mysql::password: {get_input: nova_password}
975 nova::db::mysql_api::password: {get_input: nova_password}
976 nova_enable_db_purge: {get_input: nova_enable_db_purge}
977 nova::keystone::auth::public_url: {get_input: nova_public_url}
978 nova::keystone::auth::internal_url: {get_input: nova_internal_url}
979 nova::keystone::auth::admin_url: {get_input: nova_admin_url}
980 nova::keystone::auth::password: {get_input: nova_password }
981 nova::keystone::auth::region: {get_input: keystone_region}
984 apache::mod::remoteip::proxy_ips: {get_input: horizon_subnet}
985 apache::ip: {get_input: horizon_network}
986 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
987 horizon::django_debug: {get_input: debug}
988 horizon::secret_key: {get_input: horizon_secret}
989 horizon::bind_address: {get_input: horizon_network}
990 horizon::keystone_url: {get_input: keystone_auth_uri}
993 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
994 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
996 redis::bind: {get_input: redis_network}
997 redis_vip: {get_input: redis_vip}
999 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1000 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1002 memcached_ipv6: {get_input: memcached_ipv6}
1003 memcached::listen_ip: {get_input: memcached_network}
1004 timezone::timezone: {get_input: timezone}
1005 control_virtual_interface: {get_input: control_virtual_interface}
1006 public_virtual_interface: {get_input: public_virtual_interface}
1007 tripleo::keepalived::control_virtual_interface: {get_input: control_virtual_interface}
1008 tripleo::keepalived::public_virtual_interface: {get_input: public_virtual_interface}
1009 tripleo::haproxy::control_virtual_interface: {get_input: control_virtual_interface}
1010 tripleo::haproxy::public_virtual_interface: {get_input: public_virtual_interface}
1011 tripleo::haproxy::haproxy_log_address: {get_input: haproxy_log_address}
1012 tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1013 tripleo::haproxy::haproxy_stats_user: {get_input: haproxy_stats_user}
1014 tripleo::haproxy::haproxy_stats_password: {get_input: haproxy_stats_password}
1015 tripleo::haproxy::redis_password: {get_input: redis_password}
1016 tripleo::packages::enable_install: {get_input: enable_package_install}
1017 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1019 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1020 ControllerExtraConfigPre:
1021 depends_on: ControllerDeployment
1022 type: OS::TripleO::ControllerExtraConfigPre
1024 server: {get_resource: Controller}
1026 # Hook for site-specific additional pre-deployment config,
1027 # applying to all nodes, e.g node registration/unregistration
1029 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1030 type: OS::TripleO::NodeExtraConfig
1032 server: {get_resource: Controller}
1035 type: OS::TripleO::Tasks::PackageUpdate
1038 type: OS::Heat::SoftwareDeployment
1040 name: UpdateDeployment
1041 config: {get_resource: UpdateConfig}
1042 server: {get_resource: Controller}
1045 get_param: UpdateIdentifier
1049 description: IP address of the server in the ctlplane network
1050 value: {get_attr: [Controller, networks, ctlplane, 0]}
1051 external_ip_address:
1052 description: IP address of the server in the external network
1053 value: {get_attr: [ExternalPort, ip_address]}
1054 internal_api_ip_address:
1055 description: IP address of the server in the internal_api network
1056 value: {get_attr: [InternalApiPort, ip_address]}
1058 description: IP address of the server in the storage network
1059 value: {get_attr: [StoragePort, ip_address]}
1060 storage_mgmt_ip_address:
1061 description: IP address of the server in the storage_mgmt network
1062 value: {get_attr: [StorageMgmtPort, ip_address]}
1064 description: IP address of the server in the tenant network
1065 value: {get_attr: [TenantPort, ip_address]}
1066 management_ip_address:
1067 description: IP address of the server in the management network
1068 value: {get_attr: [ManagementPort, ip_address]}
1070 description: Hostname of the server
1071 value: {get_attr: [Controller, name]}
1074 Server's IP address and hostname in the /etc/hosts format
1078 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
1079 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
1080 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
1081 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
1082 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
1083 TENANTIP TENANTHOST.DOMAIN TENANTHOST
1084 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
1086 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1087 DOMAIN: {get_param: CloudDomain}
1088 PRIMARYHOST: {get_attr: [Controller, name]}
1089 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
1093 - - {get_attr: [Controller, name]}
1095 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
1099 - - {get_attr: [Controller, name]}
1101 STORAGEIP: {get_attr: [StoragePort, ip_address]}
1105 - - {get_attr: [Controller, name]}
1107 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
1111 - - {get_attr: [Controller, name]}
1113 TENANTIP: {get_attr: [TenantPort, ip_address]}
1117 - - {get_attr: [Controller, name]}
1119 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
1123 - - {get_attr: [Controller, name]}
1125 nova_server_resource:
1126 description: Heat resource handle for the Nova compute server
1128 {get_resource: Controller}
1130 description: Swift device formatted for swift-ring-builder
1133 template: 'r1z1-IP:%PORT%/d1'
1135 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1136 swift_proxy_memcache:
1137 description: Swift proxy-memcache value
1140 template: "IP:11211"
1142 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1144 description: identifier which changes if the controller configuration may need re-applying
1148 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1149 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1150 - {get_attr: [NodeTLSData, deploy_stdout]}
1151 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1152 - {get_param: UpdateIdentifier}
1153 tls_key_modulus_md5:
1154 description: MD5 checksum of the TLS Key Modulus
1155 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1156 tls_cert_modulus_md5:
1157 description: MD5 checksum of the TLS Certificate Modulus
1158 value: {get_attr: [NodeTLSData, cert_modulus_md5]}