1 heat_template_version: 2015-10-15
4 OpenStack controller node configured by Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
15 description: The password for the aodh services.
18 CeilometerApiVirtualIP:
23 description: The ceilometer backend type.
25 CeilometerMeteringSecret:
26 description: Secret shared by the ceilometer services.
30 description: The password for the ceilometer service and db account.
33 CeilometerStoreEvents:
35 description: Whether to store events in ceilometer.
37 CeilometerMeterDispatcher:
39 description: Dispatcher to process meter data
42 - allowed_values: ['gnocchi', 'database']
48 description: Number of workers for Ceilometer service.
53 Whether to create cron job for purging soft deleted rows in Cinder database.
55 CinderEnableNfsBackend:
57 description: Whether to enable or not the NFS backend for Cinder
59 CinderEnableIscsiBackend:
61 description: Whether to enable or not the Iscsi backend for Cinder
63 CinderEnableRbdBackend:
65 description: Whether to enable or not the Rbd backend for Cinder
69 description: The iSCSI helper to use with cinder.
71 CinderLVMLoopDeviceSize:
73 description: The size of the loopback file used by the cinder LVM driver.
75 CinderNfsMountOptions:
78 Mount options for NFS mounts used by Cinder NFS backend. Effective
79 when CinderEnableNfsBackend is true.
84 NFS servers used by Cinder NFS backend. Effective when
85 CinderEnableNfsBackend is true.
86 type: comma_delimited_list
88 description: The password for the cinder service and db account, used by cinder-api.
93 description: Contains parameters to configure Cinder backends. Typically
94 set via parameter_defaults in the resource registry.
98 description: Number of workers for Cinder service.
100 ControllerExtraConfig:
103 Controller specific hiera configuration data to inject into the cluster.
108 A network mapped list of IPs to assign to Controllers in the following form:
110 "internal_api": ["a.b.c.d", "e.f.g.h"],
114 ControlVirtualInterface:
116 description: Interface where virtual ip will be assigned.
120 description: Enable IPv6 in Corosync
124 description: Set to True to enable debugging on all services.
128 description: Whether to enable fencing in Pacemaker or not.
132 description: Whether to use Galera instead of regular MariaDB.
136 description: Whether to deploy a LoadBalancer on the Controller
140 description: Whether to deploy Ceph Storage (OSD) on the Controller
144 description: Whether to enable Swift Storage on the Controller
149 Additional hieradata to inject into the cluster, note that
150 ControllerExtraConfig takes precedence over ExtraConfig.
155 Pacemaker fencing configuration. The JSON should have
156 the following structure:
160 "agent": "AGENT_NAME",
161 "host_mac": "HOST_MAC_ADDRESS",
162 "params": {"PARAM_NAME": "PARAM_VALUE"}
170 "agent": "fence_xvm",
171 "host_mac": "52:54:00:aa:bb:cc",
173 "multicast_address": "225.0.0.12",
174 "port": "baremetal_0",
176 "manage_key_file": true,
177 "key_file": "/etc/fence_xvm.key",
178 "key_file_password": "abcdef"
185 description: Flavor for control nodes to request when deploying.
188 - custom_constraint: nova.flavor
189 GlanceNotifierStrategy:
190 description: Strategy to use for Glance notification queue
194 description: The filepath of the file to use for logging messages from Glance.
198 description: The password for the glance service and db account, used by the glance services.
203 description: The short name of the Glance backend to use. Should be one
204 of swift, rbd, or file
207 - allowed_values: ['swift', 'file', 'rbd']
208 GlanceFilePcmkDevice:
211 An exported storage device that should be mounted by Pacemaker
212 as Glance storage. Effective when GlanceFilePcmkManage is true.
214 GlanceFilePcmkFstype:
217 Filesystem type for Pacemaker mount used as Glance storage.
218 Effective when GlanceFilePcmkManage is true.
220 GlanceFilePcmkManage:
223 Whether to make Glance file backend a mount managed by Pacemaker.
224 Effective when GlanceBackend is 'file'.
226 GlanceFilePcmkOptions:
229 Mount options for Pacemaker mount used as Glance storage.
230 Effective when GlanceFilePcmkManage is true.
234 description: The short name of the Gnocchi backend to use. Should be one
235 of swift, rbd, or file
238 - allowed_values: ['swift', 'file', 'rbd']
239 GnocchiIndexerBackend:
241 description: The short name of the Gnocchi indexer backend to use.
247 description: The password for the gnocchi service and db account.
250 HAProxyStatsPassword:
251 description: Password for HAProxy stats endpoint
254 description: User for HAProxy stats endpoint
257 HAProxySyslogAddress:
259 description: Syslog address where HAproxy will send its log
263 description: Number of workers for Glance service.
266 description: The password for the Heat service and db account, used by the Heat services.
269 HeatStackDomainAdminPassword:
270 description: Password for heat_stack_domain_admin user.
273 HeatAuthEncryptionKey:
274 description: Auth encryption key for heat-engine
279 description: A list of IP/Hostname allowed to connect to horizon
280 type: comma_delimited_list
283 description: Number of workers for Heat service.
289 Whether to create cron job for purging soft deleted rows in the Heat database.
291 description: Secret key for Django
296 default: overcloud-control
298 - custom_constraint: glance.image
300 default: 'REBUILD_PRESERVE_EPHEMERAL'
301 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
303 InstanceNameTemplate:
304 default: 'instance-%08x'
305 description: Template string to be used to generate instance names
309 description: Name of an existing Nova key pair to enable SSH access to the instances
312 - custom_constraint: nova.keypair
316 description: Keystone region for endpoint
319 description: Whether to manage IPtables rules.
323 description: Enable IPv6 features in Memcached.
327 description: Whether IPtables rules should be purged before setting up the new ones.
334 description: The password for the sahara service account, used by sahara-api.
337 MysqlClusterUniquePart:
338 description: A unique identifier of the MySQL cluster the controller is in.
340 default: 'unset' # Has to be here because of the ignored empty value bug
341 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
343 # - length: {min: 4, max: 10}
344 MysqlInnodbBufferPoolSize:
346 Specifies the size of the buffer pool in megabytes. Setting to
347 zero should be interpreted as "no value" and will defer to the
352 description: Configures MySQL max_connections config setting
358 default: '' # Has to be here because of the ignored empty value bug
359 NeutronExternalNetworkBridge:
360 description: Name of bridge used for external network traffic.
363 NeutronBridgeMappings:
365 The OVS logical->physical bridge mappings to use. See the Neutron
366 documentation for details. Defaults to mapping br-ex - the external
367 bridge on hosts - to a physical name 'datacentre' which can be used
368 to create provider networks (and we use this for the default floating
369 network) - if changing this either use different post-install network
370 scripts or be sure to keep 'datacentre' as a mapping network name.
371 type: comma_delimited_list
372 default: "datacentre:br-ex"
373 NeutronDnsmasqOptions:
374 default: 'dhcp-option-force=26,1400'
375 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
377 NeutronEnableDHCPAgent:
378 description: Knob to enable/disable DHCP Agent
381 NeutronEnableL3Agent:
382 description: Knob to enable/disable L3 agent
385 NeutronEnableMetadataAgent:
386 description: Knob to enable/disable Metadata agent
389 NeutronEnableOVSAgent:
390 description: Knob to enable/disable OVS Agent
395 description: Agent mode for the neutron-l3-agent on the controller hosts
399 description: Whether to enable l3-agent HA
401 NeutronDhcpAgentsPerNetwork:
404 description: The number of neutron dhcp agents to schedule per network
407 description: Whether to configure Neutron Distributed Virtual Routers
409 NeutronMetadataProxySharedSecret:
410 description: Shared secret to prevent spoofing
416 The core plugin for Neutron. The value should be the entrypoint to be loaded
417 from neutron.core_plugins namespace.
419 NeutronServicePlugins:
420 default: "router,qos"
422 Comma-separated list of service plugin entrypoints to be loaded from the
423 neutron.service_plugins namespace.
424 type: comma_delimited_list
426 default: "vxlan,vlan,flat,gre"
428 Comma-separated list of network type driver entrypoints to be loaded.
429 type: comma_delimited_list
430 NeutronMechanismDrivers:
431 default: 'openvswitch'
433 The mechanism drivers for the Neutron tenant network.
434 type: comma_delimited_list
435 NeutronAllowL3AgentFailover:
437 description: Allow automatic l3-agent failover
439 NeutronEnableIsolatedMetadata:
441 description: If True, DHCP provide metadata route to VM.
443 NeutronEnableTunnelling:
449 Enable/disable the L2 population feature in the Neutron agents.
452 type: comma_delimited_list
453 default: 'datacentre'
454 description: If set, flat networks to configure in neutron plugins.
457 description: Whether to enable l3-agent HA
461 description: The tenant network type for Neutron.
462 type: comma_delimited_list
463 NeutronNetworkVLANRanges:
464 default: 'datacentre:1:1000'
466 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
467 Neutron documentation for permitted values. Defaults to permitting any
468 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
469 type: comma_delimited_list
471 description: The password for the neutron service and db account, used by neutron agents.
474 NeutronPublicInterface:
476 description: What interface to bridge onto br-ex for network nodes.
478 NeutronPublicInterfaceTag:
481 VLAN tag for creating a public VLAN. The tag will be used to
482 create an access port on the exterior bridge for each control plane node,
483 and that port will be given the IP address returned by neutron from the
484 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
485 overcloud.yaml to include the deployment of VLAN ports to the control
488 NeutronPublicInterfaceDefaultRoute:
490 description: A custom default route for the NeutronPublicInterface.
492 NeutronPublicInterfaceIP:
494 description: A custom IP address to put onto the NeutronPublicInterface.
496 NeutronPublicInterfaceRawDevice:
498 description: If set, the public interface is a vlan with this device as the raw device.
502 The default MTU for tenant networks. For VXLAN/GRE tunneling, this should
503 be at least 50 bytes smaller than the MTU on the physical network. This
504 value will be used to set the MTU on the virtual Ethernet device.
505 This number is related to the value of NeutronDnsmasqOptions, since that
506 will determine the MTU that is assigned to the VM host through DHCP.
512 The tunnel types for the Neutron tenant network.
513 type: comma_delimited_list
514 NeutronTunnelIdRanges:
516 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
517 of GRE tunnel IDs that are available for tenant network allocation
518 default: ["1:4094", ]
519 type: comma_delimited_list
522 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
523 of VXLAN VNI IDs that are available for tenant network allocation
524 default: ["1:4094", ]
525 type: comma_delimited_list
526 NeutronPluginExtensions:
527 default: "qos,port_security"
529 Comma-separated list of extensions enabled for the Neutron plugin.
530 type: comma_delimited_list
531 NeutronAgentExtensions:
534 Comma-separated list of extensions enabled for the Neutron agents.
535 type: comma_delimited_list
541 description: Number of workers for Neutron service.
546 Whether to create cron job for purging soft deleted rows in Nova database.
550 description: Enable IPv6 features in Nova
553 description: The password for the nova service and db account, used by nova-api.
558 description: Number of workers for Nova service.
562 description: Should MongoDb journaling be disabled
566 description: Enable IPv6 if Mongo DB VIP is IPv6
570 description: Comma-separated list of ntp servers
571 type: comma_delimited_list
574 description: The password for the 'pcsd' user.
576 PublicVirtualInterface:
579 Specifies the interface where the public-facing virtual ip will be assigned.
580 This should be int_public when a VLAN is being used.
584 default: '' # Has to be here because of the ignored empty value bug
587 default: '' # Has to be here because of the ignored empty value bug
590 description: The password for RabbitMQ
595 description: The username for RabbitMQ
600 Rabbit client subscriber parameter to specify
601 an SSL connection to the RabbitMQ host.
605 description: Set rabbit subscriber port, change this if using SSL
609 description: Configures RabbitMQ FD limit
613 description: Enable IPv6 in RabbitMQ
617 description: The password to access the Redis service
621 default: '' # Has to be here because of the ignored empty value bug
624 default: '' # Has to be here because of the ignored empty value bug
625 description: An IP address which is wrapped in brackets in case of IPv6
626 SnmpdReadonlyUserName:
627 default: ro_snmp_user
628 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
630 SnmpdReadonlyUserPassword:
631 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
635 description: A random string to be used as a salt when hashing to determine mappings
641 description: Value of mount_check in Swift account/container/object -server.conf
646 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
649 description: Partition Power to use when building Swift rings
653 description: Whether to manage Swift rings or not
656 description: The password for the swift service account, used by the swift proxy
666 description: How many replicas to use in the swift rings.
669 description: Number of workers for Swift service.
673 description: The timezone to be set on controller nodes.
675 UpgradeLevelNovaCompute:
677 description: Nova Compute upgrade level
679 VirtualIP: # DEPRECATED: use per service settings instead
681 default: '' # Has to be here because of the ignored empty value bug
691 GlanceRegistryVirtualIP:
703 EnablePackageInstall:
705 description: Set to true to enable package installation via Puppet
709 description: Mapping of service_name -> network name. Typically set
710 via parameter_defaults in the resource registry.
714 description: Mapping of service endpoint -> protocol. Typically set
715 via parameter_defaults in the resource registry.
721 Setting to a previously unused value during stack-update will trigger
722 package update on all nodes
725 default: '' # Defaults to Heat created hostname
729 description: Optional mapping to override hostnames
730 NetworkDeploymentActions:
731 type: comma_delimited_list
733 Heat action when to apply network configuration changes
738 SoftwareConfigTransport:
739 default: POLL_SERVER_CFN
741 How the server should receive the metadata required for software configuration.
744 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
749 The DNS domain used for the hosts. This should match the dhcp_domain
750 configured in the Undercloud neutron. Defaults to localdomain.
754 Extra properties or metadata passed to Nova for the created nodes in
755 the overcloud. It's accessible via the Nova metadata API.
759 description: Optional scheduler hints to pass to nova
761 ServiceConfigSettings:
768 type: OS::Nova::Server
770 image: {get_param: Image}
771 image_update_policy: {get_param: ImageUpdatePolicy}
772 flavor: {get_param: Flavor}
773 key_name: {get_param: KeyName}
776 user_data_format: SOFTWARE_CONFIG
777 user_data: {get_resource: UserData}
780 template: {get_param: Hostname}
781 params: {get_param: HostnameMap}
782 software_config_transport: {get_param: SoftwareConfigTransport}
783 metadata: {get_param: ServerMetadata}
784 scheduler_hints: {get_param: SchedulerHints}
786 # Combine the NodeAdminUserData and NodeUserData mime archives
788 type: OS::Heat::MultipartMime
791 - config: {get_resource: NodeAdminUserData}
793 - config: {get_resource: NodeUserData}
796 # Creates the "heat-admin" user if configured via the environment
797 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
799 type: OS::TripleO::NodeAdminUserData
801 # For optional operator additional userdata
802 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
804 type: OS::TripleO::NodeUserData
807 type: OS::TripleO::Controller::Ports::ExternalPort
809 IPPool: {get_param: ControllerIPs}
810 NodeIndex: {get_param: NodeIndex}
811 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
814 type: OS::TripleO::Controller::Ports::InternalApiPort
816 IPPool: {get_param: ControllerIPs}
817 NodeIndex: {get_param: NodeIndex}
818 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
821 type: OS::TripleO::Controller::Ports::StoragePort
823 IPPool: {get_param: ControllerIPs}
824 NodeIndex: {get_param: NodeIndex}
825 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
828 type: OS::TripleO::Controller::Ports::StorageMgmtPort
830 IPPool: {get_param: ControllerIPs}
831 NodeIndex: {get_param: NodeIndex}
832 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
835 type: OS::TripleO::Controller::Ports::TenantPort
837 IPPool: {get_param: ControllerIPs}
838 NodeIndex: {get_param: NodeIndex}
839 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
842 type: OS::TripleO::Controller::Ports::ManagementPort
844 IPPool: {get_param: ControllerIPs}
845 NodeIndex: {get_param: NodeIndex}
846 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
849 type: OS::TripleO::Network::Ports::NetIpMap
851 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
852 ExternalIp: {get_attr: [ExternalPort, ip_address]}
853 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
854 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
855 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
856 StorageIp: {get_attr: [StoragePort, ip_address]}
857 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
858 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
859 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
860 TenantIp: {get_attr: [TenantPort, ip_address]}
861 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
862 ManagementIp: {get_attr: [ManagementPort, ip_address]}
863 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
866 type: OS::TripleO::Network::Ports::NetIpSubnetMap
868 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
869 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
870 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
871 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
872 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
873 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
874 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
877 type: OS::TripleO::Controller::Net::SoftwareConfig
879 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
880 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
881 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
882 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
883 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
884 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
885 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
888 type: OS::TripleO::SoftwareDeployment
890 name: NetworkDeployment
891 config: {get_resource: NetworkConfig}
892 server: {get_resource: Controller}
893 actions: {get_param: NetworkDeploymentActions}
896 interface_name: {get_param: NeutronPublicInterface}
898 # Resource for site-specific injection of root certificate
900 depends_on: NetworkDeployment
901 type: OS::TripleO::NodeTLSCAData
903 server: {get_resource: Controller}
905 # Resource for site-specific passing of private keys/certificates
907 depends_on: NodeTLSCAData
908 type: OS::TripleO::NodeTLSData
910 server: {get_resource: Controller}
911 NodeIndex: {get_param: NodeIndex}
914 ControllerDeployment:
915 type: OS::TripleO::SoftwareDeployment
916 depends_on: NetworkDeployment
918 name: ControllerDeployment
919 config: {get_resource: ControllerConfig}
920 server: {get_resource: Controller}
922 bootstack_nodeid: {get_attr: [Controller, name]}
923 ceilometer_workers: {get_param: CeilometerWorkers}
924 cinder_workers: {get_param: CinderWorkers}
925 glance_workers: {get_param: GlanceWorkers}
926 heat_workers: {get_param: HeatWorkers}
927 nova_workers: {get_param: NovaWorkers}
928 neutron_workers: {get_param: NeutronWorkers}
929 swift_workers: {get_param: SwiftWorkers}
930 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
931 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
932 neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
933 haproxy_log_address: {get_param: HAProxySyslogAddress}
934 haproxy_stats_password: {get_param: HAProxyStatsPassword}
935 haproxy_stats_user: {get_param: HAProxyStatsUser}
936 heat.watch_server_url:
940 - {get_param: HeatApiVirtualIPUri}
942 heat.metadata_server_url:
946 - {get_param: HeatApiVirtualIPUri}
948 heat.waitcondition_server_url:
952 - {get_param: HeatApiVirtualIPUri}
953 - ':8000/v1/waitcondition'
954 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
955 heat_enable_db_purge: {get_param: HeatEnableDBPurge}
956 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
957 horizon_secret: {get_param: HorizonSecret}
958 admin_password: {get_param: AdminPassword}
959 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
960 debug: {get_param: Debug}
961 cinder_enable_db_purge: {get_param: CinderEnableDBPurge}
962 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
963 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
964 cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
969 SERVERS: {get_param: CinderNfsServers}
970 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
971 cinder_password: {get_param: CinderPassword}
972 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
973 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
974 cinder_backend_config: {get_param: CinderBackendConfig}
978 - - 'mysql+pymysql://cinder:'
979 - {get_param: CinderPassword}
981 - {get_param: MysqlVirtualIPUri}
983 glance_port: {get_param: [EndpointMap, GlanceInternal, port]}
984 glance_password: {get_param: GlancePassword}
985 glance_backend: {get_param: GlanceBackend}
986 glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice}
987 glance_file_pcmk_fstype: {get_param: GlanceFilePcmkFstype}
988 glance_file_pcmk_manage: {get_param: GlanceFilePcmkManage}
989 glance_file_pcmk_options: {get_param: GlanceFilePcmkOptions}
990 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
991 glance_log_file: {get_param: GlanceLogFile}
995 - - 'mysql+pymysql://glance:'
996 - {get_param: GlancePassword}
998 - {get_param: MysqlVirtualIPUri}
1000 heat_password: {get_param: HeatPassword}
1001 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
1005 - - 'mysql+pymysql://heat:'
1006 - {get_param: HeatPassword}
1008 - {get_param: MysqlVirtualIPUri}
1010 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
1011 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
1012 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
1013 enable_fencing: {get_param: EnableFencing}
1014 enable_galera: {get_param: EnableGalera}
1015 enable_load_balancer: {get_param: EnableLoadBalancer}
1016 enable_ceph_storage: {get_param: EnableCephStorage}
1017 enable_swift_storage: {get_param: EnableSwiftStorage}
1018 manage_firewall: {get_param: ManageFirewall}
1019 purge_firewall_rules: {get_param: PurgeFirewallRules}
1020 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
1021 mysql_max_connections: {get_param: MysqlMaxConnections}
1022 mysql_root_password: {get_param: MysqlRootPassword}
1025 template: tripleo-CLUSTER
1027 CLUSTER: {get_param: MysqlClusterUniquePart}
1028 neutron_flat_networks:
1032 NETWORKS: {get_param: NeutronFlatNetworks}
1033 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
1034 neutron_agent_mode: {get_param: NeutronAgentMode}
1035 neutron_router_distributed: {get_param: NeutronDVR}
1036 neutron_core_plugin: {get_param: NeutronCorePlugin}
1037 neutron_service_plugins:
1041 PLUGINS: {get_param: NeutronServicePlugins}
1042 neutron_type_drivers:
1046 DRIVERS: {get_param: NeutronTypeDrivers}
1047 neutron_enable_dhcp_agent: {get_param: NeutronEnableDHCPAgent}
1048 neutron_enable_l3_agent: {get_param: NeutronEnableL3Agent}
1049 neutron_enable_metadata_agent: {get_param: NeutronEnableMetadataAgent}
1050 neutron_enable_ovs_agent: {get_param: NeutronEnableOVSAgent}
1051 neutron_mechanism_drivers:
1053 template: MECHANISMS
1055 MECHANISMS: {get_param: NeutronMechanismDrivers}
1056 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
1057 neutron_l3_ha: {get_param: NeutronL3HA}
1058 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
1059 neutron_network_vlan_ranges:
1063 RANGES: {get_param: NeutronNetworkVLANRanges}
1064 neutron_bridge_mappings:
1068 MAPPINGS: {get_param: NeutronBridgeMappings}
1069 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
1070 neutron_public_interface: {get_param: NeutronPublicInterface}
1071 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
1072 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
1073 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
1074 neutron_tunnel_id_ranges:
1078 RANGES: {get_param: NeutronTunnelIdRanges}
1083 RANGES: {get_param: NeutronVniRanges}
1084 neutron_tenant_network_types:
1088 TYPES: {get_param: NeutronNetworkType}
1089 neutron_tunnel_types:
1093 TYPES: {get_param: NeutronTunnelTypes}
1094 neutron_plugin_extensions:
1096 template: PLUGIN_EXTENSIONS
1098 PLUGIN_EXTENSIONS: {get_param: NeutronPluginExtensions}
1099 neutron_agent_extensions:
1101 template: AGENT_EXTENSIONS
1103 AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
1104 neutron_password: {get_param: NeutronPassword}
1105 neutron_tenant_mtu: {get_param: NeutronTenantMtu}
1106 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
1110 - - 'mysql+pymysql://neutron:'
1111 - {get_param: NeutronPassword}
1113 - {get_param: MysqlVirtualIPUri}
1114 - '/ovs_neutron?charset=utf8'
1115 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
1116 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
1117 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
1118 neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
1119 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
1120 ceilometer_backend: {get_param: CeilometerBackend}
1121 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
1122 ceilometer_password: {get_param: CeilometerPassword}
1123 ceilometer_store_events: {get_param: CeilometerStoreEvents}
1124 aodh_password: {get_param: AodhPassword}
1125 ceilometer_meter_dispatcher: {get_param: CeilometerMeterDispatcher}
1126 gnocchi_password: {get_param: GnocchiPassword}
1127 gnocchi_backend: {get_param: GnocchiBackend}
1128 gnocchi_indexer_backend: {get_param: GnocchiIndexerBackend}
1129 ceilometer_coordination_url:
1133 - {get_param: RedisPassword}
1135 - {get_param: RedisVirtualIPUri}
1140 - - 'mysql+pymysql://ceilometer:'
1141 - {get_param: CeilometerPassword}
1143 - {get_param: MysqlVirtualIPUri}
1148 - - 'mysql+pymysql://gnocchi:'
1149 - {get_param: GnocchiPassword}
1151 - {get_param: MysqlVirtualIPUri}
1153 gnocchi_internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]}
1154 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
1155 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
1156 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
1157 nova_ipv6: {get_param: NovaIPv6}
1158 corosync_ipv6: {get_param: CorosyncIPv6}
1159 memcached_ipv6: {get_param: MemcachedIPv6}
1160 nova_password: {get_param: NovaPassword}
1164 - - 'mysql+pymysql://nova:'
1165 - {get_param: NovaPassword}
1167 - {get_param: MysqlVirtualIPUri}
1172 - - 'mysql+pymysql://nova_api:'
1173 - {get_param: NovaPassword}
1175 - {get_param: MysqlVirtualIPUri}
1177 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
1178 instance_name_template: {get_param: InstanceNameTemplate}
1179 fencing_config: {get_param: FencingConfig}
1180 pcsd_password: {get_param: PcsdPassword}
1181 rabbit_username: {get_param: RabbitUserName}
1182 rabbit_password: {get_param: RabbitPassword}
1183 rabbit_cookie: {get_param: RabbitCookie}
1184 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
1185 rabbit_client_port: {get_param: RabbitClientPort}
1186 rabbit_ipv6: {get_param: RabbitIPv6}
1187 rabbit_fd_limit: {get_param: RabbitFDLimit}
1188 mongodb_no_journal: {get_param: MongoDbNoJournal}
1189 mongodb_ipv6: {get_param: MongoDbIPv6}
1190 ntp_servers: {get_param: NtpServer}
1191 timezone: {get_param: TimeZone}
1192 control_virtual_interface: {get_param: ControlVirtualInterface}
1193 public_virtual_interface: {get_param: PublicVirtualInterface}
1194 swift_hash_suffix: {get_param: SwiftHashSuffix}
1195 swift_password: {get_param: SwiftPassword}
1196 swift_part_power: {get_param: SwiftPartPower}
1197 swift_ring_build: {get_param: SwiftRingBuild}
1198 swift_replicas: {get_param: SwiftReplicas}
1199 swift_min_part_hours: {get_param: SwiftMinPartHours}
1200 swift_mount_check: {get_param: SwiftMountCheck}
1201 enable_package_install: {get_param: EnablePackageInstall}
1202 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
1203 sahara_password: {get_param: SaharaPassword}
1207 - - 'mysql://sahara:'
1208 - {get_param: SaharaPassword}
1210 - {get_param: MysqlVirtualIPUri}
1212 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
1213 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1214 cinder_iscsi_network:
1218 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
1219 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
1220 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
1221 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
1222 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
1223 glance_registry_host: {get_param: GlanceRegistryVirtualIP}
1224 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
1225 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
1226 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
1227 keystone_region: {get_param: KeystoneRegion}
1228 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
1229 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
1230 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
1231 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
1232 aodh_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]}
1233 gnocchi_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]}
1234 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
1235 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
1236 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
1239 template: "['SUBNET']"
1241 SUBNET: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
1242 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
1243 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
1244 redis_password: {get_param: RedisPassword}
1245 redis_vip: {get_param: RedisVirtualIP}
1246 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
1247 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1248 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
1249 mysql_virtual_ip: {get_param: MysqlVirtualIP}
1250 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
1251 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1252 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1254 # Map heat metadata into hiera datafiles
1256 type: OS::Heat::StructuredConfig
1258 group: os-apply-config
1263 - heat_config_%{::deploy_config_name}
1264 - controller_extraconfig
1270 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
1271 - ceph_cluster # provided by CephClusterConfig
1273 - bootstrap_node # provided by BootstrapNodeConfig
1274 - all_nodes # provided by allNodesConfig
1275 - vip_data # provided by vip-config
1278 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
1279 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
1280 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
1281 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
1282 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
1283 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
1284 - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
1285 - midonet_data #Optionally provided by AllNodesExtraConfig
1286 - neutron_opencontrail_data # Optionally provided by ControllerExtraConfigPre
1287 - neutron_plumgrid_data # Optionally provided by ControllerExtraConfigPre
1290 mapped_data: {get_param: ServiceConfigSettings}
1291 controller_extraconfig:
1292 mapped_data: {get_param: ControllerExtraConfig}
1294 mapped_data: {get_param: ExtraConfig}
1296 raw_data: {get_file: hieradata/common.yaml}
1298 raw_data: {get_file: hieradata/ceph.yaml}
1300 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
1301 ceph::profile::params::public_network: {get_input: ceph_public_network}
1302 ceph::profile::params::public_addr: {get_input: ceph_public_ip}
1304 raw_data: {get_file: hieradata/database.yaml}
1306 raw_data: {get_file: hieradata/object.yaml}
1308 raw_data: {get_file: hieradata/controller.yaml}
1309 mapped_data: # data supplied directly to this deployment configuration, etc
1310 bootstack_nodeid: {get_input: bootstack_nodeid}
1313 enable_fencing: {get_input: enable_fencing}
1314 enable_load_balancer: {get_input: enable_load_balancer}
1315 hacluster_pwd: {get_input: pcsd_password}
1316 corosync_ipv6: {get_input: corosync_ipv6}
1317 tripleo::fencing::config: {get_input: fencing_config}
1320 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
1321 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
1322 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
1323 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
1324 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
1325 swift::proxy::authtoken::admin_password: {get_input: swift_password}
1326 swift::proxy::workers: {get_input: swift_workers}
1327 tripleo::ringbuilder::build_ring: { get_input: swift_ring_build }
1328 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
1329 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
1330 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
1331 swift_mount_check: {get_input: swift_mount_check}
1334 cinder_enable_db_purge: {get_input: cinder_enable_db_purge}
1335 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
1336 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
1337 cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
1338 cinder_nfs_servers: {get_input: cinder_nfs_servers}
1339 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
1340 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
1341 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
1342 cinder::database_connection: {get_input: cinder_dsn}
1343 cinder::api::keystone_password: {get_input: cinder_password}
1344 cinder::api::auth_uri: {get_input: keystone_auth_uri}
1345 cinder::api::identity_uri: {get_input: keystone_identity_uri}
1346 cinder::api::bind_host: {get_input: cinder_api_network}
1347 cinder::rabbit_userid: {get_input: rabbit_username}
1348 cinder::rabbit_password: {get_input: rabbit_password}
1349 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1350 cinder::rabbit_port: {get_input: rabbit_client_port}
1351 cinder::debug: {get_input: debug}
1352 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
1353 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
1354 cinder_backend_config: {get_input: CinderBackendConfig}
1355 cinder::db::mysql::password: {get_input: cinder_password}
1358 glance::api::bind_port: {get_input: glance_port}
1359 glance::api::bind_host: {get_input: glance_api_network}
1360 glance::api::auth_uri: {get_input: keystone_auth_uri}
1361 glance::api::identity_uri: {get_input: keystone_identity_uri}
1362 glance::api::registry_host: {get_input: glance_registry_host}
1363 glance::api::keystone_password: {get_input: glance_password}
1364 glance::api::debug: {get_input: debug}
1365 glance::api::workers: {get_input: glance_workers}
1366 glance_notifier_strategy: {get_input: glance_notifier_strategy}
1367 glance_log_file: {get_input: glance_log_file}
1368 glance_log_file: {get_input: glance_log_file}
1369 glance::api::database_connection: {get_input: glance_dsn}
1370 glance::registry::keystone_password: {get_input: glance_password}
1371 glance::registry::database_connection: {get_input: glance_dsn}
1372 glance::registry::bind_host: {get_input: glance_registry_network}
1373 glance::registry::auth_uri: {get_input: keystone_auth_uri}
1374 glance::registry::identity_uri: {get_input: keystone_identity_uri}
1375 glance::registry::debug: {get_input: debug}
1376 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_uri}
1377 glance::registry::workers: {get_input: glance_workers}
1378 glance::backend::swift::swift_store_user: service:glance
1379 glance::backend::swift::swift_store_key: {get_input: glance_password}
1380 glance_backend: {get_input: glance_backend}
1381 glance::db::mysql::password: {get_input: glance_password}
1382 glance_file_pcmk_device: {get_input: glance_file_pcmk_device}
1383 glance_file_pcmk_fstype: {get_input: glance_file_pcmk_fstype}
1384 glance_file_pcmk_manage: {get_input: glance_file_pcmk_manage}
1385 glance_file_pcmk_options: {get_input: glance_file_pcmk_options}
1386 glance::notify::rabbitmq::rabbit_userid: {get_input: rabbit_username}
1387 glance::notify::rabbitmq::rabbit_password: {get_input: rabbit_password}
1388 glance::notify::rabbitmq::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1391 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
1392 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
1393 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
1394 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
1395 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
1396 heat::rabbit_userid: {get_input: rabbit_username}
1397 heat::rabbit_password: {get_input: rabbit_password}
1398 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1399 heat::rabbit_port: {get_input: rabbit_client_port}
1400 heat::auth_uri: {get_input: keystone_auth_uri}
1401 heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
1402 heat::identity_uri: {get_input: keystone_identity_uri}
1403 heat::keystone_password: {get_input: heat_password}
1404 heat::api::bind_host: {get_input: heat_api_network}
1405 heat::api::workers: {get_input: heat_workers}
1406 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
1407 heat::api_cloudwatch::workers: {get_input: heat_workers}
1408 heat::api_cfn::bind_host: {get_input: heat_api_network}
1409 heat::api_cfn::workers: {get_input: heat_workers}
1410 heat::database_connection: {get_input: heat_dsn}
1411 heat::debug: {get_input: debug}
1412 heat::db::mysql::password: {get_input: heat_password}
1413 heat_enable_db_purge: {get_input: heat_enable_db_purge}
1414 heat::keystone::domain::domain_password: {get_input: heat_stack_domain_admin_password}
1416 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
1417 keystone::public_bind_host: {get_input: keystone_public_api_network}
1418 keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
1419 keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
1421 mongodb::server::bind_ip: {get_input: mongo_db_network}
1422 mongodb::server::nojournal: {get_input: mongodb_no_journal}
1423 mongodb::server::ipv6: {get_input: mongodb_ipv6}
1425 admin_password: {get_input: admin_password}
1426 enable_galera: {get_input: enable_galera}
1427 enable_ceph_storage: {get_input: enable_ceph_storage}
1428 enable_swift_storage: {get_input: enable_swift_storage}
1429 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
1430 mysql_max_connections: {get_input: mysql_max_connections}
1431 mysql::server::root_password: {get_input: mysql_root_password}
1432 mysql_cluster_name: {get_input: mysql_cluster_name}
1433 mysql_bind_host: {get_input: mysql_network}
1434 mysql_virtual_ip: {get_input: mysql_virtual_ip}
1437 neutron::bind_host: {get_input: neutron_api_network}
1438 neutron::rabbit_password: {get_input: rabbit_password}
1439 neutron::rabbit_user: {get_input: rabbit_username}
1440 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1441 neutron::rabbit_port: {get_input: rabbit_client_port}
1442 neutron::debug: {get_input: debug}
1443 neutron::server::auth_uri: {get_input: keystone_auth_uri}
1444 neutron::server::identity_uri: {get_input: keystone_identity_uri}
1445 neutron::server::database_connection: {get_input: neutron_dsn}
1446 neutron::server::api_workers: {get_input: neutron_workers}
1447 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
1448 neutron::network_device_mtu: {get_input: neutron_tenant_mtu}
1449 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
1450 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
1451 neutron::agents::dhcp::enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata}
1452 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
1453 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
1454 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1455 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
1456 neutron::agents::metadata::metadata_workers: {get_input: neutron_workers}
1457 neutron_agent_mode: {get_input: neutron_agent_mode}
1458 neutron_router_distributed: {get_input: neutron_router_distributed}
1459 neutron::core_plugin: {get_input: neutron_core_plugin}
1460 neutron::service_plugins: {get_input: neutron_service_plugins}
1461 neutron::enable_dhcp_agent: {get_input: neutron_enable_dhcp_agent}
1462 neutron::enable_l3_agent: {get_input: neutron_enable_l3_agent}
1463 neutron::enable_metadata_agent: {get_input: neutron_enable_metadata_agent}
1464 neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent}
1465 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
1466 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
1467 neutron::plugins::ml2::extension_drivers: {get_input: neutron_plugin_extensions}
1468 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
1469 neutron::server::l3_ha: {get_input: neutron_l3_ha}
1470 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
1471 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
1472 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
1473 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
1474 neutron::agents::ml2::ovs::bridge_mappings: {get_input: neutron_bridge_mappings}
1475 neutron_public_interface: {get_input: neutron_public_interface}
1476 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
1477 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
1478 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
1479 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
1480 neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types}
1481 neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions}
1482 neutron::server::auth_password: {get_input: neutron_password}
1483 neutron::agents::metadata::auth_password: {get_input: neutron_password}
1484 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
1485 neutron_dsn: {get_input: neutron_dsn}
1486 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1487 neutron::db::mysql::password: {get_input: neutron_password}
1488 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
1489 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
1490 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
1491 neutron::keystone::auth::password: {get_input: neutron_password }
1492 neutron::keystone::auth::region: {get_input: keystone_region}
1493 neutron::server::notifications::nova_url: {get_input: nova_internal_url}
1494 neutron::server::notifications::auth_url: {get_input: neutron_auth_url}
1495 neutron::server::notifications::tenant_name: 'service'
1496 neutron::server::notifications::project_name: 'service'
1497 neutron::server::notifications::password: {get_input: nova_password}
1500 ceilometer_backend: {get_input: ceilometer_backend}
1501 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1502 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1503 ceilometer::rabbit_userid: {get_input: rabbit_username}
1504 ceilometer::rabbit_password: {get_input: rabbit_password}
1505 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1506 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1507 ceilometer::debug: {get_input: debug}
1508 ceilometer::api::host: {get_input: ceilometer_api_network}
1509 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1510 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1511 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1512 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1513 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
1514 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1515 ceilometer::agent::notification::store_events: {get_input: ceilometer_store_events}
1516 ceilometer::db::mysql::password: {get_input: ceilometer_password}
1517 ceilometer::collector::meter_dispatcher: {get_input: ceilometer_meter_dispatcher}
1518 ceilometer::dispatcher::gnocchi::url: {get_input: gnocchi_internal_url }
1519 ceilometer::dispatcher::gnocchi::filter_project: 'service'
1520 ceilometer::dispatcher::gnocchi::archive_policy: 'low'
1521 ceilometer::dispatcher::gnocchi::resources_definition_file: 'gnocchi_resources.yaml'
1522 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1523 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1526 aodh::rabbit_userid: {get_input: rabbit_username}
1527 aodh::rabbit_password: {get_input: rabbit_password}
1528 aodh::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1529 aodh::rabbit_port: {get_input: rabbit_client_port}
1530 aodh::debug: {get_input: debug}
1531 aodh::wsgi::apache::ssl: false
1532 aodh::wsgi::apache::bind_host: {get_input: aodh_api_network}
1533 aodh::api::service_name: 'httpd'
1534 aodh::api::host: {get_input: aodh_api_network}
1535 aodh::api::keystone_password: {get_input: aodh_password}
1536 aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1537 aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1538 aodh::auth::auth_password: {get_input: aodh_password}
1539 aodh::db::mysql::password: {get_input: aodh_password}
1540 # for a migration path from ceilometer-alarm to aodh, we use the same database & coordination
1541 aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url}
1544 gnocchi_backend: {get_input: gnocchi_backend}
1545 gnocchi_indexer_backend: {get_input: gnocchi_indexer_backend}
1546 gnocchi_mysql_conn_string: {get_input: gnocchi_dsn}
1547 gnocchi::debug: {get_input: debug}
1548 gnocchi::wsgi::apache::ssl: false
1549 gnocchi::wsgi::apache::bind_host: {get_input: gnocchi_api_network}
1550 gnocchi::api::service_name: 'httpd'
1551 gnocchi::api::host: {get_input: gnocchi_api_network}
1552 gnocchi::api::keystone_password: {get_input: gnocchi_password}
1553 gnocchi::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1554 gnocchi::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1555 gnocchi::db::mysql::password: {get_input: gnocchi_password}
1556 gnocchi::storage::swift::swift_authurl: {get_input: keystone_auth_uri}
1557 gnocchi::storage::swift::swift_key: {get_input: gnocchi_password}
1560 nova::rabbit_userid: {get_input: rabbit_username}
1561 nova::rabbit_password: {get_input: rabbit_password}
1562 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1563 nova::rabbit_port: {get_input: rabbit_client_port}
1564 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
1565 nova::debug: {get_input: debug}
1566 nova::use_ipv6: {get_input: nova_ipv6}
1567 nova::api::auth_uri: {get_input: keystone_auth_uri}
1568 nova::api::identity_uri: {get_input: keystone_identity_uri}
1569 nova::api::api_bind_address: {get_input: nova_api_network}
1570 nova::api::metadata_listen: {get_input: nova_metadata_network}
1571 nova::api::admin_password: {get_input: nova_password}
1572 nova::api::osapi_compute_workers: {get_input: nova_workers}
1573 nova::api::ec2_workers: {get_input: nova_workers}
1574 nova::api::metadata_workers: {get_input: nova_workers}
1575 nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu}
1576 nova::database_connection: {get_input: nova_dsn}
1577 nova::api_database_connection: {get_input: nova_api_dsn}
1578 nova::glance_api_servers: {get_input: glance_api_servers}
1579 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1580 nova::api::instance_name_template: {get_input: instance_name_template}
1581 nova::network::neutron::neutron_password: {get_input: neutron_password}
1582 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1583 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
1584 nova::vncproxy::host: {get_input: nova_api_network}
1585 nova::db::mysql::password: {get_input: nova_password}
1586 nova::db::mysql_api::password: {get_input: nova_password}
1587 nova_enable_db_purge: {get_input: nova_enable_db_purge}
1590 apache::mod::remoteip::proxy_ips: {get_input: horizon_subnet}
1591 apache::ip: {get_input: horizon_network}
1592 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1593 horizon::django_debug: {get_input: debug}
1594 horizon::secret_key: {get_input: horizon_secret}
1595 horizon::bind_address: {get_input: horizon_network}
1596 horizon::keystone_url: {get_input: keystone_auth_uri}
1599 sahara::host: {get_input: sahara_api_network}
1607 sahara::admin_password: {get_input: sahara_password}
1608 sahara::auth_uri: {get_input: keystone_auth_uri}
1609 sahara::admin_user: sahara
1610 sahara::identity_uri: {get_input: keystone_identity_uri}
1611 sahara::use_neutron: true
1612 sahara::database_connection: {get_input: sahara_dsn}
1613 sahara::debug: {get_input: debug}
1614 sahara::rpc_backend: rabbit
1615 sahara::rabbit_userid: {get_input: rabbit_username}
1616 sahara::rabbit_password: {get_input: rabbit_password}
1617 sahara::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1618 sahara::rabbit_port: {get_input: rabbit_client_port}
1619 sahara::db::mysql::password: {get_input: sahara_password}
1622 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1623 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1624 rabbitmq::file_limit: {get_input: rabbit_fd_limit}
1625 rabbitmq::default_user: {get_input: rabbit_username}
1626 rabbitmq::default_pass: {get_input: rabbit_password}
1627 rabbit_ipv6: {get_input: rabbit_ipv6}
1629 redis::bind: {get_input: redis_network}
1630 redis::requirepass: {get_input: redis_password}
1631 redis::masterauth: {get_input: redis_password}
1632 redis::sentinel_auth_pass: {get_input: redis_password}
1633 redis_vip: {get_input: redis_vip}
1635 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1636 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1638 memcached_ipv6: {get_input: memcached_ipv6}
1639 memcached::listen_ip: {get_input: memcached_network}
1640 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1641 ntp::servers: {get_input: ntp_servers}
1642 timezone::timezone: {get_input: timezone}
1643 control_virtual_interface: {get_input: control_virtual_interface}
1644 public_virtual_interface: {get_input: public_virtual_interface}
1645 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1646 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1647 tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address}
1648 tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1649 tripleo::loadbalancer::haproxy_stats_user: {get_input: haproxy_stats_user}
1650 tripleo::loadbalancer::haproxy_stats_password: {get_input: haproxy_stats_password}
1651 tripleo::loadbalancer::redis_password: {get_input: redis_password}
1652 tripleo::packages::enable_install: {get_input: enable_package_install}
1653 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1655 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1656 ControllerExtraConfigPre:
1657 depends_on: ControllerDeployment
1658 type: OS::TripleO::ControllerExtraConfigPre
1660 server: {get_resource: Controller}
1662 # Hook for site-specific additional pre-deployment config,
1663 # applying to all nodes, e.g node registration/unregistration
1665 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1666 type: OS::TripleO::NodeExtraConfig
1668 server: {get_resource: Controller}
1671 type: OS::TripleO::Tasks::PackageUpdate
1674 type: OS::Heat::SoftwareDeployment
1676 name: UpdateDeployment
1677 config: {get_resource: UpdateConfig}
1678 server: {get_resource: Controller}
1681 get_param: UpdateIdentifier
1685 description: IP address of the server in the ctlplane network
1686 value: {get_attr: [Controller, networks, ctlplane, 0]}
1687 external_ip_address:
1688 description: IP address of the server in the external network
1689 value: {get_attr: [ExternalPort, ip_address]}
1690 internal_api_ip_address:
1691 description: IP address of the server in the internal_api network
1692 value: {get_attr: [InternalApiPort, ip_address]}
1694 description: IP address of the server in the storage network
1695 value: {get_attr: [StoragePort, ip_address]}
1696 storage_mgmt_ip_address:
1697 description: IP address of the server in the storage_mgmt network
1698 value: {get_attr: [StorageMgmtPort, ip_address]}
1700 description: IP address of the server in the tenant network
1701 value: {get_attr: [TenantPort, ip_address]}
1702 management_ip_address:
1703 description: IP address of the server in the management network
1704 value: {get_attr: [ManagementPort, ip_address]}
1706 description: Hostname of the server
1707 value: {get_attr: [Controller, name]}
1710 Node object in the format {ip: ..., name: ...} format that the corosync
1713 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1714 name: {get_attr: [Controller, name]}
1717 Server's IP address and hostname in the /etc/hosts format
1721 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
1722 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
1723 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
1724 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
1725 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
1726 TENANTIP TENANTHOST.DOMAIN TENANTHOST
1727 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
1729 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1730 DOMAIN: {get_param: CloudDomain}
1731 PRIMARYHOST: {get_attr: [Controller, name]}
1732 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
1736 - - {get_attr: [Controller, name]}
1738 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
1742 - - {get_attr: [Controller, name]}
1744 STORAGEIP: {get_attr: [StoragePort, ip_address]}
1748 - - {get_attr: [Controller, name]}
1750 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
1754 - - {get_attr: [Controller, name]}
1756 TENANTIP: {get_attr: [TenantPort, ip_address]}
1760 - - {get_attr: [Controller, name]}
1762 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
1766 - - {get_attr: [Controller, name]}
1768 nova_server_resource:
1769 description: Heat resource handle for the Nova compute server
1771 {get_resource: Controller}
1773 description: Swift device formatted for swift-ring-builder
1776 template: 'r1z1-IP:%PORT%/d1'
1778 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1779 swift_proxy_memcache:
1780 description: Swift proxy-memcache value
1783 template: "IP:11211"
1785 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1787 description: identifier which changes if the controller configuration may need re-applying
1791 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1792 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1793 - {get_attr: [NodeTLSData, deploy_stdout]}
1794 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1795 - {get_param: UpdateIdentifier}
1796 tls_key_modulus_md5:
1797 description: MD5 checksum of the TLS Key Modulus
1798 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1799 tls_cert_modulus_md5:
1800 description: MD5 checksum of the TLS Certificate Modulus
1801 value: {get_attr: [NodeTLSData, cert_modulus_md5]}