1 heat_template_version: 2015-10-15
4 OpenStack controller node configured by Puppet.
8 default: 'admin@example.com'
9 description: The email for the keystone admin account.
13 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
17 description: The keystone auth secret and db password.
24 description: The password for the aodh services.
27 CeilometerApiVirtualIP:
32 description: The ceilometer backend type.
34 CeilometerMeteringSecret:
35 description: Secret shared by the ceilometer services.
39 description: The password for the ceilometer service and db account.
42 CeilometerStoreEvents:
44 description: Whether to store events in ceilometer.
51 description: Number of workers for Ceilometer service.
56 Whether to create cron job for purging soft deleted rows in Cinder database.
58 CinderEnableNfsBackend:
60 description: Whether to enable or not the NFS backend for Cinder
62 CinderEnableIscsiBackend:
64 description: Whether to enable or not the Iscsi backend for Cinder
66 CinderEnableRbdBackend:
68 description: Whether to enable or not the Rbd backend for Cinder
72 description: The iSCSI helper to use with cinder.
74 CinderLVMLoopDeviceSize:
76 description: The size of the loopback file used by the cinder LVM driver.
78 CinderNfsMountOptions:
81 Mount options for NFS mounts used by Cinder NFS backend. Effective
82 when CinderEnableNfsBackend is true.
87 NFS servers used by Cinder NFS backend. Effective when
88 CinderEnableNfsBackend is true.
89 type: comma_delimited_list
91 description: The password for the cinder service and db account, used by cinder-api.
96 description: Contains parameters to configure Cinder backends. Typically
97 set via parameter_defaults in the resource registry.
101 description: Number of workers for Cinder service.
103 ControllerExtraConfig:
106 Controller specific hiera configuration data to inject into the cluster.
111 A network mapped list of IPs to assign to Controllers in the following form:
113 "internal_api": ["a.b.c.d", "e.f.g.h"],
117 ControlVirtualInterface:
119 description: Interface where virtual ip will be assigned.
123 description: Enable IPv6 in Corosync
127 description: Set to True to enable debugging on all services.
131 description: Whether to enable fencing in Pacemaker or not.
135 description: Whether to use Galera instead of regular MariaDB.
139 description: Whether to deploy a LoadBalancer on the Controller
143 description: Whether to deploy Ceph Storage (OSD) on the Controller
147 description: Whether to enable Swift Storage on the Controller
152 Additional hieradata to inject into the cluster, note that
153 ControllerExtraConfig takes precedence over ExtraConfig.
158 Pacemaker fencing configuration. The JSON should have
159 the following structure:
163 "agent": "AGENT_NAME",
164 "host_mac": "HOST_MAC_ADDRESS",
165 "params": {"PARAM_NAME": "PARAM_VALUE"}
173 "agent": "fence_xvm",
174 "host_mac": "52:54:00:aa:bb:cc",
176 "multicast_address": "225.0.0.12",
177 "port": "baremetal_0",
179 "manage_key_file": true,
180 "key_file": "/etc/fence_xvm.key",
181 "key_file_password": "abcdef"
188 description: Flavor for control nodes to request when deploying.
191 - custom_constraint: nova.flavor
192 GlanceNotifierStrategy:
193 description: Strategy to use for Glance notification queue
197 description: The filepath of the file to use for logging messages from Glance.
201 description: The password for the glance service and db account, used by the glance services.
206 description: The short name of the Glance backend to use. Should be one
207 of swift, rbd, or file
210 - allowed_values: ['swift', 'file', 'rbd']
211 GlanceFilePcmkDevice:
214 An exported storage device that should be mounted by Pacemaker
215 as Glance storage. Effective when GlanceFilePcmkManage is true.
217 GlanceFilePcmkFstype:
220 Filesystem type for Pacemaker mount used as Glance storage.
221 Effective when GlanceFilePcmkManage is true.
223 GlanceFilePcmkManage:
226 Whether to make Glance file backend a mount managed by Pacemaker.
227 Effective when GlanceBackend is 'file'.
229 GlanceFilePcmkOptions:
232 Mount options for Pacemaker mount used as Glance storage.
233 Effective when GlanceFilePcmkManage is true.
235 HAProxyStatsPassword:
236 description: Password for HAProxy stats endpoint
239 description: User for HAProxy stats endpoint
242 HAProxySyslogAddress:
244 description: Syslog address where HAproxy will send its log
248 description: Number of workers for Glance service.
251 description: The password for the Heat service and db account, used by the Heat services.
254 HeatStackDomainAdminPassword:
255 description: Password for heat_stack_domain_admin user.
258 HeatAuthEncryptionKey:
259 description: Auth encryption key for heat-engine
264 description: A list of IP/Hostname allowed to connect to horizon
265 type: comma_delimited_list
268 description: Number of workers for Heat service.
274 Whether to create cron job for purging soft deleted rows in the Heat database.
276 description: Secret key for Django
281 default: overcloud-control
283 - custom_constraint: glance.image
285 default: 'REBUILD_PRESERVE_EPHEMERAL'
286 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
288 InstanceNameTemplate:
289 default: 'instance-%08x'
290 description: Template string to be used to generate instance names
294 description: Name of an existing Nova key pair to enable SSH access to the instances
297 - custom_constraint: nova.keypair
298 KeystoneCACertificate:
300 description: Keystone self-signed certificate authority certificate.
302 KeystoneEnableDBPurge:
305 Whether to create cron job for purging soft deleted rows in Keystone database.
307 KeystoneSigningCertificate:
309 description: Keystone certificate for verifying token validity.
313 description: Keystone key for signing tokens.
316 KeystoneSSLCertificate:
318 description: Keystone certificate for verifying token validity.
320 KeystoneSSLCertificateKey:
322 description: Keystone key for signing tokens.
325 KeystoneNotificationDriver:
326 description: Comma-separated list of Oslo notification drivers used by Keystone
327 default: ['messaging']
328 type: comma_delimited_list
329 KeystoneNotificationFormat:
330 description: The Keystone notification format
334 - allowed_values: [ 'basic', 'cadf' ]
338 description: Keystone region for endpoint
341 description: Whether to manage IPtables rules.
345 description: Enable IPv6 features in Memcached.
349 description: Whether IPtables rules should be purged before setting up the new ones.
353 description: Number of workers for Keystone service.
360 description: The password for the sahara service account, used by sahara-api.
363 MysqlClusterUniquePart:
364 description: A unique identifier of the MySQL cluster the controller is in.
366 default: 'unset' # Has to be here because of the ignored empty value bug
367 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
369 # - length: {min: 4, max: 10}
370 MysqlInnodbBufferPoolSize:
372 Specifies the size of the buffer pool in megabytes. Setting to
373 zero should be interpreted as "no value" and will defer to the
378 description: Configures MySQL max_connections config setting
384 default: '' # Has to be here because of the ignored empty value bug
385 NeutronExternalNetworkBridge:
386 description: Name of bridge used for external network traffic.
389 NeutronBridgeMappings:
391 The OVS logical->physical bridge mappings to use. See the Neutron
392 documentation for details. Defaults to mapping br-ex - the external
393 bridge on hosts - to a physical name 'datacentre' which can be used
394 to create provider networks (and we use this for the default floating
395 network) - if changing this either use different post-install network
396 scripts or be sure to keep 'datacentre' as a mapping network name.
397 type: comma_delimited_list
398 default: "datacentre:br-ex"
399 NeutronDnsmasqOptions:
400 default: 'dhcp-option-force=26,1400'
401 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
403 NeutronEnableDHCPAgent:
404 description: Knob to enable/disable DHCP Agent
407 NeutronEnableL3Agent:
408 description: Knob to enable/disable L3 agent
411 NeutronEnableMetadataAgent:
412 description: Knob to enable/disable Metadata agent
415 NeutronEnableOVSAgent:
416 description: Knob to enable/disable OVS Agent
421 description: Agent mode for the neutron-l3-agent on the controller hosts
425 description: Whether to enable l3-agent HA
427 NeutronDhcpAgentsPerNetwork:
430 description: The number of neutron dhcp agents to schedule per network
433 description: Whether to configure Neutron Distributed Virtual Routers
435 NeutronMetadataProxySharedSecret:
436 description: Shared secret to prevent spoofing
442 The core plugin for Neutron. The value should be the entrypoint to be loaded
443 from neutron.core_plugins namespace.
445 NeutronServicePlugins:
446 default: "router,qos"
448 Comma-separated list of service plugin entrypoints to be loaded from the
449 neutron.service_plugins namespace.
450 type: comma_delimited_list
452 default: "vxlan,vlan,flat,gre"
454 Comma-separated list of network type driver entrypoints to be loaded.
455 type: comma_delimited_list
456 NeutronMechanismDrivers:
457 default: 'openvswitch'
459 The mechanism drivers for the Neutron tenant network.
460 type: comma_delimited_list
461 NeutronAllowL3AgentFailover:
463 description: Allow automatic l3-agent failover
465 NeutronEnableIsolatedMetadata:
467 description: If True, DHCP provide metadata route to VM.
469 NeutronEnableTunnelling:
475 Enable/disable the L2 population feature in the Neutron agents.
478 type: comma_delimited_list
479 default: 'datacentre'
480 description: If set, flat networks to configure in neutron plugins.
483 description: Whether to enable l3-agent HA
487 description: The tenant network type for Neutron.
488 type: comma_delimited_list
489 NeutronNetworkVLANRanges:
490 default: 'datacentre:1:1000'
492 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
493 Neutron documentation for permitted values. Defaults to permitting any
494 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
495 type: comma_delimited_list
497 description: The password for the neutron service and db account, used by neutron agents.
500 NeutronPublicInterface:
502 description: What interface to bridge onto br-ex for network nodes.
504 NeutronPublicInterfaceTag:
507 VLAN tag for creating a public VLAN. The tag will be used to
508 create an access port on the exterior bridge for each control plane node,
509 and that port will be given the IP address returned by neutron from the
510 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
511 overcloud.yaml to include the deployment of VLAN ports to the control
514 NeutronPublicInterfaceDefaultRoute:
516 description: A custom default route for the NeutronPublicInterface.
518 NeutronPublicInterfaceIP:
520 description: A custom IP address to put onto the NeutronPublicInterface.
522 NeutronPublicInterfaceRawDevice:
524 description: If set, the public interface is a vlan with this device as the raw device.
528 The default MTU for tenant networks. For VXLAN/GRE tunneling, this should
529 be at least 50 bytes smaller than the MTU on the physical network. This
530 value will be used to set the MTU on the virtual Ethernet device.
531 This number is related to the value of NeutronDnsmasqOptions, since that
532 will determine the MTU that is assigned to the VM host through DHCP.
538 The tunnel types for the Neutron tenant network.
539 type: comma_delimited_list
540 NeutronTunnelIdRanges:
542 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
543 of GRE tunnel IDs that are available for tenant network allocation
544 default: ["1:4094", ]
545 type: comma_delimited_list
548 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
549 of VXLAN VNI IDs that are available for tenant network allocation
550 default: ["1:4094", ]
551 type: comma_delimited_list
552 NeutronPluginExtensions:
553 default: "qos,port_security"
555 Comma-separated list of extensions enabled for the Neutron plugin.
556 type: comma_delimited_list
557 NeutronAgentExtensions:
560 Comma-separated list of extensions enabled for the Neutron agents.
561 type: comma_delimited_list
567 description: Number of workers for Neutron service.
572 Whether to create cron job for purging soft deleted rows in Nova database.
576 description: Enable IPv6 features in Nova
579 description: The password for the nova service and db account, used by nova-api.
584 description: Number of workers for Nova service.
588 description: Should MongoDb journaling be disabled
592 description: Enable IPv6 if Mongo DB VIP is IPv6
596 description: Comma-separated list of ntp servers
597 type: comma_delimited_list
600 description: The password for the 'pcsd' user.
602 PublicVirtualInterface:
605 Specifies the interface where the public-facing virtual ip will be assigned.
606 This should be int_public when a VLAN is being used.
610 default: '' # Has to be here because of the ignored empty value bug
613 default: '' # Has to be here because of the ignored empty value bug
616 description: The password for RabbitMQ
621 description: The username for RabbitMQ
626 Rabbit client subscriber parameter to specify
627 an SSL connection to the RabbitMQ host.
631 description: Set rabbit subscriber port, change this if using SSL
635 description: Configures RabbitMQ FD limit
639 description: Enable IPv6 in RabbitMQ
643 description: The password to access the Redis service
647 default: '' # Has to be here because of the ignored empty value bug
650 default: '' # Has to be here because of the ignored empty value bug
651 description: An IP address which is wrapped in brackets in case of IPv6
652 SnmpdReadonlyUserName:
653 default: ro_snmp_user
654 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
656 SnmpdReadonlyUserPassword:
657 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
661 description: A random string to be used as a salt when hashing to determine mappings
667 description: Value of mount_check in Swift account/container/object -server.conf
672 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
675 description: Partition Power to use when building Swift rings
679 description: Whether to manage Swift rings or not
682 description: The password for the swift service account, used by the swift proxy
692 description: How many replicas to use in the swift rings.
695 description: Number of workers for Swift service.
699 description: The timezone to be set on controller nodes.
701 UpgradeLevelNovaCompute:
703 description: Nova Compute upgrade level
705 VirtualIP: # DEPRECATED: use per service settings instead
707 default: '' # Has to be here because of the ignored empty value bug
717 GlanceRegistryVirtualIP:
726 KeystoneAdminApiVirtualIP:
729 KeystonePublicApiVirtualIP:
735 EnablePackageInstall:
737 description: Set to true to enable package installation via Puppet
741 description: Mapping of service_name -> network name. Typically set
742 via parameter_defaults in the resource registry.
746 description: Mapping of service endpoint -> protocol. Typically set
747 via parameter_defaults in the resource registry.
753 Setting to a previously unused value during stack-update will trigger
754 package update on all nodes
757 default: '' # Defaults to Heat created hostname
761 description: Optional mapping to override hostnames
762 NetworkDeploymentActions:
763 type: comma_delimited_list
765 Heat action when to apply network configuration changes
770 SoftwareConfigTransport:
771 default: POLL_SERVER_CFN
773 How the server should receive the metadata required for software configuration.
776 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
781 The DNS domain used for the hosts. This should match the dhcp_domain
782 configured in the Undercloud neutron. Defaults to localdomain.
786 Extra properties or metadata passed to Nova for the created nodes in
787 the overcloud. It's accessible via the Nova metadata API.
791 description: Optional scheduler hints to pass to nova
797 type: OS::Nova::Server
799 image: {get_param: Image}
800 image_update_policy: {get_param: ImageUpdatePolicy}
801 flavor: {get_param: Flavor}
802 key_name: {get_param: KeyName}
805 user_data_format: SOFTWARE_CONFIG
806 user_data: {get_resource: UserData}
809 template: {get_param: Hostname}
810 params: {get_param: HostnameMap}
811 software_config_transport: {get_param: SoftwareConfigTransport}
812 metadata: {get_param: ServerMetadata}
813 scheduler_hints: {get_param: SchedulerHints}
815 # Combine the NodeAdminUserData and NodeUserData mime archives
817 type: OS::Heat::MultipartMime
820 - config: {get_resource: NodeAdminUserData}
822 - config: {get_resource: NodeUserData}
825 # Creates the "heat-admin" user if configured via the environment
826 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
828 type: OS::TripleO::NodeAdminUserData
830 # For optional operator additional userdata
831 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
833 type: OS::TripleO::NodeUserData
836 type: OS::TripleO::Controller::Ports::ExternalPort
838 IPPool: {get_param: ControllerIPs}
839 NodeIndex: {get_param: NodeIndex}
840 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
843 type: OS::TripleO::Controller::Ports::InternalApiPort
845 IPPool: {get_param: ControllerIPs}
846 NodeIndex: {get_param: NodeIndex}
847 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
850 type: OS::TripleO::Controller::Ports::StoragePort
852 IPPool: {get_param: ControllerIPs}
853 NodeIndex: {get_param: NodeIndex}
854 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
857 type: OS::TripleO::Controller::Ports::StorageMgmtPort
859 IPPool: {get_param: ControllerIPs}
860 NodeIndex: {get_param: NodeIndex}
861 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
864 type: OS::TripleO::Controller::Ports::TenantPort
866 IPPool: {get_param: ControllerIPs}
867 NodeIndex: {get_param: NodeIndex}
868 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
871 type: OS::TripleO::Controller::Ports::ManagementPort
873 IPPool: {get_param: ControllerIPs}
874 NodeIndex: {get_param: NodeIndex}
875 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
878 type: OS::TripleO::Network::Ports::NetIpMap
880 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
881 ExternalIp: {get_attr: [ExternalPort, ip_address]}
882 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
883 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
884 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
885 StorageIp: {get_attr: [StoragePort, ip_address]}
886 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
887 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
888 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
889 TenantIp: {get_attr: [TenantPort, ip_address]}
890 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
891 ManagementIp: {get_attr: [ManagementPort, ip_address]}
892 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
895 type: OS::TripleO::Network::Ports::NetIpSubnetMap
897 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
898 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
899 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
900 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
901 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
902 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
903 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
906 type: OS::TripleO::Controller::Net::SoftwareConfig
908 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
909 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
910 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
911 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
912 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
913 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
914 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
917 type: OS::TripleO::SoftwareDeployment
919 name: NetworkDeployment
920 config: {get_resource: NetworkConfig}
921 server: {get_resource: Controller}
922 actions: {get_param: NetworkDeploymentActions}
925 interface_name: {get_param: NeutronPublicInterface}
927 # Resource for site-specific injection of root certificate
929 depends_on: NetworkDeployment
930 type: OS::TripleO::NodeTLSCAData
932 server: {get_resource: Controller}
934 # Resource for site-specific passing of private keys/certificates
936 depends_on: NodeTLSCAData
937 type: OS::TripleO::NodeTLSData
939 server: {get_resource: Controller}
940 NodeIndex: {get_param: NodeIndex}
943 ControllerDeployment:
944 type: OS::TripleO::SoftwareDeployment
945 depends_on: NetworkDeployment
947 name: ControllerDeployment
948 config: {get_resource: ControllerConfig}
949 server: {get_resource: Controller}
951 bootstack_nodeid: {get_attr: [Controller, name]}
952 ceilometer_workers: {get_param: CeilometerWorkers}
953 cinder_workers: {get_param: CinderWorkers}
954 glance_workers: {get_param: GlanceWorkers}
955 heat_workers: {get_param: HeatWorkers}
956 keystone_workers: {get_param: KeystoneWorkers}
957 nova_workers: {get_param: NovaWorkers}
958 neutron_workers: {get_param: NeutronWorkers}
959 swift_workers: {get_param: SwiftWorkers}
960 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
961 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
962 neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
963 haproxy_log_address: {get_param: HAProxySyslogAddress}
964 haproxy_stats_password: {get_param: HAProxyStatsPassword}
965 haproxy_stats_user: {get_param: HAProxyStatsUser}
966 heat.watch_server_url:
970 - {get_param: HeatApiVirtualIPUri}
972 heat.metadata_server_url:
976 - {get_param: HeatApiVirtualIPUri}
978 heat.waitcondition_server_url:
982 - {get_param: HeatApiVirtualIPUri}
983 - ':8000/v1/waitcondition'
984 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
985 heat_enable_db_purge: {get_param: HeatEnableDBPurge}
986 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
987 horizon_secret: {get_param: HorizonSecret}
988 admin_email: {get_param: AdminEmail}
989 admin_password: {get_param: AdminPassword}
990 admin_token: {get_param: AdminToken}
991 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
992 debug: {get_param: Debug}
993 cinder_enable_db_purge: {get_param: CinderEnableDBPurge}
994 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
995 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
996 cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
1001 SERVERS: {get_param: CinderNfsServers}
1002 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
1003 cinder_password: {get_param: CinderPassword}
1004 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
1005 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
1006 cinder_backend_config: {get_param: CinderBackendConfig}
1010 - - 'mysql+pymysql://cinder:'
1011 - {get_param: CinderPassword}
1013 - {get_param: MysqlVirtualIPUri}
1015 glance_port: {get_param: [EndpointMap, GlanceInternal, port]}
1016 glance_password: {get_param: GlancePassword}
1017 glance_backend: {get_param: GlanceBackend}
1018 glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice}
1019 glance_file_pcmk_fstype: {get_param: GlanceFilePcmkFstype}
1020 glance_file_pcmk_manage: {get_param: GlanceFilePcmkManage}
1021 glance_file_pcmk_options: {get_param: GlanceFilePcmkOptions}
1022 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
1023 glance_log_file: {get_param: GlanceLogFile}
1027 - - 'mysql+pymysql://glance:'
1028 - {get_param: GlancePassword}
1030 - {get_param: MysqlVirtualIPUri}
1032 heat_password: {get_param: HeatPassword}
1033 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
1037 - - 'mysql+pymysql://heat:'
1038 - {get_param: HeatPassword}
1040 - {get_param: MysqlVirtualIPUri}
1042 keystone_ca_certificate: {get_param: KeystoneCACertificate}
1043 keystone_signing_key: {get_param: KeystoneSigningKey}
1044 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
1045 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
1046 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
1047 keystone_notification_driver: {get_param: KeystoneNotificationDriver}
1048 keystone_notification_format: {get_param: KeystoneNotificationFormat}
1049 keystone_enable_db_purge: {get_param: KeystoneEnableDBPurge}
1053 - - 'mysql+pymysql://keystone:'
1054 - {get_param: AdminToken}
1056 - {get_param: MysqlVirtualIPUri}
1058 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
1059 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
1060 keystone_public_url: { get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
1061 keystone_internal_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
1062 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
1063 enable_fencing: {get_param: EnableFencing}
1064 enable_galera: {get_param: EnableGalera}
1065 enable_load_balancer: {get_param: EnableLoadBalancer}
1066 enable_ceph_storage: {get_param: EnableCephStorage}
1067 enable_swift_storage: {get_param: EnableSwiftStorage}
1068 manage_firewall: {get_param: ManageFirewall}
1069 purge_firewall_rules: {get_param: PurgeFirewallRules}
1070 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
1071 mysql_max_connections: {get_param: MysqlMaxConnections}
1072 mysql_root_password: {get_param: MysqlRootPassword}
1075 template: tripleo-CLUSTER
1077 CLUSTER: {get_param: MysqlClusterUniquePart}
1078 neutron_flat_networks:
1082 NETWORKS: {get_param: NeutronFlatNetworks}
1083 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
1084 neutron_agent_mode: {get_param: NeutronAgentMode}
1085 neutron_router_distributed: {get_param: NeutronDVR}
1086 neutron_core_plugin: {get_param: NeutronCorePlugin}
1087 neutron_service_plugins:
1091 PLUGINS: {get_param: NeutronServicePlugins}
1092 neutron_type_drivers:
1096 DRIVERS: {get_param: NeutronTypeDrivers}
1097 neutron_enable_dhcp_agent: {get_param: NeutronEnableDHCPAgent}
1098 neutron_enable_l3_agent: {get_param: NeutronEnableL3Agent}
1099 neutron_enable_metadata_agent: {get_param: NeutronEnableMetadataAgent}
1100 neutron_enable_ovs_agent: {get_param: NeutronEnableOVSAgent}
1101 neutron_mechanism_drivers:
1103 template: MECHANISMS
1105 MECHANISMS: {get_param: NeutronMechanismDrivers}
1106 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
1107 neutron_l3_ha: {get_param: NeutronL3HA}
1108 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
1109 neutron_network_vlan_ranges:
1113 RANGES: {get_param: NeutronNetworkVLANRanges}
1114 neutron_bridge_mappings:
1118 MAPPINGS: {get_param: NeutronBridgeMappings}
1119 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
1120 neutron_public_interface: {get_param: NeutronPublicInterface}
1121 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
1122 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
1123 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
1124 neutron_tunnel_id_ranges:
1128 RANGES: {get_param: NeutronTunnelIdRanges}
1133 RANGES: {get_param: NeutronVniRanges}
1134 neutron_tenant_network_types:
1138 TYPES: {get_param: NeutronNetworkType}
1139 neutron_tunnel_types:
1143 TYPES: {get_param: NeutronTunnelTypes}
1144 neutron_plugin_extensions:
1146 template: PLUGIN_EXTENSIONS
1148 PLUGIN_EXTENSIONS: {get_param: NeutronPluginExtensions}
1149 neutron_agent_extensions:
1151 template: AGENT_EXTENSIONS
1153 AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
1154 neutron_password: {get_param: NeutronPassword}
1155 neutron_tenant_mtu: {get_param: NeutronTenantMtu}
1156 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
1160 - - 'mysql+pymysql://neutron:'
1161 - {get_param: NeutronPassword}
1163 - {get_param: MysqlVirtualIPUri}
1164 - '/ovs_neutron?charset=utf8'
1165 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
1166 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
1167 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
1168 neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
1169 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
1170 ceilometer_backend: {get_param: CeilometerBackend}
1171 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
1172 ceilometer_password: {get_param: CeilometerPassword}
1173 ceilometer_store_events: {get_param: CeilometerStoreEvents}
1174 aodh_password: {get_param: AodhPassword}
1175 ceilometer_coordination_url:
1179 - {get_param: RedisPassword}
1181 - {get_param: RedisVirtualIPUri}
1186 - - 'mysql+pymysql://ceilometer:'
1187 - {get_param: CeilometerPassword}
1189 - {get_param: MysqlVirtualIPUri}
1191 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
1192 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
1193 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
1194 nova_ipv6: {get_param: NovaIPv6}
1195 corosync_ipv6: {get_param: CorosyncIPv6}
1196 memcached_ipv6: {get_param: MemcachedIPv6}
1197 nova_password: {get_param: NovaPassword}
1201 - - 'mysql+pymysql://nova:'
1202 - {get_param: NovaPassword}
1204 - {get_param: MysqlVirtualIPUri}
1209 - - 'mysql+pymysql://nova_api:'
1210 - {get_param: NovaPassword}
1212 - {get_param: MysqlVirtualIPUri}
1214 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
1215 instance_name_template: {get_param: InstanceNameTemplate}
1216 fencing_config: {get_param: FencingConfig}
1217 pcsd_password: {get_param: PcsdPassword}
1218 rabbit_username: {get_param: RabbitUserName}
1219 rabbit_password: {get_param: RabbitPassword}
1220 rabbit_cookie: {get_param: RabbitCookie}
1221 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
1222 rabbit_client_port: {get_param: RabbitClientPort}
1223 rabbit_ipv6: {get_param: RabbitIPv6}
1224 rabbit_fd_limit: {get_param: RabbitFDLimit}
1225 mongodb_no_journal: {get_param: MongoDbNoJournal}
1226 mongodb_ipv6: {get_param: MongoDbIPv6}
1227 ntp_servers: {get_param: NtpServer}
1228 timezone: {get_param: TimeZone}
1229 control_virtual_interface: {get_param: ControlVirtualInterface}
1230 public_virtual_interface: {get_param: PublicVirtualInterface}
1231 swift_hash_suffix: {get_param: SwiftHashSuffix}
1232 swift_password: {get_param: SwiftPassword}
1233 swift_part_power: {get_param: SwiftPartPower}
1234 swift_ring_build: {get_param: SwiftRingBuild}
1235 swift_replicas: {get_param: SwiftReplicas}
1236 swift_min_part_hours: {get_param: SwiftMinPartHours}
1237 swift_mount_check: {get_param: SwiftMountCheck}
1238 enable_package_install: {get_param: EnablePackageInstall}
1239 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
1240 sahara_password: {get_param: SaharaPassword}
1244 - - 'mysql://sahara:'
1245 - {get_param: SaharaPassword}
1247 - {get_param: MysqlVirtualIPUri}
1249 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
1250 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1251 cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
1252 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
1253 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
1254 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
1255 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
1256 glance_registry_host: {get_param: GlanceRegistryVirtualIP}
1257 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
1258 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
1259 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
1260 keystone_region: {get_param: KeystoneRegion}
1261 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
1262 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
1263 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
1264 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
1265 aodh_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]}
1266 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
1267 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
1268 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
1269 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
1270 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
1271 redis_password: {get_param: RedisPassword}
1272 redis_vip: {get_param: RedisVirtualIP}
1273 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
1274 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1275 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
1276 mysql_virtual_ip: {get_param: MysqlVirtualIP}
1277 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
1278 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1279 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1281 # Map heat metadata into hiera datafiles
1283 type: OS::Heat::StructuredConfig
1285 group: os-apply-config
1290 - heat_config_%{::deploy_config_name}
1291 - controller_extraconfig
1296 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
1297 - ceph_cluster # provided by CephClusterConfig
1299 - bootstrap_node # provided by BootstrapNodeConfig
1300 - all_nodes # provided by allNodesConfig
1301 - vip_data # provided by vip-config
1304 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
1305 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
1306 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
1307 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
1308 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
1309 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
1310 - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
1311 - midonet_data #Optionally provided by AllNodesExtraConfig
1312 - neutron_opencontrail_data # Optionally provided by ControllerExtraConfigPre
1314 controller_extraconfig:
1315 mapped_data: {get_param: ControllerExtraConfig}
1317 mapped_data: {get_param: ExtraConfig}
1319 raw_data: {get_file: hieradata/common.yaml}
1321 raw_data: {get_file: hieradata/ceph.yaml}
1323 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
1324 ceph::profile::params::public_network: {get_input: ceph_public_network}
1325 ceph::profile::params::public_addr: {get_input: ceph_public_ip}
1327 raw_data: {get_file: hieradata/database.yaml}
1329 raw_data: {get_file: hieradata/object.yaml}
1331 raw_data: {get_file: hieradata/controller.yaml}
1332 mapped_data: # data supplied directly to this deployment configuration, etc
1333 bootstack_nodeid: {get_input: bootstack_nodeid}
1336 enable_fencing: {get_input: enable_fencing}
1337 enable_load_balancer: {get_input: enable_load_balancer}
1338 hacluster_pwd: {get_input: pcsd_password}
1339 corosync_ipv6: {get_input: corosync_ipv6}
1340 tripleo::fencing::config: {get_input: fencing_config}
1343 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
1344 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
1345 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
1346 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
1347 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
1348 swift::proxy::authtoken::admin_password: {get_input: swift_password}
1349 swift::proxy::workers: {get_input: swift_workers}
1350 tripleo::ringbuilder::build_ring: { get_input: swift_ring_build }
1351 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
1352 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
1353 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
1354 swift_mount_check: {get_input: swift_mount_check}
1357 cinder_enable_db_purge: {get_input: cinder_enable_db_purge}
1358 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
1359 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
1360 cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
1361 cinder_nfs_servers: {get_input: cinder_nfs_servers}
1362 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
1363 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
1364 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
1365 cinder::database_connection: {get_input: cinder_dsn}
1366 cinder::api::keystone_password: {get_input: cinder_password}
1367 cinder::api::auth_uri: {get_input: keystone_auth_uri}
1368 cinder::api::identity_uri: {get_input: keystone_identity_uri}
1369 cinder::api::bind_host: {get_input: cinder_api_network}
1370 cinder::rabbit_userid: {get_input: rabbit_username}
1371 cinder::rabbit_password: {get_input: rabbit_password}
1372 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1373 cinder::rabbit_port: {get_input: rabbit_client_port}
1374 cinder::debug: {get_input: debug}
1375 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
1376 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
1377 cinder_backend_config: {get_input: CinderBackendConfig}
1378 cinder::db::mysql::password: {get_input: cinder_password}
1381 glance::api::bind_port: {get_input: glance_port}
1382 glance::api::bind_host: {get_input: glance_api_network}
1383 glance::api::auth_uri: {get_input: keystone_auth_uri}
1384 glance::api::identity_uri: {get_input: keystone_identity_uri}
1385 glance::api::registry_host: {get_input: glance_registry_host}
1386 glance::api::keystone_password: {get_input: glance_password}
1387 glance::api::debug: {get_input: debug}
1388 glance::api::workers: {get_input: glance_workers}
1389 glance_notifier_strategy: {get_input: glance_notifier_strategy}
1390 glance_log_file: {get_input: glance_log_file}
1391 glance_log_file: {get_input: glance_log_file}
1392 glance::api::database_connection: {get_input: glance_dsn}
1393 glance::registry::keystone_password: {get_input: glance_password}
1394 glance::registry::database_connection: {get_input: glance_dsn}
1395 glance::registry::bind_host: {get_input: glance_registry_network}
1396 glance::registry::auth_uri: {get_input: keystone_auth_uri}
1397 glance::registry::identity_uri: {get_input: keystone_identity_uri}
1398 glance::registry::debug: {get_input: debug}
1399 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_uri}
1400 glance::registry::workers: {get_input: glance_workers}
1401 glance::backend::swift::swift_store_user: service:glance
1402 glance::backend::swift::swift_store_key: {get_input: glance_password}
1403 glance_backend: {get_input: glance_backend}
1404 glance::db::mysql::password: {get_input: glance_password}
1405 glance_file_pcmk_device: {get_input: glance_file_pcmk_device}
1406 glance_file_pcmk_fstype: {get_input: glance_file_pcmk_fstype}
1407 glance_file_pcmk_manage: {get_input: glance_file_pcmk_manage}
1408 glance_file_pcmk_options: {get_input: glance_file_pcmk_options}
1409 glance::notify::rabbitmq::rabbit_userid: {get_input: rabbit_username}
1410 glance::notify::rabbitmq::rabbit_password: {get_input: rabbit_password}
1411 glance::notify::rabbitmq::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1414 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
1415 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
1416 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
1417 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
1418 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
1419 heat::rabbit_userid: {get_input: rabbit_username}
1420 heat::rabbit_password: {get_input: rabbit_password}
1421 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1422 heat::rabbit_port: {get_input: rabbit_client_port}
1423 heat::auth_uri: {get_input: keystone_auth_uri}
1424 heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
1425 heat::identity_uri: {get_input: keystone_identity_uri}
1426 heat::keystone_password: {get_input: heat_password}
1427 heat::api::bind_host: {get_input: heat_api_network}
1428 heat::api::workers: {get_input: heat_workers}
1429 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
1430 heat::api_cloudwatch::workers: {get_input: heat_workers}
1431 heat::api_cfn::bind_host: {get_input: heat_api_network}
1432 heat::api_cfn::workers: {get_input: heat_workers}
1433 heat::database_connection: {get_input: heat_dsn}
1434 heat::debug: {get_input: debug}
1435 heat::db::mysql::password: {get_input: heat_password}
1436 heat_enable_db_purge: {get_input: heat_enable_db_purge}
1437 heat::keystone::domain::domain_password: {get_input: heat_stack_domain_admin_password}
1440 keystone::admin_token: {get_input: admin_token}
1441 keystone::roles::admin::password: {get_input: admin_password}
1442 keystone_ca_certificate: {get_input: keystone_ca_certificate}
1443 keystone_signing_key: {get_input: keystone_signing_key}
1444 keystone_signing_certificate: {get_input: keystone_signing_certificate}
1445 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
1446 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
1447 keystone::database_connection: {get_input: keystone_dsn}
1448 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
1449 keystone::public_bind_host: {get_input: keystone_public_api_network}
1450 keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
1451 keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
1452 keystone::debug: {get_input: debug}
1453 keystone::db::mysql::password: {get_input: admin_token}
1454 keystone::rabbit_userid: {get_input: rabbit_username}
1455 keystone::rabbit_password: {get_input: rabbit_password}
1456 keystone::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1457 keystone::rabbit_port: {get_input: rabbit_client_port}
1458 keystone::notification_driver: {get_input: keystone_notification_driver}
1459 keystone::notification_format: {get_input: keystone_notification_format}
1460 keystone::roles::admin::email: {get_input: admin_email}
1461 keystone::roles::admin::password: {get_input: admin_password}
1462 keystone::endpoint::public_url: {get_input: keystone_public_url}
1463 keystone::endpoint::internal_url: {get_input: keystone_internal_url}
1464 keystone::endpoint::admin_url: {get_input: keystone_identity_uri}
1465 keystone::endpoint::region: {get_input: keystone_region}
1466 keystone::admin_workers: {get_input: keystone_workers}
1467 keystone::public_workers: {get_input: keystone_workers}
1468 keystone_enable_db_purge: {get_input: keystone_enable_db_purge}
1469 keystone::public_endpoint: {get_input: keystone_public_url}
1471 mongodb::server::bind_ip: {get_input: mongo_db_network}
1472 mongodb::server::nojournal: {get_input: mongodb_no_journal}
1473 mongodb::server::ipv6: {get_input: mongodb_ipv6}
1475 admin_password: {get_input: admin_password}
1476 enable_galera: {get_input: enable_galera}
1477 enable_ceph_storage: {get_input: enable_ceph_storage}
1478 enable_swift_storage: {get_input: enable_swift_storage}
1479 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
1480 mysql_max_connections: {get_input: mysql_max_connections}
1481 mysql::server::root_password: {get_input: mysql_root_password}
1482 mysql_cluster_name: {get_input: mysql_cluster_name}
1483 mysql_bind_host: {get_input: mysql_network}
1484 mysql_virtual_ip: {get_input: mysql_virtual_ip}
1487 neutron::bind_host: {get_input: neutron_api_network}
1488 neutron::rabbit_password: {get_input: rabbit_password}
1489 neutron::rabbit_user: {get_input: rabbit_username}
1490 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1491 neutron::rabbit_port: {get_input: rabbit_client_port}
1492 neutron::debug: {get_input: debug}
1493 neutron::server::auth_uri: {get_input: keystone_auth_uri}
1494 neutron::server::identity_uri: {get_input: keystone_identity_uri}
1495 neutron::server::database_connection: {get_input: neutron_dsn}
1496 neutron::server::api_workers: {get_input: neutron_workers}
1497 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
1498 neutron::network_device_mtu: {get_input: neutron_tenant_mtu}
1499 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
1500 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
1501 neutron::agents::dhcp::enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata}
1502 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
1503 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
1504 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1505 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
1506 neutron::agents::metadata::metadata_workers: {get_input: neutron_workers}
1507 neutron_agent_mode: {get_input: neutron_agent_mode}
1508 neutron_router_distributed: {get_input: neutron_router_distributed}
1509 neutron::core_plugin: {get_input: neutron_core_plugin}
1510 neutron::service_plugins: {get_input: neutron_service_plugins}
1511 neutron::enable_dhcp_agent: {get_input: neutron_enable_dhcp_agent}
1512 neutron::enable_l3_agent: {get_input: neutron_enable_l3_agent}
1513 neutron::enable_metadata_agent: {get_input: neutron_enable_metadata_agent}
1514 neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent}
1515 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
1516 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
1517 neutron::plugins::ml2::extension_drivers: {get_input: neutron_plugin_extensions}
1518 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
1519 neutron::server::l3_ha: {get_input: neutron_l3_ha}
1520 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
1521 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
1522 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
1523 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
1524 neutron::agents::ml2::ovs::bridge_mappings: {get_input: neutron_bridge_mappings}
1525 neutron_public_interface: {get_input: neutron_public_interface}
1526 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
1527 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
1528 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
1529 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
1530 neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types}
1531 neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions}
1532 neutron::server::auth_password: {get_input: neutron_password}
1533 neutron::agents::metadata::auth_password: {get_input: neutron_password}
1534 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
1535 neutron_dsn: {get_input: neutron_dsn}
1536 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1537 neutron::db::mysql::password: {get_input: neutron_password}
1538 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
1539 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
1540 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
1541 neutron::keystone::auth::password: {get_input: neutron_password }
1542 neutron::keystone::auth::region: {get_input: keystone_region}
1543 neutron::server::notifications::nova_url: {get_input: nova_internal_url}
1544 neutron::server::notifications::auth_url: {get_input: neutron_auth_url}
1545 neutron::server::notifications::tenant_name: 'service'
1546 neutron::server::notifications::project_name: 'service'
1547 neutron::server::notifications::password: {get_input: nova_password}
1550 ceilometer_backend: {get_input: ceilometer_backend}
1551 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1552 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1553 ceilometer::rabbit_userid: {get_input: rabbit_username}
1554 ceilometer::rabbit_password: {get_input: rabbit_password}
1555 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1556 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1557 ceilometer::debug: {get_input: debug}
1558 ceilometer::api::host: {get_input: ceilometer_api_network}
1559 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1560 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1561 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1562 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1563 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
1564 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1565 ceilometer::agent::notification::store_events: {get_input: ceilometer_store_events}
1566 ceilometer::db::mysql::password: {get_input: ceilometer_password}
1567 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1568 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1571 aodh::rabbit_userid: {get_input: rabbit_username}
1572 aodh::rabbit_password: {get_input: rabbit_password}
1573 aodh::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1574 aodh::rabbit_port: {get_input: rabbit_client_port}
1575 aodh::debug: {get_input: debug}
1576 aodh::wsgi::apache::ssl: false
1577 aodh::wsgi::apache::bind_host: {get_input: aodh_api_network}
1578 aodh::api::service_name: 'httpd'
1579 aodh::api::host: {get_input: aodh_api_network}
1580 aodh::api::keystone_password: {get_input: aodh_password}
1581 aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1582 aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1583 aodh::auth::auth_password: {get_input: aodh_password}
1584 aodh::db::mysql::password: {get_input: aodh_password}
1585 # for a migration path from ceilometer-alarm to aodh, we use the same database & coordination
1586 aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url}
1589 nova::rabbit_userid: {get_input: rabbit_username}
1590 nova::rabbit_password: {get_input: rabbit_password}
1591 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1592 nova::rabbit_port: {get_input: rabbit_client_port}
1593 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
1594 nova::debug: {get_input: debug}
1595 nova::use_ipv6: {get_input: nova_ipv6}
1596 nova::api::auth_uri: {get_input: keystone_auth_uri}
1597 nova::api::identity_uri: {get_input: keystone_identity_uri}
1598 nova::api::api_bind_address: {get_input: nova_api_network}
1599 nova::api::metadata_listen: {get_input: nova_metadata_network}
1600 nova::api::admin_password: {get_input: nova_password}
1601 nova::api::osapi_compute_workers: {get_input: nova_workers}
1602 nova::api::ec2_workers: {get_input: nova_workers}
1603 nova::api::metadata_workers: {get_input: nova_workers}
1604 nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu}
1605 nova::database_connection: {get_input: nova_dsn}
1606 nova::api_database_connection: {get_input: nova_api_dsn}
1607 nova::glance_api_servers: {get_input: glance_api_servers}
1608 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1609 nova::api::instance_name_template: {get_input: instance_name_template}
1610 nova::network::neutron::neutron_password: {get_input: neutron_password}
1611 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1612 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
1613 nova::vncproxy::host: {get_input: nova_api_network}
1614 nova::db::mysql::password: {get_input: nova_password}
1615 nova::db::mysql_api::password: {get_input: nova_password}
1616 nova_enable_db_purge: {get_input: nova_enable_db_purge}
1619 apache::ip: {get_input: horizon_network}
1620 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1621 horizon::django_debug: {get_input: debug}
1622 horizon::secret_key: {get_input: horizon_secret}
1623 horizon::bind_address: {get_input: horizon_network}
1624 horizon::keystone_url: {get_input: keystone_auth_uri}
1627 sahara::host: {get_input: sahara_api_network}
1635 sahara::admin_password: {get_input: sahara_password}
1636 sahara::auth_uri: {get_input: keystone_auth_uri}
1637 sahara::admin_user: sahara
1638 sahara::identity_uri: {get_input: keystone_identity_uri}
1639 sahara::use_neutron: true
1640 sahara::database_connection: {get_input: sahara_dsn}
1641 sahara::debug: {get_input: debug}
1642 sahara::rpc_backend: rabbit
1643 sahara::rabbit_userid: {get_input: rabbit_username}
1644 sahara::rabbit_password: {get_input: rabbit_password}
1645 sahara::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1646 sahara::rabbit_port: {get_input: rabbit_client_port}
1647 sahara::db::mysql::password: {get_input: sahara_password}
1650 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1651 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1652 rabbitmq::file_limit: {get_input: rabbit_fd_limit}
1653 rabbitmq::default_user: {get_input: rabbit_username}
1654 rabbitmq::default_pass: {get_input: rabbit_password}
1655 rabbit_ipv6: {get_input: rabbit_ipv6}
1657 redis::bind: {get_input: redis_network}
1658 redis::requirepass: {get_input: redis_password}
1659 redis::masterauth: {get_input: redis_password}
1660 redis::sentinel_auth_pass: {get_input: redis_password}
1661 redis_vip: {get_input: redis_vip}
1663 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1664 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1666 memcached_ipv6: {get_input: memcached_ipv6}
1667 memcached::listen_ip: {get_input: memcached_network}
1668 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1669 ntp::servers: {get_input: ntp_servers}
1670 timezone::timezone: {get_input: timezone}
1671 control_virtual_interface: {get_input: control_virtual_interface}
1672 public_virtual_interface: {get_input: public_virtual_interface}
1673 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1674 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1675 tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address}
1676 tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1677 tripleo::loadbalancer::haproxy_stats_user: {get_input: haproxy_stats_user}
1678 tripleo::loadbalancer::haproxy_stats_password: {get_input: haproxy_stats_password}
1679 tripleo::loadbalancer::redis_password: {get_input: redis_password}
1680 tripleo::packages::enable_install: {get_input: enable_package_install}
1681 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1683 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1684 ControllerExtraConfigPre:
1685 depends_on: ControllerDeployment
1686 type: OS::TripleO::ControllerExtraConfigPre
1688 server: {get_resource: Controller}
1690 # Hook for site-specific additional pre-deployment config,
1691 # applying to all nodes, e.g node registration/unregistration
1693 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1694 type: OS::TripleO::NodeExtraConfig
1696 server: {get_resource: Controller}
1699 type: OS::TripleO::Tasks::PackageUpdate
1702 type: OS::Heat::SoftwareDeployment
1704 name: UpdateDeployment
1705 config: {get_resource: UpdateConfig}
1706 server: {get_resource: Controller}
1709 get_param: UpdateIdentifier
1713 description: IP address of the server in the ctlplane network
1714 value: {get_attr: [Controller, networks, ctlplane, 0]}
1715 external_ip_address:
1716 description: IP address of the server in the external network
1717 value: {get_attr: [ExternalPort, ip_address]}
1718 internal_api_ip_address:
1719 description: IP address of the server in the internal_api network
1720 value: {get_attr: [InternalApiPort, ip_address]}
1722 description: IP address of the server in the storage network
1723 value: {get_attr: [StoragePort, ip_address]}
1724 storage_mgmt_ip_address:
1725 description: IP address of the server in the storage_mgmt network
1726 value: {get_attr: [StorageMgmtPort, ip_address]}
1728 description: IP address of the server in the tenant network
1729 value: {get_attr: [TenantPort, ip_address]}
1730 management_ip_address:
1731 description: IP address of the server in the management network
1732 value: {get_attr: [ManagementPort, ip_address]}
1734 description: Hostname of the server
1735 value: {get_attr: [Controller, name]}
1738 Node object in the format {ip: ..., name: ...} format that the corosync
1741 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1742 name: {get_attr: [Controller, name]}
1745 Server's IP address and hostname in the /etc/hosts format
1749 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
1750 EXTERNALIP EXTERNALHOST
1751 INTERNAL_APIIP INTERNAL_APIHOST
1752 STORAGEIP STORAGEHOST
1753 STORAGE_MGMTIP STORAGE_MGMTHOST
1755 MANAGEMENTIP MANAGEMENTHOST
1757 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1758 DOMAIN: {get_param: CloudDomain}
1759 PRIMARYHOST: {get_attr: [Controller, name]}
1760 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
1764 - - {get_attr: [Controller, name]}
1766 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
1770 - - {get_attr: [Controller, name]}
1772 STORAGEIP: {get_attr: [StoragePort, ip_address]}
1776 - - {get_attr: [Controller, name]}
1778 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
1782 - - {get_attr: [Controller, name]}
1784 TENANTIP: {get_attr: [TenantPort, ip_address]}
1788 - - {get_attr: [Controller, name]}
1790 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
1794 - - {get_attr: [Controller, name]}
1796 nova_server_resource:
1797 description: Heat resource handle for the Nova compute server
1799 {get_resource: Controller}
1801 description: Swift device formatted for swift-ring-builder
1804 template: 'r1z1-IP:%PORT%/d1'
1806 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1807 swift_proxy_memcache:
1808 description: Swift proxy-memcache value
1811 template: "IP:11211"
1813 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1815 description: identifier which changes if the controller configuration may need re-applying
1819 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1820 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1821 - {get_attr: [NodeTLSData, deploy_stdout]}
1822 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1823 - {get_param: UpdateIdentifier}
1824 tls_key_modulus_md5:
1825 description: MD5 checksum of the TLS Key Modulus
1826 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1827 tls_cert_modulus_md5:
1828 description: MD5 checksum of the TLS Certificate Modulus
1829 value: {get_attr: [NodeTLSData, cert_modulus_md5]}