1 heat_template_version: 2016-04-08
4 OpenStack controller node configured by Puppet.
8 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
15 description: The password for the aodh services.
18 #TODO(composable Redis): Remove the Redis password param
19 #As is used by ceilometer
20 CeilometerApiVirtualIP:
25 description: The ceilometer backend type.
27 CeilometerMeteringSecret:
28 description: Secret shared by the ceilometer services.
32 description: The password for the ceilometer service and db account.
35 CeilometerStoreEvents:
37 description: Whether to store events in ceilometer.
39 CeilometerMeterDispatcher:
41 description: Dispatcher to process meter data
44 - allowed_values: ['gnocchi', 'database']
50 description: Number of workers for Ceilometer service.
52 controllerExtraConfig:
55 Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
57 ControllerExtraConfig:
60 Controller specific hiera configuration data to inject into the cluster.
65 A network mapped list of IPs to assign to Controllers in the following form:
67 "internal_api": ["a.b.c.d", "e.f.g.h"],
71 ControlVirtualInterface:
73 description: Interface where virtual ip will be assigned.
77 description: Enable IPv6 in Corosync
81 description: Set to True to enable debugging on all services.
85 description: Whether to enable fencing in Pacemaker or not.
89 description: Whether to use Galera instead of regular MariaDB.
93 description: Whether to deploy a LoadBalancer on the Controller
97 description: Whether to deploy Ceph Storage (OSD) on the Controller
101 description: Whether to enable Swift Storage on the Controller
106 Additional hieradata to inject into the cluster, note that
107 ControllerExtraConfig takes precedence over ExtraConfig.
112 Pacemaker fencing configuration. The JSON should have
113 the following structure:
117 "agent": "AGENT_NAME",
118 "host_mac": "HOST_MAC_ADDRESS",
119 "params": {"PARAM_NAME": "PARAM_VALUE"}
127 "agent": "fence_xvm",
128 "host_mac": "52:54:00:aa:bb:cc",
130 "multicast_address": "225.0.0.12",
131 "port": "baremetal_0",
133 "manage_key_file": true,
134 "key_file": "/etc/fence_xvm.key",
135 "key_file_password": "abcdef"
142 description: Flavor for control nodes to request when deploying.
145 - custom_constraint: nova.flavor
148 description: The short name of the Gnocchi backend to use. Should be one
149 of swift, rbd, or file
152 - allowed_values: ['swift', 'file', 'rbd']
153 GnocchiIndexerBackend:
155 description: The short name of the Gnocchi indexer backend to use.
161 description: The password for the gnocchi service and db account.
164 HAProxyStatsPassword:
165 description: Password for HAProxy stats endpoint
168 description: User for HAProxy stats endpoint
171 HAProxySyslogAddress:
173 description: Syslog address where HAproxy will send its log
175 HeatAuthEncryptionKey:
176 description: Auth encryption key for heat-engine
181 description: A list of IP/Hostname allowed to connect to horizon
182 type: comma_delimited_list
184 description: Secret key for Django
189 default: overcloud-control
191 - custom_constraint: glance.image
193 default: 'REBUILD_PRESERVE_EPHEMERAL'
194 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
196 InstanceNameTemplate:
197 default: 'instance-%08x'
198 description: Template string to be used to generate instance names
202 description: Name of an existing Nova key pair to enable SSH access to the instances
205 - custom_constraint: nova.keypair
209 description: Keystone region for endpoint
212 description: Whether to manage IPtables rules.
216 description: Enable IPv6 features in Memcached.
220 description: Whether IPtables rules should be purged before setting up the new ones.
225 MysqlClusterUniquePart:
226 description: A unique identifier of the MySQL cluster the controller is in.
228 default: 'unset' # Has to be here because of the ignored empty value bug
229 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
231 # - length: {min: 4, max: 10}
232 MysqlInnodbBufferPoolSize:
234 Specifies the size of the buffer pool in megabytes. Setting to
235 zero should be interpreted as "no value" and will defer to the
240 description: Configures MySQL max_connections config setting
243 MysqlClustercheckPassword:
249 default: '' # Has to be here because of the ignored empty value bug
250 NeutronMetadataProxySharedSecret:
251 description: Shared secret to prevent spoofing
255 description: The password for the neutron service and db account, used by neutron agents.
258 NeutronPublicInterface:
260 description: What interface to bridge onto br-ex for network nodes.
264 The default MTU for tenant networks. For VXLAN/GRE tunneling, this should
265 be at least 50 bytes smaller than the MTU on the physical network. This
266 value will be used to set the MTU on the virtual Ethernet device.
267 This number is related to the value of NeutronDnsmasqOptions, since that
268 will determine the MTU that is assigned to the VM host through DHCP.
277 Whether to create cron job for purging soft deleted rows in Nova database.
281 description: Enable IPv6 features in Nova
284 description: The password for the nova service and db account, used by nova-api.
289 description: Number of workers for Nova service.
293 description: Comma-separated list of ntp servers
294 type: comma_delimited_list
297 description: The password for the 'pcsd' user.
299 PublicVirtualInterface:
302 Specifies the interface where the public-facing virtual ip will be assigned.
303 This should be int_public when a VLAN is being used.
307 default: '' # Has to be here because of the ignored empty value bug
310 default: '' # Has to be here because of the ignored empty value bug
313 description: The password for RabbitMQ
318 description: The username for RabbitMQ
323 Rabbit client subscriber parameter to specify
324 an SSL connection to the RabbitMQ host.
328 description: Set rabbit subscriber port, change this if using SSL
331 description: The password for Redis
336 default: '' # Has to be here because of the ignored empty value bug
339 default: '' # Has to be here because of the ignored empty value bug
340 description: An IP address which is wrapped in brackets in case of IPv6
341 SnmpdReadonlyUserName:
342 default: ro_snmp_user
343 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
345 SnmpdReadonlyUserPassword:
346 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
350 description: A random string to be used as a salt when hashing to determine mappings
356 description: Value of mount_check in Swift account/container/object -server.conf
361 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
364 description: Partition Power to use when building Swift rings
368 description: Whether to manage Swift rings or not
376 description: How many replicas to use in the swift rings.
379 description: The timezone to be set on controller nodes.
381 UpgradeLevelNovaCompute:
383 description: Nova Compute upgrade level
385 VirtualIP: # DEPRECATED: use per service settings instead
387 default: '' # Has to be here because of the ignored empty value bug
400 EnablePackageInstall:
402 description: Set to true to enable package installation via Puppet
406 description: Mapping of service_name -> network name. Typically set
407 via parameter_defaults in the resource registry.
411 description: Mapping of service endpoint -> protocol. Typically set
412 via parameter_defaults in the resource registry.
418 Setting to a previously unused value during stack-update will trigger
419 package update on all nodes
422 default: '' # Defaults to Heat created hostname
426 description: Optional mapping to override hostnames
427 NetworkDeploymentActions:
428 type: comma_delimited_list
430 Heat action when to apply network configuration changes
435 SoftwareConfigTransport:
436 default: POLL_SERVER_CFN
438 How the server should receive the metadata required for software configuration.
441 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
446 The DNS domain used for the hosts. This should match the dhcp_domain
447 configured in the Undercloud neutron. Defaults to localdomain.
451 Extra properties or metadata passed to Nova for the created nodes in
452 the overcloud. It's accessible via the Nova metadata API.
456 description: Optional scheduler hints to pass to nova
458 ServiceConfigSettings:
464 description: Do not use deprecated params, they will be removed.
466 - controllerExtraConfig
471 type: OS::Nova::Server
473 image: {get_param: Image}
474 image_update_policy: {get_param: ImageUpdatePolicy}
475 flavor: {get_param: Flavor}
476 key_name: {get_param: KeyName}
479 user_data_format: SOFTWARE_CONFIG
480 user_data: {get_resource: UserData}
483 template: {get_param: Hostname}
484 params: {get_param: HostnameMap}
485 software_config_transport: {get_param: SoftwareConfigTransport}
486 metadata: {get_param: ServerMetadata}
487 scheduler_hints: {get_param: SchedulerHints}
489 # Combine the NodeAdminUserData and NodeUserData mime archives
491 type: OS::Heat::MultipartMime
494 - config: {get_resource: NodeAdminUserData}
496 - config: {get_resource: NodeUserData}
499 # Creates the "heat-admin" user if configured via the environment
500 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
502 type: OS::TripleO::NodeAdminUserData
504 # For optional operator additional userdata
505 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
507 type: OS::TripleO::NodeUserData
510 type: OS::TripleO::Controller::Ports::ExternalPort
512 IPPool: {get_param: ControllerIPs}
513 NodeIndex: {get_param: NodeIndex}
514 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
517 type: OS::TripleO::Controller::Ports::InternalApiPort
519 IPPool: {get_param: ControllerIPs}
520 NodeIndex: {get_param: NodeIndex}
521 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
524 type: OS::TripleO::Controller::Ports::StoragePort
526 IPPool: {get_param: ControllerIPs}
527 NodeIndex: {get_param: NodeIndex}
528 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
531 type: OS::TripleO::Controller::Ports::StorageMgmtPort
533 IPPool: {get_param: ControllerIPs}
534 NodeIndex: {get_param: NodeIndex}
535 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
538 type: OS::TripleO::Controller::Ports::TenantPort
540 IPPool: {get_param: ControllerIPs}
541 NodeIndex: {get_param: NodeIndex}
542 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
545 type: OS::TripleO::Controller::Ports::ManagementPort
547 IPPool: {get_param: ControllerIPs}
548 NodeIndex: {get_param: NodeIndex}
549 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
552 type: OS::TripleO::Network::Ports::NetIpMap
554 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
555 ExternalIp: {get_attr: [ExternalPort, ip_address]}
556 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
557 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
558 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
559 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
560 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
561 StorageIp: {get_attr: [StoragePort, ip_address]}
562 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
563 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
564 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
565 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
566 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
567 TenantIp: {get_attr: [TenantPort, ip_address]}
568 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
569 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
570 ManagementIp: {get_attr: [ManagementPort, ip_address]}
571 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
572 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
575 type: OS::TripleO::Controller::Net::SoftwareConfig
577 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
578 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
579 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
580 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
581 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
582 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
583 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
586 type: OS::TripleO::SoftwareDeployment
588 name: NetworkDeployment
589 config: {get_resource: NetworkConfig}
590 server: {get_resource: Controller}
591 actions: {get_param: NetworkDeploymentActions}
594 interface_name: {get_param: NeutronPublicInterface}
596 # Resource for site-specific injection of root certificate
598 depends_on: NetworkDeployment
599 type: OS::TripleO::NodeTLSCAData
601 server: {get_resource: Controller}
603 # Resource for site-specific passing of private keys/certificates
605 depends_on: NodeTLSCAData
606 type: OS::TripleO::NodeTLSData
608 server: {get_resource: Controller}
609 NodeIndex: {get_param: NodeIndex}
612 ControllerDeployment:
613 type: OS::TripleO::SoftwareDeployment
614 depends_on: NetworkDeployment
616 name: ControllerDeployment
617 config: {get_resource: ControllerConfig}
618 server: {get_resource: Controller}
620 bootstack_nodeid: {get_attr: [Controller, name]}
621 ceilometer_workers: {get_param: CeilometerWorkers}
622 nova_workers: {get_param: NovaWorkers}
623 haproxy_log_address: {get_param: HAProxySyslogAddress}
624 haproxy_stats_password: {get_param: HAProxyStatsPassword}
625 haproxy_stats_user: {get_param: HAProxyStatsUser}
626 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
627 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
628 horizon_secret: {get_param: HorizonSecret}
629 admin_password: {get_param: AdminPassword}
630 debug: {get_param: Debug}
631 cinder_public_url: {get_param: [EndpointMap, CinderPublic, uri]}
632 cinder_internal_url: {get_param: [EndpointMap, CinderInternal, uri]}
633 cinder_admin_url: {get_param: [EndpointMap, CinderAdmin, uri]}
634 cinder_public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]}
635 cinder_internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]}
636 cinder_admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]}
637 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
638 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
639 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
640 enable_fencing: {get_param: EnableFencing}
641 enable_galera: {get_param: EnableGalera}
642 enable_load_balancer: {get_param: EnableLoadBalancer}
643 enable_ceph_storage: {get_param: EnableCephStorage}
644 enable_swift_storage: {get_param: EnableSwiftStorage}
645 manage_firewall: {get_param: ManageFirewall}
646 purge_firewall_rules: {get_param: PurgeFirewallRules}
647 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
648 mysql_max_connections: {get_param: MysqlMaxConnections}
649 mysql_root_password: {get_param: MysqlRootPassword}
650 mysql_clustercheck_password: {get_param: MysqlClustercheckPassword}
653 template: tripleo-CLUSTER
655 CLUSTER: {get_param: MysqlClusterUniquePart}
656 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
657 neutron_password: {get_param: NeutronPassword}
658 neutron_tenant_mtu: {get_param: NeutronTenantMtu}
659 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
660 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
661 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
662 neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
663 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
664 ceilometer_backend: {get_param: CeilometerBackend}
665 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
666 ceilometer_password: {get_param: CeilometerPassword}
667 ceilometer_store_events: {get_param: CeilometerStoreEvents}
668 aodh_password: {get_param: AodhPassword}
669 aodh_internal_url: { get_param: [ EndpointMap, AodhInternal, uri ] }
670 aodh_public_url: { get_param: [ EndpointMap, AodhPublic, uri ] }
671 aodh_admin_url: { get_param: [ EndpointMap, AodhAdmin, uri ] }
672 ceilometer_meter_dispatcher: {get_param: CeilometerMeterDispatcher}
673 gnocchi_password: {get_param: GnocchiPassword}
674 gnocchi_backend: {get_param: GnocchiBackend}
675 gnocchi_indexer_backend: {get_param: GnocchiIndexerBackend}
676 ceilometer_coordination_url:
680 - {get_param: RedisPassword}
682 - {get_param: RedisVirtualIPUri}
687 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
689 - {get_param: CeilometerPassword}
691 - {get_param: [EndpointMap, MysqlInternal, host]}
696 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
698 - {get_param: GnocchiPassword}
700 - {get_param: [EndpointMap, MysqlInternal, host]}
702 gnocchi_internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]}
703 gnocchi_public_url: { get_param: [ EndpointMap, GnocchiPublic, uri ] }
704 gnocchi_admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] }
705 ceilometer_public_url: {get_param: [EndpointMap, CeilometerPublic, uri]}
706 ceilometer_internal_url: {get_param: [EndpointMap, CeilometerInternal, uri]}
707 ceilometer_admin_url: {get_param: [EndpointMap, CeilometerAdmin, uri]}
708 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
709 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
710 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
711 nova_ipv6: {get_param: NovaIPv6}
712 corosync_ipv6: {get_param: CorosyncIPv6}
713 memcached_ipv6: {get_param: MemcachedIPv6}
714 nova_password: {get_param: NovaPassword}
718 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
720 - {get_param: NovaPassword}
722 - {get_param: [EndpointMap, MysqlInternal, host]}
727 - - {get_param: [EndpointMap, MysqlInternal, protocol]}
729 - {get_param: NovaPassword}
731 - {get_param: [EndpointMap, MysqlInternal, host]}
733 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
734 instance_name_template: {get_param: InstanceNameTemplate}
735 nova_public_url: {get_param: [EndpointMap, NovaPublic, uri]}
736 nova_internal_url: {get_param: [EndpointMap, NovaInternal, uri]}
737 nova_admin_url: {get_param: [EndpointMap, NovaAdmin, uri]}
738 fencing_config: {get_param: FencingConfig}
739 pcsd_password: {get_param: PcsdPassword}
740 rabbit_username: {get_param: RabbitUserName}
741 rabbit_password: {get_param: RabbitPassword}
742 rabbit_cookie: {get_param: RabbitCookie}
743 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
744 rabbit_client_port: {get_param: RabbitClientPort}
745 ntp_servers: {get_param: NtpServer}
746 timezone: {get_param: TimeZone}
747 control_virtual_interface: {get_param: ControlVirtualInterface}
748 public_virtual_interface: {get_param: PublicVirtualInterface}
749 swift_hash_suffix: {get_param: SwiftHashSuffix}
750 swift_part_power: {get_param: SwiftPartPower}
751 swift_ring_build: {get_param: SwiftRingBuild}
752 swift_replicas: {get_param: SwiftReplicas}
753 swift_min_part_hours: {get_param: SwiftMinPartHours}
754 swift_mount_check: {get_param: SwiftMountCheck}
755 enable_package_install: {get_param: EnablePackageInstall}
756 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
757 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
758 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
759 cinder_iscsi_network:
763 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
764 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
765 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
766 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
767 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
768 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
769 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
770 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
771 keystone_region: {get_param: KeystoneRegion}
772 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
773 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
774 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
775 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
776 aodh_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]}
777 gnocchi_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]}
778 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
779 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
780 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
783 template: "['SUBNET']"
785 SUBNET: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
786 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
787 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
788 redis_vip: {get_param: RedisVirtualIP}
789 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
790 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
791 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
792 mysql_virtual_ip: {get_param: MysqlVirtualIP}
793 ceph_cluster_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
794 ceph_public_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
795 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
796 ironic_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]}
798 # Map heat metadata into hiera datafiles
800 type: OS::Heat::StructuredConfig
802 group: os-apply-config
807 - heat_config_%{::deploy_config_name}
808 - controller_extraconfig
814 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
815 - ceph_cluster # provided by CephClusterConfig
817 - bootstrap_node # provided by BootstrapNodeConfig
818 - all_nodes # provided by allNodesConfig
819 - vip_data # provided by vip-config
823 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
824 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
825 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
826 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
827 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
828 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
829 - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
830 - midonet_data #Optionally provided by AllNodesExtraConfig
831 - neutron_opencontrail_data # Optionally provided by ControllerExtraConfigPre
832 - neutron_plumgrid_data # Optionally provided by ControllerExtraConfigPre
833 merge_behavior: deeper
836 mapped_data: {get_param: ServiceConfigSettings}
837 controller_extraconfig:
840 - {get_param: controllerExtraConfig}
841 - {get_param: ControllerExtraConfig}
843 mapped_data: {get_param: ExtraConfig}
845 raw_data: {get_file: hieradata/common.yaml}
848 net_ip_map: {get_attr: [NetIpMap, net_ip_map]}
849 net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]}
850 net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]}
852 raw_data: {get_file: hieradata/ceph.yaml}
854 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
855 ceph::profile::params::public_network: {get_input: ceph_public_network}
856 ceph::profile::params::public_addr: {get_input: ceph_public_ip}
858 raw_data: {get_file: hieradata/database.yaml}
860 raw_data: {get_file: hieradata/object.yaml}
862 raw_data: {get_file: hieradata/controller.yaml}
863 mapped_data: # data supplied directly to this deployment configuration, etc
864 bootstack_nodeid: {get_input: bootstack_nodeid}
867 enable_fencing: {get_input: enable_fencing}
868 enable_load_balancer: {get_input: enable_load_balancer}
869 hacluster_pwd: {get_input: pcsd_password}
870 corosync_ipv6: {get_input: corosync_ipv6}
871 tripleo::fencing::config: {get_input: fencing_config}
874 # FIXME: need to move proxy_local_net_ip into swift-proxy.yaml
875 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
876 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
877 swift::swift_hash_path_suffix: {get_input: swift_hash_suffix}
878 tripleo::ringbuilder::build_ring: { get_input: swift_ring_build }
879 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
880 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
881 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
882 swift_mount_check: {get_input: swift_mount_check}
885 tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: {get_input: cinder_iscsi_network}
886 cinder::api::bind_host: {get_input: cinder_api_network}
887 cinder::keystone::auth::public_url: {get_input: cinder_public_url }
888 cinder::keystone::auth::internal_url: {get_input: cinder_internal_url }
889 cinder::keystone::auth::admin_url: {get_input: cinder_admin_url }
890 cinder::keystone::auth::public_url_v2: {get_input: cinder_public_url_v2 }
891 cinder::keystone::auth::internal_url_v2: {get_input: cinder_internal_url_v2 }
892 cinder::keystone::auth::admin_url_v2: {get_input: cinder_admin_url_v2 }
893 cinder::keystone::auth::password: {get_input: cinder_password }
894 cinder::keystone::auth::region: {get_input: keystone_region}
897 glance::api::bind_host: {get_input: glance_api_network}
898 glance::registry::bind_host: {get_input: glance_registry_network}
899 glance::keystone::auth::region: {get_input: keystone_region}
902 heat::api::bind_host: {get_input: heat_api_network}
903 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
904 heat::api_cfn::bind_host: {get_input: heat_api_network}
905 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
908 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
909 keystone::public_bind_host: {get_input: keystone_public_api_network}
910 keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
911 keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
914 mongodb::server::bind_ip: {get_input: mongo_db_network}
917 admin_password: {get_input: admin_password}
918 enable_galera: {get_input: enable_galera}
919 enable_ceph_storage: {get_input: enable_ceph_storage}
920 enable_swift_storage: {get_input: enable_swift_storage}
921 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
922 mysql_max_connections: {get_input: mysql_max_connections}
923 mysql::server::root_password: {get_input: mysql_root_password}
924 mysql_clustercheck_password: {get_input: mysql_clustercheck_password}
925 mysql_cluster_name: {get_input: mysql_cluster_name}
926 mysql_bind_host: {get_input: mysql_network}
927 mysql_virtual_ip: {get_input: mysql_virtual_ip}
930 neutron::bind_host: {get_input: neutron_api_network}
931 neutron::network_device_mtu: {get_input: neutron_tenant_mtu}
932 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
933 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
934 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
935 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
936 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
937 neutron::keystone::auth::password: {get_input: neutron_password }
938 neutron::keystone::auth::region: {get_input: keystone_region}
941 ceilometer_backend: {get_input: ceilometer_backend}
942 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
943 ceilometer::telemetry_secret: {get_input: ceilometer_metering_secret}
944 ceilometer::rabbit_userid: {get_input: rabbit_username}
945 ceilometer::rabbit_password: {get_input: rabbit_password}
946 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
947 ceilometer::rabbit_port: {get_input: rabbit_client_port}
948 ceilometer::debug: {get_input: debug}
949 ceilometer::api::host: {get_input: ceilometer_api_network}
950 ceilometer::api::keystone_password: {get_input: ceilometer_password}
951 ceilometer::api::auth_uri: {get_input: keystone_auth_uri}
952 ceilometer::api::identity_uri: {get_input: keystone_identity_uri}
953 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
954 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
955 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
956 ceilometer::agent::notification::store_events: {get_input: ceilometer_store_events}
957 ceilometer::db::mysql::password: {get_input: ceilometer_password}
958 ceilometer::collector::meter_dispatcher: {get_input: ceilometer_meter_dispatcher}
959 ceilometer::dispatcher::gnocchi::url: {get_input: gnocchi_internal_url }
960 ceilometer::dispatcher::gnocchi::filter_project: 'service'
961 ceilometer::dispatcher::gnocchi::archive_policy: 'low'
962 ceilometer::dispatcher::gnocchi::resources_definition_file: 'gnocchi_resources.yaml'
963 ceilometer::keystone::auth::public_url: {get_input: ceilometer_public_url }
964 ceilometer::keystone::auth::internal_url: {get_input: ceilometer_internal_url }
965 ceilometer::keystone::auth::admin_url: {get_input: ceilometer_admin_url }
966 ceilometer::keystone::auth::password: {get_input: ceilometer_password }
967 ceilometer::keystone::auth::region: {get_input: keystone_region}
968 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
969 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
972 aodh::rabbit_userid: {get_input: rabbit_username}
973 aodh::rabbit_password: {get_input: rabbit_password}
974 aodh::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
975 aodh::rabbit_port: {get_input: rabbit_client_port}
976 aodh::debug: {get_input: debug}
977 aodh::wsgi::apache::ssl: false
978 aodh::wsgi::apache::bind_host: {get_input: aodh_api_network}
979 aodh::api::service_name: 'httpd'
980 aodh::api::host: {get_input: aodh_api_network}
981 aodh::api::keystone_password: {get_input: aodh_password}
982 aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri}
983 aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri}
984 aodh::auth::auth_password: {get_input: aodh_password}
985 aodh::db::mysql::password: {get_input: aodh_password}
986 # for a migration path from ceilometer-alarm to aodh, we use the same database & coordination
987 aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url}
988 aodh::keystone::auth::public_url: {get_input: aodh_public_url }
989 aodh::keystone::auth::internal_url: {get_input: aodh_internal_url }
990 aodh::keystone::auth::admin_url: {get_input: aodh_admin_url }
991 aodh::keystone::auth::password: {get_input: aodh_password }
992 aodh::keystone::auth::region: {get_input: keystone_region}
995 gnocchi_backend: {get_input: gnocchi_backend}
996 gnocchi_indexer_backend: {get_input: gnocchi_indexer_backend}
997 gnocchi_mysql_conn_string: {get_input: gnocchi_dsn}
998 gnocchi::debug: {get_input: debug}
999 gnocchi::wsgi::apache::ssl: false
1000 gnocchi::wsgi::apache::bind_host: {get_input: gnocchi_api_network}
1001 gnocchi::api::service_name: 'httpd'
1002 gnocchi::api::host: {get_input: gnocchi_api_network}
1003 gnocchi::api::keystone_password: {get_input: gnocchi_password}
1004 gnocchi::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1005 gnocchi::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1006 gnocchi::db::mysql::password: {get_input: gnocchi_password}
1007 gnocchi::storage::swift::swift_authurl: {get_input: keystone_auth_uri}
1008 gnocchi::storage::swift::swift_key: {get_input: gnocchi_password}
1009 gnocchi::keystone::auth::public_url: {get_input: gnocchi_public_url }
1010 gnocchi::keystone::auth::internal_url: {get_input: gnocchi_internal_url }
1011 gnocchi::keystone::auth::admin_url: {get_input: gnocchi_admin_url }
1012 gnocchi::keystone::auth::password: {get_input: gnocchi_password }
1013 gnocchi::keystone::auth::region: {get_input: keystone_region}
1016 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
1017 nova::use_ipv6: {get_input: nova_ipv6}
1018 nova::api::auth_uri: {get_input: keystone_auth_uri}
1019 nova::api::identity_uri: {get_input: keystone_identity_uri}
1020 nova::api::api_bind_address: {get_input: nova_api_network}
1021 nova::api::metadata_listen: {get_input: nova_metadata_network}
1022 nova::api::admin_password: {get_input: nova_password}
1023 nova::api::osapi_compute_workers: {get_input: nova_workers}
1024 nova::api::metadata_workers: {get_input: nova_workers}
1025 nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu}
1026 nova::database_connection: {get_input: nova_dsn}
1027 nova::api_database_connection: {get_input: nova_api_dsn}
1028 nova::glance_api_servers: {get_input: glance_api_servers}
1029 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1030 nova::api::instance_name_template: {get_input: instance_name_template}
1031 nova::network::neutron::neutron_password: {get_input: neutron_password}
1032 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1033 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
1034 nova::vncproxy::host: {get_input: nova_api_network}
1035 nova::db::mysql::password: {get_input: nova_password}
1036 nova::db::mysql_api::password: {get_input: nova_password}
1037 nova_enable_db_purge: {get_input: nova_enable_db_purge}
1038 nova::keystone::auth::public_url: {get_input: nova_public_url}
1039 nova::keystone::auth::internal_url: {get_input: nova_internal_url}
1040 nova::keystone::auth::admin_url: {get_input: nova_admin_url}
1041 nova::keystone::auth::password: {get_input: nova_password }
1042 nova::keystone::auth::region: {get_input: keystone_region}
1045 apache::mod::remoteip::proxy_ips: {get_input: horizon_subnet}
1046 apache::ip: {get_input: horizon_network}
1047 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1048 horizon::django_debug: {get_input: debug}
1049 horizon::secret_key: {get_input: horizon_secret}
1050 horizon::bind_address: {get_input: horizon_network}
1051 horizon::keystone_url: {get_input: keystone_auth_uri}
1054 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1055 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1057 redis::bind: {get_input: redis_network}
1058 redis_vip: {get_input: redis_vip}
1060 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1061 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1063 memcached_ipv6: {get_input: memcached_ipv6}
1064 memcached::listen_ip: {get_input: memcached_network}
1065 ntp::servers: {get_input: ntp_servers}
1066 timezone::timezone: {get_input: timezone}
1067 control_virtual_interface: {get_input: control_virtual_interface}
1068 public_virtual_interface: {get_input: public_virtual_interface}
1069 tripleo::keepalived::control_virtual_interface: {get_input: control_virtual_interface}
1070 tripleo::keepalived::public_virtual_interface: {get_input: public_virtual_interface}
1071 tripleo::haproxy::control_virtual_interface: {get_input: control_virtual_interface}
1072 tripleo::haproxy::public_virtual_interface: {get_input: public_virtual_interface}
1073 tripleo::haproxy::haproxy_log_address: {get_input: haproxy_log_address}
1074 tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1075 tripleo::haproxy::haproxy_stats_user: {get_input: haproxy_stats_user}
1076 tripleo::haproxy::haproxy_stats_password: {get_input: haproxy_stats_password}
1077 tripleo::haproxy::redis_password: {get_input: redis_password}
1078 tripleo::packages::enable_install: {get_input: enable_package_install}
1079 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1081 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1082 ControllerExtraConfigPre:
1083 depends_on: ControllerDeployment
1084 type: OS::TripleO::ControllerExtraConfigPre
1086 server: {get_resource: Controller}
1088 # Hook for site-specific additional pre-deployment config,
1089 # applying to all nodes, e.g node registration/unregistration
1091 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1092 type: OS::TripleO::NodeExtraConfig
1094 server: {get_resource: Controller}
1097 type: OS::TripleO::Tasks::PackageUpdate
1100 type: OS::Heat::SoftwareDeployment
1102 name: UpdateDeployment
1103 config: {get_resource: UpdateConfig}
1104 server: {get_resource: Controller}
1107 get_param: UpdateIdentifier
1111 description: IP address of the server in the ctlplane network
1112 value: {get_attr: [Controller, networks, ctlplane, 0]}
1113 external_ip_address:
1114 description: IP address of the server in the external network
1115 value: {get_attr: [ExternalPort, ip_address]}
1116 internal_api_ip_address:
1117 description: IP address of the server in the internal_api network
1118 value: {get_attr: [InternalApiPort, ip_address]}
1120 description: IP address of the server in the storage network
1121 value: {get_attr: [StoragePort, ip_address]}
1122 storage_mgmt_ip_address:
1123 description: IP address of the server in the storage_mgmt network
1124 value: {get_attr: [StorageMgmtPort, ip_address]}
1126 description: IP address of the server in the tenant network
1127 value: {get_attr: [TenantPort, ip_address]}
1128 management_ip_address:
1129 description: IP address of the server in the management network
1130 value: {get_attr: [ManagementPort, ip_address]}
1132 description: Hostname of the server
1133 value: {get_attr: [Controller, name]}
1136 Server's IP address and hostname in the /etc/hosts format
1140 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
1141 EXTERNALIP EXTERNALHOST.DOMAIN EXTERNALHOST
1142 INTERNAL_APIIP INTERNAL_APIHOST.DOMAIN INTERNAL_APIHOST
1143 STORAGEIP STORAGEHOST.DOMAIN STORAGEHOST
1144 STORAGE_MGMTIP STORAGE_MGMTHOST.DOMAIN STORAGE_MGMTHOST
1145 TENANTIP TENANTHOST.DOMAIN TENANTHOST
1146 MANAGEMENTIP MANAGEMENTHOST.DOMAIN MANAGEMENTHOST
1148 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1149 DOMAIN: {get_param: CloudDomain}
1150 PRIMARYHOST: {get_attr: [Controller, name]}
1151 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
1155 - - {get_attr: [Controller, name]}
1157 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
1161 - - {get_attr: [Controller, name]}
1163 STORAGEIP: {get_attr: [StoragePort, ip_address]}
1167 - - {get_attr: [Controller, name]}
1169 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
1173 - - {get_attr: [Controller, name]}
1175 TENANTIP: {get_attr: [TenantPort, ip_address]}
1179 - - {get_attr: [Controller, name]}
1181 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
1185 - - {get_attr: [Controller, name]}
1187 nova_server_resource:
1188 description: Heat resource handle for the Nova compute server
1190 {get_resource: Controller}
1192 description: Swift device formatted for swift-ring-builder
1195 template: 'r1z1-IP:%PORT%/d1'
1197 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1198 swift_proxy_memcache:
1199 description: Swift proxy-memcache value
1202 template: "IP:11211"
1204 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1206 description: identifier which changes if the controller configuration may need re-applying
1210 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1211 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1212 - {get_attr: [NodeTLSData, deploy_stdout]}
1213 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1214 - {get_param: UpdateIdentifier}
1215 tls_key_modulus_md5:
1216 description: MD5 checksum of the TLS Key Modulus
1217 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1218 tls_cert_modulus_md5:
1219 description: MD5 checksum of the TLS Certificate Modulus
1220 value: {get_attr: [NodeTLSData, cert_modulus_md5]}