1 heat_template_version: 2015-10-15
4 OpenStack controller node configured by Puppet.
8 default: 'admin@example.com'
9 description: The email for the keystone admin account.
13 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
17 description: The keystone auth secret and db password.
24 description: The password for the aodh services.
27 CeilometerApiVirtualIP:
32 description: The ceilometer backend type.
34 CeilometerMeteringSecret:
35 description: Secret shared by the ceilometer services.
39 description: The password for the ceilometer service and db account.
42 CeilometerStoreEvents:
44 description: Whether to store events in ceilometer.
51 description: Number of workers for Ceilometer service.
56 Whether to create cron job for purging soft deleted rows in Cinder database.
58 CinderEnableNfsBackend:
60 description: Whether to enable or not the NFS backend for Cinder
62 CinderEnableIscsiBackend:
64 description: Whether to enable or not the Iscsi backend for Cinder
66 CinderEnableRbdBackend:
68 description: Whether to enable or not the Rbd backend for Cinder
72 description: The iSCSI helper to use with cinder.
74 CinderLVMLoopDeviceSize:
76 description: The size of the loopback file used by the cinder LVM driver.
78 CinderNfsMountOptions:
81 Mount options for NFS mounts used by Cinder NFS backend. Effective
82 when CinderEnableNfsBackend is true.
87 NFS servers used by Cinder NFS backend. Effective when
88 CinderEnableNfsBackend is true.
89 type: comma_delimited_list
91 description: The password for the cinder service and db account, used by cinder-api.
96 description: Contains parameters to configure Cinder backends. Typically
97 set via parameter_defaults in the resource registry.
101 description: Number of workers for Cinder service.
103 ControllerExtraConfig:
106 Controller specific hiera configuration data to inject into the cluster.
111 A network mapped list of IPs to assign to Controllers in the following form:
113 "internal_api": ["a.b.c.d", "e.f.g.h"],
117 ControlVirtualInterface:
119 description: Interface where virtual ip will be assigned.
123 description: Enable IPv6 in Corosync
127 description: Set to True to enable debugging on all services.
131 description: Whether to enable fencing in Pacemaker or not.
135 description: Whether to use Galera instead of regular MariaDB.
139 description: Whether to deploy a LoadBalancer on the Controller
143 description: Whether to deploy Ceph Storage (OSD) on the Controller
147 description: Whether to enable Swift Storage on the Controller
152 Additional hieradata to inject into the cluster, note that
153 ControllerExtraConfig takes precedence over ExtraConfig.
158 Pacemaker fencing configuration. The JSON should have
159 the following structure:
163 "agent": "AGENT_NAME",
164 "host_mac": "HOST_MAC_ADDRESS",
165 "params": {"PARAM_NAME": "PARAM_VALUE"}
173 "agent": "fence_xvm",
174 "host_mac": "52:54:00:aa:bb:cc",
176 "multicast_address": "225.0.0.12",
177 "port": "baremetal_0",
179 "manage_key_file": true,
180 "key_file": "/etc/fence_xvm.key",
181 "key_file_password": "abcdef"
188 description: Flavor for control nodes to request when deploying.
191 - custom_constraint: nova.flavor
192 GlanceNotifierStrategy:
193 description: Strategy to use for Glance notification queue
197 description: The filepath of the file to use for logging messages from Glance.
201 description: The password for the glance service and db account, used by the glance services.
206 description: The short name of the Glance backend to use. Should be one
207 of swift, rbd, or file
210 - allowed_values: ['swift', 'file', 'rbd']
211 GlanceFilePcmkDevice:
214 An exported storage device that should be mounted by Pacemaker
215 as Glance storage. Effective when GlanceFilePcmkManage is true.
217 GlanceFilePcmkFstype:
220 Filesystem type for Pacemaker mount used as Glance storage.
221 Effective when GlanceFilePcmkManage is true.
223 GlanceFilePcmkManage:
226 Whether to make Glance file backend a mount managed by Pacemaker.
227 Effective when GlanceBackend is 'file'.
229 GlanceFilePcmkOptions:
232 Mount options for Pacemaker mount used as Glance storage.
233 Effective when GlanceFilePcmkManage is true.
235 HAProxyStatsPassword:
236 description: Password for HAProxy stats endpoint
239 description: User for HAProxy stats endpoint
242 HAProxySyslogAddress:
244 description: Syslog address where HAproxy will send its log
248 description: Number of workers for Glance service.
251 description: The password for the Heat service and db account, used by the Heat services.
254 HeatStackDomainAdminPassword:
255 description: Password for heat_stack_domain_admin user.
258 HeatAuthEncryptionKey:
259 description: Auth encryption key for heat-engine
264 description: A list of IP/Hostname allowed to connect to horizon
265 type: comma_delimited_list
268 description: Number of workers for Heat service.
274 Whether to create cron job for purging soft deleted rows in the Heat database.
276 description: Secret key for Django
281 default: overcloud-control
283 - custom_constraint: glance.image
285 default: 'REBUILD_PRESERVE_EPHEMERAL'
286 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
288 InstanceNameTemplate:
289 default: 'instance-%08x'
290 description: Template string to be used to generate instance names
294 description: Name of an existing Nova key pair to enable SSH access to the instances
297 - custom_constraint: nova.keypair
298 KeystoneCACertificate:
300 description: Keystone self-signed certificate authority certificate.
302 KeystoneEnableDBPurge:
305 Whether to create cron job for purging soft deleted rows in Keystone database.
307 KeystoneSigningCertificate:
309 description: Keystone certificate for verifying token validity.
313 description: Keystone key for signing tokens.
316 KeystoneSSLCertificate:
318 description: Keystone certificate for verifying token validity.
320 KeystoneSSLCertificateKey:
322 description: Keystone key for signing tokens.
325 KeystoneNotificationDriver:
326 description: Comma-separated list of Oslo notification drivers used by Keystone
327 default: ['messaging']
328 type: comma_delimited_list
329 KeystoneNotificationFormat:
330 description: The Keystone notification format
334 - allowed_values: [ 'basic', 'cadf' ]
338 description: Keystone region for endpoint
341 description: Whether to manage IPtables rules.
345 description: Enable IPv6 features in Memcached.
349 description: Whether IPtables rules should be purged before setting up the new ones.
353 description: Number of workers for Keystone service.
360 description: The password for the sahara service account, used by sahara-api.
363 MysqlClusterUniquePart:
364 description: A unique identifier of the MySQL cluster the controller is in.
366 default: 'unset' # Has to be here because of the ignored empty value bug
367 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
369 # - length: {min: 4, max: 10}
370 MysqlInnodbBufferPoolSize:
372 Specifies the size of the buffer pool in megabytes. Setting to
373 zero should be interpreted as "no value" and will defer to the
378 description: Configures MySQL max_connections config setting
384 default: '' # Has to be here because of the ignored empty value bug
385 NeutronExternalNetworkBridge:
386 description: Name of bridge used for external network traffic.
389 NeutronBridgeMappings:
391 The OVS logical->physical bridge mappings to use. See the Neutron
392 documentation for details. Defaults to mapping br-ex - the external
393 bridge on hosts - to a physical name 'datacentre' which can be used
394 to create provider networks (and we use this for the default floating
395 network) - if changing this either use different post-install network
396 scripts or be sure to keep 'datacentre' as a mapping network name.
397 type: comma_delimited_list
398 default: "datacentre:br-ex"
399 NeutronDnsmasqOptions:
400 default: 'dhcp-option-force=26,1400'
401 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
403 NeutronEnableDHCPAgent:
404 description: Knob to enable/disable DHCP Agent
407 NeutronEnableL3Agent:
408 description: Knob to enable/disable L3 agent
411 NeutronEnableMetadataAgent:
412 description: Knob to enable/disable Metadata agent
415 NeutronEnableOVSAgent:
416 description: Knob to enable/disable OVS Agent
421 description: Agent mode for the neutron-l3-agent on the controller hosts
425 description: Whether to enable l3-agent HA
427 NeutronDhcpAgentsPerNetwork:
430 description: The number of neutron dhcp agents to schedule per network
433 description: Whether to configure Neutron Distributed Virtual Routers
435 NeutronMetadataProxySharedSecret:
436 description: Shared secret to prevent spoofing
442 The core plugin for Neutron. The value should be the entrypoint to be loaded
443 from neutron.core_plugins namespace.
445 NeutronServicePlugins:
446 default: "router,qos"
448 Comma-separated list of service plugin entrypoints to be loaded from the
449 neutron.service_plugins namespace.
450 type: comma_delimited_list
452 default: "vxlan,vlan,flat,gre"
454 Comma-separated list of network type driver entrypoints to be loaded.
455 type: comma_delimited_list
456 NeutronMechanismDrivers:
457 default: 'openvswitch'
459 The mechanism drivers for the Neutron tenant network.
460 type: comma_delimited_list
461 NeutronAllowL3AgentFailover:
463 description: Allow automatic l3-agent failover
465 NeutronEnableIsolatedMetadata:
467 description: If True, DHCP provide metadata route to VM.
469 NeutronEnableTunnelling:
475 Enable/disable the L2 population feature in the Neutron agents.
478 type: comma_delimited_list
479 default: 'datacentre'
480 description: If set, flat networks to configure in neutron plugins.
483 description: Whether to enable l3-agent HA
487 description: The tenant network type for Neutron.
488 type: comma_delimited_list
489 NeutronNetworkVLANRanges:
490 default: 'datacentre:1:1000'
492 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
493 Neutron documentation for permitted values. Defaults to permitting any
494 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
495 type: comma_delimited_list
497 description: The password for the neutron service and db account, used by neutron agents.
500 NeutronPublicInterface:
502 description: What interface to bridge onto br-ex for network nodes.
504 NeutronPublicInterfaceTag:
507 VLAN tag for creating a public VLAN. The tag will be used to
508 create an access port on the exterior bridge for each control plane node,
509 and that port will be given the IP address returned by neutron from the
510 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
511 overcloud.yaml to include the deployment of VLAN ports to the control
514 NeutronPublicInterfaceDefaultRoute:
516 description: A custom default route for the NeutronPublicInterface.
518 NeutronPublicInterfaceIP:
520 description: A custom IP address to put onto the NeutronPublicInterface.
522 NeutronPublicInterfaceRawDevice:
524 description: If set, the public interface is a vlan with this device as the raw device.
528 The default MTU for tenant networks. For VXLAN/GRE tunneling, this should
529 be at least 50 bytes smaller than the MTU on the physical network. This
530 value will be used to set the MTU on the virtual Ethernet device.
531 This number is related to the value of NeutronDnsmasqOptions, since that
532 will determine the MTU that is assigned to the VM host through DHCP.
538 The tunnel types for the Neutron tenant network.
539 type: comma_delimited_list
540 NeutronTunnelIdRanges:
542 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
543 of GRE tunnel IDs that are available for tenant network allocation
544 default: ["1:4094", ]
545 type: comma_delimited_list
548 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
549 of VXLAN VNI IDs that are available for tenant network allocation
550 default: ["1:4094", ]
551 type: comma_delimited_list
552 NeutronPluginExtensions:
553 default: "qos,port_security"
555 Comma-separated list of extensions enabled for the Neutron plugin.
556 type: comma_delimited_list
557 NeutronAgentExtensions:
560 Comma-separated list of extensions enabled for the Neutron agents.
561 type: comma_delimited_list
567 description: Number of workers for Neutron service.
572 Whether to create cron job for purging soft deleted rows in Nova database.
576 description: Enable IPv6 features in Nova
579 description: The password for the nova service and db account, used by nova-api.
584 description: Number of workers for Nova service.
588 description: Should MongoDb journaling be disabled
592 description: Enable IPv6 if Mongo DB VIP is IPv6
596 description: Comma-separated list of ntp servers
597 type: comma_delimited_list
600 description: The password for the 'pcsd' user.
602 PublicVirtualInterface:
605 Specifies the interface where the public-facing virtual ip will be assigned.
606 This should be int_public when a VLAN is being used.
610 default: '' # Has to be here because of the ignored empty value bug
613 default: '' # Has to be here because of the ignored empty value bug
616 description: The password for RabbitMQ
621 description: The username for RabbitMQ
626 Rabbit client subscriber parameter to specify
627 an SSL connection to the RabbitMQ host.
631 description: Set rabbit subscriber port, change this if using SSL
635 description: Configures RabbitMQ FD limit
639 description: Enable IPv6 in RabbitMQ
643 description: The password to access the Redis service
647 default: '' # Has to be here because of the ignored empty value bug
650 default: '' # Has to be here because of the ignored empty value bug
651 description: An IP address which is wrapped in brackets in case of IPv6
652 SnmpdReadonlyUserName:
653 default: ro_snmp_user
654 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
656 SnmpdReadonlyUserPassword:
657 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
661 description: A random string to be used as a salt when hashing to determine mappings
667 description: Value of mount_check in Swift account/container/object -server.conf
672 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
675 description: Partition Power to use when building Swift rings
679 description: Whether to manage Swift rings or not
682 description: The password for the swift service account, used by the swift proxy
692 description: How many replicas to use in the swift rings.
695 description: Number of workers for Swift service.
699 description: The timezone to be set on controller nodes.
701 UpgradeLevelNovaCompute:
703 description: Nova Compute upgrade level
705 VirtualIP: # DEPRECATED: use per service settings instead
707 default: '' # Has to be here because of the ignored empty value bug
717 GlanceRegistryVirtualIP:
726 KeystoneAdminApiVirtualIP:
729 KeystonePublicApiVirtualIP:
735 EnablePackageInstall:
737 description: Set to true to enable package installation via Puppet
741 description: Mapping of service_name -> network name. Typically set
742 via parameter_defaults in the resource registry.
746 description: Mapping of service endpoint -> protocol. Typically set
747 via parameter_defaults in the resource registry.
753 Setting to a previously unused value during stack-update will trigger
754 package update on all nodes
757 default: '' # Defaults to Heat created hostname
761 description: Optional mapping to override hostnames
762 NetworkDeploymentActions:
763 type: comma_delimited_list
765 Heat action when to apply network configuration changes
770 SoftwareConfigTransport:
771 default: POLL_SERVER_CFN
773 How the server should receive the metadata required for software configuration.
776 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
781 The DNS domain used for the hosts. This should match the dhcp_domain
782 configured in the Undercloud neutron. Defaults to localdomain.
786 Extra properties or metadata passed to Nova for the created nodes in
787 the overcloud. It's accessible via the Nova metadata API.
791 description: Optional scheduler hints to pass to nova
797 type: OS::Nova::Server
799 image: {get_param: Image}
800 image_update_policy: {get_param: ImageUpdatePolicy}
801 flavor: {get_param: Flavor}
802 key_name: {get_param: KeyName}
805 user_data_format: SOFTWARE_CONFIG
806 user_data: {get_resource: UserData}
809 template: {get_param: Hostname}
810 params: {get_param: HostnameMap}
811 software_config_transport: {get_param: SoftwareConfigTransport}
812 metadata: {get_param: ServerMetadata}
813 scheduler_hints: {get_param: SchedulerHints}
815 # Combine the NodeAdminUserData and NodeUserData mime archives
817 type: OS::Heat::MultipartMime
820 - config: {get_resource: NodeAdminUserData}
822 - config: {get_resource: NodeUserData}
825 # Creates the "heat-admin" user if configured via the environment
826 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
828 type: OS::TripleO::NodeAdminUserData
830 # For optional operator additional userdata
831 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
833 type: OS::TripleO::NodeUserData
836 type: OS::TripleO::Controller::Ports::ExternalPort
838 IPPool: {get_param: ControllerIPs}
839 NodeIndex: {get_param: NodeIndex}
840 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
843 type: OS::TripleO::Controller::Ports::InternalApiPort
845 IPPool: {get_param: ControllerIPs}
846 NodeIndex: {get_param: NodeIndex}
847 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
850 type: OS::TripleO::Controller::Ports::StoragePort
852 IPPool: {get_param: ControllerIPs}
853 NodeIndex: {get_param: NodeIndex}
854 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
857 type: OS::TripleO::Controller::Ports::StorageMgmtPort
859 IPPool: {get_param: ControllerIPs}
860 NodeIndex: {get_param: NodeIndex}
861 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
864 type: OS::TripleO::Controller::Ports::TenantPort
866 IPPool: {get_param: ControllerIPs}
867 NodeIndex: {get_param: NodeIndex}
868 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
871 type: OS::TripleO::Controller::Ports::ManagementPort
873 IPPool: {get_param: ControllerIPs}
874 NodeIndex: {get_param: NodeIndex}
875 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
878 type: OS::TripleO::Network::Ports::NetIpMap
880 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
881 ExternalIp: {get_attr: [ExternalPort, ip_address]}
882 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
883 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
884 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
885 StorageIp: {get_attr: [StoragePort, ip_address]}
886 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
887 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
888 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
889 TenantIp: {get_attr: [TenantPort, ip_address]}
890 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
891 ManagementIp: {get_attr: [ManagementPort, ip_address]}
892 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
895 type: OS::TripleO::Network::Ports::NetIpSubnetMap
897 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
898 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
899 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
900 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
901 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
902 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
903 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
906 type: OS::TripleO::Controller::Net::SoftwareConfig
908 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
909 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
910 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
911 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
912 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
913 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
914 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
917 type: OS::TripleO::SoftwareDeployment
919 name: NetworkDeployment
920 config: {get_resource: NetworkConfig}
921 server: {get_resource: Controller}
922 actions: {get_param: NetworkDeploymentActions}
925 interface_name: {get_param: NeutronPublicInterface}
927 # Resource for site-specific injection of root certificate
929 depends_on: NetworkDeployment
930 type: OS::TripleO::NodeTLSCAData
932 server: {get_resource: Controller}
934 # Resource for site-specific passing of private keys/certificates
936 depends_on: NodeTLSCAData
937 type: OS::TripleO::NodeTLSData
939 server: {get_resource: Controller}
940 NodeIndex: {get_param: NodeIndex}
943 ControllerDeployment:
944 type: OS::TripleO::SoftwareDeployment
945 depends_on: NetworkDeployment
947 name: ControllerDeployment
948 config: {get_resource: ControllerConfig}
949 server: {get_resource: Controller}
951 bootstack_nodeid: {get_attr: [Controller, name]}
952 ceilometer_workers: {get_param: CeilometerWorkers}
953 cinder_workers: {get_param: CinderWorkers}
954 glance_workers: {get_param: GlanceWorkers}
955 heat_workers: {get_param: HeatWorkers}
956 keystone_workers: {get_param: KeystoneWorkers}
957 nova_workers: {get_param: NovaWorkers}
958 neutron_workers: {get_param: NeutronWorkers}
959 swift_workers: {get_param: SwiftWorkers}
960 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
961 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
962 neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
963 haproxy_log_address: {get_param: HAProxySyslogAddress}
964 haproxy_stats_password: {get_param: HAProxyStatsPassword}
965 haproxy_stats_user: {get_param: HAProxyStatsUser}
966 heat.watch_server_url:
970 - {get_param: HeatApiVirtualIPUri}
972 heat.metadata_server_url:
976 - {get_param: HeatApiVirtualIPUri}
978 heat.waitcondition_server_url:
982 - {get_param: HeatApiVirtualIPUri}
983 - ':8000/v1/waitcondition'
984 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
985 heat_enable_db_purge: {get_param: HeatEnableDBPurge}
986 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
987 horizon_secret: {get_param: HorizonSecret}
988 admin_email: {get_param: AdminEmail}
989 admin_password: {get_param: AdminPassword}
990 admin_token: {get_param: AdminToken}
991 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
992 debug: {get_param: Debug}
993 cinder_enable_db_purge: {get_param: CinderEnableDBPurge}
994 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
995 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
996 cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
1001 SERVERS: {get_param: CinderNfsServers}
1002 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
1003 cinder_password: {get_param: CinderPassword}
1004 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
1005 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
1006 cinder_backend_config: {get_param: CinderBackendConfig}
1010 - - 'mysql+pymysql://cinder:'
1011 - {get_param: CinderPassword}
1013 - {get_param: MysqlVirtualIPUri}
1015 glance_port: {get_param: [EndpointMap, GlanceInternal, port]}
1016 glance_password: {get_param: GlancePassword}
1017 glance_backend: {get_param: GlanceBackend}
1018 glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice}
1019 glance_file_pcmk_fstype: {get_param: GlanceFilePcmkFstype}
1020 glance_file_pcmk_manage: {get_param: GlanceFilePcmkManage}
1021 glance_file_pcmk_options: {get_param: GlanceFilePcmkOptions}
1022 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
1023 glance_log_file: {get_param: GlanceLogFile}
1027 - - 'mysql+pymysql://glance:'
1028 - {get_param: GlancePassword}
1030 - {get_param: MysqlVirtualIPUri}
1032 heat_password: {get_param: HeatPassword}
1033 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
1037 - - 'mysql+pymysql://heat:'
1038 - {get_param: HeatPassword}
1040 - {get_param: MysqlVirtualIPUri}
1042 keystone_ca_certificate: {get_param: KeystoneCACertificate}
1043 keystone_signing_key: {get_param: KeystoneSigningKey}
1044 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
1045 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
1046 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
1047 keystone_notification_driver: {get_param: KeystoneNotificationDriver}
1048 keystone_notification_format: {get_param: KeystoneNotificationFormat}
1049 keystone_enable_db_purge: {get_param: KeystoneEnableDBPurge}
1053 - - 'mysql+pymysql://keystone:'
1054 - {get_param: AdminToken}
1056 - {get_param: MysqlVirtualIPUri}
1058 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
1059 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
1060 keystone_public_url: { get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
1061 keystone_internal_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
1062 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
1063 enable_fencing: {get_param: EnableFencing}
1064 enable_galera: {get_param: EnableGalera}
1065 enable_load_balancer: {get_param: EnableLoadBalancer}
1066 enable_ceph_storage: {get_param: EnableCephStorage}
1067 enable_swift_storage: {get_param: EnableSwiftStorage}
1068 manage_firewall: {get_param: ManageFirewall}
1069 purge_firewall_rules: {get_param: PurgeFirewallRules}
1070 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
1071 mysql_max_connections: {get_param: MysqlMaxConnections}
1072 mysql_root_password: {get_param: MysqlRootPassword}
1075 template: tripleo-CLUSTER
1077 CLUSTER: {get_param: MysqlClusterUniquePart}
1078 neutron_flat_networks:
1082 NETWORKS: {get_param: NeutronFlatNetworks}
1083 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
1084 neutron_agent_mode: {get_param: NeutronAgentMode}
1085 neutron_router_distributed: {get_param: NeutronDVR}
1086 neutron_core_plugin: {get_param: NeutronCorePlugin}
1087 neutron_service_plugins:
1091 PLUGINS: {get_param: NeutronServicePlugins}
1092 neutron_type_drivers:
1096 DRIVERS: {get_param: NeutronTypeDrivers}
1097 neutron_enable_dhcp_agent: {get_param: NeutronEnableDHCPAgent}
1098 neutron_enable_l3_agent: {get_param: NeutronEnableL3Agent}
1099 neutron_enable_metadata_agent: {get_param: NeutronEnableMetadataAgent}
1100 neutron_enable_ovs_agent: {get_param: NeutronEnableOVSAgent}
1101 neutron_mechanism_drivers:
1103 template: MECHANISMS
1105 MECHANISMS: {get_param: NeutronMechanismDrivers}
1106 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
1107 neutron_l3_ha: {get_param: NeutronL3HA}
1108 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
1109 neutron_network_vlan_ranges:
1113 RANGES: {get_param: NeutronNetworkVLANRanges}
1114 neutron_bridge_mappings:
1118 MAPPINGS: {get_param: NeutronBridgeMappings}
1119 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
1120 neutron_public_interface: {get_param: NeutronPublicInterface}
1121 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
1122 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
1123 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
1124 neutron_tunnel_id_ranges:
1128 RANGES: {get_param: NeutronTunnelIdRanges}
1133 RANGES: {get_param: NeutronVniRanges}
1134 neutron_tenant_network_types:
1138 TYPES: {get_param: NeutronNetworkType}
1139 neutron_tunnel_types:
1143 TYPES: {get_param: NeutronTunnelTypes}
1144 neutron_plugin_extensions:
1146 template: PLUGIN_EXTENSIONS
1148 PLUGIN_EXTENSIONS: {get_param: NeutronPluginExtensions}
1149 neutron_agent_extensions:
1151 template: AGENT_EXTENSIONS
1153 AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
1154 neutron_password: {get_param: NeutronPassword}
1155 neutron_tenant_mtu: {get_param: NeutronTenantMtu}
1156 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
1160 - - 'mysql+pymysql://neutron:'
1161 - {get_param: NeutronPassword}
1163 - {get_param: MysqlVirtualIPUri}
1164 - '/ovs_neutron?charset=utf8'
1165 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
1166 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
1167 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
1168 neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
1169 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
1170 ceilometer_backend: {get_param: CeilometerBackend}
1171 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
1172 ceilometer_password: {get_param: CeilometerPassword}
1173 ceilometer_store_events: {get_param: CeilometerStoreEvents}
1174 aodh_password: {get_param: AodhPassword}
1175 ceilometer_coordination_url:
1179 - {get_param: RedisPassword}
1181 - {get_param: RedisVirtualIPUri}
1186 - - 'mysql+pymysql://ceilometer:'
1187 - {get_param: CeilometerPassword}
1189 - {get_param: MysqlVirtualIPUri}
1191 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
1192 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
1193 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
1194 nova_ipv6: {get_param: NovaIPv6}
1195 corosync_ipv6: {get_param: CorosyncIPv6}
1196 memcached_ipv6: {get_param: MemcachedIPv6}
1197 nova_password: {get_param: NovaPassword}
1201 - - 'mysql+pymysql://nova:'
1202 - {get_param: NovaPassword}
1204 - {get_param: MysqlVirtualIPUri}
1209 - - 'mysql+pymysql://nova_api:'
1210 - {get_param: NovaPassword}
1212 - {get_param: MysqlVirtualIPUri}
1214 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
1215 instance_name_template: {get_param: InstanceNameTemplate}
1216 fencing_config: {get_param: FencingConfig}
1217 pcsd_password: {get_param: PcsdPassword}
1218 rabbit_username: {get_param: RabbitUserName}
1219 rabbit_password: {get_param: RabbitPassword}
1220 rabbit_cookie: {get_param: RabbitCookie}
1221 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
1222 rabbit_client_port: {get_param: RabbitClientPort}
1223 rabbit_ipv6: {get_param: RabbitIPv6}
1224 rabbit_fd_limit: {get_param: RabbitFDLimit}
1225 mongodb_no_journal: {get_param: MongoDbNoJournal}
1226 mongodb_ipv6: {get_param: MongoDbIPv6}
1227 ntp_servers: {get_param: NtpServer}
1228 timezone: {get_param: TimeZone}
1229 control_virtual_interface: {get_param: ControlVirtualInterface}
1230 public_virtual_interface: {get_param: PublicVirtualInterface}
1231 swift_hash_suffix: {get_param: SwiftHashSuffix}
1232 swift_password: {get_param: SwiftPassword}
1233 swift_part_power: {get_param: SwiftPartPower}
1234 swift_ring_build: {get_param: SwiftRingBuild}
1235 swift_replicas: {get_param: SwiftReplicas}
1236 swift_min_part_hours: {get_param: SwiftMinPartHours}
1237 swift_mount_check: {get_param: SwiftMountCheck}
1238 enable_package_install: {get_param: EnablePackageInstall}
1239 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
1240 sahara_password: {get_param: SaharaPassword}
1244 - - 'mysql://sahara:'
1245 - {get_param: SaharaPassword}
1247 - {get_param: MysqlVirtualIPUri}
1249 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
1250 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1251 cinder_iscsi_network:
1255 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
1256 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
1257 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
1258 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
1259 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
1260 glance_registry_host: {get_param: GlanceRegistryVirtualIP}
1261 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
1262 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
1263 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
1264 keystone_region: {get_param: KeystoneRegion}
1265 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
1266 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
1267 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
1268 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
1269 aodh_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]}
1270 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
1271 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
1272 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
1273 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
1274 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
1275 redis_password: {get_param: RedisPassword}
1276 redis_vip: {get_param: RedisVirtualIP}
1277 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
1278 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1279 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
1280 mysql_virtual_ip: {get_param: MysqlVirtualIP}
1281 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
1282 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1283 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1285 # Map heat metadata into hiera datafiles
1287 type: OS::Heat::StructuredConfig
1289 group: os-apply-config
1294 - heat_config_%{::deploy_config_name}
1295 - controller_extraconfig
1300 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
1301 - ceph_cluster # provided by CephClusterConfig
1303 - bootstrap_node # provided by BootstrapNodeConfig
1304 - all_nodes # provided by allNodesConfig
1305 - vip_data # provided by vip-config
1308 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
1309 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
1310 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
1311 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
1312 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
1313 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
1314 - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
1315 - midonet_data #Optionally provided by AllNodesExtraConfig
1316 - neutron_opencontrail_data # Optionally provided by ControllerExtraConfigPre
1317 - neutron_plumgrid_data # Optionally provided by ControllerExtraConfigPre
1319 controller_extraconfig:
1320 mapped_data: {get_param: ControllerExtraConfig}
1322 mapped_data: {get_param: ExtraConfig}
1324 raw_data: {get_file: hieradata/common.yaml}
1326 raw_data: {get_file: hieradata/ceph.yaml}
1328 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
1329 ceph::profile::params::public_network: {get_input: ceph_public_network}
1330 ceph::profile::params::public_addr: {get_input: ceph_public_ip}
1332 raw_data: {get_file: hieradata/database.yaml}
1334 raw_data: {get_file: hieradata/object.yaml}
1336 raw_data: {get_file: hieradata/controller.yaml}
1337 mapped_data: # data supplied directly to this deployment configuration, etc
1338 bootstack_nodeid: {get_input: bootstack_nodeid}
1341 enable_fencing: {get_input: enable_fencing}
1342 enable_load_balancer: {get_input: enable_load_balancer}
1343 hacluster_pwd: {get_input: pcsd_password}
1344 corosync_ipv6: {get_input: corosync_ipv6}
1345 tripleo::fencing::config: {get_input: fencing_config}
1348 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
1349 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
1350 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
1351 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
1352 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
1353 swift::proxy::authtoken::admin_password: {get_input: swift_password}
1354 swift::proxy::workers: {get_input: swift_workers}
1355 tripleo::ringbuilder::build_ring: { get_input: swift_ring_build }
1356 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
1357 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
1358 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
1359 swift_mount_check: {get_input: swift_mount_check}
1362 cinder_enable_db_purge: {get_input: cinder_enable_db_purge}
1363 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
1364 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
1365 cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
1366 cinder_nfs_servers: {get_input: cinder_nfs_servers}
1367 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
1368 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
1369 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
1370 cinder::database_connection: {get_input: cinder_dsn}
1371 cinder::api::keystone_password: {get_input: cinder_password}
1372 cinder::api::auth_uri: {get_input: keystone_auth_uri}
1373 cinder::api::identity_uri: {get_input: keystone_identity_uri}
1374 cinder::api::bind_host: {get_input: cinder_api_network}
1375 cinder::rabbit_userid: {get_input: rabbit_username}
1376 cinder::rabbit_password: {get_input: rabbit_password}
1377 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1378 cinder::rabbit_port: {get_input: rabbit_client_port}
1379 cinder::debug: {get_input: debug}
1380 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
1381 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
1382 cinder_backend_config: {get_input: CinderBackendConfig}
1383 cinder::db::mysql::password: {get_input: cinder_password}
1386 glance::api::bind_port: {get_input: glance_port}
1387 glance::api::bind_host: {get_input: glance_api_network}
1388 glance::api::auth_uri: {get_input: keystone_auth_uri}
1389 glance::api::identity_uri: {get_input: keystone_identity_uri}
1390 glance::api::registry_host: {get_input: glance_registry_host}
1391 glance::api::keystone_password: {get_input: glance_password}
1392 glance::api::debug: {get_input: debug}
1393 glance::api::workers: {get_input: glance_workers}
1394 glance_notifier_strategy: {get_input: glance_notifier_strategy}
1395 glance_log_file: {get_input: glance_log_file}
1396 glance_log_file: {get_input: glance_log_file}
1397 glance::api::database_connection: {get_input: glance_dsn}
1398 glance::registry::keystone_password: {get_input: glance_password}
1399 glance::registry::database_connection: {get_input: glance_dsn}
1400 glance::registry::bind_host: {get_input: glance_registry_network}
1401 glance::registry::auth_uri: {get_input: keystone_auth_uri}
1402 glance::registry::identity_uri: {get_input: keystone_identity_uri}
1403 glance::registry::debug: {get_input: debug}
1404 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_uri}
1405 glance::registry::workers: {get_input: glance_workers}
1406 glance::backend::swift::swift_store_user: service:glance
1407 glance::backend::swift::swift_store_key: {get_input: glance_password}
1408 glance_backend: {get_input: glance_backend}
1409 glance::db::mysql::password: {get_input: glance_password}
1410 glance_file_pcmk_device: {get_input: glance_file_pcmk_device}
1411 glance_file_pcmk_fstype: {get_input: glance_file_pcmk_fstype}
1412 glance_file_pcmk_manage: {get_input: glance_file_pcmk_manage}
1413 glance_file_pcmk_options: {get_input: glance_file_pcmk_options}
1414 glance::notify::rabbitmq::rabbit_userid: {get_input: rabbit_username}
1415 glance::notify::rabbitmq::rabbit_password: {get_input: rabbit_password}
1416 glance::notify::rabbitmq::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1419 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
1420 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
1421 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
1422 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
1423 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
1424 heat::rabbit_userid: {get_input: rabbit_username}
1425 heat::rabbit_password: {get_input: rabbit_password}
1426 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1427 heat::rabbit_port: {get_input: rabbit_client_port}
1428 heat::auth_uri: {get_input: keystone_auth_uri}
1429 heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
1430 heat::identity_uri: {get_input: keystone_identity_uri}
1431 heat::keystone_password: {get_input: heat_password}
1432 heat::api::bind_host: {get_input: heat_api_network}
1433 heat::api::workers: {get_input: heat_workers}
1434 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
1435 heat::api_cloudwatch::workers: {get_input: heat_workers}
1436 heat::api_cfn::bind_host: {get_input: heat_api_network}
1437 heat::api_cfn::workers: {get_input: heat_workers}
1438 heat::database_connection: {get_input: heat_dsn}
1439 heat::debug: {get_input: debug}
1440 heat::db::mysql::password: {get_input: heat_password}
1441 heat_enable_db_purge: {get_input: heat_enable_db_purge}
1442 heat::keystone::domain::domain_password: {get_input: heat_stack_domain_admin_password}
1445 keystone::admin_token: {get_input: admin_token}
1446 keystone::roles::admin::password: {get_input: admin_password}
1447 keystone_ca_certificate: {get_input: keystone_ca_certificate}
1448 keystone_signing_key: {get_input: keystone_signing_key}
1449 keystone_signing_certificate: {get_input: keystone_signing_certificate}
1450 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
1451 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
1452 keystone::database_connection: {get_input: keystone_dsn}
1453 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
1454 keystone::public_bind_host: {get_input: keystone_public_api_network}
1455 keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
1456 keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
1457 keystone::debug: {get_input: debug}
1458 keystone::db::mysql::password: {get_input: admin_token}
1459 keystone::rabbit_userid: {get_input: rabbit_username}
1460 keystone::rabbit_password: {get_input: rabbit_password}
1461 keystone::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1462 keystone::rabbit_port: {get_input: rabbit_client_port}
1463 keystone::notification_driver: {get_input: keystone_notification_driver}
1464 keystone::notification_format: {get_input: keystone_notification_format}
1465 keystone::roles::admin::email: {get_input: admin_email}
1466 keystone::roles::admin::password: {get_input: admin_password}
1467 keystone::endpoint::public_url: {get_input: keystone_public_url}
1468 keystone::endpoint::internal_url: {get_input: keystone_internal_url}
1469 keystone::endpoint::admin_url: {get_input: keystone_identity_uri}
1470 keystone::endpoint::region: {get_input: keystone_region}
1471 keystone::admin_workers: {get_input: keystone_workers}
1472 keystone::public_workers: {get_input: keystone_workers}
1473 keystone_enable_db_purge: {get_input: keystone_enable_db_purge}
1474 keystone::public_endpoint: {get_input: keystone_public_url}
1476 mongodb::server::bind_ip: {get_input: mongo_db_network}
1477 mongodb::server::nojournal: {get_input: mongodb_no_journal}
1478 mongodb::server::ipv6: {get_input: mongodb_ipv6}
1480 admin_password: {get_input: admin_password}
1481 enable_galera: {get_input: enable_galera}
1482 enable_ceph_storage: {get_input: enable_ceph_storage}
1483 enable_swift_storage: {get_input: enable_swift_storage}
1484 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
1485 mysql_max_connections: {get_input: mysql_max_connections}
1486 mysql::server::root_password: {get_input: mysql_root_password}
1487 mysql_cluster_name: {get_input: mysql_cluster_name}
1488 mysql_bind_host: {get_input: mysql_network}
1489 mysql_virtual_ip: {get_input: mysql_virtual_ip}
1492 neutron::bind_host: {get_input: neutron_api_network}
1493 neutron::rabbit_password: {get_input: rabbit_password}
1494 neutron::rabbit_user: {get_input: rabbit_username}
1495 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1496 neutron::rabbit_port: {get_input: rabbit_client_port}
1497 neutron::debug: {get_input: debug}
1498 neutron::server::auth_uri: {get_input: keystone_auth_uri}
1499 neutron::server::identity_uri: {get_input: keystone_identity_uri}
1500 neutron::server::database_connection: {get_input: neutron_dsn}
1501 neutron::server::api_workers: {get_input: neutron_workers}
1502 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
1503 neutron::network_device_mtu: {get_input: neutron_tenant_mtu}
1504 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
1505 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
1506 neutron::agents::dhcp::enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata}
1507 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
1508 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
1509 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1510 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
1511 neutron::agents::metadata::metadata_workers: {get_input: neutron_workers}
1512 neutron_agent_mode: {get_input: neutron_agent_mode}
1513 neutron_router_distributed: {get_input: neutron_router_distributed}
1514 neutron::core_plugin: {get_input: neutron_core_plugin}
1515 neutron::service_plugins: {get_input: neutron_service_plugins}
1516 neutron::enable_dhcp_agent: {get_input: neutron_enable_dhcp_agent}
1517 neutron::enable_l3_agent: {get_input: neutron_enable_l3_agent}
1518 neutron::enable_metadata_agent: {get_input: neutron_enable_metadata_agent}
1519 neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent}
1520 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
1521 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
1522 neutron::plugins::ml2::extension_drivers: {get_input: neutron_plugin_extensions}
1523 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
1524 neutron::server::l3_ha: {get_input: neutron_l3_ha}
1525 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
1526 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
1527 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
1528 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
1529 neutron::agents::ml2::ovs::bridge_mappings: {get_input: neutron_bridge_mappings}
1530 neutron_public_interface: {get_input: neutron_public_interface}
1531 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
1532 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
1533 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
1534 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
1535 neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types}
1536 neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions}
1537 neutron::server::auth_password: {get_input: neutron_password}
1538 neutron::agents::metadata::auth_password: {get_input: neutron_password}
1539 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
1540 neutron_dsn: {get_input: neutron_dsn}
1541 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1542 neutron::db::mysql::password: {get_input: neutron_password}
1543 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
1544 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
1545 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
1546 neutron::keystone::auth::password: {get_input: neutron_password }
1547 neutron::keystone::auth::region: {get_input: keystone_region}
1548 neutron::server::notifications::nova_url: {get_input: nova_internal_url}
1549 neutron::server::notifications::auth_url: {get_input: neutron_auth_url}
1550 neutron::server::notifications::tenant_name: 'service'
1551 neutron::server::notifications::project_name: 'service'
1552 neutron::server::notifications::password: {get_input: nova_password}
1555 ceilometer_backend: {get_input: ceilometer_backend}
1556 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1557 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1558 ceilometer::rabbit_userid: {get_input: rabbit_username}
1559 ceilometer::rabbit_password: {get_input: rabbit_password}
1560 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1561 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1562 ceilometer::debug: {get_input: debug}
1563 ceilometer::api::host: {get_input: ceilometer_api_network}
1564 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1565 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1566 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1567 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1568 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
1569 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1570 ceilometer::agent::notification::store_events: {get_input: ceilometer_store_events}
1571 ceilometer::db::mysql::password: {get_input: ceilometer_password}
1572 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1573 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1576 aodh::rabbit_userid: {get_input: rabbit_username}
1577 aodh::rabbit_password: {get_input: rabbit_password}
1578 aodh::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1579 aodh::rabbit_port: {get_input: rabbit_client_port}
1580 aodh::debug: {get_input: debug}
1581 aodh::wsgi::apache::ssl: false
1582 aodh::wsgi::apache::bind_host: {get_input: aodh_api_network}
1583 aodh::api::service_name: 'httpd'
1584 aodh::api::host: {get_input: aodh_api_network}
1585 aodh::api::keystone_password: {get_input: aodh_password}
1586 aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1587 aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1588 aodh::auth::auth_password: {get_input: aodh_password}
1589 aodh::db::mysql::password: {get_input: aodh_password}
1590 # for a migration path from ceilometer-alarm to aodh, we use the same database & coordination
1591 aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url}
1594 nova::rabbit_userid: {get_input: rabbit_username}
1595 nova::rabbit_password: {get_input: rabbit_password}
1596 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1597 nova::rabbit_port: {get_input: rabbit_client_port}
1598 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
1599 nova::debug: {get_input: debug}
1600 nova::use_ipv6: {get_input: nova_ipv6}
1601 nova::api::auth_uri: {get_input: keystone_auth_uri}
1602 nova::api::identity_uri: {get_input: keystone_identity_uri}
1603 nova::api::api_bind_address: {get_input: nova_api_network}
1604 nova::api::metadata_listen: {get_input: nova_metadata_network}
1605 nova::api::admin_password: {get_input: nova_password}
1606 nova::api::osapi_compute_workers: {get_input: nova_workers}
1607 nova::api::ec2_workers: {get_input: nova_workers}
1608 nova::api::metadata_workers: {get_input: nova_workers}
1609 nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu}
1610 nova::database_connection: {get_input: nova_dsn}
1611 nova::api_database_connection: {get_input: nova_api_dsn}
1612 nova::glance_api_servers: {get_input: glance_api_servers}
1613 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1614 nova::api::instance_name_template: {get_input: instance_name_template}
1615 nova::network::neutron::neutron_password: {get_input: neutron_password}
1616 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1617 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
1618 nova::vncproxy::host: {get_input: nova_api_network}
1619 nova::db::mysql::password: {get_input: nova_password}
1620 nova::db::mysql_api::password: {get_input: nova_password}
1621 nova_enable_db_purge: {get_input: nova_enable_db_purge}
1624 apache::ip: {get_input: horizon_network}
1625 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1626 horizon::django_debug: {get_input: debug}
1627 horizon::secret_key: {get_input: horizon_secret}
1628 horizon::bind_address: {get_input: horizon_network}
1629 horizon::keystone_url: {get_input: keystone_auth_uri}
1632 sahara::host: {get_input: sahara_api_network}
1640 sahara::admin_password: {get_input: sahara_password}
1641 sahara::auth_uri: {get_input: keystone_auth_uri}
1642 sahara::admin_user: sahara
1643 sahara::identity_uri: {get_input: keystone_identity_uri}
1644 sahara::use_neutron: true
1645 sahara::database_connection: {get_input: sahara_dsn}
1646 sahara::debug: {get_input: debug}
1647 sahara::rpc_backend: rabbit
1648 sahara::rabbit_userid: {get_input: rabbit_username}
1649 sahara::rabbit_password: {get_input: rabbit_password}
1650 sahara::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1651 sahara::rabbit_port: {get_input: rabbit_client_port}
1652 sahara::db::mysql::password: {get_input: sahara_password}
1655 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1656 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1657 rabbitmq::file_limit: {get_input: rabbit_fd_limit}
1658 rabbitmq::default_user: {get_input: rabbit_username}
1659 rabbitmq::default_pass: {get_input: rabbit_password}
1660 rabbit_ipv6: {get_input: rabbit_ipv6}
1662 redis::bind: {get_input: redis_network}
1663 redis::requirepass: {get_input: redis_password}
1664 redis::masterauth: {get_input: redis_password}
1665 redis::sentinel_auth_pass: {get_input: redis_password}
1666 redis_vip: {get_input: redis_vip}
1668 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1669 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1671 memcached_ipv6: {get_input: memcached_ipv6}
1672 memcached::listen_ip: {get_input: memcached_network}
1673 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1674 ntp::servers: {get_input: ntp_servers}
1675 timezone::timezone: {get_input: timezone}
1676 control_virtual_interface: {get_input: control_virtual_interface}
1677 public_virtual_interface: {get_input: public_virtual_interface}
1678 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1679 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1680 tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address}
1681 tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1682 tripleo::loadbalancer::haproxy_stats_user: {get_input: haproxy_stats_user}
1683 tripleo::loadbalancer::haproxy_stats_password: {get_input: haproxy_stats_password}
1684 tripleo::loadbalancer::redis_password: {get_input: redis_password}
1685 tripleo::packages::enable_install: {get_input: enable_package_install}
1686 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1688 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1689 ControllerExtraConfigPre:
1690 depends_on: ControllerDeployment
1691 type: OS::TripleO::ControllerExtraConfigPre
1693 server: {get_resource: Controller}
1695 # Hook for site-specific additional pre-deployment config,
1696 # applying to all nodes, e.g node registration/unregistration
1698 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1699 type: OS::TripleO::NodeExtraConfig
1701 server: {get_resource: Controller}
1704 type: OS::TripleO::Tasks::PackageUpdate
1707 type: OS::Heat::SoftwareDeployment
1709 name: UpdateDeployment
1710 config: {get_resource: UpdateConfig}
1711 server: {get_resource: Controller}
1714 get_param: UpdateIdentifier
1718 description: IP address of the server in the ctlplane network
1719 value: {get_attr: [Controller, networks, ctlplane, 0]}
1720 external_ip_address:
1721 description: IP address of the server in the external network
1722 value: {get_attr: [ExternalPort, ip_address]}
1723 internal_api_ip_address:
1724 description: IP address of the server in the internal_api network
1725 value: {get_attr: [InternalApiPort, ip_address]}
1727 description: IP address of the server in the storage network
1728 value: {get_attr: [StoragePort, ip_address]}
1729 storage_mgmt_ip_address:
1730 description: IP address of the server in the storage_mgmt network
1731 value: {get_attr: [StorageMgmtPort, ip_address]}
1733 description: IP address of the server in the tenant network
1734 value: {get_attr: [TenantPort, ip_address]}
1735 management_ip_address:
1736 description: IP address of the server in the management network
1737 value: {get_attr: [ManagementPort, ip_address]}
1739 description: Hostname of the server
1740 value: {get_attr: [Controller, name]}
1743 Node object in the format {ip: ..., name: ...} format that the corosync
1746 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1747 name: {get_attr: [Controller, name]}
1750 Server's IP address and hostname in the /etc/hosts format
1754 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
1755 EXTERNALIP EXTERNALHOST
1756 INTERNAL_APIIP INTERNAL_APIHOST
1757 STORAGEIP STORAGEHOST
1758 STORAGE_MGMTIP STORAGE_MGMTHOST
1760 MANAGEMENTIP MANAGEMENTHOST
1762 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1763 DOMAIN: {get_param: CloudDomain}
1764 PRIMARYHOST: {get_attr: [Controller, name]}
1765 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
1769 - - {get_attr: [Controller, name]}
1771 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
1775 - - {get_attr: [Controller, name]}
1777 STORAGEIP: {get_attr: [StoragePort, ip_address]}
1781 - - {get_attr: [Controller, name]}
1783 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
1787 - - {get_attr: [Controller, name]}
1789 TENANTIP: {get_attr: [TenantPort, ip_address]}
1793 - - {get_attr: [Controller, name]}
1795 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
1799 - - {get_attr: [Controller, name]}
1801 nova_server_resource:
1802 description: Heat resource handle for the Nova compute server
1804 {get_resource: Controller}
1806 description: Swift device formatted for swift-ring-builder
1809 template: 'r1z1-IP:%PORT%/d1'
1811 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1812 swift_proxy_memcache:
1813 description: Swift proxy-memcache value
1816 template: "IP:11211"
1818 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1820 description: identifier which changes if the controller configuration may need re-applying
1824 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1825 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1826 - {get_attr: [NodeTLSData, deploy_stdout]}
1827 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1828 - {get_param: UpdateIdentifier}
1829 tls_key_modulus_md5:
1830 description: MD5 checksum of the TLS Key Modulus
1831 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1832 tls_cert_modulus_md5:
1833 description: MD5 checksum of the TLS Certificate Modulus
1834 value: {get_attr: [NodeTLSData, cert_modulus_md5]}