1 heat_template_version: 2015-10-15
4 OpenStack controller node configured by Puppet.
8 default: 'admin@example.com'
9 description: The email for the keystone admin account.
13 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
17 description: The keystone auth secret and db password.
20 CeilometerApiVirtualIP:
25 description: The ceilometer backend type.
27 CeilometerMeteringSecret:
28 description: Secret shared by the ceilometer services.
32 description: The password for the ceilometer service and db account.
40 description: Number of workers for Ceilometer service.
45 Whether to create cron job for purging soft deleted rows in Cinder database.
47 CinderEnableNfsBackend:
49 description: Whether to enable or not the NFS backend for Cinder
51 CinderEnableIscsiBackend:
53 description: Whether to enable or not the Iscsi backend for Cinder
55 CinderEnableRbdBackend:
57 description: Whether to enable or not the Rbd backend for Cinder
61 description: The iSCSI helper to use with cinder.
63 CinderLVMLoopDeviceSize:
65 description: The size of the loopback file used by the cinder LVM driver.
67 CinderNfsMountOptions:
70 Mount options for NFS mounts used by Cinder NFS backend. Effective
71 when CinderEnableNfsBackend is true.
76 NFS servers used by Cinder NFS backend. Effective when
77 CinderEnableNfsBackend is true.
78 type: comma_delimited_list
80 description: The password for the cinder service and db account, used by cinder-api.
85 description: Contains parameters to configure Cinder backends. Typically
86 set via parameter_defaults in the resource registry.
90 description: Number of workers for Cinder service.
94 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
96 ControllerExtraConfig:
99 Controller specific hiera configuration data to inject into the cluster.
104 A network mapped list of IPs to assign to Controllers in the following form:
106 "internal_api": ["a.b.c.d", "e.f.g.h"],
110 ControlVirtualInterface:
112 description: Interface where virtual ip will be assigned.
116 description: Set to True to enable debugging on all services.
120 description: Whether to enable fencing in Pacemaker or not.
124 description: Whether to use Galera instead of regular MariaDB.
128 description: Whether to deploy a LoadBalancer on the Controller
132 description: Whether to deploy Ceph Storage (OSD) on the Controller
136 description: Whether to enable Swift Storage on the Controller
141 Additional hieradata to inject into the cluster, note that
142 ControllerExtraConfig takes precedence over ExtraConfig.
147 Pacemaker fencing configuration. The JSON should have
148 the following structure:
152 "agent": "AGENT_NAME",
153 "host_mac": "HOST_MAC_ADDRESS",
154 "params": {"PARAM_NAME": "PARAM_VALUE"}
162 "agent": "fence_xvm",
163 "host_mac": "52:54:00:aa:bb:cc",
165 "multicast_address": "225.0.0.12",
166 "port": "baremetal_0",
168 "manage_key_file": true,
169 "key_file": "/etc/fence_xvm.key",
170 "key_file_password": "abcdef"
177 description: Flavor for control nodes to request when deploying.
180 - custom_constraint: nova.flavor
181 GlanceNotifierStrategy:
182 description: Strategy to use for Glance notification queue
186 description: The filepath of the file to use for logging messages from Glance.
190 description: The password for the glance service and db account, used by the glance services.
195 description: The short name of the Glance backend to use. Should be one
196 of swift, rbd, or file
199 - allowed_values: ['swift', 'file', 'rbd']
200 GlanceFilePcmkDevice:
203 An exported storage device that should be mounted by Pacemaker
204 as Glance storage. Effective when GlanceFilePcmkManage is true.
206 GlanceFilePcmkFstype:
209 Filesystem type for Pacemaker mount used as Glance storage.
210 Effective when GlanceFilePcmkManage is true.
212 GlanceFilePcmkManage:
215 Whether to make Glance file backend a mount managed by Pacemaker.
216 Effective when GlanceBackend is 'file'.
218 GlanceFilePcmkOptions:
221 Mount options for Pacemaker mount used as Glance storage.
222 Effective when GlanceFilePcmkManage is true.
224 HAProxySyslogAddress:
226 description: Syslog address where HAproxy will send its log
230 description: Number of workers for Glance service.
233 description: The password for the Heat service and db account, used by the Heat services.
236 HeatStackDomainAdminPassword:
237 description: Password for heat_domain_admin user.
240 HeatAuthEncryptionKey:
241 description: Auth encryption key for heat-engine
246 description: A list of IP/Hostname allowed to connect to horizon
247 type: comma_delimited_list
250 description: Number of workers for Heat service.
253 description: Secret key for Django
258 default: overcloud-control
260 - custom_constraint: glance.image
262 default: 'REBUILD_PRESERVE_EPHEMERAL'
263 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
265 InstanceNameTemplate:
266 default: 'instance-%08x'
267 description: Template string to be used to generate instance names
271 description: Name of an existing Nova key pair to enable SSH access to the instances
274 - custom_constraint: nova.keypair
275 KeystoneCACertificate:
277 description: Keystone self-signed certificate authority certificate.
279 KeystoneEnableDBPurge:
282 Whether to create cron job for purging soft deleted rows in Keystone database.
284 KeystoneSigningCertificate:
286 description: Keystone certificate for verifying token validity.
290 description: Keystone key for signing tokens.
293 KeystoneSSLCertificate:
295 description: Keystone certificate for verifying token validity.
297 KeystoneSSLCertificateKey:
299 description: Keystone key for signing tokens.
302 KeystoneNotificationDriver:
303 description: Comma-separated list of Oslo notification drivers used by Keystone
304 default: ['messaging']
305 type: comma_delimited_list
306 KeystoneNotificationFormat:
307 description: The Keystone notification format
311 - allowed_values: [ 'basic', 'cadf' ]
315 description: Keystone region for endpoint
318 description: Whether to manage IPtables rules.
322 description: Whether IPtables rules should be purged before setting up the new ones.
326 description: Number of workers for Keystone service.
333 description: The password for the sahara service account, used by sahara-api.
336 MysqlClusterUniquePart:
337 description: A unique identifier of the MySQL cluster the controller is in.
339 default: 'unset' # Has to be here because of the ignored empty value bug
340 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
342 # - length: {min: 4, max: 10}
343 MysqlInnodbBufferPoolSize:
345 Specifies the size of the buffer pool in megabytes. Setting to
346 zero should be interpreted as "no value" and will defer to the
351 description: Configures MySQL max_connections config setting
357 default: '' # Has to be here because of the ignored empty value bug
358 NeutronExternalNetworkBridge:
359 description: Name of bridge used for external network traffic.
362 NeutronBridgeMappings:
364 The OVS logical->physical bridge mappings to use. See the Neutron
365 documentation for details. Defaults to mapping br-ex - the external
366 bridge on hosts - to a physical name 'datacentre' which can be used
367 to create provider networks (and we use this for the default floating
368 network) - if changing this either use different post-install network
369 scripts or be sure to keep 'datacentre' as a mapping network name.
370 type: comma_delimited_list
371 default: "datacentre:br-ex"
372 NeutronDnsmasqOptions:
373 default: 'dhcp-option-force=26,1400'
374 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
376 NeutronEnableDHCPAgent:
377 description: Knob to enable/disable DHCP Agent
380 NeutronEnableL3Agent:
381 description: Knob to enable/disable L3 agent
384 NeutronEnableMetadataAgent:
385 description: Knob to enable/disable Metadata agent
388 NeutronEnableOVSAgent:
389 description: Knob to enable/disable OVS Agent
394 description: Agent mode for the neutron-l3-agent on the controller hosts
398 description: Whether to enable l3-agent HA
400 NeutronDhcpAgentsPerNetwork:
403 description: The number of neutron dhcp agents to schedule per network
406 description: Whether to configure Neutron Distributed Virtual Routers
408 NeutronMetadataProxySharedSecret:
409 description: Shared secret to prevent spoofing
415 The core plugin for Neutron. The value should be the entrypoint to be loaded
416 from neutron.core_plugins namespace.
418 NeutronServicePlugins:
419 default: "router,qos"
421 Comma-separated list of service plugin entrypoints to be loaded from the
422 neutron.service_plugins namespace.
423 type: comma_delimited_list
425 default: "vxlan,vlan,flat,gre"
427 Comma-separated list of network type driver entrypoints to be loaded.
428 type: comma_delimited_list
429 NeutronMechanismDrivers:
430 default: 'openvswitch'
432 The mechanism drivers for the Neutron tenant network.
433 type: comma_delimited_list
434 NeutronAllowL3AgentFailover:
436 description: Allow automatic l3-agent failover
438 NeutronEnableIsolatedMetadata:
440 description: If True, DHCP provide metadata route to VM.
442 NeutronEnableTunnelling:
448 Enable/disable the L2 population feature in the Neutron agents.
451 type: comma_delimited_list
452 default: 'datacentre'
453 description: If set, flat networks to configure in neutron plugins.
456 description: Whether to enable l3-agent HA
460 description: The tenant network type for Neutron.
461 type: comma_delimited_list
462 NeutronNetworkVLANRanges:
463 default: 'datacentre:1:1000'
465 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
466 Neutron documentation for permitted values. Defaults to permitting any
467 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
468 type: comma_delimited_list
470 description: The password for the neutron service and db account, used by neutron agents.
473 NeutronPublicInterface:
475 description: What interface to bridge onto br-ex for network nodes.
477 NeutronPublicInterfaceTag:
480 VLAN tag for creating a public VLAN. The tag will be used to
481 create an access port on the exterior bridge for each control plane node,
482 and that port will be given the IP address returned by neutron from the
483 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
484 overcloud.yaml to include the deployment of VLAN ports to the control
487 NeutronPublicInterfaceDefaultRoute:
489 description: A custom default route for the NeutronPublicInterface.
491 NeutronPublicInterfaceIP:
493 description: A custom IP address to put onto the NeutronPublicInterface.
495 NeutronPublicInterfaceRawDevice:
497 description: If set, the public interface is a vlan with this device as the raw device.
502 The tunnel types for the Neutron tenant network.
503 type: comma_delimited_list
504 NeutronTunnelIdRanges:
506 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
507 of GRE tunnel IDs that are available for tenant network allocation
508 default: ["1:1000", ]
509 type: comma_delimited_list
512 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
513 of VXLAN VNI IDs that are available for tenant network allocation
514 default: ["1:1000", ]
515 type: comma_delimited_list
516 NeutronPluginExtensions:
519 Comma-separated list of extensions enabled for the Neutron plugin.
520 type: comma_delimited_list
521 NeutronAgentExtensions:
524 Comma-separated list of extensions enabled for the Neutron agents.
525 type: comma_delimited_list
531 description: Number of workers for Neutron service.
536 Whether to create cron job for purging soft deleted rows in Nova database.
539 description: The password for the nova service and db account, used by nova-api.
544 description: Number of workers for Nova service.
548 description: Should MongoDb journaling be disabled
552 description: Comma-separated list of ntp servers
553 type: comma_delimited_list
556 description: The password for the 'pcsd' user.
558 PublicVirtualInterface:
561 Specifies the interface where the public-facing virtual ip will be assigned.
562 This should be int_public when a VLAN is being used.
566 default: '' # Has to be here because of the ignored empty value bug
569 default: '' # Has to be here because of the ignored empty value bug
573 description: The password for RabbitMQ
578 description: The username for RabbitMQ
583 Rabbit client subscriber parameter to specify
584 an SSL connection to the RabbitMQ host.
588 description: Set rabbit subscriber port, change this if using SSL
592 description: Configures RabbitMQ FD limit
596 default: '' # Has to be here because of the ignored empty value bug
597 SnmpdReadonlyUserName:
598 default: ro_snmp_user
599 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
601 SnmpdReadonlyUserPassword:
602 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
606 description: A random string to be used as a salt when hashing to determine mappings
612 description: Value of mount_check in Swift account/container/object -server.conf
617 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
620 description: Partition Power to use when building Swift rings
623 description: The password for the swift service account, used by the swift proxy
633 description: How many replicas to use in the swift rings.
636 description: Number of workers for Swift service.
640 description: The timezone to be set on controller nodes.
642 VirtualIP: # DEPRECATED: use per service settings instead
644 default: '' # Has to be here because of the ignored empty value bug
651 GlanceRegistryVirtualIP:
657 KeystoneAdminApiVirtualIP:
660 KeystonePublicApiVirtualIP:
666 EnablePackageInstall:
668 description: Set to true to enable package installation via Puppet
672 description: Mapping of service_name -> network name. Typically set
673 via parameter_defaults in the resource registry.
677 description: Mapping of service endpoint -> protocol. Typically set
678 via parameter_defaults in the resource registry.
684 Setting to a previously unused value during stack-update will trigger
685 package update on all nodes
688 default: '' # Defaults to Heat created hostname
689 NetworkDeploymentActions:
690 type: comma_delimited_list
692 Heat action when to apply network configuration changes
697 SoftwareConfigTransport:
698 default: POLL_SERVER_CFN
700 How the server should receive the metadata required for software configuration.
703 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
708 The DNS domain used for the hosts. This should match the dhcp_domain
709 configured in the Undercloud neutron. Defaults to localdomain.
713 Extra properties or metadata passed to Nova for the created nodes in
714 the overcloud. It's accessible via the Nova metadata API.
718 description: Optional scheduler hints to pass to nova
724 type: OS::Nova::Server
726 image: {get_param: Image}
727 image_update_policy: {get_param: ImageUpdatePolicy}
728 flavor: {get_param: Flavor}
729 key_name: {get_param: KeyName}
732 user_data_format: SOFTWARE_CONFIG
733 user_data: {get_resource: UserData}
734 name: {get_param: Hostname}
735 software_config_transport: {get_param: SoftwareConfigTransport}
736 metadata: {get_param: ServerMetadata}
737 scheduler_hints: {get_param: SchedulerHints}
739 # Combine the NodeAdminUserData and NodeUserData mime archives
741 type: OS::Heat::MultipartMime
744 - config: {get_resource: NodeAdminUserData}
746 - config: {get_resource: NodeUserData}
749 # Creates the "heat-admin" user if configured via the environment
750 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
752 type: OS::TripleO::NodeAdminUserData
754 # For optional operator additional userdata
755 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
757 type: OS::TripleO::NodeUserData
760 type: OS::TripleO::Controller::Ports::ExternalPort
762 IPPool: {get_param: ControllerIPs}
763 NodeIndex: {get_param: NodeIndex}
764 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
767 type: OS::TripleO::Controller::Ports::InternalApiPort
769 IPPool: {get_param: ControllerIPs}
770 NodeIndex: {get_param: NodeIndex}
771 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
774 type: OS::TripleO::Controller::Ports::StoragePort
776 IPPool: {get_param: ControllerIPs}
777 NodeIndex: {get_param: NodeIndex}
778 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
781 type: OS::TripleO::Controller::Ports::StorageMgmtPort
783 IPPool: {get_param: ControllerIPs}
784 NodeIndex: {get_param: NodeIndex}
785 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
788 type: OS::TripleO::Controller::Ports::TenantPort
790 IPPool: {get_param: ControllerIPs}
791 NodeIndex: {get_param: NodeIndex}
792 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
795 type: OS::TripleO::Controller::Ports::ManagementPort
797 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
800 type: OS::TripleO::Network::Ports::NetIpMap
802 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
803 ExternalIp: {get_attr: [ExternalPort, ip_address]}
804 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
805 StorageIp: {get_attr: [StoragePort, ip_address]}
806 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
807 TenantIp: {get_attr: [TenantPort, ip_address]}
808 ManagementIp: {get_attr: [ManagementPort, ip_address]}
811 type: OS::TripleO::Network::Ports::NetIpSubnetMap
813 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
814 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
815 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
816 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
817 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
818 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
819 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
822 type: OS::TripleO::Controller::Net::SoftwareConfig
824 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
825 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
826 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
827 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
828 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
829 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
830 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
833 type: OS::TripleO::SoftwareDeployment
835 name: NetworkDeployment
836 config: {get_resource: NetworkConfig}
837 server: {get_resource: Controller}
838 actions: {get_param: NetworkDeploymentActions}
841 interface_name: {get_param: NeutronPublicInterface}
843 # Resource for site-specific injection of root certificate
845 depends_on: NetworkDeployment
846 type: OS::TripleO::NodeTLSCAData
848 server: {get_resource: Controller}
850 # Resource for site-specific passing of private keys/certificates
852 depends_on: NodeTLSCAData
853 type: OS::TripleO::NodeTLSData
855 server: {get_resource: Controller}
856 NodeIndex: {get_param: NodeIndex}
859 ControllerDeployment:
860 type: OS::TripleO::SoftwareDeployment
861 depends_on: NetworkDeployment
863 name: ControllerDeployment
864 config: {get_resource: ControllerConfig}
865 server: {get_resource: Controller}
867 bootstack_nodeid: {get_attr: [Controller, name]}
868 ceilometer_workers: {get_param: CeilometerWorkers}
869 cinder_workers: {get_param: CinderWorkers}
870 glance_workers: {get_param: GlanceWorkers}
871 heat_workers: {get_param: HeatWorkers}
872 keystone_workers: {get_param: KeystoneWorkers}
873 nova_workers: {get_param: NovaWorkers}
874 neutron_workers: {get_param: NeutronWorkers}
875 swift_workers: {get_param: SwiftWorkers}
876 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
877 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
878 neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
879 haproxy_log_address: {get_param: HAProxySyslogAddress}
880 heat.watch_server_url:
884 - {get_param: HeatApiVirtualIP}
886 heat.metadata_server_url:
890 - {get_param: HeatApiVirtualIP}
892 heat.waitcondition_server_url:
896 - {get_param: HeatApiVirtualIP}
897 - ':8000/v1/waitcondition'
898 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
899 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
900 horizon_secret: {get_param: HorizonSecret}
901 admin_email: {get_param: AdminEmail}
902 admin_password: {get_param: AdminPassword}
903 admin_token: {get_param: AdminToken}
904 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
905 debug: {get_param: Debug}
906 cinder_enable_db_purge: {get_param: CinderEnableDBPurge}
907 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
908 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
909 cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
914 SERVERS: {get_param: CinderNfsServers}
915 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
916 cinder_password: {get_param: CinderPassword}
917 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
918 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
919 cinder_backend_config: {get_param: CinderBackendConfig}
923 - - 'mysql+pymysql://cinder:'
924 - {get_param: CinderPassword}
926 - {get_param: MysqlVirtualIP}
928 glance_port: {get_param: [EndpointMap, GlanceInternal, port]}
929 glance_password: {get_param: GlancePassword}
930 glance_backend: {get_param: GlanceBackend}
931 glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice}
932 glance_file_pcmk_fstype: {get_param: GlanceFilePcmkFstype}
933 glance_file_pcmk_manage: {get_param: GlanceFilePcmkManage}
934 glance_file_pcmk_options: {get_param: GlanceFilePcmkOptions}
935 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
936 glance_log_file: {get_param: GlanceLogFile}
940 - - 'mysql+pymysql://glance:'
941 - {get_param: GlancePassword}
943 - {get_param: MysqlVirtualIP}
945 heat_password: {get_param: HeatPassword}
946 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
950 - - 'mysql+pymysql://heat:'
951 - {get_param: HeatPassword}
953 - {get_param: MysqlVirtualIP}
955 keystone_ca_certificate: {get_param: KeystoneCACertificate}
956 keystone_signing_key: {get_param: KeystoneSigningKey}
957 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
958 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
959 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
960 keystone_notification_driver: {get_param: KeystoneNotificationDriver}
961 keystone_notification_format: {get_param: KeystoneNotificationFormat}
962 keystone_enable_db_purge: {get_param: KeystoneEnableDBPurge}
966 - - 'mysql+pymysql://keystone:'
967 - {get_param: AdminToken}
969 - {get_param: MysqlVirtualIP}
971 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
972 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
973 keystone_public_url: { get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
974 keystone_internal_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
975 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
976 enable_fencing: {get_param: EnableFencing}
977 enable_galera: {get_param: EnableGalera}
978 enable_load_balancer: {get_param: EnableLoadBalancer}
979 enable_ceph_storage: {get_param: EnableCephStorage}
980 enable_swift_storage: {get_param: EnableSwiftStorage}
981 manage_firewall: {get_param: ManageFirewall}
982 purge_firewall_rules: {get_param: PurgeFirewallRules}
983 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
984 mysql_max_connections: {get_param: MysqlMaxConnections}
985 mysql_root_password: {get_param: MysqlRootPassword}
988 template: tripleo-CLUSTER
990 CLUSTER: {get_param: MysqlClusterUniquePart}
991 neutron_flat_networks:
995 NETWORKS: {get_param: NeutronFlatNetworks}
996 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
997 neutron_agent_mode: {get_param: NeutronAgentMode}
998 neutron_router_distributed: {get_param: NeutronDVR}
999 neutron_core_plugin: {get_param: NeutronCorePlugin}
1000 neutron_service_plugins:
1004 PLUGINS: {get_param: NeutronServicePlugins}
1005 neutron_type_drivers:
1009 DRIVERS: {get_param: NeutronTypeDrivers}
1010 neutron_enable_dhcp_agent: {get_param: NeutronEnableDHCPAgent}
1011 neutron_enable_l3_agent: {get_param: NeutronEnableL3Agent}
1012 neutron_enable_metadata_agent: {get_param: NeutronEnableMetadataAgent}
1013 neutron_enable_ovs_agent: {get_param: NeutronEnableOVSAgent}
1014 neutron_mechanism_drivers:
1016 template: MECHANISMS
1018 MECHANISMS: {get_param: NeutronMechanismDrivers}
1019 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
1020 neutron_l3_ha: {get_param: NeutronL3HA}
1021 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
1022 neutron_network_vlan_ranges:
1026 RANGES: {get_param: NeutronNetworkVLANRanges}
1027 neutron_bridge_mappings:
1031 MAPPINGS: {get_param: NeutronBridgeMappings}
1032 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
1033 neutron_public_interface: {get_param: NeutronPublicInterface}
1034 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
1035 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
1036 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
1037 neutron_tunnel_id_ranges:
1041 RANGES: {get_param: NeutronTunnelIdRanges}
1046 RANGES: {get_param: NeutronVniRanges}
1047 neutron_tenant_network_types:
1051 TYPES: {get_param: NeutronNetworkType}
1052 neutron_tunnel_types:
1056 TYPES: {get_param: NeutronTunnelTypes}
1057 neutron_plugin_extensions:
1059 template: PLUGIN_EXTENSIONS
1061 PLUGIN_EXTENSIONS: {get_param: NeutronPluginExtensions}
1062 neutron_agent_extensions:
1064 template: AGENT_EXTENSIONS
1066 AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
1067 neutron_password: {get_param: NeutronPassword}
1068 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
1072 - - 'mysql+pymysql://neutron:'
1073 - {get_param: NeutronPassword}
1075 - {get_param: MysqlVirtualIP}
1076 - '/ovs_neutron?charset=utf8'
1077 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
1078 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
1079 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
1080 neutron_admin_auth_url: { get_param: [ EndpointMap, KeystoneAdmin, uri_no_suffix ] }
1081 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
1082 ceilometer_backend: {get_param: CeilometerBackend}
1083 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
1084 ceilometer_password: {get_param: CeilometerPassword}
1085 ceilometer_coordination_url:
1089 - {get_param: RedisVirtualIP}
1094 - - 'mysql+pymysql://ceilometer:'
1095 - {get_param: CeilometerPassword}
1097 - {get_param: MysqlVirtualIP}
1099 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
1100 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
1101 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
1102 nova_password: {get_param: NovaPassword}
1106 - - 'mysql+pymysql://nova:'
1107 - {get_param: NovaPassword}
1109 - {get_param: MysqlVirtualIP}
1111 instance_name_template: {get_param: InstanceNameTemplate}
1112 fencing_config: {get_param: FencingConfig}
1113 pcsd_password: {get_param: PcsdPassword}
1114 rabbit_username: {get_param: RabbitUserName}
1115 rabbit_password: {get_param: RabbitPassword}
1116 rabbit_cookie: {get_param: RabbitCookie}
1117 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
1118 rabbit_client_port: {get_param: RabbitClientPort}
1119 mongodb_no_journal: {get_param: MongoDbNoJournal}
1120 # We need to force this into quotes or hiera will return integer causing
1121 # the puppet module validation regexp to fail.
1122 # Remove when: https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/401
1127 LIMIT: {get_param: RabbitFDLimit}
1128 ntp_servers: {get_param: NtpServer}
1129 timezone: {get_param: TimeZone}
1130 control_virtual_interface: {get_param: ControlVirtualInterface}
1131 public_virtual_interface: {get_param: PublicVirtualInterface}
1132 swift_hash_suffix: {get_param: SwiftHashSuffix}
1133 swift_password: {get_param: SwiftPassword}
1134 swift_part_power: {get_param: SwiftPartPower}
1135 swift_replicas: {get_param: SwiftReplicas}
1136 swift_min_part_hours: {get_param: SwiftMinPartHours}
1137 swift_mount_check: {get_param: SwiftMountCheck}
1138 enable_package_install: {get_param: EnablePackageInstall}
1139 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
1140 sahara_password: {get_param: SaharaPassword}
1144 - - 'mysql://sahara:'
1145 - {get_param: SaharaPassword}
1147 - {get_param: MysqlVirtualIP}
1149 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
1150 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1151 cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
1152 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
1153 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
1154 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
1155 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
1156 glance_registry_host: {get_param: GlanceRegistryVirtualIP}
1157 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
1158 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
1159 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
1160 keystone_region: {get_param: KeystoneRegion}
1161 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
1162 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
1163 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
1164 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
1165 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
1166 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
1167 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
1168 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
1169 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
1170 redis_vip: {get_param: RedisVirtualIP}
1171 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
1172 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1173 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
1174 mysql_virtual_ip: {get_param: MysqlVirtualIP}
1175 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
1176 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1177 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1179 # Map heat metadata into hiera datafiles
1181 type: OS::Heat::StructuredConfig
1183 group: os-apply-config
1188 - heat_config_%{::deploy_config_name}
1189 - controller_extraconfig
1194 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
1195 - ceph_cluster # provided by CephClusterConfig
1197 - bootstrap_node # provided by BootstrapNodeConfig
1198 - all_nodes # provided by allNodesConfig
1199 - vip_data # provided by vip-config
1202 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
1203 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
1204 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
1205 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
1206 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
1207 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
1208 - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
1209 - midonet_data #Optionally provided by AllNodesExtraConfig
1211 controller_extraconfig:
1212 mapped_data: {get_param: ControllerExtraConfig}
1214 mapped_data: {get_param: ExtraConfig}
1216 raw_data: {get_file: hieradata/common.yaml}
1218 raw_data: {get_file: hieradata/ceph.yaml}
1220 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
1221 ceph::profile::params::public_network: {get_input: ceph_public_network}
1222 ceph::mon::public_addr: {get_input: ceph_public_ip}
1224 raw_data: {get_file: hieradata/database.yaml}
1226 raw_data: {get_file: hieradata/object.yaml}
1228 raw_data: {get_file: hieradata/controller.yaml}
1229 mapped_data: # data supplied directly to this deployment configuration, etc
1230 bootstack_nodeid: {get_input: bootstack_nodeid}
1233 enable_fencing: {get_input: enable_fencing}
1234 enable_load_balancer: {get_input: enable_load_balancer}
1235 hacluster_pwd: {get_input: pcsd_password}
1236 tripleo::fencing::config: {get_input: fencing_config}
1239 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
1240 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
1241 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
1242 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
1243 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
1244 swift::proxy::authtoken::admin_password: {get_input: swift_password}
1245 swift::proxy::workers: {get_input: swift_workers}
1246 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
1247 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
1248 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
1249 swift_mount_check: {get_input: swift_mount_check}
1251 # NOTE(dprince): build_ring support is currently not wired in.
1252 # See: https://review.openstack.org/#/c/109225/
1253 tripleo::ringbuilder::build_ring: True
1256 cinder_enable_db_purge: {get_input: cinder_enable_db_purge}
1257 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
1258 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
1259 cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
1260 cinder_nfs_servers: {get_input: cinder_nfs_servers}
1261 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
1262 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
1263 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
1264 cinder::database_connection: {get_input: cinder_dsn}
1265 cinder::api::keystone_password: {get_input: cinder_password}
1266 cinder::api::auth_uri: {get_input: keystone_auth_uri}
1267 cinder::api::identity_uri: {get_input: keystone_identity_uri}
1268 cinder::api::bind_host: {get_input: cinder_api_network}
1269 cinder::rabbit_userid: {get_input: rabbit_username}
1270 cinder::rabbit_password: {get_input: rabbit_password}
1271 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1272 cinder::rabbit_port: {get_input: rabbit_client_port}
1273 cinder::debug: {get_input: debug}
1274 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
1275 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
1276 cinder_backend_config: {get_input: CinderBackendConfig}
1277 cinder::db::mysql::password: {get_input: cinder_password}
1280 glance::api::bind_port: {get_input: glance_port}
1281 glance::api::bind_host: {get_input: glance_api_network}
1282 glance::api::auth_uri: {get_input: keystone_auth_uri}
1283 glance::api::identity_uri: {get_input: keystone_identity_uri}
1284 glance::api::registry_host: {get_input: glance_registry_host}
1285 glance::api::keystone_password: {get_input: glance_password}
1286 glance::api::debug: {get_input: debug}
1287 glance::api::workers: {get_input: glance_workers}
1288 glance_notifier_strategy: {get_input: glance_notifier_strategy}
1289 glance_log_file: {get_input: glance_log_file}
1290 glance_log_file: {get_input: glance_log_file}
1291 glance::api::database_connection: {get_input: glance_dsn}
1292 glance::registry::keystone_password: {get_input: glance_password}
1293 glance::registry::database_connection: {get_input: glance_dsn}
1294 glance::registry::bind_host: {get_input: glance_registry_network}
1295 glance::registry::auth_uri: {get_input: keystone_auth_uri}
1296 glance::registry::identity_uri: {get_input: keystone_identity_uri}
1297 glance::registry::debug: {get_input: debug}
1298 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_uri}
1299 glance::registry::workers: {get_input: glance_workers}
1300 glance::backend::swift::swift_store_user: service:glance
1301 glance::backend::swift::swift_store_key: {get_input: glance_password}
1302 glance_backend: {get_input: glance_backend}
1303 glance::db::mysql::password: {get_input: glance_password}
1304 glance_file_pcmk_device: {get_input: glance_file_pcmk_device}
1305 glance_file_pcmk_fstype: {get_input: glance_file_pcmk_fstype}
1306 glance_file_pcmk_manage: {get_input: glance_file_pcmk_manage}
1307 glance_file_pcmk_options: {get_input: glance_file_pcmk_options}
1310 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
1311 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
1312 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
1313 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
1314 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
1315 heat::rabbit_userid: {get_input: rabbit_username}
1316 heat::rabbit_password: {get_input: rabbit_password}
1317 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1318 heat::rabbit_port: {get_input: rabbit_client_port}
1319 heat::auth_uri: {get_input: keystone_auth_uri}
1320 heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
1321 heat::identity_uri: {get_input: keystone_identity_uri}
1322 heat::keystone_password: {get_input: heat_password}
1323 heat::api::bind_host: {get_input: heat_api_network}
1324 heat::api::workers: {get_input: heat_workers}
1325 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
1326 heat::api_cloudwatch::workers: {get_input: heat_workers}
1327 heat::api_cfn::bind_host: {get_input: heat_api_network}
1328 heat::api_cfn::workers: {get_input: heat_workers}
1329 heat::database_connection: {get_input: heat_dsn}
1330 heat::debug: {get_input: debug}
1331 heat::db::mysql::password: {get_input: heat_password}
1334 keystone::admin_token: {get_input: admin_token}
1335 keystone_ca_certificate: {get_input: keystone_ca_certificate}
1336 keystone_signing_key: {get_input: keystone_signing_key}
1337 keystone_signing_certificate: {get_input: keystone_signing_certificate}
1338 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
1339 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
1340 keystone::database_connection: {get_input: keystone_dsn}
1341 keystone::public_bind_host: {get_input: keystone_public_api_network}
1342 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
1343 keystone::debug: {get_input: debug}
1344 keystone::db::mysql::password: {get_input: admin_token}
1345 keystone::rabbit_userid: {get_input: rabbit_username}
1346 keystone::rabbit_password: {get_input: rabbit_password}
1347 keystone::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1348 keystone::rabbit_port: {get_input: rabbit_client_port}
1349 keystone::notification_driver: {get_input: keystone_notification_driver}
1350 keystone::notification_format: {get_input: keystone_notification_format}
1351 keystone::roles::admin::email: {get_input: admin_email}
1352 keystone::roles::admin::password: {get_input: admin_password}
1353 keystone::endpoint::public_url: {get_input: keystone_public_url}
1354 keystone::endpoint::internal_url: {get_input: keystone_internal_url}
1355 keystone::endpoint::admin_url: {get_input: keystone_identity_uri}
1356 keystone::endpoint::region: {get_input: keystone_region}
1357 keystone::admin_workers: {get_input: keystone_workers}
1358 keystone::public_workers: {get_input: keystone_workers}
1359 keystone_enable_db_purge: {get_input: keystone_enable_db_purge}
1362 mongodb::server::bind_ip: {get_input: mongo_db_network}
1363 mongodb::server::nojournal: {get_input: mongodb_no_journal}
1365 admin_password: {get_input: admin_password}
1366 enable_galera: {get_input: enable_galera}
1367 enable_ceph_storage: {get_input: enable_ceph_storage}
1368 enable_swift_storage: {get_input: enable_swift_storage}
1369 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
1370 mysql_max_connections: {get_input: mysql_max_connections}
1371 mysql::server::root_password: {get_input: mysql_root_password}
1372 mysql_cluster_name: {get_input: mysql_cluster_name}
1373 mysql_bind_host: {get_input: mysql_network}
1374 mysql_virtual_ip: {get_input: mysql_virtual_ip}
1377 neutron::bind_host: {get_input: neutron_api_network}
1378 neutron::rabbit_password: {get_input: rabbit_password}
1379 neutron::rabbit_user: {get_input: rabbit_username}
1380 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1381 neutron::rabbit_port: {get_input: rabbit_client_port}
1382 neutron::debug: {get_input: debug}
1383 neutron::server::auth_uri: {get_input: keystone_auth_uri}
1384 neutron::server::identity_uri: {get_input: keystone_identity_uri}
1385 neutron::server::database_connection: {get_input: neutron_dsn}
1386 neutron::server::api_workers: {get_input: neutron_workers}
1387 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
1388 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
1389 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
1390 neutron::agents::dhcp::enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata}
1391 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
1392 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
1393 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1394 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
1395 neutron::agents::metadata::metadata_workers: {get_input: neutron_workers}
1396 neutron_agent_mode: {get_input: neutron_agent_mode}
1397 neutron_router_distributed: {get_input: neutron_router_distributed}
1398 neutron::core_plugin: {get_input: neutron_core_plugin}
1399 neutron::service_plugins: {get_input: neutron_service_plugins}
1400 neutron::enable_dhcp_agent: {get_input: neutron_enable_dhcp_agent}
1401 neutron::enable_l3_agent: {get_input: neutron_enable_l3_agent}
1402 neutron::enable_metadata_agent: {get_input: neutron_enable_metadata_agent}
1403 neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent}
1404 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
1405 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
1406 neutron::plugins::ml2::extension_drivers: {get_input: neutron_plugin_extensions}
1407 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
1408 neutron::server::l3_ha: {get_input: neutron_l3_ha}
1409 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
1410 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
1411 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
1412 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
1413 neutron::agents::ml2::ovs:bridge_mappings: {get_input: neutron_bridge_mappings}
1414 neutron_public_interface: {get_input: neutron_public_interface}
1415 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
1416 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
1417 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
1418 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
1419 neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types}
1420 neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions}
1421 neutron::server::auth_password: {get_input: neutron_password}
1422 neutron::agents::metadata::auth_password: {get_input: neutron_password}
1423 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
1424 neutron_dsn: {get_input: neutron_dsn}
1425 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1426 neutron::db::mysql::password: {get_input: neutron_password}
1427 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
1428 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
1429 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
1430 neutron::keystone::auth::password: {get_input: neutron_password }
1431 neutron::keystone::auth::region: {get_input: keystone_region}
1432 neutron::server::notifications::nova_url: {get_input: nova_internal_url}
1433 neutron::server::notifications::auth_url: {get_input: neutron_admin_auth_url}
1434 neutron::server::notifications::tenant_name: 'service'
1435 neutron::server::notifications::project_name: 'service'
1436 neutron::server::notifications::password: {get_input: nova_password}
1439 ceilometer_backend: {get_input: ceilometer_backend}
1440 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1441 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1442 ceilometer::rabbit_userid: {get_input: rabbit_username}
1443 ceilometer::rabbit_password: {get_input: rabbit_password}
1444 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1445 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1446 ceilometer::debug: {get_input: debug}
1447 ceilometer::api::host: {get_input: ceilometer_api_network}
1448 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1449 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1450 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1451 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1452 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
1453 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1454 ceilometer::db::mysql::password: {get_input: ceilometer_password}
1455 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1456 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1459 nova::rabbit_userid: {get_input: rabbit_username}
1460 nova::rabbit_password: {get_input: rabbit_password}
1461 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1462 nova::rabbit_port: {get_input: rabbit_client_port}
1463 nova::debug: {get_input: debug}
1464 nova::api::auth_uri: {get_input: keystone_auth_uri}
1465 nova::api::identity_uri: {get_input: keystone_identity_uri}
1466 nova::api::api_bind_address: {get_input: nova_api_network}
1467 nova::api::metadata_listen: {get_input: nova_metadata_network}
1468 nova::api::admin_password: {get_input: nova_password}
1469 nova::api::osapi_compute_workers: {get_input: nova_workers}
1470 nova::api::ec2_workers: {get_input: nova_workers}
1471 nova::api::metadata_workers: {get_input: nova_workers}
1472 nova::database_connection: {get_input: nova_dsn}
1473 nova::glance_api_servers: {get_input: glance_api_servers}
1474 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1475 nova::api::instance_name_template: {get_input: instance_name_template}
1476 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
1477 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1478 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
1479 nova::vncproxy::host: {get_input: nova_api_network}
1480 nova::db::mysql::password: {get_input: nova_password}
1481 nova_enable_db_purge: {get_input: nova_enable_db_purge}
1484 apache::ip: {get_input: horizon_network}
1485 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1486 horizon::django_debug: {get_input: debug}
1487 horizon::secret_key: {get_input: horizon_secret}
1488 horizon::bind_address: {get_input: horizon_network}
1489 horizon::keystone_url: {get_input: keystone_auth_uri}
1492 sahara::host: {get_input: sahara_api_network}
1500 sahara::admin_password: {get_input: sahara_password}
1501 sahara::auth_uri: {get_input: keystone_auth_uri}
1502 sahara::admin_user: sahara
1503 sahara::identity_uri: {get_input: keystone_identity_uri}
1504 sahara::use_neutron: true
1505 sahara::database_connection: {get_input: sahara_dsn}
1506 sahara::debug: {get_input: debug}
1507 sahara::rpc_backend: rabbit
1508 sahara::rabbit_userid: {get_input: rabbit_username}
1509 sahara::rabbit_password: {get_input: rabbit_password}
1510 sahara::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1511 sahara::rabbit_port: {get_input: rabbit_client_port}
1512 sahara::db::mysql::password: {get_input: sahara_password}
1515 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1516 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1517 rabbitmq::file_limit: {get_input: rabbit_fd_limit}
1518 rabbitmq::default_user: {get_input: rabbit_username}
1519 rabbitmq::default_pass: {get_input: rabbit_password}
1521 redis::bind: {get_input: redis_network}
1522 redis_vip: {get_input: redis_vip}
1524 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1525 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1527 memcached::listen_ip: {get_input: memcached_network}
1528 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1529 ntp::servers: {get_input: ntp_servers}
1530 timezone::timezone: {get_input: timezone}
1531 control_virtual_interface: {get_input: control_virtual_interface}
1532 public_virtual_interface: {get_input: public_virtual_interface}
1533 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1534 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1535 tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address}
1536 tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1537 tripleo::packages::enable_install: {get_input: enable_package_install}
1538 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1540 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1541 ControllerExtraConfigPre:
1542 depends_on: ControllerDeployment
1543 type: OS::TripleO::ControllerExtraConfigPre
1545 server: {get_resource: Controller}
1547 # Hook for site-specific additional pre-deployment config,
1548 # applying to all nodes, e.g node registration/unregistration
1550 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1551 type: OS::TripleO::NodeExtraConfig
1553 server: {get_resource: Controller}
1556 type: OS::TripleO::Tasks::PackageUpdate
1559 type: OS::Heat::SoftwareDeployment
1561 name: UpdateDeployment
1562 config: {get_resource: UpdateConfig}
1563 server: {get_resource: Controller}
1566 get_param: UpdateIdentifier
1570 description: IP address of the server in the ctlplane network
1571 value: {get_attr: [Controller, networks, ctlplane, 0]}
1572 external_ip_address:
1573 description: IP address of the server in the external network
1574 value: {get_attr: [ExternalPort, ip_address]}
1575 internal_api_ip_address:
1576 description: IP address of the server in the internal_api network
1577 value: {get_attr: [InternalApiPort, ip_address]}
1579 description: IP address of the server in the storage network
1580 value: {get_attr: [StoragePort, ip_address]}
1581 storage_mgmt_ip_address:
1582 description: IP address of the server in the storage_mgmt network
1583 value: {get_attr: [StorageMgmtPort, ip_address]}
1585 description: IP address of the server in the tenant network
1586 value: {get_attr: [TenantPort, ip_address]}
1587 management_ip_address:
1588 description: IP address of the server in the management network
1589 value: {get_attr: [ManagementPort, ip_address]}
1591 description: Hostname of the server
1592 value: {get_attr: [Controller, name]}
1595 Node object in the format {ip: ..., name: ...} format that the corosync
1598 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1599 name: {get_attr: [Controller, name]}
1602 Server's IP address and hostname in the /etc/hosts format
1605 template: IP HOST.DOMAIN HOST CLOUDNAME
1607 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1608 DOMAIN: {get_param: CloudDomain}
1609 HOST: {get_attr: [Controller, name]}
1610 CLOUDNAME: {get_param: CloudName}
1611 nova_server_resource:
1612 description: Heat resource handle for the Nova compute server
1614 {get_resource: Controller}
1616 description: Swift device formatted for swift-ring-builder
1619 template: 'r1z1-IP:%PORT%/d1'
1621 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1622 swift_proxy_memcache:
1623 description: Swift proxy-memcache value
1626 template: "IP:11211"
1628 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1630 description: identifier which changes if the controller configuration may need re-applying
1634 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1635 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1636 - {get_attr: [NodeTLSData, deploy_stdout]}
1637 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1638 - {get_param: UpdateIdentifier}
1639 tls_key_modulus_md5:
1640 description: MD5 checksum of the TLS Key Modulus
1641 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1642 tls_cert_modulus_md5:
1643 description: MD5 checksum of the TLS Certificate Modulus
1644 value: {get_attr: [NodeTLSData, cert_modulus_md5]}