1 heat_template_version: 2015-10-15
4 OpenStack controller node configured by Puppet.
8 default: 'admin@example.com'
9 description: The email for the keystone admin account.
13 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
17 description: The keystone auth secret and db password.
25 description: The password for the aodh services.
28 CeilometerApiVirtualIP:
33 description: The ceilometer backend type.
35 CeilometerMeteringSecret:
36 description: Secret shared by the ceilometer services.
40 description: The password for the ceilometer service and db account.
48 description: Number of workers for Ceilometer service.
53 Whether to create cron job for purging soft deleted rows in Cinder database.
55 CinderEnableNfsBackend:
57 description: Whether to enable or not the NFS backend for Cinder
59 CinderEnableIscsiBackend:
61 description: Whether to enable or not the Iscsi backend for Cinder
63 CinderEnableRbdBackend:
65 description: Whether to enable or not the Rbd backend for Cinder
69 description: The iSCSI helper to use with cinder.
71 CinderLVMLoopDeviceSize:
73 description: The size of the loopback file used by the cinder LVM driver.
75 CinderNfsMountOptions:
78 Mount options for NFS mounts used by Cinder NFS backend. Effective
79 when CinderEnableNfsBackend is true.
84 NFS servers used by Cinder NFS backend. Effective when
85 CinderEnableNfsBackend is true.
86 type: comma_delimited_list
88 description: The password for the cinder service and db account, used by cinder-api.
93 description: Contains parameters to configure Cinder backends. Typically
94 set via parameter_defaults in the resource registry.
98 description: Number of workers for Cinder service.
100 ControllerExtraConfig:
103 Controller specific hiera configuration data to inject into the cluster.
108 A network mapped list of IPs to assign to Controllers in the following form:
110 "internal_api": ["a.b.c.d", "e.f.g.h"],
114 ControlVirtualInterface:
116 description: Interface where virtual ip will be assigned.
120 description: Set to True to enable debugging on all services.
124 description: Whether to enable fencing in Pacemaker or not.
128 description: Whether to use Galera instead of regular MariaDB.
132 description: Whether to deploy a LoadBalancer on the Controller
136 description: Whether to deploy Ceph Storage (OSD) on the Controller
140 description: Whether to enable Swift Storage on the Controller
145 Additional hieradata to inject into the cluster, note that
146 ControllerExtraConfig takes precedence over ExtraConfig.
151 Pacemaker fencing configuration. The JSON should have
152 the following structure:
156 "agent": "AGENT_NAME",
157 "host_mac": "HOST_MAC_ADDRESS",
158 "params": {"PARAM_NAME": "PARAM_VALUE"}
166 "agent": "fence_xvm",
167 "host_mac": "52:54:00:aa:bb:cc",
169 "multicast_address": "225.0.0.12",
170 "port": "baremetal_0",
172 "manage_key_file": true,
173 "key_file": "/etc/fence_xvm.key",
174 "key_file_password": "abcdef"
181 description: Flavor for control nodes to request when deploying.
184 - custom_constraint: nova.flavor
185 GlanceNotifierStrategy:
186 description: Strategy to use for Glance notification queue
190 description: The filepath of the file to use for logging messages from Glance.
194 description: The password for the glance service and db account, used by the glance services.
199 description: The short name of the Glance backend to use. Should be one
200 of swift, rbd, or file
203 - allowed_values: ['swift', 'file', 'rbd']
204 GlanceFilePcmkDevice:
207 An exported storage device that should be mounted by Pacemaker
208 as Glance storage. Effective when GlanceFilePcmkManage is true.
210 GlanceFilePcmkFstype:
213 Filesystem type for Pacemaker mount used as Glance storage.
214 Effective when GlanceFilePcmkManage is true.
216 GlanceFilePcmkManage:
219 Whether to make Glance file backend a mount managed by Pacemaker.
220 Effective when GlanceBackend is 'file'.
222 GlanceFilePcmkOptions:
225 Mount options for Pacemaker mount used as Glance storage.
226 Effective when GlanceFilePcmkManage is true.
228 HAProxySyslogAddress:
230 description: Syslog address where HAproxy will send its log
234 description: Number of workers for Glance service.
237 description: The password for the Heat service and db account, used by the Heat services.
240 HeatStackDomainAdminPassword:
241 description: Password for heat_domain_admin user.
244 HeatAuthEncryptionKey:
245 description: Auth encryption key for heat-engine
250 description: A list of IP/Hostname allowed to connect to horizon
251 type: comma_delimited_list
254 description: Number of workers for Heat service.
260 Whether to create cron job for purging soft deleted rows in the Heat database.
262 description: Secret key for Django
267 default: overcloud-control
269 - custom_constraint: glance.image
271 default: 'REBUILD_PRESERVE_EPHEMERAL'
272 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
274 InstanceNameTemplate:
275 default: 'instance-%08x'
276 description: Template string to be used to generate instance names
280 description: Name of an existing Nova key pair to enable SSH access to the instances
283 - custom_constraint: nova.keypair
284 KeystoneCACertificate:
286 description: Keystone self-signed certificate authority certificate.
288 KeystoneEnableDBPurge:
291 Whether to create cron job for purging soft deleted rows in Keystone database.
293 KeystoneSigningCertificate:
295 description: Keystone certificate for verifying token validity.
299 description: Keystone key for signing tokens.
302 KeystoneSSLCertificate:
304 description: Keystone certificate for verifying token validity.
306 KeystoneSSLCertificateKey:
308 description: Keystone key for signing tokens.
311 KeystoneNotificationDriver:
312 description: Comma-separated list of Oslo notification drivers used by Keystone
313 default: ['messaging']
314 type: comma_delimited_list
315 KeystoneNotificationFormat:
316 description: The Keystone notification format
320 - allowed_values: [ 'basic', 'cadf' ]
324 description: Keystone region for endpoint
327 description: Whether to manage IPtables rules.
331 description: Whether IPtables rules should be purged before setting up the new ones.
335 description: Number of workers for Keystone service.
342 description: The password for the sahara service account, used by sahara-api.
345 MysqlClusterUniquePart:
346 description: A unique identifier of the MySQL cluster the controller is in.
348 default: 'unset' # Has to be here because of the ignored empty value bug
349 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
351 # - length: {min: 4, max: 10}
352 MysqlInnodbBufferPoolSize:
354 Specifies the size of the buffer pool in megabytes. Setting to
355 zero should be interpreted as "no value" and will defer to the
360 description: Configures MySQL max_connections config setting
366 default: '' # Has to be here because of the ignored empty value bug
367 NeutronExternalNetworkBridge:
368 description: Name of bridge used for external network traffic.
371 NeutronBridgeMappings:
373 The OVS logical->physical bridge mappings to use. See the Neutron
374 documentation for details. Defaults to mapping br-ex - the external
375 bridge on hosts - to a physical name 'datacentre' which can be used
376 to create provider networks (and we use this for the default floating
377 network) - if changing this either use different post-install network
378 scripts or be sure to keep 'datacentre' as a mapping network name.
379 type: comma_delimited_list
380 default: "datacentre:br-ex"
381 NeutronDnsmasqOptions:
382 default: 'dhcp-option-force=26,1400'
383 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
385 NeutronEnableDHCPAgent:
386 description: Knob to enable/disable DHCP Agent
389 NeutronEnableL3Agent:
390 description: Knob to enable/disable L3 agent
393 NeutronEnableMetadataAgent:
394 description: Knob to enable/disable Metadata agent
397 NeutronEnableOVSAgent:
398 description: Knob to enable/disable OVS Agent
403 description: Agent mode for the neutron-l3-agent on the controller hosts
407 description: Whether to enable l3-agent HA
409 NeutronDhcpAgentsPerNetwork:
412 description: The number of neutron dhcp agents to schedule per network
415 description: Whether to configure Neutron Distributed Virtual Routers
417 NeutronMetadataProxySharedSecret:
418 description: Shared secret to prevent spoofing
424 The core plugin for Neutron. The value should be the entrypoint to be loaded
425 from neutron.core_plugins namespace.
427 NeutronServicePlugins:
428 default: "router,qos"
430 Comma-separated list of service plugin entrypoints to be loaded from the
431 neutron.service_plugins namespace.
432 type: comma_delimited_list
434 default: "vxlan,vlan,flat,gre"
436 Comma-separated list of network type driver entrypoints to be loaded.
437 type: comma_delimited_list
438 NeutronMechanismDrivers:
439 default: 'openvswitch'
441 The mechanism drivers for the Neutron tenant network.
442 type: comma_delimited_list
443 NeutronAllowL3AgentFailover:
445 description: Allow automatic l3-agent failover
447 NeutronEnableIsolatedMetadata:
449 description: If True, DHCP provide metadata route to VM.
451 NeutronEnableTunnelling:
457 Enable/disable the L2 population feature in the Neutron agents.
460 type: comma_delimited_list
461 default: 'datacentre'
462 description: If set, flat networks to configure in neutron plugins.
465 description: Whether to enable l3-agent HA
469 description: The tenant network type for Neutron.
470 type: comma_delimited_list
471 NeutronNetworkVLANRanges:
472 default: 'datacentre:1:1000'
474 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
475 Neutron documentation for permitted values. Defaults to permitting any
476 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
477 type: comma_delimited_list
479 description: The password for the neutron service and db account, used by neutron agents.
482 NeutronPublicInterface:
484 description: What interface to bridge onto br-ex for network nodes.
486 NeutronPublicInterfaceTag:
489 VLAN tag for creating a public VLAN. The tag will be used to
490 create an access port on the exterior bridge for each control plane node,
491 and that port will be given the IP address returned by neutron from the
492 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
493 overcloud.yaml to include the deployment of VLAN ports to the control
496 NeutronPublicInterfaceDefaultRoute:
498 description: A custom default route for the NeutronPublicInterface.
500 NeutronPublicInterfaceIP:
502 description: A custom IP address to put onto the NeutronPublicInterface.
504 NeutronPublicInterfaceRawDevice:
506 description: If set, the public interface is a vlan with this device as the raw device.
510 The default MTU for tenant networks. For VXLAN/GRE tunneling, this should
511 be at least 50 bytes smaller than the MTU on the physical network. This
512 value will be used to set the MTU on the virtual Ethernet device.
513 This number is related to the value of NeutronDnsmasqOptions, since that
514 will determine the MTU that is assigned to the VM host through DHCP.
520 The tunnel types for the Neutron tenant network.
521 type: comma_delimited_list
522 NeutronTunnelIdRanges:
524 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
525 of GRE tunnel IDs that are available for tenant network allocation
526 default: ["1:4094", ]
527 type: comma_delimited_list
530 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
531 of VXLAN VNI IDs that are available for tenant network allocation
532 default: ["1:4094", ]
533 type: comma_delimited_list
534 NeutronPluginExtensions:
535 default: "qos,port_security"
537 Comma-separated list of extensions enabled for the Neutron plugin.
538 type: comma_delimited_list
539 NeutronAgentExtensions:
542 Comma-separated list of extensions enabled for the Neutron agents.
543 type: comma_delimited_list
549 description: Number of workers for Neutron service.
554 Whether to create cron job for purging soft deleted rows in Nova database.
557 description: The password for the nova service and db account, used by nova-api.
562 description: Number of workers for Nova service.
566 description: Should MongoDb journaling be disabled
570 description: Comma-separated list of ntp servers
571 type: comma_delimited_list
574 description: The password for the 'pcsd' user.
576 PublicVirtualInterface:
579 Specifies the interface where the public-facing virtual ip will be assigned.
580 This should be int_public when a VLAN is being used.
584 default: '' # Has to be here because of the ignored empty value bug
587 default: '' # Has to be here because of the ignored empty value bug
591 description: The password for RabbitMQ
596 description: The username for RabbitMQ
601 Rabbit client subscriber parameter to specify
602 an SSL connection to the RabbitMQ host.
606 description: Set rabbit subscriber port, change this if using SSL
610 description: Configures RabbitMQ FD limit
614 default: '' # Has to be here because of the ignored empty value bug
615 SnmpdReadonlyUserName:
616 default: ro_snmp_user
617 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
619 SnmpdReadonlyUserPassword:
620 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
624 description: A random string to be used as a salt when hashing to determine mappings
630 description: Value of mount_check in Swift account/container/object -server.conf
635 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
638 description: Partition Power to use when building Swift rings
641 description: The password for the swift service account, used by the swift proxy
651 description: How many replicas to use in the swift rings.
654 description: Number of workers for Swift service.
658 description: The timezone to be set on controller nodes.
660 UpgradeLevelNovaCompute:
662 description: Nova Compute upgrade level
664 VirtualIP: # DEPRECATED: use per service settings instead
666 default: '' # Has to be here because of the ignored empty value bug
673 GlanceRegistryVirtualIP:
679 KeystoneAdminApiVirtualIP:
682 KeystonePublicApiVirtualIP:
688 EnablePackageInstall:
690 description: Set to true to enable package installation via Puppet
694 description: Mapping of service_name -> network name. Typically set
695 via parameter_defaults in the resource registry.
699 description: Mapping of service endpoint -> protocol. Typically set
700 via parameter_defaults in the resource registry.
706 Setting to a previously unused value during stack-update will trigger
707 package update on all nodes
710 default: '' # Defaults to Heat created hostname
714 description: Optional mapping to override hostnames
715 NetworkDeploymentActions:
716 type: comma_delimited_list
718 Heat action when to apply network configuration changes
723 SoftwareConfigTransport:
724 default: POLL_SERVER_CFN
726 How the server should receive the metadata required for software configuration.
729 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
734 The DNS domain used for the hosts. This should match the dhcp_domain
735 configured in the Undercloud neutron. Defaults to localdomain.
739 Extra properties or metadata passed to Nova for the created nodes in
740 the overcloud. It's accessible via the Nova metadata API.
744 description: Optional scheduler hints to pass to nova
750 type: OS::Nova::Server
752 image: {get_param: Image}
753 image_update_policy: {get_param: ImageUpdatePolicy}
754 flavor: {get_param: Flavor}
755 key_name: {get_param: KeyName}
758 user_data_format: SOFTWARE_CONFIG
759 user_data: {get_resource: UserData}
762 template: {get_param: Hostname}
763 params: {get_param: HostnameMap}
764 software_config_transport: {get_param: SoftwareConfigTransport}
765 metadata: {get_param: ServerMetadata}
766 scheduler_hints: {get_param: SchedulerHints}
768 # Combine the NodeAdminUserData and NodeUserData mime archives
770 type: OS::Heat::MultipartMime
773 - config: {get_resource: NodeAdminUserData}
775 - config: {get_resource: NodeUserData}
778 # Creates the "heat-admin" user if configured via the environment
779 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
781 type: OS::TripleO::NodeAdminUserData
783 # For optional operator additional userdata
784 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
786 type: OS::TripleO::NodeUserData
789 type: OS::TripleO::Controller::Ports::ExternalPort
791 IPPool: {get_param: ControllerIPs}
792 NodeIndex: {get_param: NodeIndex}
793 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
796 type: OS::TripleO::Controller::Ports::InternalApiPort
798 IPPool: {get_param: ControllerIPs}
799 NodeIndex: {get_param: NodeIndex}
800 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
803 type: OS::TripleO::Controller::Ports::StoragePort
805 IPPool: {get_param: ControllerIPs}
806 NodeIndex: {get_param: NodeIndex}
807 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
810 type: OS::TripleO::Controller::Ports::StorageMgmtPort
812 IPPool: {get_param: ControllerIPs}
813 NodeIndex: {get_param: NodeIndex}
814 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
817 type: OS::TripleO::Controller::Ports::TenantPort
819 IPPool: {get_param: ControllerIPs}
820 NodeIndex: {get_param: NodeIndex}
821 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
824 type: OS::TripleO::Controller::Ports::ManagementPort
826 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
829 type: OS::TripleO::Network::Ports::NetIpMap
831 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
832 ExternalIp: {get_attr: [ExternalPort, ip_address]}
833 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
834 StorageIp: {get_attr: [StoragePort, ip_address]}
835 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
836 TenantIp: {get_attr: [TenantPort, ip_address]}
837 ManagementIp: {get_attr: [ManagementPort, ip_address]}
840 type: OS::TripleO::Network::Ports::NetIpSubnetMap
842 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
843 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
844 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
845 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
846 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
847 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
848 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
851 type: OS::TripleO::Controller::Net::SoftwareConfig
853 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
854 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
855 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
856 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
857 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
858 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
859 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
862 type: OS::TripleO::SoftwareDeployment
864 name: NetworkDeployment
865 config: {get_resource: NetworkConfig}
866 server: {get_resource: Controller}
867 actions: {get_param: NetworkDeploymentActions}
870 interface_name: {get_param: NeutronPublicInterface}
872 # Resource for site-specific injection of root certificate
874 depends_on: NetworkDeployment
875 type: OS::TripleO::NodeTLSCAData
877 server: {get_resource: Controller}
879 # Resource for site-specific passing of private keys/certificates
881 depends_on: NodeTLSCAData
882 type: OS::TripleO::NodeTLSData
884 server: {get_resource: Controller}
885 NodeIndex: {get_param: NodeIndex}
888 ControllerDeployment:
889 type: OS::TripleO::SoftwareDeployment
890 depends_on: NetworkDeployment
892 name: ControllerDeployment
893 config: {get_resource: ControllerConfig}
894 server: {get_resource: Controller}
896 bootstack_nodeid: {get_attr: [Controller, name]}
897 ceilometer_workers: {get_param: CeilometerWorkers}
898 cinder_workers: {get_param: CinderWorkers}
899 glance_workers: {get_param: GlanceWorkers}
900 heat_workers: {get_param: HeatWorkers}
901 keystone_workers: {get_param: KeystoneWorkers}
902 nova_workers: {get_param: NovaWorkers}
903 neutron_workers: {get_param: NeutronWorkers}
904 swift_workers: {get_param: SwiftWorkers}
905 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
906 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
907 neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
908 haproxy_log_address: {get_param: HAProxySyslogAddress}
909 heat.watch_server_url:
913 - {get_param: HeatApiVirtualIP}
915 heat.metadata_server_url:
919 - {get_param: HeatApiVirtualIP}
921 heat.waitcondition_server_url:
925 - {get_param: HeatApiVirtualIP}
926 - ':8000/v1/waitcondition'
927 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
928 heat_enable_db_purge: {get_param: HeatEnableDBPurge}
929 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
930 horizon_secret: {get_param: HorizonSecret}
931 admin_email: {get_param: AdminEmail}
932 admin_password: {get_param: AdminPassword}
933 admin_token: {get_param: AdminToken}
934 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
935 debug: {get_param: Debug}
936 cinder_enable_db_purge: {get_param: CinderEnableDBPurge}
937 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
938 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
939 cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
944 SERVERS: {get_param: CinderNfsServers}
945 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
946 cinder_password: {get_param: CinderPassword}
947 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
948 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
949 cinder_backend_config: {get_param: CinderBackendConfig}
953 - - 'mysql+pymysql://cinder:'
954 - {get_param: CinderPassword}
956 - {get_param: MysqlVirtualIP}
958 glance_port: {get_param: [EndpointMap, GlanceInternal, port]}
959 glance_password: {get_param: GlancePassword}
960 glance_backend: {get_param: GlanceBackend}
961 glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice}
962 glance_file_pcmk_fstype: {get_param: GlanceFilePcmkFstype}
963 glance_file_pcmk_manage: {get_param: GlanceFilePcmkManage}
964 glance_file_pcmk_options: {get_param: GlanceFilePcmkOptions}
965 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
966 glance_log_file: {get_param: GlanceLogFile}
970 - - 'mysql+pymysql://glance:'
971 - {get_param: GlancePassword}
973 - {get_param: MysqlVirtualIP}
975 heat_password: {get_param: HeatPassword}
976 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
980 - - 'mysql+pymysql://heat:'
981 - {get_param: HeatPassword}
983 - {get_param: MysqlVirtualIP}
985 keystone_ca_certificate: {get_param: KeystoneCACertificate}
986 keystone_signing_key: {get_param: KeystoneSigningKey}
987 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
988 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
989 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
990 keystone_notification_driver: {get_param: KeystoneNotificationDriver}
991 keystone_notification_format: {get_param: KeystoneNotificationFormat}
992 keystone_enable_db_purge: {get_param: KeystoneEnableDBPurge}
996 - - 'mysql+pymysql://keystone:'
997 - {get_param: AdminToken}
999 - {get_param: MysqlVirtualIP}
1001 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
1002 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
1003 keystone_public_url: { get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
1004 keystone_internal_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
1005 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
1006 enable_fencing: {get_param: EnableFencing}
1007 enable_galera: {get_param: EnableGalera}
1008 enable_load_balancer: {get_param: EnableLoadBalancer}
1009 enable_ceph_storage: {get_param: EnableCephStorage}
1010 enable_swift_storage: {get_param: EnableSwiftStorage}
1011 manage_firewall: {get_param: ManageFirewall}
1012 purge_firewall_rules: {get_param: PurgeFirewallRules}
1013 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
1014 mysql_max_connections: {get_param: MysqlMaxConnections}
1015 mysql_root_password: {get_param: MysqlRootPassword}
1018 template: tripleo-CLUSTER
1020 CLUSTER: {get_param: MysqlClusterUniquePart}
1021 neutron_flat_networks:
1025 NETWORKS: {get_param: NeutronFlatNetworks}
1026 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
1027 neutron_agent_mode: {get_param: NeutronAgentMode}
1028 neutron_router_distributed: {get_param: NeutronDVR}
1029 neutron_core_plugin: {get_param: NeutronCorePlugin}
1030 neutron_service_plugins:
1034 PLUGINS: {get_param: NeutronServicePlugins}
1035 neutron_type_drivers:
1039 DRIVERS: {get_param: NeutronTypeDrivers}
1040 neutron_enable_dhcp_agent: {get_param: NeutronEnableDHCPAgent}
1041 neutron_enable_l3_agent: {get_param: NeutronEnableL3Agent}
1042 neutron_enable_metadata_agent: {get_param: NeutronEnableMetadataAgent}
1043 neutron_enable_ovs_agent: {get_param: NeutronEnableOVSAgent}
1044 neutron_mechanism_drivers:
1046 template: MECHANISMS
1048 MECHANISMS: {get_param: NeutronMechanismDrivers}
1049 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
1050 neutron_l3_ha: {get_param: NeutronL3HA}
1051 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
1052 neutron_network_vlan_ranges:
1056 RANGES: {get_param: NeutronNetworkVLANRanges}
1057 neutron_bridge_mappings:
1061 MAPPINGS: {get_param: NeutronBridgeMappings}
1062 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
1063 neutron_public_interface: {get_param: NeutronPublicInterface}
1064 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
1065 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
1066 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
1067 neutron_tunnel_id_ranges:
1071 RANGES: {get_param: NeutronTunnelIdRanges}
1076 RANGES: {get_param: NeutronVniRanges}
1077 neutron_tenant_network_types:
1081 TYPES: {get_param: NeutronNetworkType}
1082 neutron_tunnel_types:
1086 TYPES: {get_param: NeutronTunnelTypes}
1087 neutron_plugin_extensions:
1089 template: PLUGIN_EXTENSIONS
1091 PLUGIN_EXTENSIONS: {get_param: NeutronPluginExtensions}
1092 neutron_agent_extensions:
1094 template: AGENT_EXTENSIONS
1096 AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
1097 neutron_password: {get_param: NeutronPassword}
1098 neutron_tenant_mtu: {get_param: NeutronTenantMtu}
1099 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
1103 - - 'mysql+pymysql://neutron:'
1104 - {get_param: NeutronPassword}
1106 - {get_param: MysqlVirtualIP}
1107 - '/ovs_neutron?charset=utf8'
1108 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
1109 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
1110 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
1111 neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
1112 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
1113 ceilometer_backend: {get_param: CeilometerBackend}
1114 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
1115 ceilometer_password: {get_param: CeilometerPassword}
1116 aodh_password: {get_param: AodhPassword}
1117 ceilometer_coordination_url:
1121 - {get_param: RedisVirtualIP}
1126 - - 'mysql+pymysql://ceilometer:'
1127 - {get_param: CeilometerPassword}
1129 - {get_param: MysqlVirtualIP}
1131 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
1132 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
1133 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
1134 nova_password: {get_param: NovaPassword}
1138 - - 'mysql+pymysql://nova:'
1139 - {get_param: NovaPassword}
1141 - {get_param: MysqlVirtualIP}
1146 - - 'mysql+pymysql://nova_api:'
1147 - {get_param: NovaPassword}
1149 - {get_param: MysqlVirtualIP}
1151 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
1152 instance_name_template: {get_param: InstanceNameTemplate}
1153 fencing_config: {get_param: FencingConfig}
1154 pcsd_password: {get_param: PcsdPassword}
1155 rabbit_username: {get_param: RabbitUserName}
1156 rabbit_password: {get_param: RabbitPassword}
1157 rabbit_cookie: {get_param: RabbitCookie}
1158 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
1159 rabbit_client_port: {get_param: RabbitClientPort}
1160 mongodb_no_journal: {get_param: MongoDbNoJournal}
1161 # We need to force this into quotes or hiera will return integer causing
1162 # the puppet module validation regexp to fail.
1163 # Remove when: https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/401
1168 LIMIT: {get_param: RabbitFDLimit}
1169 ntp_servers: {get_param: NtpServer}
1170 timezone: {get_param: TimeZone}
1171 control_virtual_interface: {get_param: ControlVirtualInterface}
1172 public_virtual_interface: {get_param: PublicVirtualInterface}
1173 swift_hash_suffix: {get_param: SwiftHashSuffix}
1174 swift_password: {get_param: SwiftPassword}
1175 swift_part_power: {get_param: SwiftPartPower}
1176 swift_replicas: {get_param: SwiftReplicas}
1177 swift_min_part_hours: {get_param: SwiftMinPartHours}
1178 swift_mount_check: {get_param: SwiftMountCheck}
1179 enable_package_install: {get_param: EnablePackageInstall}
1180 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
1181 sahara_password: {get_param: SaharaPassword}
1185 - - 'mysql://sahara:'
1186 - {get_param: SaharaPassword}
1188 - {get_param: MysqlVirtualIP}
1190 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
1191 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1192 cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
1193 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
1194 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
1195 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
1196 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
1197 glance_registry_host: {get_param: GlanceRegistryVirtualIP}
1198 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
1199 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
1200 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
1201 keystone_region: {get_param: KeystoneRegion}
1202 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
1203 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
1204 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
1205 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
1206 aodh_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]}
1207 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
1208 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
1209 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
1210 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
1211 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
1212 redis_vip: {get_param: RedisVirtualIP}
1213 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
1214 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1215 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
1216 mysql_virtual_ip: {get_param: MysqlVirtualIP}
1217 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
1218 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1219 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1221 # Map heat metadata into hiera datafiles
1223 type: OS::Heat::StructuredConfig
1225 group: os-apply-config
1230 - heat_config_%{::deploy_config_name}
1231 - controller_extraconfig
1236 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
1237 - ceph_cluster # provided by CephClusterConfig
1239 - bootstrap_node # provided by BootstrapNodeConfig
1240 - all_nodes # provided by allNodesConfig
1241 - vip_data # provided by vip-config
1244 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
1245 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
1246 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
1247 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
1248 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
1249 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
1250 - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
1251 - midonet_data #Optionally provided by AllNodesExtraConfig
1252 - neutron_opencontrail_data # Optionally provided by ControllerExtraConfigPre
1254 controller_extraconfig:
1255 mapped_data: {get_param: ControllerExtraConfig}
1257 mapped_data: {get_param: ExtraConfig}
1259 raw_data: {get_file: hieradata/common.yaml}
1261 raw_data: {get_file: hieradata/ceph.yaml}
1263 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
1264 ceph::profile::params::public_network: {get_input: ceph_public_network}
1265 ceph::mon::public_addr: {get_input: ceph_public_ip}
1267 raw_data: {get_file: hieradata/database.yaml}
1269 raw_data: {get_file: hieradata/object.yaml}
1271 raw_data: {get_file: hieradata/controller.yaml}
1272 mapped_data: # data supplied directly to this deployment configuration, etc
1273 bootstack_nodeid: {get_input: bootstack_nodeid}
1276 enable_fencing: {get_input: enable_fencing}
1277 enable_load_balancer: {get_input: enable_load_balancer}
1278 hacluster_pwd: {get_input: pcsd_password}
1279 tripleo::fencing::config: {get_input: fencing_config}
1282 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
1283 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
1284 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
1285 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
1286 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
1287 swift::proxy::authtoken::admin_password: {get_input: swift_password}
1288 swift::proxy::workers: {get_input: swift_workers}
1289 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
1290 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
1291 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
1292 swift_mount_check: {get_input: swift_mount_check}
1294 # NOTE(dprince): build_ring support is currently not wired in.
1295 # See: https://review.openstack.org/#/c/109225/
1296 tripleo::ringbuilder::build_ring: True
1299 cinder_enable_db_purge: {get_input: cinder_enable_db_purge}
1300 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
1301 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
1302 cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
1303 cinder_nfs_servers: {get_input: cinder_nfs_servers}
1304 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
1305 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
1306 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
1307 cinder::database_connection: {get_input: cinder_dsn}
1308 cinder::api::keystone_password: {get_input: cinder_password}
1309 cinder::api::auth_uri: {get_input: keystone_auth_uri}
1310 cinder::api::identity_uri: {get_input: keystone_identity_uri}
1311 cinder::api::bind_host: {get_input: cinder_api_network}
1312 cinder::rabbit_userid: {get_input: rabbit_username}
1313 cinder::rabbit_password: {get_input: rabbit_password}
1314 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1315 cinder::rabbit_port: {get_input: rabbit_client_port}
1316 cinder::debug: {get_input: debug}
1317 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
1318 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
1319 cinder_backend_config: {get_input: CinderBackendConfig}
1320 cinder::db::mysql::password: {get_input: cinder_password}
1323 glance::api::bind_port: {get_input: glance_port}
1324 glance::api::bind_host: {get_input: glance_api_network}
1325 glance::api::auth_uri: {get_input: keystone_auth_uri}
1326 glance::api::identity_uri: {get_input: keystone_identity_uri}
1327 glance::api::registry_host: {get_input: glance_registry_host}
1328 glance::api::keystone_password: {get_input: glance_password}
1329 glance::api::debug: {get_input: debug}
1330 glance::api::workers: {get_input: glance_workers}
1331 glance_notifier_strategy: {get_input: glance_notifier_strategy}
1332 glance_log_file: {get_input: glance_log_file}
1333 glance_log_file: {get_input: glance_log_file}
1334 glance::api::database_connection: {get_input: glance_dsn}
1335 glance::registry::keystone_password: {get_input: glance_password}
1336 glance::registry::database_connection: {get_input: glance_dsn}
1337 glance::registry::bind_host: {get_input: glance_registry_network}
1338 glance::registry::auth_uri: {get_input: keystone_auth_uri}
1339 glance::registry::identity_uri: {get_input: keystone_identity_uri}
1340 glance::registry::debug: {get_input: debug}
1341 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_uri}
1342 glance::registry::workers: {get_input: glance_workers}
1343 glance::backend::swift::swift_store_user: service:glance
1344 glance::backend::swift::swift_store_key: {get_input: glance_password}
1345 glance_backend: {get_input: glance_backend}
1346 glance::db::mysql::password: {get_input: glance_password}
1347 glance_file_pcmk_device: {get_input: glance_file_pcmk_device}
1348 glance_file_pcmk_fstype: {get_input: glance_file_pcmk_fstype}
1349 glance_file_pcmk_manage: {get_input: glance_file_pcmk_manage}
1350 glance_file_pcmk_options: {get_input: glance_file_pcmk_options}
1351 glance::notify::rabbitmq::rabbit_userid: {get_input: rabbit_username}
1352 glance::notify::rabbitmq::rabbit_password: {get_input: rabbit_password}
1353 glance::notify::rabbitmq::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1356 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
1357 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
1358 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
1359 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
1360 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
1361 heat::rabbit_userid: {get_input: rabbit_username}
1362 heat::rabbit_password: {get_input: rabbit_password}
1363 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1364 heat::rabbit_port: {get_input: rabbit_client_port}
1365 heat::auth_uri: {get_input: keystone_auth_uri}
1366 heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
1367 heat::identity_uri: {get_input: keystone_identity_uri}
1368 heat::keystone_password: {get_input: heat_password}
1369 heat::api::bind_host: {get_input: heat_api_network}
1370 heat::api::workers: {get_input: heat_workers}
1371 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
1372 heat::api_cloudwatch::workers: {get_input: heat_workers}
1373 heat::api_cfn::bind_host: {get_input: heat_api_network}
1374 heat::api_cfn::workers: {get_input: heat_workers}
1375 heat::database_connection: {get_input: heat_dsn}
1376 heat::debug: {get_input: debug}
1377 heat::db::mysql::password: {get_input: heat_password}
1378 heat_enable_db_purge: {get_input: heat_enable_db_purge}
1381 keystone::admin_token: {get_input: admin_token}
1382 keystone_ca_certificate: {get_input: keystone_ca_certificate}
1383 keystone_signing_key: {get_input: keystone_signing_key}
1384 keystone_signing_certificate: {get_input: keystone_signing_certificate}
1385 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
1386 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
1387 keystone::database_connection: {get_input: keystone_dsn}
1388 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
1389 keystone::public_bind_host: {get_input: keystone_public_api_network}
1390 keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
1391 keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
1392 keystone::debug: {get_input: debug}
1393 keystone::db::mysql::password: {get_input: admin_token}
1394 keystone::rabbit_userid: {get_input: rabbit_username}
1395 keystone::rabbit_password: {get_input: rabbit_password}
1396 keystone::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1397 keystone::rabbit_port: {get_input: rabbit_client_port}
1398 keystone::notification_driver: {get_input: keystone_notification_driver}
1399 keystone::notification_format: {get_input: keystone_notification_format}
1400 keystone::roles::admin::email: {get_input: admin_email}
1401 keystone::roles::admin::password: {get_input: admin_password}
1402 keystone::endpoint::public_url: {get_input: keystone_public_url}
1403 keystone::endpoint::internal_url: {get_input: keystone_internal_url}
1404 keystone::endpoint::admin_url: {get_input: keystone_identity_uri}
1405 keystone::endpoint::region: {get_input: keystone_region}
1406 keystone::admin_workers: {get_input: keystone_workers}
1407 keystone::public_workers: {get_input: keystone_workers}
1408 keystone_enable_db_purge: {get_input: keystone_enable_db_purge}
1409 keystone::public_endpoint: {get_input: keystone_public_url}
1411 mongodb::server::bind_ip: {get_input: mongo_db_network}
1412 mongodb::server::nojournal: {get_input: mongodb_no_journal}
1414 admin_password: {get_input: admin_password}
1415 enable_galera: {get_input: enable_galera}
1416 enable_ceph_storage: {get_input: enable_ceph_storage}
1417 enable_swift_storage: {get_input: enable_swift_storage}
1418 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
1419 mysql_max_connections: {get_input: mysql_max_connections}
1420 mysql::server::root_password: {get_input: mysql_root_password}
1421 mysql_cluster_name: {get_input: mysql_cluster_name}
1422 mysql_bind_host: {get_input: mysql_network}
1423 mysql_virtual_ip: {get_input: mysql_virtual_ip}
1426 neutron::bind_host: {get_input: neutron_api_network}
1427 neutron::rabbit_password: {get_input: rabbit_password}
1428 neutron::rabbit_user: {get_input: rabbit_username}
1429 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1430 neutron::rabbit_port: {get_input: rabbit_client_port}
1431 neutron::debug: {get_input: debug}
1432 neutron::server::auth_uri: {get_input: keystone_auth_uri}
1433 neutron::server::identity_uri: {get_input: keystone_identity_uri}
1434 neutron::server::database_connection: {get_input: neutron_dsn}
1435 neutron::server::api_workers: {get_input: neutron_workers}
1436 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
1437 neutron::network_device_mtu: {get_input: neutron_tenant_mtu}
1438 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
1439 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
1440 neutron::agents::dhcp::enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata}
1441 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
1442 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
1443 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1444 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
1445 neutron::agents::metadata::metadata_workers: {get_input: neutron_workers}
1446 neutron_agent_mode: {get_input: neutron_agent_mode}
1447 neutron_router_distributed: {get_input: neutron_router_distributed}
1448 neutron::core_plugin: {get_input: neutron_core_plugin}
1449 neutron::service_plugins: {get_input: neutron_service_plugins}
1450 neutron::enable_dhcp_agent: {get_input: neutron_enable_dhcp_agent}
1451 neutron::enable_l3_agent: {get_input: neutron_enable_l3_agent}
1452 neutron::enable_metadata_agent: {get_input: neutron_enable_metadata_agent}
1453 neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent}
1454 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
1455 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
1456 neutron::plugins::ml2::extension_drivers: {get_input: neutron_plugin_extensions}
1457 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
1458 neutron::server::l3_ha: {get_input: neutron_l3_ha}
1459 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
1460 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
1461 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
1462 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
1463 neutron::agents::ml2::ovs::bridge_mappings: {get_input: neutron_bridge_mappings}
1464 neutron_public_interface: {get_input: neutron_public_interface}
1465 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
1466 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
1467 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
1468 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
1469 neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types}
1470 neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions}
1471 neutron::server::auth_password: {get_input: neutron_password}
1472 neutron::agents::metadata::auth_password: {get_input: neutron_password}
1473 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
1474 neutron_dsn: {get_input: neutron_dsn}
1475 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1476 neutron::db::mysql::password: {get_input: neutron_password}
1477 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
1478 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
1479 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
1480 neutron::keystone::auth::password: {get_input: neutron_password }
1481 neutron::keystone::auth::region: {get_input: keystone_region}
1482 neutron::server::notifications::nova_url: {get_input: nova_internal_url}
1483 neutron::server::notifications::auth_url: {get_input: neutron_auth_url}
1484 neutron::server::notifications::tenant_name: 'service'
1485 neutron::server::notifications::project_name: 'service'
1486 neutron::server::notifications::password: {get_input: nova_password}
1489 ceilometer_backend: {get_input: ceilometer_backend}
1490 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1491 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1492 ceilometer::rabbit_userid: {get_input: rabbit_username}
1493 ceilometer::rabbit_password: {get_input: rabbit_password}
1494 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1495 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1496 ceilometer::debug: {get_input: debug}
1497 ceilometer::api::host: {get_input: ceilometer_api_network}
1498 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1499 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1500 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1501 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1502 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
1503 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1504 ceilometer::db::mysql::password: {get_input: ceilometer_password}
1505 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1506 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1509 aodh::rabbit_userid: {get_input: rabbit_username}
1510 aodh::rabbit_password: {get_input: rabbit_password}
1511 aodh::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1512 aodh::rabbit_port: {get_input: rabbit_client_port}
1513 aodh::debug: {get_input: debug}
1514 aodh::wsgi::apache::ssl: false
1515 aodh::wsgi::apache::bind_host: {get_input: aodh_api_network}
1516 aodh::api::service_name: 'httpd'
1517 aodh::api::host: {get_input: aodh_api_network}
1518 aodh::api::keystone_password: {get_input: aodh_password}
1519 aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1520 aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1521 aodh::auth::auth_password: {get_input: aodh_password}
1522 aodh::db::mysql::password: {get_input: aodh_password}
1523 # for a migration path from ceilometer-alarm to aodh, we use the same database & coordination
1524 aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url}
1527 nova::rabbit_userid: {get_input: rabbit_username}
1528 nova::rabbit_password: {get_input: rabbit_password}
1529 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1530 nova::rabbit_port: {get_input: rabbit_client_port}
1531 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
1532 nova::debug: {get_input: debug}
1533 nova::api::auth_uri: {get_input: keystone_auth_uri}
1534 nova::api::identity_uri: {get_input: keystone_identity_uri}
1535 nova::api::api_bind_address: {get_input: nova_api_network}
1536 nova::api::metadata_listen: {get_input: nova_metadata_network}
1537 nova::api::admin_password: {get_input: nova_password}
1538 nova::api::osapi_compute_workers: {get_input: nova_workers}
1539 nova::api::ec2_workers: {get_input: nova_workers}
1540 nova::api::metadata_workers: {get_input: nova_workers}
1541 nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu}
1542 nova::database_connection: {get_input: nova_dsn}
1543 nova::api_database_connection: {get_input: nova_api_dsn}
1544 nova::glance_api_servers: {get_input: glance_api_servers}
1545 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1546 nova::api::instance_name_template: {get_input: instance_name_template}
1547 nova::network::neutron::neutron_password: {get_input: neutron_password}
1548 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1549 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
1550 nova::vncproxy::host: {get_input: nova_api_network}
1551 nova::db::mysql::password: {get_input: nova_password}
1552 nova::db::mysql_api::password: {get_input: nova_password}
1553 nova_enable_db_purge: {get_input: nova_enable_db_purge}
1556 apache::ip: {get_input: horizon_network}
1557 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1558 horizon::django_debug: {get_input: debug}
1559 horizon::secret_key: {get_input: horizon_secret}
1560 horizon::bind_address: {get_input: horizon_network}
1561 horizon::keystone_url: {get_input: keystone_auth_uri}
1564 sahara::host: {get_input: sahara_api_network}
1572 sahara::admin_password: {get_input: sahara_password}
1573 sahara::auth_uri: {get_input: keystone_auth_uri}
1574 sahara::admin_user: sahara
1575 sahara::identity_uri: {get_input: keystone_identity_uri}
1576 sahara::use_neutron: true
1577 sahara::database_connection: {get_input: sahara_dsn}
1578 sahara::debug: {get_input: debug}
1579 sahara::rpc_backend: rabbit
1580 sahara::rabbit_userid: {get_input: rabbit_username}
1581 sahara::rabbit_password: {get_input: rabbit_password}
1582 sahara::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1583 sahara::rabbit_port: {get_input: rabbit_client_port}
1584 sahara::db::mysql::password: {get_input: sahara_password}
1587 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1588 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1589 rabbitmq::file_limit: {get_input: rabbit_fd_limit}
1590 rabbitmq::default_user: {get_input: rabbit_username}
1591 rabbitmq::default_pass: {get_input: rabbit_password}
1593 redis::bind: {get_input: redis_network}
1594 redis_vip: {get_input: redis_vip}
1596 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1597 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1599 memcached::listen_ip: {get_input: memcached_network}
1600 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1601 ntp::servers: {get_input: ntp_servers}
1602 timezone::timezone: {get_input: timezone}
1603 control_virtual_interface: {get_input: control_virtual_interface}
1604 public_virtual_interface: {get_input: public_virtual_interface}
1605 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1606 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1607 tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address}
1608 tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1609 tripleo::packages::enable_install: {get_input: enable_package_install}
1610 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1612 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1613 ControllerExtraConfigPre:
1614 depends_on: ControllerDeployment
1615 type: OS::TripleO::ControllerExtraConfigPre
1617 server: {get_resource: Controller}
1619 # Hook for site-specific additional pre-deployment config,
1620 # applying to all nodes, e.g node registration/unregistration
1622 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1623 type: OS::TripleO::NodeExtraConfig
1625 server: {get_resource: Controller}
1628 type: OS::TripleO::Tasks::PackageUpdate
1631 type: OS::Heat::SoftwareDeployment
1633 name: UpdateDeployment
1634 config: {get_resource: UpdateConfig}
1635 server: {get_resource: Controller}
1638 get_param: UpdateIdentifier
1642 description: IP address of the server in the ctlplane network
1643 value: {get_attr: [Controller, networks, ctlplane, 0]}
1644 external_ip_address:
1645 description: IP address of the server in the external network
1646 value: {get_attr: [ExternalPort, ip_address]}
1647 internal_api_ip_address:
1648 description: IP address of the server in the internal_api network
1649 value: {get_attr: [InternalApiPort, ip_address]}
1651 description: IP address of the server in the storage network
1652 value: {get_attr: [StoragePort, ip_address]}
1653 storage_mgmt_ip_address:
1654 description: IP address of the server in the storage_mgmt network
1655 value: {get_attr: [StorageMgmtPort, ip_address]}
1657 description: IP address of the server in the tenant network
1658 value: {get_attr: [TenantPort, ip_address]}
1659 management_ip_address:
1660 description: IP address of the server in the management network
1661 value: {get_attr: [ManagementPort, ip_address]}
1663 description: Hostname of the server
1664 value: {get_attr: [Controller, name]}
1667 Node object in the format {ip: ..., name: ...} format that the corosync
1670 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1671 name: {get_attr: [Controller, name]}
1674 Server's IP address and hostname in the /etc/hosts format
1678 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
1679 EXTERNALIP EXTERNALHOST
1680 INTERNAL_APIIP INTERNAL_APIHOST
1681 STORAGEIP STORAGEHOST
1682 STORAGE_MGMTIP STORAGE_MGMTHOST
1684 MANAGEMENTIP MANAGEMENTHOST
1686 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1687 DOMAIN: {get_param: CloudDomain}
1688 PRIMARYHOST: {get_attr: [Controller, name]}
1689 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
1693 - - {get_attr: [Controller, name]}
1695 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
1699 - - {get_attr: [Controller, name]}
1701 STORAGEIP: {get_attr: [StoragePort, ip_address]}
1705 - - {get_attr: [Controller, name]}
1707 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
1711 - - {get_attr: [Controller, name]}
1713 TENANTIP: {get_attr: [TenantPort, ip_address]}
1717 - - {get_attr: [Controller, name]}
1719 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
1723 - - {get_attr: [Controller, name]}
1725 nova_server_resource:
1726 description: Heat resource handle for the Nova compute server
1728 {get_resource: Controller}
1730 description: Swift device formatted for swift-ring-builder
1733 template: 'r1z1-IP:%PORT%/d1'
1735 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1736 swift_proxy_memcache:
1737 description: Swift proxy-memcache value
1740 template: "IP:11211"
1742 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1744 description: identifier which changes if the controller configuration may need re-applying
1748 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1749 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1750 - {get_attr: [NodeTLSData, deploy_stdout]}
1751 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1752 - {get_param: UpdateIdentifier}
1753 tls_key_modulus_md5:
1754 description: MD5 checksum of the TLS Key Modulus
1755 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1756 tls_cert_modulus_md5:
1757 description: MD5 checksum of the TLS Certificate Modulus
1758 value: {get_attr: [NodeTLSData, cert_modulus_md5]}