1 heat_template_version: 2015-10-15
4 OpenStack controller node configured by Puppet.
8 default: 'admin@example.com'
9 description: The email for the keystone admin account.
13 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
17 description: The keystone auth secret and db password.
20 CeilometerApiVirtualIP:
25 description: The ceilometer backend type.
27 CeilometerMeteringSecret:
28 description: Secret shared by the ceilometer services.
32 description: The password for the ceilometer service and db account.
40 description: Number of workers for Ceilometer service.
45 Whether to create cron job for purging soft deleted rows in Cinder database.
47 CinderEnableNfsBackend:
49 description: Whether to enable or not the NFS backend for Cinder
51 CinderEnableIscsiBackend:
53 description: Whether to enable or not the Iscsi backend for Cinder
55 CinderEnableRbdBackend:
57 description: Whether to enable or not the Rbd backend for Cinder
61 description: The iSCSI helper to use with cinder.
63 CinderLVMLoopDeviceSize:
65 description: The size of the loopback file used by the cinder LVM driver.
67 CinderNfsMountOptions:
70 Mount options for NFS mounts used by Cinder NFS backend. Effective
71 when CinderEnableNfsBackend is true.
76 NFS servers used by Cinder NFS backend. Effective when
77 CinderEnableNfsBackend is true.
78 type: comma_delimited_list
80 description: The password for the cinder service and db account, used by cinder-api.
85 description: Contains parameters to configure Cinder backends. Typically
86 set via parameter_defaults in the resource registry.
90 description: Number of workers for Cinder service.
92 ControllerExtraConfig:
95 Controller specific hiera configuration data to inject into the cluster.
100 A network mapped list of IPs to assign to Controllers in the following form:
102 "internal_api": ["a.b.c.d", "e.f.g.h"],
106 ControlVirtualInterface:
108 description: Interface where virtual ip will be assigned.
112 description: Enable IPv6 in Corosync
116 description: Set to True to enable debugging on all services.
120 description: Whether to enable fencing in Pacemaker or not.
124 description: Whether to use Galera instead of regular MariaDB.
128 description: Whether to deploy a LoadBalancer on the Controller
132 description: Whether to deploy Ceph Storage (OSD) on the Controller
136 description: Whether to enable Swift Storage on the Controller
141 Additional hieradata to inject into the cluster, note that
142 ControllerExtraConfig takes precedence over ExtraConfig.
147 Pacemaker fencing configuration. The JSON should have
148 the following structure:
152 "agent": "AGENT_NAME",
153 "host_mac": "HOST_MAC_ADDRESS",
154 "params": {"PARAM_NAME": "PARAM_VALUE"}
162 "agent": "fence_xvm",
163 "host_mac": "52:54:00:aa:bb:cc",
165 "multicast_address": "225.0.0.12",
166 "port": "baremetal_0",
168 "manage_key_file": true,
169 "key_file": "/etc/fence_xvm.key",
170 "key_file_password": "abcdef"
177 description: Flavor for control nodes to request when deploying.
180 - custom_constraint: nova.flavor
181 GlanceNotifierStrategy:
182 description: Strategy to use for Glance notification queue
186 description: The filepath of the file to use for logging messages from Glance.
190 description: The password for the glance service and db account, used by the glance services.
195 description: The short name of the Glance backend to use. Should be one
196 of swift, rbd, or file
199 - allowed_values: ['swift', 'file', 'rbd']
200 GlanceFilePcmkDevice:
203 An exported storage device that should be mounted by Pacemaker
204 as Glance storage. Effective when GlanceFilePcmkManage is true.
206 GlanceFilePcmkFstype:
209 Filesystem type for Pacemaker mount used as Glance storage.
210 Effective when GlanceFilePcmkManage is true.
212 GlanceFilePcmkManage:
215 Whether to make Glance file backend a mount managed by Pacemaker.
216 Effective when GlanceBackend is 'file'.
218 GlanceFilePcmkOptions:
221 Mount options for Pacemaker mount used as Glance storage.
222 Effective when GlanceFilePcmkManage is true.
224 HAProxySyslogAddress:
226 description: Syslog address where HAproxy will send its log
230 description: Number of workers for Glance service.
233 description: The password for the Heat service and db account, used by the Heat services.
236 HeatStackDomainAdminPassword:
237 description: Password for heat_domain_admin user.
240 HeatAuthEncryptionKey:
241 description: Auth encryption key for heat-engine
246 description: A list of IP/Hostname allowed to connect to horizon
247 type: comma_delimited_list
250 description: Number of workers for Heat service.
256 Whether to create cron job for purging soft deleted rows in the Heat database.
258 description: Secret key for Django
263 default: overcloud-control
265 - custom_constraint: glance.image
267 default: 'REBUILD_PRESERVE_EPHEMERAL'
268 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
270 InstanceNameTemplate:
271 default: 'instance-%08x'
272 description: Template string to be used to generate instance names
276 description: Name of an existing Nova key pair to enable SSH access to the instances
279 - custom_constraint: nova.keypair
280 KeystoneCACertificate:
282 description: Keystone self-signed certificate authority certificate.
284 KeystoneEnableDBPurge:
287 Whether to create cron job for purging soft deleted rows in Keystone database.
289 KeystoneSigningCertificate:
291 description: Keystone certificate for verifying token validity.
295 description: Keystone key for signing tokens.
298 KeystoneSSLCertificate:
300 description: Keystone certificate for verifying token validity.
302 KeystoneSSLCertificateKey:
304 description: Keystone key for signing tokens.
307 KeystoneNotificationDriver:
308 description: Comma-separated list of Oslo notification drivers used by Keystone
309 default: ['messaging']
310 type: comma_delimited_list
311 KeystoneNotificationFormat:
312 description: The Keystone notification format
316 - allowed_values: [ 'basic', 'cadf' ]
320 description: Keystone region for endpoint
323 description: Whether to manage IPtables rules.
327 description: Whether IPtables rules should be purged before setting up the new ones.
331 description: Number of workers for Keystone service.
338 description: The password for the sahara service account, used by sahara-api.
341 MysqlClusterUniquePart:
342 description: A unique identifier of the MySQL cluster the controller is in.
344 default: 'unset' # Has to be here because of the ignored empty value bug
345 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
347 # - length: {min: 4, max: 10}
348 MysqlInnodbBufferPoolSize:
350 Specifies the size of the buffer pool in megabytes. Setting to
351 zero should be interpreted as "no value" and will defer to the
356 description: Configures MySQL max_connections config setting
362 default: '' # Has to be here because of the ignored empty value bug
363 NeutronExternalNetworkBridge:
364 description: Name of bridge used for external network traffic.
367 NeutronBridgeMappings:
369 The OVS logical->physical bridge mappings to use. See the Neutron
370 documentation for details. Defaults to mapping br-ex - the external
371 bridge on hosts - to a physical name 'datacentre' which can be used
372 to create provider networks (and we use this for the default floating
373 network) - if changing this either use different post-install network
374 scripts or be sure to keep 'datacentre' as a mapping network name.
375 type: comma_delimited_list
376 default: "datacentre:br-ex"
377 NeutronDnsmasqOptions:
378 default: 'dhcp-option-force=26,1400'
379 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
381 NeutronEnableDHCPAgent:
382 description: Knob to enable/disable DHCP Agent
385 NeutronEnableL3Agent:
386 description: Knob to enable/disable L3 agent
389 NeutronEnableMetadataAgent:
390 description: Knob to enable/disable Metadata agent
393 NeutronEnableOVSAgent:
394 description: Knob to enable/disable OVS Agent
399 description: Agent mode for the neutron-l3-agent on the controller hosts
403 description: Whether to enable l3-agent HA
405 NeutronDhcpAgentsPerNetwork:
408 description: The number of neutron dhcp agents to schedule per network
411 description: Whether to configure Neutron Distributed Virtual Routers
413 NeutronMetadataProxySharedSecret:
414 description: Shared secret to prevent spoofing
420 The core plugin for Neutron. The value should be the entrypoint to be loaded
421 from neutron.core_plugins namespace.
423 NeutronServicePlugins:
424 default: "router,qos"
426 Comma-separated list of service plugin entrypoints to be loaded from the
427 neutron.service_plugins namespace.
428 type: comma_delimited_list
430 default: "vxlan,vlan,flat,gre"
432 Comma-separated list of network type driver entrypoints to be loaded.
433 type: comma_delimited_list
434 NeutronMechanismDrivers:
435 default: 'openvswitch'
437 The mechanism drivers for the Neutron tenant network.
438 type: comma_delimited_list
439 NeutronAllowL3AgentFailover:
441 description: Allow automatic l3-agent failover
443 NeutronEnableIsolatedMetadata:
445 description: If True, DHCP provide metadata route to VM.
447 NeutronEnableTunnelling:
453 Enable/disable the L2 population feature in the Neutron agents.
456 type: comma_delimited_list
457 default: 'datacentre'
458 description: If set, flat networks to configure in neutron plugins.
461 description: Whether to enable l3-agent HA
465 description: The tenant network type for Neutron.
466 type: comma_delimited_list
467 NeutronNetworkVLANRanges:
468 default: 'datacentre:1:1000'
470 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
471 Neutron documentation for permitted values. Defaults to permitting any
472 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
473 type: comma_delimited_list
475 description: The password for the neutron service and db account, used by neutron agents.
478 NeutronPublicInterface:
480 description: What interface to bridge onto br-ex for network nodes.
482 NeutronPublicInterfaceTag:
485 VLAN tag for creating a public VLAN. The tag will be used to
486 create an access port on the exterior bridge for each control plane node,
487 and that port will be given the IP address returned by neutron from the
488 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
489 overcloud.yaml to include the deployment of VLAN ports to the control
492 NeutronPublicInterfaceDefaultRoute:
494 description: A custom default route for the NeutronPublicInterface.
496 NeutronPublicInterfaceIP:
498 description: A custom IP address to put onto the NeutronPublicInterface.
500 NeutronPublicInterfaceRawDevice:
502 description: If set, the public interface is a vlan with this device as the raw device.
506 The default MTU for tenant networks. For VXLAN/GRE tunneling, this should
507 be at least 50 bytes smaller than the MTU on the physical network. This
508 value will be used to set the MTU on the virtual Ethernet device.
509 This number is related to the value of NeutronDnsmasqOptions, since that
510 will determine the MTU that is assigned to the VM host through DHCP.
516 The tunnel types for the Neutron tenant network.
517 type: comma_delimited_list
518 NeutronTunnelIdRanges:
520 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
521 of GRE tunnel IDs that are available for tenant network allocation
522 default: ["1:4094", ]
523 type: comma_delimited_list
526 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
527 of VXLAN VNI IDs that are available for tenant network allocation
528 default: ["1:4094", ]
529 type: comma_delimited_list
530 NeutronPluginExtensions:
531 default: "qos,port_security"
533 Comma-separated list of extensions enabled for the Neutron plugin.
534 type: comma_delimited_list
535 NeutronAgentExtensions:
538 Comma-separated list of extensions enabled for the Neutron agents.
539 type: comma_delimited_list
545 description: Number of workers for Neutron service.
550 Whether to create cron job for purging soft deleted rows in Nova database.
554 description: Enable IPv6 features in Nova
557 description: The password for the nova service and db account, used by nova-api.
562 description: Number of workers for Nova service.
566 description: Should MongoDb journaling be disabled
570 description: Enable IPv6 if Mongo DB VIP is IPv6
574 description: Comma-separated list of ntp servers
575 type: comma_delimited_list
578 description: The password for the 'pcsd' user.
580 PublicVirtualInterface:
583 Specifies the interface where the public-facing virtual ip will be assigned.
584 This should be int_public when a VLAN is being used.
588 default: '' # Has to be here because of the ignored empty value bug
591 default: '' # Has to be here because of the ignored empty value bug
595 description: The password for RabbitMQ
600 description: The username for RabbitMQ
605 Rabbit client subscriber parameter to specify
606 an SSL connection to the RabbitMQ host.
610 description: Set rabbit subscriber port, change this if using SSL
614 description: Configures RabbitMQ FD limit
618 default: '' # Has to be here because of the ignored empty value bug
621 default: '' # Has to be here because of the ignored empty value bug
622 description: An IP address which is wrapped in brackets in case of IPv6
623 SnmpdReadonlyUserName:
624 default: ro_snmp_user
625 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
627 SnmpdReadonlyUserPassword:
628 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
632 description: A random string to be used as a salt when hashing to determine mappings
638 description: Value of mount_check in Swift account/container/object -server.conf
643 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
646 description: Partition Power to use when building Swift rings
649 description: The password for the swift service account, used by the swift proxy
659 description: How many replicas to use in the swift rings.
662 description: Number of workers for Swift service.
666 description: The timezone to be set on controller nodes.
668 UpgradeLevelNovaCompute:
670 description: Nova Compute upgrade level
672 VirtualIP: # DEPRECATED: use per service settings instead
674 default: '' # Has to be here because of the ignored empty value bug
684 GlanceRegistryVirtualIP:
693 KeystoneAdminApiVirtualIP:
696 KeystonePublicApiVirtualIP:
702 EnablePackageInstall:
704 description: Set to true to enable package installation via Puppet
708 description: Mapping of service_name -> network name. Typically set
709 via parameter_defaults in the resource registry.
713 description: Mapping of service endpoint -> protocol. Typically set
714 via parameter_defaults in the resource registry.
720 Setting to a previously unused value during stack-update will trigger
721 package update on all nodes
724 default: '' # Defaults to Heat created hostname
728 description: Optional mapping to override hostnames
729 NetworkDeploymentActions:
730 type: comma_delimited_list
732 Heat action when to apply network configuration changes
737 SoftwareConfigTransport:
738 default: POLL_SERVER_CFN
740 How the server should receive the metadata required for software configuration.
743 - allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
748 The DNS domain used for the hosts. This should match the dhcp_domain
749 configured in the Undercloud neutron. Defaults to localdomain.
753 Extra properties or metadata passed to Nova for the created nodes in
754 the overcloud. It's accessible via the Nova metadata API.
758 description: Optional scheduler hints to pass to nova
764 type: OS::Nova::Server
766 image: {get_param: Image}
767 image_update_policy: {get_param: ImageUpdatePolicy}
768 flavor: {get_param: Flavor}
769 key_name: {get_param: KeyName}
772 user_data_format: SOFTWARE_CONFIG
773 user_data: {get_resource: UserData}
776 template: {get_param: Hostname}
777 params: {get_param: HostnameMap}
778 software_config_transport: {get_param: SoftwareConfigTransport}
779 metadata: {get_param: ServerMetadata}
780 scheduler_hints: {get_param: SchedulerHints}
782 # Combine the NodeAdminUserData and NodeUserData mime archives
784 type: OS::Heat::MultipartMime
787 - config: {get_resource: NodeAdminUserData}
789 - config: {get_resource: NodeUserData}
792 # Creates the "heat-admin" user if configured via the environment
793 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
795 type: OS::TripleO::NodeAdminUserData
797 # For optional operator additional userdata
798 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
800 type: OS::TripleO::NodeUserData
803 type: OS::TripleO::Controller::Ports::ExternalPort
805 IPPool: {get_param: ControllerIPs}
806 NodeIndex: {get_param: NodeIndex}
807 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
810 type: OS::TripleO::Controller::Ports::InternalApiPort
812 IPPool: {get_param: ControllerIPs}
813 NodeIndex: {get_param: NodeIndex}
814 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
817 type: OS::TripleO::Controller::Ports::StoragePort
819 IPPool: {get_param: ControllerIPs}
820 NodeIndex: {get_param: NodeIndex}
821 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
824 type: OS::TripleO::Controller::Ports::StorageMgmtPort
826 IPPool: {get_param: ControllerIPs}
827 NodeIndex: {get_param: NodeIndex}
828 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
831 type: OS::TripleO::Controller::Ports::TenantPort
833 IPPool: {get_param: ControllerIPs}
834 NodeIndex: {get_param: NodeIndex}
835 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
838 type: OS::TripleO::Controller::Ports::ManagementPort
840 IPPool: {get_param: ControllerIPs}
841 NodeIndex: {get_param: NodeIndex}
842 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
845 type: OS::TripleO::Network::Ports::NetIpMap
847 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
848 ExternalIp: {get_attr: [ExternalPort, ip_address]}
849 ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
850 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
851 InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
852 StorageIp: {get_attr: [StoragePort, ip_address]}
853 StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
854 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
855 StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
856 TenantIp: {get_attr: [TenantPort, ip_address]}
857 TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
858 ManagementIp: {get_attr: [ManagementPort, ip_address]}
859 ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
862 type: OS::TripleO::Network::Ports::NetIpSubnetMap
864 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
865 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
866 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
867 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
868 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
869 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
870 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
873 type: OS::TripleO::Controller::Net::SoftwareConfig
875 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
876 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
877 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
878 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
879 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
880 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
881 ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
884 type: OS::TripleO::SoftwareDeployment
886 name: NetworkDeployment
887 config: {get_resource: NetworkConfig}
888 server: {get_resource: Controller}
889 actions: {get_param: NetworkDeploymentActions}
892 interface_name: {get_param: NeutronPublicInterface}
894 # Resource for site-specific injection of root certificate
896 depends_on: NetworkDeployment
897 type: OS::TripleO::NodeTLSCAData
899 server: {get_resource: Controller}
901 # Resource for site-specific passing of private keys/certificates
903 depends_on: NodeTLSCAData
904 type: OS::TripleO::NodeTLSData
906 server: {get_resource: Controller}
907 NodeIndex: {get_param: NodeIndex}
910 ControllerDeployment:
911 type: OS::TripleO::SoftwareDeployment
912 depends_on: NetworkDeployment
914 name: ControllerDeployment
915 config: {get_resource: ControllerConfig}
916 server: {get_resource: Controller}
918 bootstack_nodeid: {get_attr: [Controller, name]}
919 ceilometer_workers: {get_param: CeilometerWorkers}
920 cinder_workers: {get_param: CinderWorkers}
921 glance_workers: {get_param: GlanceWorkers}
922 heat_workers: {get_param: HeatWorkers}
923 keystone_workers: {get_param: KeystoneWorkers}
924 nova_workers: {get_param: NovaWorkers}
925 neutron_workers: {get_param: NeutronWorkers}
926 swift_workers: {get_param: SwiftWorkers}
927 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
928 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
929 neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
930 haproxy_log_address: {get_param: HAProxySyslogAddress}
931 heat.watch_server_url:
935 - {get_param: HeatApiVirtualIPUri}
937 heat.metadata_server_url:
941 - {get_param: HeatApiVirtualIPUri}
943 heat.waitcondition_server_url:
947 - {get_param: HeatApiVirtualIPUri}
948 - ':8000/v1/waitcondition'
949 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
950 heat_enable_db_purge: {get_param: HeatEnableDBPurge}
951 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
952 horizon_secret: {get_param: HorizonSecret}
953 admin_email: {get_param: AdminEmail}
954 admin_password: {get_param: AdminPassword}
955 admin_token: {get_param: AdminToken}
956 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
957 debug: {get_param: Debug}
958 cinder_enable_db_purge: {get_param: CinderEnableDBPurge}
959 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
960 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
961 cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
966 SERVERS: {get_param: CinderNfsServers}
967 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
968 cinder_password: {get_param: CinderPassword}
969 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
970 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
971 cinder_backend_config: {get_param: CinderBackendConfig}
975 - - 'mysql+pymysql://cinder:'
976 - {get_param: CinderPassword}
978 - {get_param: MysqlVirtualIPUri}
980 glance_port: {get_param: [EndpointMap, GlanceInternal, port]}
981 glance_password: {get_param: GlancePassword}
982 glance_backend: {get_param: GlanceBackend}
983 glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice}
984 glance_file_pcmk_fstype: {get_param: GlanceFilePcmkFstype}
985 glance_file_pcmk_manage: {get_param: GlanceFilePcmkManage}
986 glance_file_pcmk_options: {get_param: GlanceFilePcmkOptions}
987 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
988 glance_log_file: {get_param: GlanceLogFile}
992 - - 'mysql+pymysql://glance:'
993 - {get_param: GlancePassword}
995 - {get_param: MysqlVirtualIPUri}
997 heat_password: {get_param: HeatPassword}
998 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
1002 - - 'mysql+pymysql://heat:'
1003 - {get_param: HeatPassword}
1005 - {get_param: MysqlVirtualIPUri}
1007 keystone_ca_certificate: {get_param: KeystoneCACertificate}
1008 keystone_signing_key: {get_param: KeystoneSigningKey}
1009 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
1010 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
1011 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
1012 keystone_notification_driver: {get_param: KeystoneNotificationDriver}
1013 keystone_notification_format: {get_param: KeystoneNotificationFormat}
1014 keystone_enable_db_purge: {get_param: KeystoneEnableDBPurge}
1018 - - 'mysql+pymysql://keystone:'
1019 - {get_param: AdminToken}
1021 - {get_param: MysqlVirtualIPUri}
1023 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
1024 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
1025 keystone_public_url: { get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
1026 keystone_internal_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
1027 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
1028 enable_fencing: {get_param: EnableFencing}
1029 enable_galera: {get_param: EnableGalera}
1030 enable_load_balancer: {get_param: EnableLoadBalancer}
1031 enable_ceph_storage: {get_param: EnableCephStorage}
1032 enable_swift_storage: {get_param: EnableSwiftStorage}
1033 manage_firewall: {get_param: ManageFirewall}
1034 purge_firewall_rules: {get_param: PurgeFirewallRules}
1035 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
1036 mysql_max_connections: {get_param: MysqlMaxConnections}
1037 mysql_root_password: {get_param: MysqlRootPassword}
1040 template: tripleo-CLUSTER
1042 CLUSTER: {get_param: MysqlClusterUniquePart}
1043 neutron_flat_networks:
1047 NETWORKS: {get_param: NeutronFlatNetworks}
1048 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
1049 neutron_agent_mode: {get_param: NeutronAgentMode}
1050 neutron_router_distributed: {get_param: NeutronDVR}
1051 neutron_core_plugin: {get_param: NeutronCorePlugin}
1052 neutron_service_plugins:
1056 PLUGINS: {get_param: NeutronServicePlugins}
1057 neutron_type_drivers:
1061 DRIVERS: {get_param: NeutronTypeDrivers}
1062 neutron_enable_dhcp_agent: {get_param: NeutronEnableDHCPAgent}
1063 neutron_enable_l3_agent: {get_param: NeutronEnableL3Agent}
1064 neutron_enable_metadata_agent: {get_param: NeutronEnableMetadataAgent}
1065 neutron_enable_ovs_agent: {get_param: NeutronEnableOVSAgent}
1066 neutron_mechanism_drivers:
1068 template: MECHANISMS
1070 MECHANISMS: {get_param: NeutronMechanismDrivers}
1071 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
1072 neutron_l3_ha: {get_param: NeutronL3HA}
1073 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
1074 neutron_network_vlan_ranges:
1078 RANGES: {get_param: NeutronNetworkVLANRanges}
1079 neutron_bridge_mappings:
1083 MAPPINGS: {get_param: NeutronBridgeMappings}
1084 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
1085 neutron_public_interface: {get_param: NeutronPublicInterface}
1086 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
1087 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
1088 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
1089 neutron_tunnel_id_ranges:
1093 RANGES: {get_param: NeutronTunnelIdRanges}
1098 RANGES: {get_param: NeutronVniRanges}
1099 neutron_tenant_network_types:
1103 TYPES: {get_param: NeutronNetworkType}
1104 neutron_tunnel_types:
1108 TYPES: {get_param: NeutronTunnelTypes}
1109 neutron_plugin_extensions:
1111 template: PLUGIN_EXTENSIONS
1113 PLUGIN_EXTENSIONS: {get_param: NeutronPluginExtensions}
1114 neutron_agent_extensions:
1116 template: AGENT_EXTENSIONS
1118 AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
1119 neutron_password: {get_param: NeutronPassword}
1120 neutron_tenant_mtu: {get_param: NeutronTenantMtu}
1121 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
1125 - - 'mysql+pymysql://neutron:'
1126 - {get_param: NeutronPassword}
1128 - {get_param: MysqlVirtualIPUri}
1129 - '/ovs_neutron?charset=utf8'
1130 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
1131 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
1132 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
1133 neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
1134 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
1135 ceilometer_backend: {get_param: CeilometerBackend}
1136 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
1137 ceilometer_password: {get_param: CeilometerPassword}
1138 ceilometer_coordination_url:
1142 - {get_param: RedisVirtualIPUri}
1147 - - 'mysql+pymysql://ceilometer:'
1148 - {get_param: CeilometerPassword}
1150 - {get_param: MysqlVirtualIPUri}
1152 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
1153 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
1154 nova_enable_db_purge: {get_param: NovaEnableDBPurge}
1155 nova_ipv6: {get_param: NovaIPv6}
1156 corosync_ipv6: {get_param: CorosyncIPv6}
1157 nova_password: {get_param: NovaPassword}
1161 - - 'mysql+pymysql://nova:'
1162 - {get_param: NovaPassword}
1164 - {get_param: MysqlVirtualIPUri}
1169 - - 'mysql+pymysql://nova_api:'
1170 - {get_param: NovaPassword}
1172 - {get_param: MysqlVirtualIPUri}
1174 upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
1175 instance_name_template: {get_param: InstanceNameTemplate}
1176 fencing_config: {get_param: FencingConfig}
1177 pcsd_password: {get_param: PcsdPassword}
1178 rabbit_username: {get_param: RabbitUserName}
1179 rabbit_password: {get_param: RabbitPassword}
1180 rabbit_cookie: {get_param: RabbitCookie}
1181 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
1182 rabbit_client_port: {get_param: RabbitClientPort}
1183 mongodb_no_journal: {get_param: MongoDbNoJournal}
1184 mongodb_ipv6: {get_param: MongoDbIPv6}
1185 # We need to force this into quotes or hiera will return integer causing
1186 # the puppet module validation regexp to fail.
1187 # Remove when: https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/401
1192 LIMIT: {get_param: RabbitFDLimit}
1193 ntp_servers: {get_param: NtpServer}
1194 timezone: {get_param: TimeZone}
1195 control_virtual_interface: {get_param: ControlVirtualInterface}
1196 public_virtual_interface: {get_param: PublicVirtualInterface}
1197 swift_hash_suffix: {get_param: SwiftHashSuffix}
1198 swift_password: {get_param: SwiftPassword}
1199 swift_part_power: {get_param: SwiftPartPower}
1200 swift_replicas: {get_param: SwiftReplicas}
1201 swift_min_part_hours: {get_param: SwiftMinPartHours}
1202 swift_mount_check: {get_param: SwiftMountCheck}
1203 enable_package_install: {get_param: EnablePackageInstall}
1204 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
1205 sahara_password: {get_param: SaharaPassword}
1209 - - 'mysql://sahara:'
1210 - {get_param: SaharaPassword}
1212 - {get_param: MysqlVirtualIPUri}
1214 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
1215 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1216 cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
1217 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
1218 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
1219 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
1220 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
1221 glance_registry_host: {get_param: GlanceRegistryVirtualIP}
1222 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
1223 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
1224 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
1225 keystone_region: {get_param: KeystoneRegion}
1226 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
1227 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
1228 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
1229 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
1230 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
1231 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
1232 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
1233 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
1234 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
1235 redis_vip: {get_param: RedisVirtualIP}
1236 sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
1237 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1238 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
1239 mysql_virtual_ip: {get_param: MysqlVirtualIP}
1240 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
1241 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1242 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1244 # Map heat metadata into hiera datafiles
1246 type: OS::Heat::StructuredConfig
1248 group: os-apply-config
1253 - heat_config_%{::deploy_config_name}
1254 - controller_extraconfig
1259 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
1260 - ceph_cluster # provided by CephClusterConfig
1262 - bootstrap_node # provided by BootstrapNodeConfig
1263 - all_nodes # provided by allNodesConfig
1264 - vip_data # provided by vip-config
1267 - cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
1268 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
1269 - cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
1270 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
1271 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
1272 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
1273 - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
1274 - midonet_data #Optionally provided by AllNodesExtraConfig
1275 - neutron_opencontrail_data # Optionally provided by ControllerExtraConfigPre
1277 controller_extraconfig:
1278 mapped_data: {get_param: ControllerExtraConfig}
1280 mapped_data: {get_param: ExtraConfig}
1282 raw_data: {get_file: hieradata/common.yaml}
1284 raw_data: {get_file: hieradata/ceph.yaml}
1286 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
1287 ceph::profile::params::public_network: {get_input: ceph_public_network}
1288 ceph::mon::public_addr: {get_input: ceph_public_ip}
1290 raw_data: {get_file: hieradata/database.yaml}
1292 raw_data: {get_file: hieradata/object.yaml}
1294 raw_data: {get_file: hieradata/controller.yaml}
1295 mapped_data: # data supplied directly to this deployment configuration, etc
1296 bootstack_nodeid: {get_input: bootstack_nodeid}
1299 enable_fencing: {get_input: enable_fencing}
1300 enable_load_balancer: {get_input: enable_load_balancer}
1301 hacluster_pwd: {get_input: pcsd_password}
1302 corosync_ipv6: {get_input: corosync_ipv6}
1303 tripleo::fencing::config: {get_input: fencing_config}
1306 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
1307 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
1308 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
1309 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
1310 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
1311 swift::proxy::authtoken::admin_password: {get_input: swift_password}
1312 swift::proxy::workers: {get_input: swift_workers}
1313 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
1314 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
1315 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
1316 swift_mount_check: {get_input: swift_mount_check}
1318 # NOTE(dprince): build_ring support is currently not wired in.
1319 # See: https://review.openstack.org/#/c/109225/
1320 tripleo::ringbuilder::build_ring: True
1323 cinder_enable_db_purge: {get_input: cinder_enable_db_purge}
1324 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
1325 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
1326 cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
1327 cinder_nfs_servers: {get_input: cinder_nfs_servers}
1328 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
1329 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
1330 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
1331 cinder::database_connection: {get_input: cinder_dsn}
1332 cinder::api::keystone_password: {get_input: cinder_password}
1333 cinder::api::auth_uri: {get_input: keystone_auth_uri}
1334 cinder::api::identity_uri: {get_input: keystone_identity_uri}
1335 cinder::api::bind_host: {get_input: cinder_api_network}
1336 cinder::rabbit_userid: {get_input: rabbit_username}
1337 cinder::rabbit_password: {get_input: rabbit_password}
1338 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1339 cinder::rabbit_port: {get_input: rabbit_client_port}
1340 cinder::debug: {get_input: debug}
1341 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
1342 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
1343 cinder_backend_config: {get_input: CinderBackendConfig}
1344 cinder::db::mysql::password: {get_input: cinder_password}
1347 glance::api::bind_port: {get_input: glance_port}
1348 glance::api::bind_host: {get_input: glance_api_network}
1349 glance::api::auth_uri: {get_input: keystone_auth_uri}
1350 glance::api::identity_uri: {get_input: keystone_identity_uri}
1351 glance::api::registry_host: {get_input: glance_registry_host}
1352 glance::api::keystone_password: {get_input: glance_password}
1353 glance::api::debug: {get_input: debug}
1354 glance::api::workers: {get_input: glance_workers}
1355 glance_notifier_strategy: {get_input: glance_notifier_strategy}
1356 glance_log_file: {get_input: glance_log_file}
1357 glance_log_file: {get_input: glance_log_file}
1358 glance::api::database_connection: {get_input: glance_dsn}
1359 glance::registry::keystone_password: {get_input: glance_password}
1360 glance::registry::database_connection: {get_input: glance_dsn}
1361 glance::registry::bind_host: {get_input: glance_registry_network}
1362 glance::registry::auth_uri: {get_input: keystone_auth_uri}
1363 glance::registry::identity_uri: {get_input: keystone_identity_uri}
1364 glance::registry::debug: {get_input: debug}
1365 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_uri}
1366 glance::registry::workers: {get_input: glance_workers}
1367 glance::backend::swift::swift_store_user: service:glance
1368 glance::backend::swift::swift_store_key: {get_input: glance_password}
1369 glance_backend: {get_input: glance_backend}
1370 glance::db::mysql::password: {get_input: glance_password}
1371 glance_file_pcmk_device: {get_input: glance_file_pcmk_device}
1372 glance_file_pcmk_fstype: {get_input: glance_file_pcmk_fstype}
1373 glance_file_pcmk_manage: {get_input: glance_file_pcmk_manage}
1374 glance_file_pcmk_options: {get_input: glance_file_pcmk_options}
1375 glance::notify::rabbitmq::rabbit_userid: {get_input: rabbit_username}
1376 glance::notify::rabbitmq::rabbit_password: {get_input: rabbit_password}
1377 glance::notify::rabbitmq::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1380 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
1381 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
1382 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
1383 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
1384 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
1385 heat::rabbit_userid: {get_input: rabbit_username}
1386 heat::rabbit_password: {get_input: rabbit_password}
1387 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1388 heat::rabbit_port: {get_input: rabbit_client_port}
1389 heat::auth_uri: {get_input: keystone_auth_uri}
1390 heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
1391 heat::identity_uri: {get_input: keystone_identity_uri}
1392 heat::keystone_password: {get_input: heat_password}
1393 heat::api::bind_host: {get_input: heat_api_network}
1394 heat::api::workers: {get_input: heat_workers}
1395 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
1396 heat::api_cloudwatch::workers: {get_input: heat_workers}
1397 heat::api_cfn::bind_host: {get_input: heat_api_network}
1398 heat::api_cfn::workers: {get_input: heat_workers}
1399 heat::database_connection: {get_input: heat_dsn}
1400 heat::debug: {get_input: debug}
1401 heat::db::mysql::password: {get_input: heat_password}
1402 heat_enable_db_purge: {get_input: heat_enable_db_purge}
1405 keystone::admin_token: {get_input: admin_token}
1406 keystone_ca_certificate: {get_input: keystone_ca_certificate}
1407 keystone_signing_key: {get_input: keystone_signing_key}
1408 keystone_signing_certificate: {get_input: keystone_signing_certificate}
1409 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
1410 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
1411 keystone::database_connection: {get_input: keystone_dsn}
1412 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
1413 keystone::public_bind_host: {get_input: keystone_public_api_network}
1414 keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
1415 keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
1416 keystone::debug: {get_input: debug}
1417 keystone::db::mysql::password: {get_input: admin_token}
1418 keystone::rabbit_userid: {get_input: rabbit_username}
1419 keystone::rabbit_password: {get_input: rabbit_password}
1420 keystone::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1421 keystone::rabbit_port: {get_input: rabbit_client_port}
1422 keystone::notification_driver: {get_input: keystone_notification_driver}
1423 keystone::notification_format: {get_input: keystone_notification_format}
1424 keystone::roles::admin::email: {get_input: admin_email}
1425 keystone::roles::admin::password: {get_input: admin_password}
1426 keystone::endpoint::public_url: {get_input: keystone_public_url}
1427 keystone::endpoint::internal_url: {get_input: keystone_internal_url}
1428 keystone::endpoint::admin_url: {get_input: keystone_identity_uri}
1429 keystone::endpoint::region: {get_input: keystone_region}
1430 keystone::admin_workers: {get_input: keystone_workers}
1431 keystone::public_workers: {get_input: keystone_workers}
1432 keystone_enable_db_purge: {get_input: keystone_enable_db_purge}
1433 keystone::public_endpoint: {get_input: keystone_public_url}
1435 mongodb::server::bind_ip: {get_input: mongo_db_network}
1436 mongodb::server::nojournal: {get_input: mongodb_no_journal}
1437 mongodb::server::ipv6: {get_input: mongodb_ipv6}
1439 admin_password: {get_input: admin_password}
1440 enable_galera: {get_input: enable_galera}
1441 enable_ceph_storage: {get_input: enable_ceph_storage}
1442 enable_swift_storage: {get_input: enable_swift_storage}
1443 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
1444 mysql_max_connections: {get_input: mysql_max_connections}
1445 mysql::server::root_password: {get_input: mysql_root_password}
1446 mysql_cluster_name: {get_input: mysql_cluster_name}
1447 mysql_bind_host: {get_input: mysql_network}
1448 mysql_virtual_ip: {get_input: mysql_virtual_ip}
1451 neutron::bind_host: {get_input: neutron_api_network}
1452 neutron::rabbit_password: {get_input: rabbit_password}
1453 neutron::rabbit_user: {get_input: rabbit_username}
1454 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1455 neutron::rabbit_port: {get_input: rabbit_client_port}
1456 neutron::debug: {get_input: debug}
1457 neutron::server::auth_uri: {get_input: keystone_auth_uri}
1458 neutron::server::identity_uri: {get_input: keystone_identity_uri}
1459 neutron::server::database_connection: {get_input: neutron_dsn}
1460 neutron::server::api_workers: {get_input: neutron_workers}
1461 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
1462 neutron::network_device_mtu: {get_input: neutron_tenant_mtu}
1463 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
1464 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
1465 neutron::agents::dhcp::enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata}
1466 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
1467 neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
1468 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1469 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
1470 neutron::agents::metadata::metadata_workers: {get_input: neutron_workers}
1471 neutron_agent_mode: {get_input: neutron_agent_mode}
1472 neutron_router_distributed: {get_input: neutron_router_distributed}
1473 neutron::core_plugin: {get_input: neutron_core_plugin}
1474 neutron::service_plugins: {get_input: neutron_service_plugins}
1475 neutron::enable_dhcp_agent: {get_input: neutron_enable_dhcp_agent}
1476 neutron::enable_l3_agent: {get_input: neutron_enable_l3_agent}
1477 neutron::enable_metadata_agent: {get_input: neutron_enable_metadata_agent}
1478 neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent}
1479 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
1480 neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
1481 neutron::plugins::ml2::extension_drivers: {get_input: neutron_plugin_extensions}
1482 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
1483 neutron::server::l3_ha: {get_input: neutron_l3_ha}
1484 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
1485 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
1486 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
1487 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
1488 neutron::agents::ml2::ovs::bridge_mappings: {get_input: neutron_bridge_mappings}
1489 neutron_public_interface: {get_input: neutron_public_interface}
1490 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
1491 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
1492 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
1493 neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
1494 neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types}
1495 neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions}
1496 neutron::server::auth_password: {get_input: neutron_password}
1497 neutron::agents::metadata::auth_password: {get_input: neutron_password}
1498 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
1499 neutron_dsn: {get_input: neutron_dsn}
1500 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1501 neutron::db::mysql::password: {get_input: neutron_password}
1502 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
1503 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
1504 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
1505 neutron::keystone::auth::password: {get_input: neutron_password }
1506 neutron::keystone::auth::region: {get_input: keystone_region}
1507 neutron::server::notifications::nova_url: {get_input: nova_internal_url}
1508 neutron::server::notifications::auth_url: {get_input: neutron_auth_url}
1509 neutron::server::notifications::tenant_name: 'service'
1510 neutron::server::notifications::project_name: 'service'
1511 neutron::server::notifications::password: {get_input: nova_password}
1514 ceilometer_backend: {get_input: ceilometer_backend}
1515 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1516 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1517 ceilometer::rabbit_userid: {get_input: rabbit_username}
1518 ceilometer::rabbit_password: {get_input: rabbit_password}
1519 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1520 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1521 ceilometer::debug: {get_input: debug}
1522 ceilometer::api::host: {get_input: ceilometer_api_network}
1523 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1524 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1525 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1526 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1527 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
1528 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1529 ceilometer::db::mysql::password: {get_input: ceilometer_password}
1530 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1531 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1534 nova::rabbit_userid: {get_input: rabbit_username}
1535 nova::rabbit_password: {get_input: rabbit_password}
1536 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1537 nova::rabbit_port: {get_input: rabbit_client_port}
1538 nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
1539 nova::debug: {get_input: debug}
1540 nova::use_ipv6: {get_input: nova_ipv6}
1541 nova::api::auth_uri: {get_input: keystone_auth_uri}
1542 nova::api::identity_uri: {get_input: keystone_identity_uri}
1543 nova::api::api_bind_address: {get_input: nova_api_network}
1544 nova::api::metadata_listen: {get_input: nova_metadata_network}
1545 nova::api::admin_password: {get_input: nova_password}
1546 nova::api::osapi_compute_workers: {get_input: nova_workers}
1547 nova::api::ec2_workers: {get_input: nova_workers}
1548 nova::api::metadata_workers: {get_input: nova_workers}
1549 nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu}
1550 nova::database_connection: {get_input: nova_dsn}
1551 nova::api_database_connection: {get_input: nova_api_dsn}
1552 nova::glance_api_servers: {get_input: glance_api_servers}
1553 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1554 nova::api::instance_name_template: {get_input: instance_name_template}
1555 nova::network::neutron::neutron_password: {get_input: neutron_password}
1556 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1557 nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
1558 nova::vncproxy::host: {get_input: nova_api_network}
1559 nova::db::mysql::password: {get_input: nova_password}
1560 nova::db::mysql_api::password: {get_input: nova_password}
1561 nova_enable_db_purge: {get_input: nova_enable_db_purge}
1564 apache::ip: {get_input: horizon_network}
1565 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1566 horizon::django_debug: {get_input: debug}
1567 horizon::secret_key: {get_input: horizon_secret}
1568 horizon::bind_address: {get_input: horizon_network}
1569 horizon::keystone_url: {get_input: keystone_auth_uri}
1572 sahara::host: {get_input: sahara_api_network}
1580 sahara::admin_password: {get_input: sahara_password}
1581 sahara::auth_uri: {get_input: keystone_auth_uri}
1582 sahara::admin_user: sahara
1583 sahara::identity_uri: {get_input: keystone_identity_uri}
1584 sahara::use_neutron: true
1585 sahara::database_connection: {get_input: sahara_dsn}
1586 sahara::debug: {get_input: debug}
1587 sahara::rpc_backend: rabbit
1588 sahara::rabbit_userid: {get_input: rabbit_username}
1589 sahara::rabbit_password: {get_input: rabbit_password}
1590 sahara::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1591 sahara::rabbit_port: {get_input: rabbit_client_port}
1592 sahara::db::mysql::password: {get_input: sahara_password}
1595 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1596 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1597 rabbitmq::file_limit: {get_input: rabbit_fd_limit}
1598 rabbitmq::default_user: {get_input: rabbit_username}
1599 rabbitmq::default_pass: {get_input: rabbit_password}
1601 redis::bind: {get_input: redis_network}
1602 redis_vip: {get_input: redis_vip}
1604 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1605 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1607 memcached::listen_ip: {get_input: memcached_network}
1608 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1609 ntp::servers: {get_input: ntp_servers}
1610 timezone::timezone: {get_input: timezone}
1611 control_virtual_interface: {get_input: control_virtual_interface}
1612 public_virtual_interface: {get_input: public_virtual_interface}
1613 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1614 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1615 tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address}
1616 tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1617 tripleo::packages::enable_install: {get_input: enable_package_install}
1618 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1620 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1621 ControllerExtraConfigPre:
1622 depends_on: ControllerDeployment
1623 type: OS::TripleO::ControllerExtraConfigPre
1625 server: {get_resource: Controller}
1627 # Hook for site-specific additional pre-deployment config,
1628 # applying to all nodes, e.g node registration/unregistration
1630 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1631 type: OS::TripleO::NodeExtraConfig
1633 server: {get_resource: Controller}
1636 type: OS::TripleO::Tasks::PackageUpdate
1639 type: OS::Heat::SoftwareDeployment
1641 name: UpdateDeployment
1642 config: {get_resource: UpdateConfig}
1643 server: {get_resource: Controller}
1646 get_param: UpdateIdentifier
1650 description: IP address of the server in the ctlplane network
1651 value: {get_attr: [Controller, networks, ctlplane, 0]}
1652 external_ip_address:
1653 description: IP address of the server in the external network
1654 value: {get_attr: [ExternalPort, ip_address]}
1655 internal_api_ip_address:
1656 description: IP address of the server in the internal_api network
1657 value: {get_attr: [InternalApiPort, ip_address]}
1659 description: IP address of the server in the storage network
1660 value: {get_attr: [StoragePort, ip_address]}
1661 storage_mgmt_ip_address:
1662 description: IP address of the server in the storage_mgmt network
1663 value: {get_attr: [StorageMgmtPort, ip_address]}
1665 description: IP address of the server in the tenant network
1666 value: {get_attr: [TenantPort, ip_address]}
1667 management_ip_address:
1668 description: IP address of the server in the management network
1669 value: {get_attr: [ManagementPort, ip_address]}
1671 description: Hostname of the server
1672 value: {get_attr: [Controller, name]}
1675 Node object in the format {ip: ..., name: ...} format that the corosync
1678 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1679 name: {get_attr: [Controller, name]}
1682 Server's IP address and hostname in the /etc/hosts format
1686 PRIMARYIP PRIMARYHOST.DOMAIN PRIMARYHOST
1687 EXTERNALIP EXTERNALHOST
1688 INTERNAL_APIIP INTERNAL_APIHOST
1689 STORAGEIP STORAGEHOST
1690 STORAGE_MGMTIP STORAGE_MGMTHOST
1692 MANAGEMENTIP MANAGEMENTHOST
1694 PRIMARYIP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1695 DOMAIN: {get_param: CloudDomain}
1696 PRIMARYHOST: {get_attr: [Controller, name]}
1697 EXTERNALIP: {get_attr: [ExternalPort, ip_address]}
1701 - - {get_attr: [Controller, name]}
1703 INTERNAL_APIIP: {get_attr: [InternalApiPort, ip_address]}
1707 - - {get_attr: [Controller, name]}
1709 STORAGEIP: {get_attr: [StoragePort, ip_address]}
1713 - - {get_attr: [Controller, name]}
1715 STORAGE_MGMTIP: {get_attr: [StorageMgmtPort, ip_address]}
1719 - - {get_attr: [Controller, name]}
1721 TENANTIP: {get_attr: [TenantPort, ip_address]}
1725 - - {get_attr: [Controller, name]}
1727 MANAGEMENTIP: {get_attr: [ManagementPort, ip_address]}
1731 - - {get_attr: [Controller, name]}
1733 nova_server_resource:
1734 description: Heat resource handle for the Nova compute server
1736 {get_resource: Controller}
1738 description: Swift device formatted for swift-ring-builder
1741 template: 'r1z1-IP:%PORT%/d1'
1743 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1744 swift_proxy_memcache:
1745 description: Swift proxy-memcache value
1748 template: "IP:11211"
1750 IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1752 description: identifier which changes if the controller configuration may need re-applying
1756 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1757 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1758 - {get_attr: [NodeTLSData, deploy_stdout]}
1759 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1760 - {get_param: UpdateIdentifier}
1761 tls_key_modulus_md5:
1762 description: MD5 checksum of the TLS Key Modulus
1763 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1764 tls_cert_modulus_md5:
1765 description: MD5 checksum of the TLS Certificate Modulus
1766 value: {get_attr: [NodeTLSData, cert_modulus_md5]}