1 heat_template_version: 2015-04-30
4 OpenStack controller node configured by Puppet.
8 default: 'admin@example.com'
9 description: The email for the keystone admin account.
14 description: The password for the keystone admin account, used for monitoring, querying neutron etc.
19 description: The keystone auth secret and db password.
22 CeilometerApiVirtualIP:
27 description: The ceilometer backend type.
29 CeilometerMeteringSecret:
31 description: Secret shared by the ceilometer services.
36 description: The password for the ceilometer service and db account.
42 CinderEnableNfsBackend:
44 description: Whether to enable or not the NFS backend for Cinder
46 CinderEnableIscsiBackend:
48 description: Whether to enable or not the Iscsi backend for Cinder
50 CinderEnableRbdBackend:
52 description: Whether to enable or not the Rbd backend for Cinder
56 description: The iSCSI helper to use with cinder.
58 CinderLVMLoopDeviceSize:
60 description: The size of the loopback file used by the cinder LVM driver.
62 CinderNfsMountOptions:
65 Mount options for NFS mounts used by Cinder NFS backend. Effective
66 when CinderEnableNfsBackend is true.
71 NFS servers used by Cinder NFS backend. Effective when
72 CinderEnableNfsBackend is true.
73 type: comma_delimited_list
76 description: The password for the cinder service and db account, used by cinder-api.
81 description: Contains parameters to configure Cinder backends. Typically
82 set via parameter_defaults in the resource registry.
86 description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
88 ControllerExtraConfig:
91 Controller specific hiera configuration data to inject into the cluster.
93 ControlVirtualInterface:
95 description: Interface where virtual ip will be assigned.
99 description: Set to True to enable debugging on all services.
103 description: Whether to enable fencing in Pacemaker or not.
107 description: Whether to use Galera instead of regular MariaDB.
111 description: Whether to deploy a LoadBalancer on the Controller
115 description: Whether to deploy Ceph Storage (OSD) on the Controller
119 description: Whether to enable Swift Storage on the Controller
124 Additional hieradata to inject into the cluster, note that
125 ControllerExtraConfig takes precedence over ExtraConfig.
130 Pacemaker fencing configuration. The JSON should have
131 the following structure:
135 "agent": "AGENT_NAME",
136 "host_mac": "HOST_MAC_ADDRESS",
137 "params": {"PARAM_NAME": "PARAM_VALUE"}
145 "agent": "fence_xvm",
146 "host_mac": "52:54:00:aa:bb:cc",
148 "multicast_address": "225.0.0.12",
149 "port": "baremetal_0",
151 "manage_key_file": true,
152 "key_file": "/etc/fence_xvm.key",
153 "key_file_password": "abcdef"
160 description: Flavor for control nodes to request when deploying.
163 - custom_constraint: nova.flavor
164 GlanceNotifierStrategy:
165 description: Strategy to use for Glance notification queue
169 description: The filepath of the file to use for logging messages from Glance.
174 description: The password for the glance service and db account, used by the glance services.
179 description: The short name of the Glance backend to use. Should be one
180 of swift, rbd, or file
183 - allowed_values: ['swift', 'file', 'rbd']
184 GlanceFilePcmkDevice:
187 An exported storage device that should be mounted by Pacemaker
188 as Glance storage. Effective when GlanceFilePcmkManage is true.
190 GlanceFilePcmkFstype:
193 Filesystem type for Pacemaker mount used as Glance storage.
194 Effective when GlanceFilePcmkManage is true.
196 GlanceFilePcmkManage:
199 Whether to make Glance file backend a mount managed by Pacemaker.
200 Effective when GlanceBackend is 'file'.
202 GlanceFilePcmkOptions:
205 Mount options for Pacemaker mount used as Glance storage.
206 Effective when GlanceFilePcmkManage is true.
208 HAProxySyslogAddress:
210 description: Syslog address where HAproxy will send its log
214 description: The password for the Heat service and db account, used by the Heat services.
217 HeatStackDomainAdminPassword:
218 description: Password for heat_domain_admin user.
222 HeatAuthEncryptionKey:
223 description: Auth encryption key for heat-engine
228 description: A list of IP/Hostname allowed to connect to horizon
229 type: comma_delimited_list
231 description: Secret key for Django
236 default: overcloud-control
238 - custom_constraint: glance.image
240 default: 'REBUILD_PRESERVE_EPHEMERAL'
241 description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
245 description: Name of an existing EC2 KeyPair to enable SSH access to the instances
248 - custom_constraint: nova.keypair
249 KeystoneCACertificate:
251 description: Keystone self-signed certificate authority certificate.
253 KeystoneSigningCertificate:
255 description: Keystone certificate for verifying token validity.
259 description: Keystone key for signing tokens.
262 KeystoneSSLCertificate:
264 description: Keystone certificate for verifying token validity.
266 KeystoneSSLCertificateKey:
268 description: Keystone key for signing tokens.
271 KeystoneNotificationDriver:
272 description: Comma-separated list of Oslo notification drivers used by Keystone
273 default: ['messaging']
274 type: comma_delimited_list
275 KeystoneNotificationFormat:
276 description: The Keystone notification format
280 - allowed_values: [ 'basic', 'cadf' ]
284 description: Keystone region for endpoint
287 description: Whether to manage IPtables rules.
291 description: Whether IPtables rules should be purged before setting up the new ones.
293 MysqlClusterUniquePart:
294 description: A unique identifier of the MySQL cluster the controller is in.
296 default: 'unset' # Has to be here because of the ignored empty value bug
297 # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
299 # - length: {min: 4, max: 10}
300 MysqlInnodbBufferPoolSize:
302 Specifies the size of the buffer pool in megabytes. Setting to
303 zero should be interpreted as "no value" and will defer to the
308 description: Configures MySQL max_connections config setting
314 default: '' # Has to be here because of the ignored empty value bug
315 NeutronExternalNetworkBridge:
316 description: Name of bridge used for external network traffic.
319 NeutronBridgeMappings:
321 The OVS logical->physical bridge mappings to use. See the Neutron
322 documentation for details. Defaults to mapping br-ex - the external
323 bridge on hosts - to a physical name 'datacentre' which can be used
324 to create provider networks (and we use this for the default floating
325 network) - if changing this either use different post-install network
326 scripts or be sure to keep 'datacentre' as a mapping network name.
328 default: "datacentre:br-ex"
329 NeutronDnsmasqOptions:
330 default: 'dhcp-option-force=26,1400'
331 description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
335 description: Agent mode for the neutron-l3-agent on the controller hosts
339 description: Whether to enable l3-agent HA
341 NeutronDhcpAgentsPerNetwork:
344 description: The number of neutron dhcp agents to schedule per network
347 description: Whether to configure Neutron Distributed Virtual Routers
349 NeutronMetadataProxySharedSecret:
351 description: Shared secret to prevent spoofing
357 The core plugin for Neutron. The value should be the entrypoint to be loaded
358 from neutron.core_plugins namespace.
360 NeutronServicePlugins:
363 Comma-separated list of service plugin entrypoints to be loaded from the
364 neutron.service_plugins namespace.
365 type: comma_delimited_list
367 default: "vxlan,vlan,flat,gre"
369 Comma-separated list of network type driver entrypoints to be loaded.
370 type: comma_delimited_list
371 NeutronMechanismDrivers:
372 default: 'openvswitch'
374 The mechanism drivers for the Neutron tenant network. To specify multiple
375 values, use a comma separated string, like so: 'openvswitch,l2_population'
377 NeutronAllowL3AgentFailover:
379 description: Allow automatic l3-agent failover
381 NeutronEnableIsolatedMetadata:
383 description: If True, DHCP provide metadata route to VM.
385 NeutronEnableTunnelling:
391 Enable/disable the L2 population feature in the Neutron agents.
395 default: 'datacentre'
396 description: If set, flat networks to configure in neutron plugins.
399 description: Whether to enable l3-agent HA
403 description: The tenant network type for Neutron, either gre or vxlan.
405 NeutronNetworkVLANRanges:
406 default: 'datacentre'
408 The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
409 Neutron documentation for permitted values. Defaults to permitting any
410 VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
411 type: comma_delimited_list
414 description: The password for the neutron service and db account, used by neutron agents.
417 NeutronPublicInterface:
419 description: What interface to bridge onto br-ex for network nodes.
421 NeutronPublicInterfaceTag:
424 VLAN tag for creating a public VLAN. The tag will be used to
425 create an access port on the exterior bridge for each control plane node,
426 and that port will be given the IP address returned by neutron from the
427 public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
428 overcloud.yaml to include the deployment of VLAN ports to the control
431 NeutronPublicInterfaceDefaultRoute:
433 description: A custom default route for the NeutronPublicInterface.
435 NeutronPublicInterfaceIP:
437 description: A custom IP address to put onto the NeutronPublicInterface.
439 NeutronPublicInterfaceRawDevice:
441 description: If set, the public interface is a vlan with this device as the raw device.
446 The tunnel types for the Neutron tenant network. To specify multiple
447 values, use a comma separated string, like so: 'gre,vxlan'
449 NeutronTunnelIdRanges:
451 Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
452 of GRE tunnel IDs that are available for tenant network allocation
453 default: ["1:1000", ]
454 type: comma_delimited_list
457 Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
458 of VXLAN VNI IDs that are available for tenant network allocation
459 default: ["1:1000", ]
460 type: comma_delimited_list
466 description: The password for the nova service and db account, used by nova-api.
471 description: Should MongoDb journaling be disabled
475 description: Comma-separated list of ntp servers
476 type: comma_delimited_list
479 description: The password for the 'pcsd' user.
481 PublicVirtualInterface:
484 Specifies the interface where the public-facing virtual ip will be assigned.
485 This should be int_public when a VLAN is being used.
489 default: '' # Has to be here because of the ignored empty value bug
492 default: '' # Has to be here because of the ignored empty value bug
496 description: The password for RabbitMQ
501 description: The username for RabbitMQ
506 Rabbit client subscriber parameter to specify
507 an SSL connection to the RabbitMQ host.
511 description: Set rabbit subscriber port, change this if using SSL
515 description: Configures RabbitMQ FD limit
519 default: '' # Has to be here because of the ignored empty value bug
520 SnmpdReadonlyUserName:
521 default: ro_snmp_user
522 description: The user name for SNMPd with readonly rights running on all Overcloud nodes
524 SnmpdReadonlyUserPassword:
526 description: The user password for SNMPd with readonly rights running on all Overcloud nodes
531 description: A random string to be used as a salt when hashing to determine mappings
537 description: Value of mount_check in Swift account/container/object -server.conf
542 description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
545 description: Partition Power to use when building Swift rings
549 description: The password for the swift service account, used by the swift proxy
559 description: How many replicas to use in the swift rings.
560 VirtualIP: # DEPRECATED: use per service settings instead
562 default: '' # Has to be here because of the ignored empty value bug
569 GlanceRegistryVirtualIP:
575 KeystoneAdminApiVirtualIP:
578 KeystonePublicApiVirtualIP:
584 EnablePackageInstall:
586 description: Set to true to enable package installation via Puppet
590 description: Mapping of service_name -> network name. Typically set
591 via parameter_defaults in the resource registry.
595 description: Mapping of service endpoint -> protocol. Typically set
596 via parameter_defaults in the resource registry.
602 Setting to a previously unused value during stack-update will trigger
603 package update on all nodes
606 default: '' # Defaults to Heat created hostname
607 NetworkDeploymentActions:
608 type: comma_delimited_list
610 Heat action when to apply network configuration changes
619 type: OS::Nova::Server
621 image: {get_param: Image}
622 image_update_policy: {get_param: ImageUpdatePolicy}
623 flavor: {get_param: Flavor}
624 key_name: {get_param: KeyName}
627 user_data_format: SOFTWARE_CONFIG
628 user_data: {get_resource: UserData}
629 name: {get_param: Hostname}
631 # Combine the NodeAdminUserData and NodeUserData mime archives
633 type: OS::Heat::MultipartMime
636 - config: {get_resource: NodeAdminUserData}
638 - config: {get_resource: NodeUserData}
641 # Creates the "heat-admin" user if configured via the environment
642 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
644 type: OS::TripleO::NodeAdminUserData
646 # For optional operator additional userdata
647 # Should return a OS::Heat::MultipartMime reference via OS::stack_id
649 type: OS::TripleO::NodeUserData
652 type: OS::TripleO::Controller::Ports::ExternalPort
654 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
657 type: OS::TripleO::Controller::Ports::InternalApiPort
659 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
662 type: OS::TripleO::Controller::Ports::StoragePort
664 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
667 type: OS::TripleO::Controller::Ports::StorageMgmtPort
669 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
672 type: OS::TripleO::Controller::Ports::TenantPort
674 ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
677 type: OS::TripleO::Network::Ports::NetIpMap
679 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
680 ExternalIp: {get_attr: [ExternalPort, ip_address]}
681 InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
682 StorageIp: {get_attr: [StoragePort, ip_address]}
683 StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
684 TenantIp: {get_attr: [TenantPort, ip_address]}
687 type: OS::TripleO::Network::Ports::NetIpSubnetMap
689 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
690 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
691 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
692 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
693 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
694 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
697 type: OS::TripleO::Controller::Net::SoftwareConfig
699 ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
700 ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
701 InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
702 StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
703 StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
704 TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
707 type: OS::TripleO::SoftwareDeployment
709 config: {get_resource: NetworkConfig}
710 server: {get_resource: Controller}
711 actions: {get_param: NetworkDeploymentActions}
714 interface_name: {get_param: NeutronPublicInterface}
716 # Resource for site-specific injection of root certificate
718 depends_on: NetworkDeployment
719 type: OS::TripleO::NodeTLSCAData
721 server: {get_resource: Controller}
723 # Hook for site-specific passing of private keys/certificates
725 depends_on: NodeTLSCAData
726 type: OS::TripleO::NodeTLSData
728 server: {get_resource: Controller}
729 NodeIndex: {get_param: NodeIndex}
731 ControllerDeployment:
732 type: OS::TripleO::SoftwareDeployment
733 depends_on: NetworkDeployment
735 config: {get_resource: ControllerConfig}
736 server: {get_resource: Controller}
738 bootstack_nodeid: {get_attr: [Controller, name]}
739 neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
740 neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
741 neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
742 haproxy_log_address: {get_param: HAProxySyslogAddress}
743 heat.watch_server_url:
747 - {get_param: HeatApiVirtualIP}
749 heat.metadata_server_url:
753 - {get_param: HeatApiVirtualIP}
755 heat.waitcondition_server_url:
759 - {get_param: HeatApiVirtualIP}
760 - ':8000/v1/waitcondition'
761 heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
762 horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
763 horizon_secret: {get_param: HorizonSecret}
764 admin_email: {get_param: AdminEmail}
765 admin_password: {get_param: AdminPassword}
766 admin_token: {get_param: AdminToken}
767 neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
768 debug: {get_param: Debug}
769 cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
770 cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
771 cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
774 template: "['SERVERS']"
779 - {get_param: CinderNfsServers}
780 cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
781 cinder_password: {get_param: CinderPassword}
782 cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
783 cinder_iscsi_helper: {get_param: CinderISCSIHelper}
784 cinder_backend_config: {get_param: CinderBackendConfig}
788 - - 'mysql://cinder:'
789 - {get_param: CinderPassword}
791 - {get_param: MysqlVirtualIP}
793 glance_port: {get_param: [EndpointMap, GlanceInternal, port]}
794 glance_password: {get_param: GlancePassword}
795 glance_backend: {get_param: GlanceBackend}
796 glance_file_pcmk_device: {get_param: GlanceFilePcmkDevice}
797 glance_file_pcmk_fstype: {get_param: GlanceFilePcmkFstype}
798 glance_file_pcmk_manage: {get_param: GlanceFilePcmkManage}
799 glance_file_pcmk_options: {get_param: GlanceFilePcmkOptions}
800 glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
801 glance_log_file: {get_param: GlanceLogFile}
805 - - 'mysql://glance:'
806 - {get_param: GlancePassword}
808 - {get_param: MysqlVirtualIP}
810 heat_password: {get_param: HeatPassword}
811 heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
816 - {get_param: HeatPassword}
818 - {get_param: MysqlVirtualIP}
820 keystone_ca_certificate: {get_param: KeystoneCACertificate}
821 keystone_signing_key: {get_param: KeystoneSigningKey}
822 keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
823 keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
824 keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
825 keystone_notification_driver: {get_param: KeystoneNotificationDriver}
826 keystone_notification_format: {get_param: KeystoneNotificationFormat}
830 - - 'mysql://keystone:'
831 - {get_param: AdminToken}
833 - {get_param: MysqlVirtualIP}
835 keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
836 keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
837 keystone_public_url: { get_param: [EndpointMap, KeystonePublic, uri_no_suffix] }
838 keystone_internal_url: { get_param: [EndpointMap, KeystoneInternal, uri_no_suffix] }
839 keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
840 enable_fencing: {get_param: EnableFencing}
841 enable_galera: {get_param: EnableGalera}
842 enable_load_balancer: {get_param: EnableLoadBalancer}
843 enable_ceph_storage: {get_param: EnableCephStorage}
844 enable_swift_storage: {get_param: EnableSwiftStorage}
845 manage_firewall: {get_param: ManageFirewall}
846 purge_firewall_rules: {get_param: PurgeFirewallRules}
847 mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
848 mysql_max_connections: {get_param: MysqlMaxConnections}
849 mysql_root_password: {get_param: MysqlRootPassword}
852 template: tripleo-CLUSTER
854 CLUSTER: {get_param: MysqlClusterUniquePart}
855 neutron_flat_networks: {get_param: NeutronFlatNetworks}
856 neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
857 neutron_agent_mode: {get_param: NeutronAgentMode}
858 neutron_router_distributed: {get_param: NeutronDVR}
859 neutron_core_plugin: {get_param: NeutronCorePlugin}
860 neutron_service_plugins:
862 template: "['PLUGINS']"
867 - {get_param: NeutronServicePlugins}
868 neutron_type_drivers:
870 template: "['DRIVERS']"
875 - {get_param: NeutronTypeDrivers}
876 neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers}
877 neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
878 neutron_l3_ha: {get_param: NeutronL3HA}
879 neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
880 neutron_network_vlan_ranges:
882 template: "['RANGES']"
887 - {get_param: NeutronNetworkVLANRanges}
888 neutron_bridge_mappings: {get_param: NeutronBridgeMappings}
889 neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
890 neutron_public_interface: {get_param: NeutronPublicInterface}
891 neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
892 neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
893 neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
894 neutron_tenant_network_type: {get_param: NeutronNetworkType}
895 neutron_tunnel_types: {get_param: NeutronTunnelTypes}
896 neutron_tunnel_id_ranges:
898 template: "['RANGES']"
903 - {get_param: NeutronTunnelIdRanges}
906 template: "['RANGES']"
911 - {get_param: NeutronVniRanges}
912 neutron_password: {get_param: NeutronPassword}
913 neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
917 - - 'mysql://neutron:'
918 - {get_param: NeutronPassword}
920 - {get_param: MysqlVirtualIP}
921 - '/ovs_neutron?charset=utf8'
922 neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
923 neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
924 neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
925 neutron_admin_auth_url: { get_param: [ EndpointMap, KeystoneAdmin, uri ] }
926 nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
927 ceilometer_backend: {get_param: CeilometerBackend}
928 ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
929 ceilometer_password: {get_param: CeilometerPassword}
930 ceilometer_coordination_url:
934 - {get_param: RedisVirtualIP}
939 - - 'mysql://ceilometer:'
940 - {get_param: CeilometerPassword}
942 - {get_param: MysqlVirtualIP}
944 snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
945 snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
946 nova_password: {get_param: NovaPassword}
951 - {get_param: NovaPassword}
953 - {get_param: MysqlVirtualIP}
955 fencing_config: {get_param: FencingConfig}
956 pcsd_password: {get_param: PcsdPassword}
957 rabbit_username: {get_param: RabbitUserName}
958 rabbit_password: {get_param: RabbitPassword}
959 rabbit_cookie: {get_param: RabbitCookie}
960 rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
961 rabbit_client_port: {get_param: RabbitClientPort}
962 mongodb_no_journal: {get_param: MongoDbNoJournal}
963 # We need to force this into quotes or hiera will return integer causing
964 # the puppet module validation regexp to fail.
965 # Remove when: https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/401
970 LIMIT: {get_param: RabbitFDLimit}
971 ntp_servers: {get_param: NtpServer}
972 control_virtual_interface: {get_param: ControlVirtualInterface}
973 public_virtual_interface: {get_param: PublicVirtualInterface}
974 swift_hash_suffix: {get_param: SwiftHashSuffix}
975 swift_password: {get_param: SwiftPassword}
976 swift_part_power: {get_param: SwiftPartPower}
977 swift_replicas: {get_param: SwiftReplicas}
978 swift_min_part_hours: {get_param: SwiftMinPartHours}
979 swift_mount_check: {get_param: SwiftMountCheck}
980 enable_package_install: {get_param: EnablePackageInstall}
981 enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
982 swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
983 swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
984 cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
985 cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
986 glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
987 glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
988 glance_api_servers: { get_param: [EndpointMap, GlanceInternal, uri]}
989 glance_registry_host: {get_param: GlanceRegistryVirtualIP}
990 heat_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
991 keystone_public_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
992 keystone_admin_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
993 keystone_region: {get_param: KeystoneRegion}
994 mongo_db_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
995 neutron_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
996 neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
997 ceilometer_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
998 nova_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
999 nova_metadata_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
1000 horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
1001 rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
1002 redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
1003 redis_vip: {get_param: RedisVirtualIP}
1004 memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1005 mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
1006 mysql_virtual_ip: {get_param: MysqlVirtualIP}
1007 ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
1008 ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1009 ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
1011 # Map heat metadata into hiera datafiles
1013 type: OS::Heat::StructuredConfig
1015 group: os-apply-config
1020 - heat_config_%{::deploy_config_name}
1021 - controller_extraconfig
1026 - swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
1027 - ceph_cluster # provided by CephClusterConfig
1029 - bootstrap_node # provided by BootstrapNodeConfig
1030 - all_nodes # provided by allNodesConfig
1031 - vip_data # provided by vip-config
1034 - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
1035 - neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
1036 - neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
1037 - cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
1039 controller_extraconfig:
1040 mapped_data: {get_param: ControllerExtraConfig}
1042 mapped_data: {get_param: ExtraConfig}
1044 raw_data: {get_file: hieradata/common.yaml}
1046 raw_data: {get_file: hieradata/ceph.yaml}
1048 ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
1049 ceph::profile::params::public_network: {get_input: ceph_public_network}
1050 ceph::mon::public_addr: {get_input: ceph_public_ip}
1052 raw_data: {get_file: hieradata/database.yaml}
1054 raw_data: {get_file: hieradata/object.yaml}
1056 raw_data: {get_file: hieradata/controller.yaml}
1057 mapped_data: # data supplied directly to this deployment configuration, etc
1058 bootstack_nodeid: {get_input: bootstack_nodeid}
1061 enable_fencing: {get_input: enable_fencing}
1062 enable_load_balancer: {get_input: enable_load_balancer}
1063 hacluster_pwd: {get_input: pcsd_password}
1064 tripleo::fencing::config: {get_input: fencing_config}
1067 swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
1068 swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
1069 swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
1070 swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
1071 swift::swift_hash_suffix: {get_input: swift_hash_suffix}
1072 swift::proxy::authtoken::admin_password: {get_input: swift_password}
1073 tripleo::ringbuilder::part_power: {get_input: swift_part_power}
1074 tripleo::ringbuilder::replicas: {get_input: swift_replicas}
1075 tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
1076 swift_mount_check: {get_input: swift_mount_check}
1078 # NOTE(dprince): build_ring support is currently not wired in.
1079 # See: https://review.openstack.org/#/c/109225/
1080 tripleo::ringbuilder::build_ring: True
1083 cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
1084 cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
1085 cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
1086 cinder_nfs_servers: {get_input: cinder_nfs_servers}
1087 cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
1088 cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
1089 cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
1090 cinder::database_connection: {get_input: cinder_dsn}
1091 cinder::api::keystone_password: {get_input: cinder_password}
1092 cinder::api::auth_uri: {get_input: keystone_auth_uri}
1093 cinder::api::identity_uri: {get_input: keystone_identity_uri}
1094 cinder::api::bind_host: {get_input: cinder_api_network}
1095 cinder::rabbit_userid: {get_input: rabbit_username}
1096 cinder::rabbit_password: {get_input: rabbit_password}
1097 cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1098 cinder::rabbit_port: {get_input: rabbit_client_port}
1099 cinder::debug: {get_input: debug}
1100 cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
1101 cinder::glance::glance_api_servers: {get_input: glance_api_servers}
1102 cinder_backend_config: {get_input: CinderBackendConfig}
1103 cinder::db::mysql::password: {get_input: cinder_password}
1106 glance::api::bind_port: {get_input: glance_port}
1107 glance::api::bind_host: {get_input: glance_api_network}
1108 glance::api::auth_uri: {get_input: keystone_auth_uri}
1109 glance::api::identity_uri: {get_input: keystone_identity_uri}
1110 glance::api::registry_host: {get_input: glance_registry_host}
1111 glance::api::keystone_password: {get_input: glance_password}
1112 glance::api::debug: {get_input: debug}
1113 glance_notifier_strategy: {get_input: glance_notifier_strategy}
1114 glance_log_file: {get_input: glance_log_file}
1115 glance_log_file: {get_input: glance_log_file}
1116 glance::api::database_connection: {get_input: glance_dsn}
1117 glance::registry::keystone_password: {get_input: glance_password}
1118 glance::registry::database_connection: {get_input: glance_dsn}
1119 glance::registry::bind_host: {get_input: glance_registry_network}
1120 glance::registry::auth_uri: {get_input: keystone_auth_uri}
1121 glance::registry::identity_uri: {get_input: keystone_identity_uri}
1122 glance::registry::debug: {get_input: debug}
1123 glance::backend::swift::swift_store_auth_address: {get_input: keystone_auth_uri}
1124 glance::backend::swift::swift_store_user: service:glance
1125 glance::backend::swift::swift_store_key: {get_input: glance_password}
1126 glance_backend: {get_input: glance_backend}
1127 glance::db::mysql::password: {get_input: glance_password}
1128 glance_file_pcmk_device: {get_input: glance_file_pcmk_device}
1129 glance_file_pcmk_fstype: {get_input: glance_file_pcmk_fstype}
1130 glance_file_pcmk_manage: {get_input: glance_file_pcmk_manage}
1131 glance_file_pcmk_options: {get_input: glance_file_pcmk_options}
1134 heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
1135 heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
1136 heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
1137 heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
1138 heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
1139 heat::rabbit_userid: {get_input: rabbit_username}
1140 heat::rabbit_password: {get_input: rabbit_password}
1141 heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1142 heat::rabbit_port: {get_input: rabbit_client_port}
1143 heat::auth_uri: {get_input: keystone_auth_uri}
1144 heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
1145 heat::identity_uri: {get_input: keystone_identity_uri}
1146 heat::keystone_password: {get_input: heat_password}
1147 heat::api::bind_host: {get_input: heat_api_network}
1148 heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
1149 heat::api_cfn::bind_host: {get_input: heat_api_network}
1150 heat::database_connection: {get_input: heat_dsn}
1151 heat::debug: {get_input: debug}
1152 heat::db::mysql::password: {get_input: heat_password}
1155 keystone::admin_token: {get_input: admin_token}
1156 keystone_ca_certificate: {get_input: keystone_ca_certificate}
1157 keystone_signing_key: {get_input: keystone_signing_key}
1158 keystone_signing_certificate: {get_input: keystone_signing_certificate}
1159 keystone_ssl_certificate: {get_input: keystone_ssl_certificate}
1160 keystone_ssl_certificate_key: {get_input: keystone_ssl_certificate_key}
1161 keystone::database_connection: {get_input: keystone_dsn}
1162 keystone::public_bind_host: {get_input: keystone_public_api_network}
1163 keystone::admin_bind_host: {get_input: keystone_admin_api_network}
1164 keystone::debug: {get_input: debug}
1165 keystone::db::mysql::password: {get_input: admin_token}
1166 keystone::rabbit_userid: {get_input: rabbit_username}
1167 keystone::rabbit_password: {get_input: rabbit_password}
1168 keystone::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1169 keystone::rabbit_port: {get_input: rabbit_client_port}
1170 keystone::notification_driver: {get_input: keystone_notification_driver}
1171 keystone::notification_format: {get_input: keystone_notification_format}
1172 keystone::roles::admin::email: {get_input: admin_email}
1173 keystone::roles::admin::password: {get_input: admin_password}
1174 keystone::endpoint::public_url: {get_input: keystone_public_url}
1175 keystone::endpoint::internal_url: {get_input: keystone_internal_url}
1176 keystone::endpoint::admin_url: {get_input: keystone_identity_uri}
1177 keystone::endpoint::region: {get_input: keystone_region}
1179 mongodb::server::bind_ip: {get_input: mongo_db_network}
1180 mongodb::server::nojournal: {get_input: mongodb_no_journal}
1182 admin_password: {get_input: admin_password}
1183 enable_galera: {get_input: enable_galera}
1184 enable_ceph_storage: {get_input: enable_ceph_storage}
1185 enable_swift_storage: {get_input: enable_swift_storage}
1186 mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
1187 mysql_max_connections: {get_input: mysql_max_connections}
1188 mysql::server::root_password: {get_input: mysql_root_password}
1189 mysql_cluster_name: {get_input: mysql_cluster_name}
1190 mysql_bind_host: {get_input: mysql_network}
1191 mysql_virtual_ip: {get_input: mysql_virtual_ip}
1194 neutron::bind_host: {get_input: neutron_api_network}
1195 neutron::rabbit_password: {get_input: rabbit_password}
1196 neutron::rabbit_user: {get_input: rabbit_username}
1197 neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1198 neutron::rabbit_port: {get_input: rabbit_client_port}
1199 neutron::debug: {get_input: debug}
1200 neutron::server::auth_uri: {get_input: keystone_auth_uri}
1201 neutron::server::identity_uri: {get_input: keystone_identity_uri}
1202 neutron::server::database_connection: {get_input: neutron_dsn}
1203 neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
1204 neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
1205 neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
1206 neutron::agents::dhcp::enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata}
1207 neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
1208 neutron_flat_networks: {get_input: neutron_flat_networks}
1209 neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1210 neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
1211 neutron_agent_mode: {get_input: neutron_agent_mode}
1212 neutron_router_distributed: {get_input: neutron_router_distributed}
1213 neutron::core_plugin: {get_input: neutron_core_plugin}
1214 neutron::service_plugins: {get_input: neutron_service_plugins}
1215 neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
1216 neutron_mechanism_drivers: {get_input: neutron_mechanism_drivers}
1217 neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
1218 neutron::server::l3_ha: {get_input: neutron_l3_ha}
1219 neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
1220 neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
1221 neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
1222 neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
1223 neutron_bridge_mappings: {get_input: neutron_bridge_mappings}
1224 neutron_public_interface: {get_input: neutron_public_interface}
1225 neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
1226 neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
1227 neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
1228 neutron_tenant_network_type: {get_input: neutron_tenant_network_type}
1229 neutron_tunnel_types: {get_input: neutron_tunnel_types}
1230 neutron::server::auth_password: {get_input: neutron_password}
1231 neutron::agents::metadata::auth_password: {get_input: neutron_password}
1232 neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
1233 neutron_dsn: {get_input: neutron_dsn}
1234 neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
1235 neutron::db::mysql::password: {get_input: neutron_password}
1236 neutron::keystone::auth::public_url: {get_input: neutron_public_url }
1237 neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
1238 neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
1239 neutron::keystone::auth::password: {get_input: neutron_password }
1240 neutron::keystone::auth::region: {get_input: keystone_region}
1241 neutron::server::notifications::nova_url: {get_input: nova_internal_url}
1242 neutron::server::notifications::auth_url: {get_input: neutron_admin_auth_url}
1243 neutron::server::notifications::tenant_name: 'service'
1244 neutron::server::notifications::password: {get_input: nova_password}
1247 ceilometer_backend: {get_input: ceilometer_backend}
1248 ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
1249 ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
1250 ceilometer::rabbit_userid: {get_input: rabbit_username}
1251 ceilometer::rabbit_password: {get_input: rabbit_password}
1252 ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1253 ceilometer::rabbit_port: {get_input: rabbit_client_port}
1254 ceilometer::debug: {get_input: debug}
1255 ceilometer::api::host: {get_input: ceilometer_api_network}
1256 ceilometer::api::keystone_password: {get_input: ceilometer_password}
1257 ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
1258 ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
1259 ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
1260 ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
1261 ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
1262 ceilometer::db::mysql::password: {get_input: ceilometer_password}
1263 snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
1264 snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
1267 nova::rabbit_userid: {get_input: rabbit_username}
1268 nova::rabbit_password: {get_input: rabbit_password}
1269 nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
1270 nova::rabbit_port: {get_input: rabbit_client_port}
1271 nova::debug: {get_input: debug}
1272 nova::api::auth_uri: {get_input: keystone_auth_uri}
1273 nova::api::identity_uri: {get_input: keystone_identity_uri}
1274 nova::api::api_bind_address: {get_input: nova_api_network}
1275 nova::api::metadata_listen: {get_input: nova_metadata_network}
1276 nova::api::admin_password: {get_input: nova_password}
1277 nova::database_connection: {get_input: nova_dsn}
1278 nova::glance_api_servers: {get_input: glance_api_servers}
1279 nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
1280 nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
1281 nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
1282 nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
1283 nova::vncproxy::host: {get_input: nova_api_network}
1284 nova::db::mysql::password: {get_input: nova_password}
1287 apache::ip: {get_input: horizon_network}
1288 horizon::allowed_hosts: {get_input: horizon_allowed_hosts}
1289 horizon::django_debug: {get_input: debug}
1290 horizon::secret_key: {get_input: horizon_secret}
1291 horizon::bind_address: {get_input: horizon_network}
1292 horizon::keystone_url: {get_input: keystone_auth_uri}
1295 rabbitmq::node_ip_address: {get_input: rabbitmq_network}
1296 rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
1297 rabbitmq::file_limit: {get_input: rabbit_fd_limit}
1298 rabbitmq::default_user: {get_input: rabbit_username}
1299 rabbitmq::default_pass: {get_input: rabbit_password}
1301 redis::bind: {get_input: redis_network}
1302 redis_vip: {get_input: redis_vip}
1304 tripleo::firewall::manage_firewall: {get_input: manage_firewall}
1305 tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
1307 memcached::listen_ip: {get_input: memcached_network}
1308 neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
1309 ntp::servers: {get_input: ntp_servers}
1310 control_virtual_interface: {get_input: control_virtual_interface}
1311 public_virtual_interface: {get_input: public_virtual_interface}
1312 tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
1313 tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
1314 tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address}
1315 # NOTE(jaosorior): The service certificate configuration for
1316 # HAProxy was left commented because to properly use this, we
1317 # need to be able to set up the keystone endpoints. And
1318 # currently that is not possible, but is being addressed by
1319 # other commits. A subsequent commit will uncomment this.
1320 #tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
1321 tripleo::packages::enable_install: {get_input: enable_package_install}
1322 tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
1324 # Hook for site-specific additional pre-deployment config, e.g extra hieradata
1325 ControllerExtraConfigPre:
1326 depends_on: ControllerDeployment
1327 type: OS::TripleO::ControllerExtraConfigPre
1329 server: {get_resource: Controller}
1331 # Hook for site-specific additional pre-deployment config,
1332 # applying to all nodes, e.g node registration/unregistration
1334 depends_on: [ControllerExtraConfigPre, NodeTLSData]
1335 type: OS::TripleO::NodeExtraConfig
1337 server: {get_resource: Controller}
1340 type: OS::TripleO::Tasks::PackageUpdate
1343 type: OS::Heat::SoftwareDeployment
1345 config: {get_resource: UpdateConfig}
1346 server: {get_resource: Controller}
1349 get_param: UpdateIdentifier
1353 description: IP address of the server in the ctlplane network
1354 value: {get_attr: [Controller, networks, ctlplane, 0]}
1355 external_ip_address:
1356 description: IP address of the server in the external network
1357 value: {get_attr: [ExternalPort, ip_address]}
1358 internal_api_ip_address:
1359 description: IP address of the server in the internal_api network
1360 value: {get_attr: [InternalApiPort, ip_address]}
1362 description: IP address of the server in the storage network
1363 value: {get_attr: [StoragePort, ip_address]}
1364 storage_mgmt_ip_address:
1365 description: IP address of the server in the storage_mgmt network
1366 value: {get_attr: [StorageMgmtPort, ip_address]}
1368 description: IP address of the server in the tenant network
1369 value: {get_attr: [TenantPort, ip_address]}
1371 description: Hostname of the server
1372 value: {get_attr: [Controller, name]}
1375 Node object in the format {ip: ..., name: ...} format that the corosync
1378 ip: {get_attr: [Controller, networks, ctlplane, 0]}
1379 name: {get_attr: [Controller, name]}
1382 Server's IP address and hostname in the /etc/hosts format
1385 template: IP HOST.localdomain HOST CLOUDNAME
1387 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
1388 HOST: {get_attr: [Controller, name]}
1389 CLOUDNAME: {get_param: CloudName}
1390 nova_server_resource:
1391 description: Heat resource handle for the Nova compute server
1393 {get_resource: Controller}
1395 description: Swift device formatted for swift-ring-builder
1398 template: 'r1z1-IP:%PORT%/d1'
1400 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
1401 swift_proxy_memcache:
1402 description: Swift proxy-memcache value
1405 template: "IP:11211"
1407 IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
1409 description: identifier which changes if the controller configuration may need re-applying
1413 - - {get_attr: [ControllerDeployment, deploy_stdout]}
1414 - {get_attr: [NodeTLSCAData, deploy_stdout]}
1415 - {get_attr: [NodeTLSData, deploy_stdout]}
1416 - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
1417 - {get_param: UpdateIdentifier}
1418 tls_key_modulus_md5:
1419 description: MD5 checksum of the TLS Key Modulus
1420 value: {get_attr: [NodeTLSData, key_modulus_md5]}
1421 tls_cert_modulus_md5:
1422 description: MD5 checksum of the TLS Certificate Modulus
1423 value: {get_attr: [NodeTLSData, cert_modulus_md5]}