-heat_template_version: 2014-10-16
+heat_template_version: 2015-04-30
description: >
Nova API,Keystone,Heat Engine and API,Glance,Neutron,Dedicated MySQL
description: The password for the keystone admin account, used for monitoring, querying neutron etc.
type: string
hidden: true
+ CeilometerBackend:
+ default: 'mongodb'
+ description: The ceilometer backend type.
+ type: string
CeilometerMeteringSecret:
default: unset
description: Secret shared by the ceilometer services.
default: true
description: Whether to use Galera instead of regular MariaDB.
type: boolean
- EnablePacemaker:
- default: false
- description: If enabled services will be monitored by Pacemaker; it
- will manage VIPs as well, in place of Keepalived.
- type: boolean
ControllerEnableCephStorage:
default: false
description: Whether to deploy Ceph Storage (OSD) on the Controller
description: The password for the glance service account, used by the glance services.
type: string
hidden: true
+ GlanceBackend:
+ default: swift
+ description: The short name of the Glance backend to use. Should be one
+ of swift, rbd or file
+ type: string
+ constraints:
+ - allowed_values: ['swift', 'file', 'rbd']
HeatPassword:
default: unset
description: The password for the Heat service account, used by the Heat services.
Specifies the interface where the public-facing virtual ip will be assigned.
This should be int_public when a VLAN is being used.
type: string
+ RedisVirtualIP:
+ type: string
+ default: '' # Has to be here because of the ignored empty value bug
SSLCertificate:
default: ''
description: If set, the contents of an SSL certificate .crt file for encrypting SSL endpoints.
The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
Neutron documentation for permitted values. Defaults to permitting any
VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
- type: string
+ type: comma_delimited_list
NovaComputeDriver:
type: string
default: libvirt.LibvirtDriver
type: string
constraints:
- custom_constraint: nova.flavor
+ ServiceNetMap:
+ default:
+ NeutronLocalIp: tenant
+ CeilometerApiNetwork: internal_api
+ MongoDbNetwork: internal_api
+ CinderApiNetwork: internal_api
+ CinderIscsiNetwork: storage
+ GlanceApiNetwork: storage
+ GlanceRegistryNetwork: internal_api
+ KeystoneAdminApiNetwork: internal_api
+ KeystonePublicApiNetwork: internal_api
+ NeutronApiNetwork: internal_api
+ HeatApiNetwork: internal_api
+ NovaApiNetwork: internal_api
+ NovaMetadataNetwork: internal_api
+ NovaVncProxyNetwork: internal_api
+ SwiftMgmtNetwork: storage_mgmt
+ SwiftProxyNetwork: storage
+ HorizonNetwork: internal_api
+ MemcachedNetwork: internal_api
+ RabbitMqNetwork: internal_api
+ RedisNetwork: internal_api
+ MysqlNetwork: internal_api
+ CephClusterNetwork: storage_mgmt
+ CephPublicNetwork: storage
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
# Block storage specific parameters
BlockStorageCount:
constraints:
- custom_constraint: nova.flavor
+# Identifiers to trigger tasks on nodes
+ UpdateIdentifier:
+ default: ''
+ type: string
+ description: >
+ Setting to a previously unused value during stack-update will trigger
+ package update on all nodes
+
resources:
HeatAuthEncryptionKey:
properties:
length: 16
+ HorizonSecret:
+ type: OS::Heat::RandomString
+ properties:
+ length: 10
+
Controller:
type: OS::Heat::ResourceGroup
+ depends_on: Networks
properties:
count: {get_param: ControllerCount}
resource_def:
properties:
AdminPassword: {get_param: AdminPassword}
AdminToken: {get_param: AdminToken}
+ CeilometerBackend: {get_param: CeilometerBackend}
CeilometerMeteringSecret: {get_param: CeilometerMeteringSecret}
CeilometerPassword: {get_param: CeilometerPassword}
CinderLVMLoopDeviceSize: {get_param: CinderLVMLoopDeviceSize}
ControllerExtraConfig: {get_param: controllerExtraConfig}
Debug: {get_param: Debug}
EnableGalera: {get_param: EnableGalera}
- EnablePacemaker: {get_param: EnablePacemaker}
EnableCephStorage: {get_param: ControllerEnableCephStorage}
EnableSwiftStorage: {get_param: ControllerEnableSwiftStorage}
ExtraConfig: {get_param: ExtraConfig}
GlancePort: {get_param: GlancePort}
GlanceProtocol: {get_param: GlanceProtocol}
GlancePassword: {get_param: GlancePassword}
+ GlanceBackend: {get_param: GlanceBackend}
GlanceNotifierStrategy: {get_param: GlanceNotifierStrategy}
GlanceLogFile: {get_param: GlanceLogFile}
HeatPassword: {get_param: HeatPassword}
HeatStackDomainAdminPassword: {get_param: HeatStackDomainAdminPassword}
HeatAuthEncryptionKey: {get_resource: HeatAuthEncryptionKey}
+ HorizonSecret: {get_resource: HorizonSecret}
Image: {get_param: controllerImage}
ImageUpdatePolicy: {get_param: ImageUpdatePolicy}
KeyName: {get_param: KeyName}
NeutronPublicInterfaceIP: {get_param: NeutronPublicInterfaceIP}
NeutronFlatNetworks: {get_param: NeutronFlatNetworks}
NeutronBridgeMappings: {get_param: NeutronBridgeMappings}
+ NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling}
NeutronNetworkVLANRanges: {get_param: NeutronNetworkVLANRanges}
NeutronPublicInterface: {get_param: NeutronPublicInterface}
NeutronPublicInterfaceDefaultRoute: {get_param: NeutronPublicInterfaceDefaultRoute}
RabbitClientPort: {get_param: RabbitClientPort}
SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
+ RedisVirtualIP: {get_param: RedisVirtualIP}
SSLCertificate: {get_param: SSLCertificate}
SSLKey: {get_param: SSLKey}
SSLCACertificate: {get_param: SSLCACertificate}
SwiftPartPower: {get_param: SwiftPartPower}
SwiftPassword: {get_param: SwiftPassword}
SwiftReplicas: { get_param: SwiftReplicas}
- VirtualIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
- PublicVirtualIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
+ VirtualIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} # deprecated. Use per service VIP settings instead now.
+ PublicVirtualIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]} # deprecated. Use per service VIP settings instead now.
+ ServiceNetMap: {get_param: ServiceNetMap}
+ HeatApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
+ GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
+ MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
+ KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
+ NeutronApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
+ UpdateIdentifier: {get_param: UpdateIdentifier}
Compute:
type: OS::Heat::ResourceGroup
+ depends_on: Networks
properties:
count: {get_param: ComputeCount}
resource_def:
Debug: {get_param: Debug}
ExtraConfig: {get_param: ExtraConfig}
Flavor: {get_param: OvercloudComputeFlavor}
- GlanceHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+ GlanceHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
GlancePort: {get_param: GlancePort}
GlanceProtocol: {get_param: GlanceProtocol}
Image: {get_param: NovaImage}
ImageUpdatePolicy: {get_param: ImageUpdatePolicy}
KeyName: {get_param: KeyName}
- KeystoneHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+ KeystoneHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
NeutronBridgeMappings: {get_param: NeutronBridgeMappings}
NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling}
NeutronFlatNetworks: {get_param: NeutronFlatNetworks}
- NeutronHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+ NeutronHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
NeutronNetworkType: {get_param: NeutronNetworkType}
NeutronTunnelTypes: {get_param: NeutronTunnelTypes}
NeutronNetworkVLANRanges: {get_param: NeutronNetworkVLANRanges}
# L3 HA and Failover is not relevant for Computes, should be removed
NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover}
NeutronL3HA: {get_param: NeutronL3HA}
- NovaApiHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+ NovaApiHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
NovaComputeDriver: {get_param: NovaComputeDriver}
NovaComputeExtraConfig: {get_param: NovaComputeExtraConfig}
NovaComputeLibvirtType: {get_param: NovaComputeLibvirtType}
NovaPublicIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
NovaPassword: {get_param: NovaPassword}
NtpServer: {get_param: NtpServer}
- RabbitHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+ RabbitHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
RabbitPassword: {get_param: RabbitPassword}
RabbitUserName: {get_param: RabbitUserName}
RabbitClientUseSSL: {get_param: RabbitClientUseSSL}
RabbitClientPort: {get_param: RabbitClientPort}
SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ UpdateIdentifier: {get_param: UpdateIdentifier}
BlockStorage:
type: OS::Heat::ResourceGroup
+ depends_on: Networks
properties:
count: {get_param: BlockStorageCount}
resource_def:
RabbitClientUseSSL: {get_param: RabbitClientUseSSL}
RabbitClientPort: {get_param: RabbitClientPort}
NtpServer: {get_param: NtpServer}
+ UpdateIdentifier: {get_param: UpdateIdentifier}
ObjectStorage:
type: OS::Heat::ResourceGroup
+ depends_on: Networks
properties:
count: {get_param: ObjectStorageCount}
resource_def:
Image: {get_param: SwiftStorageImage}
Replicas: { get_param: SwiftReplicas}
NtpServer: {get_param: NtpServer}
+ UpdateIdentifier: {get_param: UpdateIdentifier}
+ ServiceNetMap: {get_param: ServiceNetMap}
CephStorage:
type: OS::Heat::ResourceGroup
+ depends_on: Networks
properties:
count: {get_param: CephStorageCount}
resource_def:
KeyName: {get_param: KeyName}
Flavor: {get_param: OvercloudCephStorageFlavor}
NtpServer: {get_param: NtpServer}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ UpdateIdentifier: {get_param: UpdateIdentifier}
+
+ ControllerIpListMap:
+ type: OS::TripleO::Network::Ports::NetIpListMap
+ properties:
+ ExternalIpList: {get_attr: [Controller, external_ip_address]}
+ InternalApiIpList: {get_attr: [Controller, internal_api_ip_address]}
+ StorageIpList: {get_attr: [Controller, storage_ip_address]}
+ StorageMgmtIpList: {get_attr: [Controller, storage_mgmt_ip_address]}
+ TenantIpList: {get_attr: [Controller, tenant_ip_address]}
allNodesConfig:
type: OS::TripleO::AllNodes::SoftwareConfig
object_storage_hosts: {get_attr: [ObjectStorage, hosts_entry]}
ceph_storage_hosts: {get_attr: [CephStorage, hosts_entry]}
controller_names: {get_attr: [Controller, hostname]}
+ rabbit_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
+ mongo_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
+ redis_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
+ memcache_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
+ mysql_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
+ horizon_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
+ heat_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
+ swift_proxy_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
+ ceilometer_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
+ nova_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
+ nova_metadata_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
+ glance_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
+ glance_registry_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
+ cinder_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
+ neutron_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
+ keystone_public_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
+ keystone_admin_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
MysqlRootPassword:
type: OS::Heat::RandomString
length: 20
salt: {get_param: RabbitCookieSalt}
+ # creates the network architecture
+ Networks:
+ type: OS::TripleO::Network
+
ControlVirtualIP:
type: OS::Neutron::Port
+ depends_on: Networks
properties:
name: control_virtual_ip
network_id: {get_param: NeutronControlPlaneID}
fixed_ips: {get_param: ControlFixedIPs}
replacement_policy: AUTO
+ # same as external
PublicVirtualIP:
type: OS::Neutron::Port
+ depends_on: Networks
properties:
name: public_virtual_ip
network: {get_param: PublicVirtualNetwork}
fixed_ips: {get_param: PublicVirtualFixedIPs}
replacement_policy: AUTO
+ InternalApiVirtualIP:
+ depends_on: Networks
+ type: OS::TripleO::Controller::Ports::InternalApiPort
+ properties:
+ ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+ PortName: internal_api_virtual_ip
+
+ StorageVirtualIP:
+ depends_on: Networks
+ type: OS::TripleO::Controller::Ports::StoragePort
+ properties:
+ ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+ PortName: storage_virtual_ip
+
+ StorageMgmtVirtualIP:
+ depends_on: Networks
+ type: OS::TripleO::Controller::Ports::StorageMgmtPort
+ properties:
+ ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+ PortName: storage_management_virtual_ip
+
+ VipMap:
+ type: OS::TripleO::Network::Ports::NetIpMap
+ properties:
+ ExternalIp: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
+ InternalApiIp: {get_attr: [InternalApiVirtualIP, ip_address]}
+ StorageIp: {get_attr: [StorageVirtualIP, ip_address]}
+ StorageMgmtIp: {get_attr: [StorageMgmtVirtualIP, ip_address]}
+ # No tenant VIP required
+
+ VipConfig:
+ type: OS::TripleO::VipConfig
+
+ VipDeployment:
+ type: OS::Heat::StructuredDeployments
+ properties:
+ config: {get_resource: VipConfig}
+ servers: {get_attr: [Controller, attributes, nova_server_resource]}
+ input_values:
+ # service VIP mappings
+ keystone_admin_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
+ keystone_public_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
+ neutron_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
+ cinder_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
+ glance_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
+ glance_registry_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
+ swift_proxy_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
+ nova_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
+ nova_metadata_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
+ ceilometer_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
+ heat_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
+ horizon_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
+ redis_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
+ mysql_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
+ rabbit_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
+ # direct configuration of Virtual IPs for each network
+ control_virtual_ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+ public_virtual_ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
+ internal_api_virtual_ip: {get_attr: [InternalApiVirtualIP, ip_address]}
+ storage_virtual_ip: {get_attr: [StorageVirtualIP, ip_address]}
+ storage_mgmt_virtual_ip: {get_attr: [StorageMgmtVirtualIP, ip_address]}
+
ControllerBootstrapNodeConfig:
type: OS::TripleO::BootstrapNode::SoftwareConfig
properties:
ceph_mon_key: {get_param: CephMonKey}
ceph_admin_key: {get_param: CephAdminKey}
ceph_mon_names: {get_attr: [Controller, hostname]}
- ceph_mon_ips: {get_attr: [Controller, ip_address]}
+ ceph_mon_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
ControllerClusterConfig:
type: OS::Heat::StructuredConfig
list_join:
- ''
- - http://
- - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+ - {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
- :5000/v2.0/