-Description: All-in-one baremetal OpenStack and all dependencies.
-HeatTemplateFormatVersion: '2012-12-12'
-Parameters:
+description: All-in-one baremetal OpenStack and all dependencies.
+heat_template_version: 2013-05-23
+parameters:
AdminPassword:
- Default: unset
- Description: The password for the keystone admin account, used for monitoring, querying neutron etc.
- Type: String
- NoEcho: true
+ default: unset
+ description: The password for the keystone admin account, used for monitoring, querying neutron etc.
+ type: string
+ hidden: true
AdminToken:
- Default: unset
- Description: The keystone auth secret.
- Type: String
- NoEcho: true
- CinderLVMLoopDeviceSize:
- Default: 5000
- Description: The size of the loopback file used by the cinder LVM driver.
- Type: Number
+ default: unset
+ description: The keystone auth secret.
+ type: string
+ hidden: true
BaremetalArch:
- Default: i386
- Description: The architecture to use in Nova-BM - i386 or amd64.
- Type: String
+ default: i386
+ description: The architecture to use in Nova-BM - i386 or amd64.
+ type: string
CeilometerMeteringSecret:
- Default: unset
- Description: Secret shared by the ceilometer services.
- Type: String
- NoEcho: true
+ default: unset
+ description: Secret shared by the ceilometer services.
+ type: string
+ hidden: true
CeilometerPassword:
- Default: unset
- Description: The password for the ceilometer service account.
- Type: String
- NoEcho: true
- SnmpdReadonlyUserName:
- Default: ro_snmp_user
- Description: The user name for SNMPd with readonly rights running on all Overcloud nodes
- Type: String
- SnmpdReadonlyUserPassword:
- Default: unset
- Description: The user password for SNMPd with readonly rights running on all Overcloud nodes
- Type: String
- NoEcho: true
+ default: unset
+ description: The password for the ceilometer service account.
+ type: string
+ hidden: true
+ Debug:
+ default: ''
+ description: Set to True to enable debugging on all services.
+ type: string
+ DefaultSignalTransport:
+ default: CFN_SIGNAL
+ description: Transport to use for software-config signals.
+ type: string
+ constraints:
+ - allowed_values: [ CFN_SIGNAL, HEAT_SIGNAL, NO_SIGNAL ]
ExtraConfig:
- Default: {}
- Description: |
+ default: {}
+ description: |
Additional configuration to inject into the cluster. The JSON should have
the following structure:
{"FILEKEY":
]
}
}
- Type: Json
+ type: json
Flavor:
- Default: baremetal
- Description: Flavor to request when deploying.
- Type: String
+ description: Flavor to request when deploying.
+ type: string
+ constraints:
+ - custom_constraint: nova.flavor
+ GlanceLogFile:
+ description: The filepath of the file to use for logging messages from Glance.
+ type: string
+ default: ''
+ GlancePassword:
+ default: unset
+ description: The password for the glance service account, used by the glance services.
+ type: string
+ hidden: true
GlancePort:
- Default: 9292
- Description: Glance port.
- Type: String
+ default: 9292
+ description: Glance port.
+ type: string
GlanceProtocol:
- Default: http
- Description: Protocol to use when connecting to glance, set to https for SSL.
- Type: String
- GlancePassword:
- Default: unset
- Description: The password for the glance service account, used by the glance services.
- Type: String
- NoEcho: true
+ default: http
+ description: Protocol to use when connecting to glance, set to https for SSL.
+ type: string
GlanceNotifierStrategy:
- Description: Strategy to use for Glance notification queue
- Type: String
- Default: noop
- GlanceLogFile:
- Description: The filepath of the file to use for logging messages from Glance.
- Type: String
- Default: ''
+ description: Strategy to use for Glance notification queue
+ type: string
+ default: noop
KeyName:
- Default: default
- Description: Name of an existing EC2 KeyPair to enable SSH access to the instances
- Type: String
+ default: default
+ description: Name of an existing EC2 KeyPair to enable SSH access to the instances
+ type: string
+ KeystoneCACertificate:
+ default: ''
+ description: Keystone self-signed certificate authority certificate.
+ type: string
+ KeystoneSigningCertificate:
+ default: ''
+ description: Keystone certificate for verifying token validity.
+ type: string
+ KeystoneSigningKey:
+ default: ''
+ description: Keystone key for signing tokens.
+ type: string
+ hidden: true
+ KeystoneSSLCertificate:
+ default: ''
+ description: Keystone certificate for verifying token validity.
+ type: string
+ KeystoneSSLCertificateKey:
+ default: ''
+ description: Keystone key for signing tokens.
+ type: string
+ hidden: true
HeatPassword:
- Default: unset
- Description: The password for the Heat service account, used by the Heat services.
- Type: String
- NoEcho: true
+ default: unset
+ description: The password for the Heat service account, used by the Heat services.
+ type: string
+ hidden: true
+ HeatStackDomainAdminPassword:
+ description: Password for heat_domain_admin user.
+ type: string
+ default: ''
+ hidden: true
ImageUpdatePolicy:
- Default: REBUILD_PRESERVE_EPHEMERAL
- Description: What policy to use when reconstructing instances. REBUILD for rebuilds,
+ default: REBUILD_PRESERVE_EPHEMERAL
+ description: What policy to use when reconstructing instances. REBUILD for rebuilds,
REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
- Type: String
- undercloudImage:
- Default: undercloud
- Type: String
+ type: string
+ MysqlInnodbBufferPoolSize:
+ description: >
+ Specifies the size of the buffer pool in megabytes. Setting to
+ zero should be interpreted as "no value" and will defer to the
+ lower level default.
+ type: number
+ default: 0
NeutronPassword:
- Default: unset
- Description: The password for the neutron service account, used by neutron agents.
- Type: String
- NoEcho: true
+ default: unset
+ description: The password for the neutron service account, used by neutron agents.
+ type: string
+ hidden: true
+ NeutronPublicInterfaceDefaultRoute:
+ default: ''
+ description: A custom default route for the NeutronPublicInterface.
+ type: string
+ NeutronPublicInterfaceIP:
+ default: ''
+ description: >
+ A custom IP address to put onto the NeutronPublicInterface bridge.
+ See also NeutronPublicInterfaceTagIP for adding a VLAN tagging IP.
+ NeutronPublicInterfaceIP is deprecated in the context of deploying
+ underclouds - its only needed for the seed bootstrap process.
+ type: string
+ NeutronPublicInterfaceRawDevice:
+ default: ''
+ description: If set, the public interface is a vlan with this device as the raw device.
+ type: string
+ NeutronPublicInterfaceTag:
+ default: ''
+ description: >
+ VLAN tag for creating a public VLAN. The tag will be used to
+ create an access port on the exterior bridge, and that port will be
+ given the IP address returned by neutron from the public network.
+ type: string
NovaPassword:
- Default: unset
- Description: The password for the nova service account, used by nova-api.
- Type: String
- NoEcho: true
+ default: unset
+ description: The password for the nova service account, used by nova-api.
+ type: string
+ hidden: true
+ NeutronDVR:
+ default: 'False'
+ type: string
NtpServer:
- Type: String
- Default: ''
+ type: string
+ default: ''
+ RabbitCookieSalt:
+ type: string
+ default: unset
+ description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change.
RabbitUserName:
- Default: guest
- Description: The username for RabbitMQ
- Type: String
+ default: guest
+ description: The username for RabbitMQ
+ type: string
RabbitPassword:
- Default: guest
- Description: The password for RabbitMQ
- Type: String
- NoEcho: true
- RabbitCookieSalt:
- Type: String
- Default: unset
- Description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change.
- HeatStackDomainAdminPassword:
- Description: Password for heat_domain_admin user.
- Type: String
- Default: ''
- NoEcho: true
- MysqlInnodbBufferPoolSize:
- Description: >
- Specifies the size of the buffer pool in megabytes. Setting to
- zero should be interpreted as "no value" and will defer to the
- lower level default.
- Type: Number
- Default: 0
-Resources:
+ default: guest
+ description: The password for RabbitMQ
+ type: string
+ hidden: true
+ SnmpdReadonlyUserName:
+ default: ro_snmp_user
+ description: The user name for SNMPd with readonly rights running on all Overcloud nodes
+ type: string
+ SnmpdReadonlyUserPassword:
+ default: unset
+ description: The user password for SNMPd with readonly rights running on all Overcloud nodes
+ type: string
+ hidden: true
+ undercloudImage:
+ default: undercloud
+ type: string
+resources:
RabbitCookie:
- Type: OS::Heat::RandomString
- Properties:
+ type: OS::Heat::RandomString
+ properties:
length: 20
salt:
- Ref: RabbitCookieSalt
+ get_param: RabbitCookieSalt
+ MysqlRootPassword:
+ type: OS::Heat::RandomString
+ properties:
+ length: 10
undercloudConfig:
- Type: OS::Heat::StructuredConfig
- Properties:
+ type: OS::Heat::StructuredConfig
+ properties:
config:
completion-signal: {get_input: deploy_signal_id}
admin-password:
- Ref: AdminPassword
+ get_param: AdminPassword
admin-token:
- Ref: AdminToken
+ get_param: AdminToken
bootstrap_host:
bootstrap_nodeid:
Fn::Select:
- 0
- Merge::Map:
undercloud:
- - Fn::Select:
+ - get_attr:
+ - undercloud
- name
- - Fn::GetAtt:
- - undercloud
- - show
nodeid: {get_input: bootstack_nodeid}
+ bootstack:
+ public_interface_ip:
+ get_param: NeutronPublicInterfaceIP
controller-address:
get_input: controller_host
+ corosync:
+ bindnetaddr: {get_input: controller_host}
+ mcastport: 5577
+ nodes:
+ Merge::Map:
+ controller0:
+ ip: {get_attr: [undercloud, networks, ctlplane, 0]}
+ pacemaker:
+ stonith_enabled : false
+ recheck_interval : 5
+ quorum_policy : ignore
ceilometer:
- db: mysql://ceilometer:unset@localhost/ceilometer
- metering_secret: {Ref: CeilometerMeteringSecret}
+ db: {list_join: ['', ['mysql://ceilometer:', {get_param: CeilometerPassword}, '@localhost/ceilometer']]}
+ debug: {get_param: Debug}
+ metering_secret: {get_param: CeilometerMeteringSecret}
snmpd_readonly_user_name:
- Ref: SnmpdReadonlyUserName
+ get_param: SnmpdReadonlyUserName
snmpd_readonly_user_password:
- Ref: SnmpdReadonlyUserPassword
+ get_param: SnmpdReadonlyUserPassword
service-password:
- Ref: CeilometerPassword
+ get_param: CeilometerPassword
db-password: unset
glance:
backend: file
- db: mysql://glance:unset@localhost/glance
+ db: {list_join: ['', ['mysql://glance:', {get_param: GlancePassword}, '@localhost/glance']]}
+ debug: {get_param: Debug}
host: 127.0.0.1
port:
- Ref: GlancePort
+ get_param: GlancePort
protocol:
- Ref: GlanceProtocol
+ get_param: GlanceProtocol
service-password:
- Ref: GlancePassword
+ get_param: GlancePassword
notifier-strategy:
- Ref: GlanceNotifierStrategy
+ get_param: GlanceNotifierStrategy
log-file:
- Ref: GlanceLogFile
+ get_param: GlanceLogFile
heat:
admin_password:
- Ref: HeatPassword
+ get_param: HeatPassword
admin_tenant_name: service
admin_user: heat
auth_encryption_key: unset___________
- db: mysql://heat:unset@localhost/heat
- stack_domain_admin_password: {Ref: HeatStackDomainAdminPassword}
+ db: {list_join: ['', ['mysql://heat:', {get_param: HeatPassword}, '@localhost/heat']]}
+ debug: {get_param: Debug}
+ stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
watch_server_url: {get_input: heat.watch_server_url}
metadata_server_url: {get_input: heat.metadata_server_url}
waitcondition_server_url: {get_input: heat.waitcondition_server_url}
keystone:
- db: mysql://keystone:unset@localhost/keystone
+ db: {list_join: ['', ['mysql://keystone:', {get_param: AdminToken}, '@localhost/keystone']]}
+ debug: {get_param: Debug}
host: 127.0.0.1
+ ca_certificate: {get_param: KeystoneCACertificate}
+ signing_key: {get_param: KeystoneSigningKey}
+ signing_certificate: {get_param: KeystoneSigningCertificate}
+ ssl:
+ certificate: {get_param: KeystoneSSLCertificate}
+ certificate_key: {get_param: KeystoneSSLCertificateKey}
mysql:
- innodb_buffer_pool_size: {Ref: MysqlInnodbBufferPoolSize}
+ innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
+ root-password: {get_resource: MysqlRootPassword}
+ bind_address: 127.0.0.1
neutron:
+ debug: {get_param: Debug}
host: 127.0.0.1
- ovs_db: mysql://neutron:unset@localhost/ovs_neutron?charset=utf8
+ ovs_db: {list_join: ['', ['mysql://neutron:', {get_param: NeutronPassword}, '@localhost/ovs_neutron?charset=utf8']]}
ovs:
+ local_ip:
+ get_input: controller_host
public_interface:
- Ref: NeutronPublicInterface
+ get_param: NeutronPublicInterface
+ public_interface_raw_device:
+ get_param: NeutronPublicInterfaceRawDevice
+ public_interface_route:
+ get_param: NeutronPublicInterfaceDefaultRoute
+ public_interface_tag:
+ get_param: NeutronPublicInterfaceTag
physical_bridge: br-ctlplane
physical_network: ctlplane
network_vlan_ranges: ctlplane
tenant_network_type: vlan
enable_tunneling: 'False'
service-password:
- Ref: NeutronPassword
+ get_param: NeutronPassword
rabbit:
host: 127.0.0.1
username:
- Ref: RabbitUserName
+ get_param: RabbitUserName
password:
- Ref: RabbitPassword
+ get_param: RabbitPassword
cookie:
- Fn::GetAtt:
+ get_attr:
- RabbitCookie
- value
ntp:
servers:
- - {server: {Ref: NtpServer}, fudge: "stratum 0"}
+ - {server: {get_param: NtpServer}}
undercloudPassthroughConfig:
- Type: OS::Heat::StructuredConfig
- Properties:
+ type: OS::Heat::StructuredConfig
+ properties:
config: {get_input: passthrough_config}
undercloud:
- Type: OS::Nova::Server
- Properties:
+ type: OS::Nova::Server
+ properties:
image:
- Ref: undercloudImage
+ get_param: undercloudImage
flavor:
- Ref: Flavor
+ get_param: Flavor
key_name:
- Ref: KeyName
+ get_param: KeyName
image_update_policy:
- Ref: ImageUpdatePolicy
+ get_param: ImageUpdatePolicy
+ networks:
+ - network: ctlplane
user_data_format: SOFTWARE_CONFIG
- 99_undercloudDeployment:
- Type: OS::Heat::StructuredDeployment
- Properties:
- config: {Ref: undercloudConfig}
- server: {Ref: undercloud}
+ undercloudDeployment:
+ depends_on: [undercloudPassthroughDeployment]
+ type: OS::Heat::StructuredDeployment
+ properties:
+ config: {get_resource: undercloudConfig}
+ server: {get_resource: undercloud}
+ signal_transport: {get_param: DefaultSignalTransport}
input_values:
bootstack_nodeid:
- Fn::Select:
- - name
- - Fn::GetAtt:
- - undercloud
- - show
+ get_attr:
+ - undercloud
+ - name
controller_host:
- Fn::Select:
- - 0
- - Fn::Select:
- - ctlplane
- - Fn::GetAtt:
- - undercloud
- - networks
+ get_attr:
+ - undercloud
+ - networks
+ - ctlplane
+ - 0
heat.watch_server_url:
Fn::Join:
- ''
- - 'http://'
- - {"Fn::Select": [ 0, "Fn::Select": [ ctlplane, { "Fn::GetAtt": [ undercloud, networks ]}]]}
+ - get_attr: [undercloud, networks, ctlplane, 0]
- ':8003'
heat.metadata_server_url:
Fn::Join:
- ''
- - 'http://'
- - {"Fn::Select": [ 0, "Fn::Select": [ ctlplane, { "Fn::GetAtt": [ undercloud, networks ]}]]}
+ - {get_attr: [undercloud, networks, ctlplane, 0]}
- ':8000'
heat.waitcondition_server_url:
Fn::Join:
- ''
- - 'http://'
- - {"Fn::Select": [ 0, "Fn::Select": [ ctlplane, { "Fn::GetAtt": [ undercloud, networks ]}]]}
+ - {get_attr: [undercloud, networks, ctlplane, 0]}
- ':8000/v1/waitcondition'
- 00_undercloudPassthroughDeployment:
- Type: OS::Heat::StructuredDeployment
- Properties:
- config: {Ref: undercloudPassthroughConfig}
- server: {Ref: undercloud}
+ undercloudPassthroughDeployment:
+ depends_on: [undercloudNovaDeployment]
+ type: OS::Heat::StructuredDeployment
+ properties:
+ config: {get_resource: undercloudPassthroughConfig}
+ server: {get_resource: undercloud}
signal_transport: NO_SIGNAL
input_values:
- passthrough_config: {Ref: ExtraConfig}
+ passthrough_config: {get_param: ExtraConfig}