+ group: os-apply-config
+ config:
+ admin-password: {get_param: AdminPassword}
+ admin-token: {get_param: AdminToken}
+ bootstack:
+ public_interface_ip: {get_param: NeutronPublicInterfaceIP}
+ bootstrap_host:
+ nodeid: {get_input: bootstack_nodeid}
+ database:
+ host: &database_host
+ {get_param: VirtualIP}
+ cinder:
+ db:
+ list_join:
+ - ''
+ - - mysql://cinder:unset@
+ - *database_host
+ - /cinder
+ debug: {get_param: Debug}
+ volume_size_mb: {get_param: CinderLVMLoopDeviceSize}
+ service-password: {get_param: CinderPassword}
+ iscsi-helper: {get_param: CinderISCSIHelper}
+ controller-address: {get_input: controller_host}
+ corosync:
+ bindnetaddr: {get_input: controller_host}
+ mcastport: 5577
+ pacemaker:
+ stonith_enabled : false
+ recheck_interval : 5
+ quorum_policy : ignore
+ db-password: unset
+ glance:
+ registry:
+ host: {get_input: controller_virtual_ip}
+ backend: swift
+ db:
+ list_join:
+ - ''
+ - - mysql://glance:unset@
+ - *database_host
+ - /glance
+ debug: {get_param: Debug}
+ host: {get_input: controller_virtual_ip}
+ port: {get_param: GlancePort}
+ protocol: {get_param: GlanceProtocol}
+ service-password: {get_param: GlancePassword}
+ swift-store-user: service:glance
+ swift-store-key: {get_param: GlancePassword}
+ notifier-strategy: {get_param: GlanceNotifierStrategy}
+ log-file: {get_param: GlanceLogFile}
+ heat:
+ admin_password: {get_param: HeatPassword}
+ admin_tenant_name: service
+ admin_user: heat
+ auth_encryption_key: unset___________
+ db:
+ list_join:
+ - ''
+ - - mysql://heat:unset@
+ - *database_host
+ - /heat
+ debug: {get_param: Debug}
+ stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
+ watch_server_url: {get_input: heat.watch_server_url}
+ metadata_server_url: {get_input: heat.metadata_server_url}
+ waitcondition_server_url: {get_input: heat.waitcondition_server_url}
+ keystone:
+ db:
+ list_join:
+ - ''
+ - - mysql://keystone:unset@
+ - *database_host
+ - /keystone
+ debug: {get_param: Debug}
+ host: {get_input: controller_virtual_ip}
+ ca_certificate: {get_param: KeystoneCACertificate}
+ signing_key: {get_param: KeystoneSigningKey}
+ signing_certificate: {get_param: KeystoneSigningCertificate}
+ ssl:
+ certificate: {get_param: KeystoneSSLCertificate}
+ certificate_key: {get_param: KeystoneSSLCertificateKey}
+ mysql:
+ innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
+ local_bind: true
+ root-password: {get_param: MysqlRootPassword}
+ cluster_name:
+ str_replace:
+ template: tripleo-CLUSTER
+ params:
+ CLUSTER: {get_param: MysqlClusterUniquePart}
+ neutron:
+ debug: {get_param: Debug}
+ flat-networks: {get_param: NeutronFlatNetworks}
+ host: {get_input: controller_virtual_ip}
+ metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
+ agent_mode: {get_param: NeutronAgentMode}
+ router_distributed: {get_param: NeutronDVR}
+ mechanism_drivers: {get_param: NeutronMechanismDrivers}
+ allow_automatic_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
+ ovs:
+ enable_tunneling: {get_input: neutron_enable_tunneling}
+ local_ip: {get_input: controller_host}
+ network_vlan_ranges: {get_param: NeutronNetworkVLANRanges}
+ bridge_mappings: {get_param: NeutronBridgeMappings}
+ public_interface: {get_param: NeutronPublicInterface}
+ public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
+ public_interface_route: {get_param: NeutronPublicInterfaceDefaultRoute}
+ public_interface_tag: {get_param: NeutronPublicInterfaceTag}
+ physical_bridge: br-ex
+ tenant_network_type: {get_param: NeutronNetworkType}
+ tunnel_types: {get_param: NeutronTunnelTypes}
+ ovs_db:
+ list_join:
+ - ''
+ - - mysql://neutron:unset@
+ - *database_host
+ - /ovs_neutron?charset=utf8
+ service-password: {get_param: NeutronPassword}
+ dnsmasq-options: {get_param: NeutronDnsmasqOptions}
+ ceilometer:
+ db:
+ list_join:
+ - ''
+ - - mysql://ceilometer:unset@
+ - *database_host
+ - /ceilometer
+ debug: {get_param: Debug}
+ metering_secret: {get_param: CeilometerMeteringSecret}
+ service-password: {get_param: CeilometerPassword}
+ snmpd:
+ export_MIB: UCD-SNMP-MIB
+ readonly_user_name: {get_param: SnmpdReadonlyUserName}
+ readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
+ nova:
+ compute_driver: libvirt.LibvirtDriver
+ db:
+ list_join:
+ - ''
+ - - mysql://nova:unset@
+ - *database_host
+ - /nova
+ default_floating_pool:
+ ext-net
+ host: {get_input: controller_virtual_ip}
+ metadata-proxy: true
+ service-password: {get_param: NovaPassword}
+ rabbit:
+ host: {get_input: controller_virtual_ip}
+ username: {get_param: RabbitUserName}
+ password: {get_param: RabbitPassword}
+ cookie: {get_param: RabbitCookie}
+ rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
+ rabbit_port: {get_param: RabbitClientPort}
+ ntp:
+ servers:
+ - {server: {get_param: NtpServer}, fudge: "stratum 0"}
+ virtual_interfaces:
+ instances:
+ - vrrp_instance_name: VI_CONTROL
+ virtual_router_id: 51
+ keepalive_interface: {get_param: ControlVirtualInterface}
+ priority: 101
+ virtual_ips:
+ - ip: {get_param: VirtualIP}
+ interface: {get_param: ControlVirtualInterface}
+ - vrrp_instance_name: VI_PUBLIC
+ virtual_router_id: 52
+ keepalive_interface: {get_param: PublicVirtualInterface}
+ priority: 101
+ virtual_ips:
+ - ip: {get_param: PublicVirtualIP}
+ interface: {get_param: PublicVirtualInterface}
+ vrrp_sync_groups:
+ - name: VG1
+ members:
+ - VI_CONTROL
+ - VI_PUBLIC
+ keepalived:
+ keepalive_interface: {get_param: PublicVirtualInterface}
+ priority: 101
+ virtual_ips:
+ -
+ ip: {get_param: VirtualIP}
+ interface: {get_param: ControlVirtualInterface}
+ -
+ ip: {get_param: PublicVirtualIP}
+ interface: {get_param: PublicVirtualInterface}
+ haproxy:
+ net_binds:
+ - ip: {get_param: VirtualIP}
+ options:
+ - option httpchk GET /
+ services:
+ - name: keystone_admin
+ port: 35357
+ net_binds: &public_binds
+ - ip: {get_param: VirtualIP}
+ - ip: {get_param: PublicVirtualIP}
+ - name: keystone_public
+ port: 5000
+ net_binds: *public_binds
+ - name: horizon
+ port: 80
+ net_binds: *public_binds
+ - name: neutron
+ port: 9696
+ net_binds: *public_binds
+ - name: cinder
+ port: 8776
+ net_binds: *public_binds
+ - name: glance_api
+ port: 9292
+ net_binds: *public_binds
+ - name: glance_registry
+ port: 9191
+ net_binds: *public_binds
+ options: # overwrite options as glace_reg needs auth for http req
+ - name: heat_api
+ port: 8004
+ net_binds: *public_binds
+ - name: heat_cloudwatch
+ port: 8003
+ net_binds: *public_binds
+ - name: heat_cfn
+ port: 8000
+ net_binds: *public_binds
+ - name: mysql
+ port: 3306
+ extra_server_params:
+ - backup
+ options:
+ - timeout client 0
+ - timeout server 0
+ - name: nova_ec2
+ port: 8773
+ - name: nova_osapi
+ port: 8774
+ net_binds: *public_binds
+ - name: nova_metadata
+ port: 8775
+ net_binds: *public_binds
+ - name: nova_novncproxy
+ port: 6080
+ net_binds: *public_binds
+ - name: ceilometer
+ port: 8777
+ net_binds: *public_binds
+ options: # overwrite options as ceil needs auth for http req
+ - name: swift_proxy_server
+ port: 8080
+ net_binds: *public_binds
+ options:
+ - option httpchk GET /info
+ - name: rabbitmq
+ port: 5672
+ options:
+ - timeout client 0
+ - timeout server 0
+
+ ControllerPassthroughConfig:
+ type: OS::Heat::StructuredConfig