Code Review / apex-tripleo-heat-templates.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
NFS backend for Cinder
[apex-tripleo-heat-templates.git] / overcloud-without-mergepy.yaml
diff --git a/overcloud-without-mergepy.yaml b/overcloud-without-mergepy.yaml
index 32dc970..643f10e 100644 (file)
--- a/overcloud-without-mergepy.yaml
+++ b/overcloud-without-mergepy.yaml
@@ -1,4 +1,4 @@
-heat_template_version: 2014-10-16
+heat_template_version: 2015-04-30
 
 description: >
   Nova API,Keystone,Heat Engine and API,Glance,Neutron,Dedicated MySQL
 
 description: >
   Nova API,Keystone,Heat Engine and API,Glance,Neutron,Dedicated MySQL
@@ -15,6 +15,10 @@ parameters:
     description: The password for the keystone admin account, used for monitoring, querying neutron etc.
     type: string
     hidden: true
     description: The password for the keystone admin account, used for monitoring, querying neutron etc.
     type: string
     hidden: true
+  CeilometerBackend:
+    default: 'mongodb'
+    description: The ceilometer backend type.
+    type: string
   CeilometerMeteringSecret:
     default: unset
     description: Secret shared by the ceilometer services.
   CeilometerMeteringSecret:
     default: unset
     description: Secret shared by the ceilometer services.
@@ -38,6 +42,10 @@ parameters:
     default: ''
     description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key.
     type: string
     default: ''
     description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key.
     type: string
+  CinderEnableNfsBackend:
+    default: false
+    description: Whether to enable or not the NFS backend for Cinder
+    type: boolean
   CinderEnableIscsiBackend:
     default: true
     description: Whether to enable or not the Iscsi backend for Cinder
   CinderEnableIscsiBackend:
     default: true
     description: Whether to enable or not the Iscsi backend for Cinder
@@ -54,12 +62,6 @@ parameters:
     default: ''
     description: Set to True to enable debugging on all services.
     type: string
     default: ''
     description: Set to True to enable debugging on all services.
     type: string
-  DefaultSignalTransport:
-    default: CFN_SIGNAL
-    description: Transport to use for software-config signals.
-    type: string
-    constraints:
-      - allowed_values: [ CFN_SIGNAL, HEAT_SIGNAL, NO_SIGNAL ]
   GlancePort:
     default: "9292"
     description: Glance port.
   GlancePort:
     default: "9292"
     description: Glance port.
@@ -227,6 +229,18 @@ parameters:
     default: 5000
     description: The size of the loopback file used by the cinder LVM driver.
     type: number
     default: 5000
     description: The size of the loopback file used by the cinder LVM driver.
     type: number
+  CinderNfsMountOptions:
+    default: ''
+    description: >
+      Mount options for NFS mounts used by Cinder NFS backend. Effective
+      when CinderEnableNfsBackend is true.
+    type: string
+  CinderNfsServers:
+    default: ''
+    description: >
+      NFS servers used by Cinder NFS backend. Effective when
+      CinderEnableNfsBackend is true.
+    type: comma_delimited_list
   CinderPassword:
     default: unset
     description: The password for the cinder service account, used by cinder-api.
   CinderPassword:
     default: unset
     description: The password for the cinder service account, used by cinder-api.
@@ -259,14 +273,21 @@ parameters:
     default: 'br-ex'
     description: Interface where virtual ip will be assigned.
     type: string
     default: 'br-ex'
     description: Interface where virtual ip will be assigned.
     type: string
+  EnableFencing:
+    default: false
+    description: Whether to enable fencing in Pacemaker or not.
+    type: boolean
   EnableGalera:
     default: true
     description: Whether to use Galera instead of regular MariaDB.
     type: boolean
   EnableGalera:
     default: true
     description: Whether to use Galera instead of regular MariaDB.
     type: boolean
-  EnablePacemaker:
+  ControllerEnableCephStorage:
+    default: false
+    description: Whether to deploy Ceph Storage (OSD) on the Controller
+    type: boolean
+  ControllerEnableSwiftStorage:
     default: true
     default: true
-    description: If enabled services will be monitored by Pacemaker; it
-      will manage VIPs as well, in place of Keepalived.
+    description: Whether to enable Swift Storage on the Controller
     type: boolean
   ExtraConfig:
     default: {}
     type: boolean
   ExtraConfig:
     default: {}
@@ -306,6 +327,38 @@ parameters:
           }
         }
     type: json
           }
         }
     type: json
+  FencingConfig:
+    default: {}
+    description: |
+      Pacemaker fencing configuration. The JSON should have
+      the following structure:
+        {
+          "devices": [
+            {
+              "agent": "AGENT_NAME",
+              "host_mac": "HOST_MAC_ADDRESS",
+              "params": {"PARAM_NAME": "PARAM_VALUE"}
+            }
+          ]
+        }
+      For instance:
+        {
+          "devices": [
+            {
+              "agent": "fence_xvm",
+              "host_mac": "52:54:00:aa:bb:cc",
+              "params": {
+                "multicast_address": "225.0.0.12",
+                "port": "baremetal_0",
+                "manage_fw": true,
+                "manage_key_file": true,
+                "key_file": "/etc/fence_xvm.key",
+                "key_file_password": "abcdef"
+              }
+            }
+          ]
+        }
+    type: json
   GlanceLogFile:
     description: The filepath of the file to use for logging messages from Glance.
     type: string
   GlanceLogFile:
     description: The filepath of the file to use for logging messages from Glance.
     type: string
@@ -319,6 +372,13 @@ parameters:
     description: The password for the glance service account, used by the glance services.
     type: string
     hidden: true
     description: The password for the glance service account, used by the glance services.
     type: string
     hidden: true
+  GlanceBackend:
+    default: swift
+    description: The short name of the Glance backend to use. Should be one
+      of swift, rbd or file
+    type: string
+    constraints:
+    - allowed_values: ['swift', 'file', 'rbd']
   HeatPassword:
     default: unset
     description: The password for the Heat service account, used by the Heat services.
   HeatPassword:
     default: unset
     description: The password for the Heat service account, used by the Heat services.
@@ -448,7 +508,7 @@ parameters:
       The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
       Neutron documentation for permitted values. Defaults to permitting any
       VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
       The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
       Neutron documentation for permitted values. Defaults to permitting any
       VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
-    type: string
+    type: comma_delimited_list
   NovaComputeDriver:
     type: string
     default: libvirt.LibvirtDriver
   NovaComputeDriver:
     type: string
     default: libvirt.LibvirtDriver
@@ -475,6 +535,34 @@ parameters:
     type: string
     constraints:
       - custom_constraint: nova.flavor
     type: string
     constraints:
       - custom_constraint: nova.flavor
+  ServiceNetMap:
+    default:
+      NeutronTenantNetwork: tenant
+      CeilometerApiNetwork: internal_api
+      MongoDbNetwork: internal_api
+      CinderApiNetwork: internal_api
+      CinderIscsiNetwork: storage
+      GlanceApiNetwork: storage
+      GlanceRegistryNetwork: internal_api
+      KeystoneAdminApiNetwork: internal_api
+      KeystonePublicApiNetwork: internal_api
+      NeutronApiNetwork: internal_api
+      HeatApiNetwork: internal_api
+      NovaApiNetwork: internal_api
+      NovaMetadataNetwork: internal_api
+      NovaVncProxyNetwork: internal_api
+      SwiftMgmtNetwork: storage_mgmt
+      SwiftProxyNetwork: storage
+      HorizonNetwork: internal_api
+      MemcachedNetwork: internal_api
+      RabbitMqNetwork: internal_api
+      RedisNetwork: internal_api
+      MysqlNetwork: internal_api
+      CephClusterNetwork: storage_mgmt
+      CephPublicNetwork: storage
+    description: Mapping of service_name -> network name. Typically set
+                 via parameter_defaults in the resource registry.
+    type: json
 
 # Block storage specific parameters
   BlockStorageCount:
 
 # Block storage specific parameters
   BlockStorageCount:
@@ -516,6 +604,41 @@ parameters:
     constraints:
       - custom_constraint: nova.flavor
 
     constraints:
       - custom_constraint: nova.flavor
 
+  # Hostname format for each role
+  # Note %index% is translated into the index of the node, e.g 0/1/2 etc
+  # and %stackname% is replaced with OS::stack_name in the template below.
+  # If you want to use the heat generated names, pass '' (empty string).
+  ControllerHostnameFormat:
+    type: string
+    description: Format for Controller node hostnames
+    default: '%stackname%-controller-%index%'
+  ComputeHostnameFormat:
+    type: string
+    description: Format for Compute node hostnames
+    default: '%stackname%-novacompute-%index%'
+  BlockStorageHostnameFormat:
+    type: string
+    description: Format for BlockStorage node hostnames
+    default: '%stackname%-blockstorage-%index%'
+  ObjectStorageHostnameFormat:
+    type: string
+    description: Format for SwiftStorage node hostnames
+    default: '%stackname%-objectstorage-%index%'
+  CephStorageHostnameFormat:
+    type: string
+    description: Format for CephStorage node hostnames
+    default: '%stackname%-cephstorage-%index%'
+
+  # Identifiers to trigger tasks on nodes
+  UpdateIdentifier:
+    default: ''
+    type: string
+    description: >
+      Setting to a previously unused value during stack-update will trigger
+      package update on all nodes
+
+
+
 resources:
 
   HeatAuthEncryptionKey:
 resources:
 
   HeatAuthEncryptionKey:
@@ -526,8 +649,14 @@ resources:
     properties:
       length: 16
 
     properties:
       length: 16
 
+  HorizonSecret:
+    type: OS::Heat::RandomString
+    properties:
+      length: 10
+
   Controller:
     type: OS::Heat::ResourceGroup
   Controller:
     type: OS::Heat::ResourceGroup
+    depends_on: Networks
     properties:
       count: {get_param: ControllerCount}
       resource_def:
     properties:
       count: {get_param: ControllerCount}
       resource_def:
@@ -535,29 +664,38 @@ resources:
         properties:
           AdminPassword: {get_param: AdminPassword}
           AdminToken: {get_param: AdminToken}
         properties:
           AdminPassword: {get_param: AdminPassword}
           AdminToken: {get_param: AdminToken}
+          CeilometerBackend: {get_param: CeilometerBackend}
           CeilometerMeteringSecret: {get_param: CeilometerMeteringSecret}
           CeilometerPassword: {get_param: CeilometerPassword}
           CinderLVMLoopDeviceSize: {get_param: CinderLVMLoopDeviceSize}
           CeilometerMeteringSecret: {get_param: CeilometerMeteringSecret}
           CeilometerPassword: {get_param: CeilometerPassword}
           CinderLVMLoopDeviceSize: {get_param: CinderLVMLoopDeviceSize}
+          CinderNfsMountOptions: {get_param: CinderNfsMountOptions}
+          CinderNfsServers: {get_param: CinderNfsServers}
           CinderPassword: {get_param: CinderPassword}
           CinderISCSIHelper: {get_param: CinderISCSIHelper}
           CinderPassword: {get_param: CinderPassword}
           CinderISCSIHelper: {get_param: CinderISCSIHelper}
+          CinderEnableNfsBackend: {get_param: CinderEnableNfsBackend}
           CinderEnableIscsiBackend: {get_param: CinderEnableIscsiBackend}
           CinderEnableRbdBackend: {get_param: CinderEnableRbdBackend}
           CloudName: {get_param: CloudName}
           ControlVirtualInterface: {get_param: ControlVirtualInterface}
           ControllerExtraConfig: {get_param: controllerExtraConfig}
           Debug: {get_param: Debug}
           CinderEnableIscsiBackend: {get_param: CinderEnableIscsiBackend}
           CinderEnableRbdBackend: {get_param: CinderEnableRbdBackend}
           CloudName: {get_param: CloudName}
           ControlVirtualInterface: {get_param: ControlVirtualInterface}
           ControllerExtraConfig: {get_param: controllerExtraConfig}
           Debug: {get_param: Debug}
+          EnableFencing: {get_param: EnableFencing}
           EnableGalera: {get_param: EnableGalera}
           EnableGalera: {get_param: EnableGalera}
-          EnablePacemaker: {get_param: EnablePacemaker}
+          EnableCephStorage: {get_param: ControllerEnableCephStorage}
+          EnableSwiftStorage: {get_param: ControllerEnableSwiftStorage}
           ExtraConfig: {get_param: ExtraConfig}
           ExtraConfig: {get_param: ExtraConfig}
+          FencingConfig: {get_param: FencingConfig}
           Flavor: {get_param: OvercloudControlFlavor}
           GlancePort: {get_param: GlancePort}
           GlanceProtocol: {get_param: GlanceProtocol}
           GlancePassword: {get_param: GlancePassword}
           Flavor: {get_param: OvercloudControlFlavor}
           GlancePort: {get_param: GlancePort}
           GlanceProtocol: {get_param: GlanceProtocol}
           GlancePassword: {get_param: GlancePassword}
+          GlanceBackend: {get_param: GlanceBackend}
           GlanceNotifierStrategy: {get_param: GlanceNotifierStrategy}
           GlanceLogFile: {get_param: GlanceLogFile}
           HeatPassword: {get_param: HeatPassword}
           HeatStackDomainAdminPassword: {get_param: HeatStackDomainAdminPassword}
           HeatAuthEncryptionKey: {get_resource: HeatAuthEncryptionKey}
           GlanceNotifierStrategy: {get_param: GlanceNotifierStrategy}
           GlanceLogFile: {get_param: GlanceLogFile}
           HeatPassword: {get_param: HeatPassword}
           HeatStackDomainAdminPassword: {get_param: HeatStackDomainAdminPassword}
           HeatAuthEncryptionKey: {get_resource: HeatAuthEncryptionKey}
+          HorizonSecret: {get_resource: HorizonSecret}
           Image: {get_param: controllerImage}
           ImageUpdatePolicy: {get_param: ImageUpdatePolicy}
           KeyName: {get_param: KeyName}
           Image: {get_param: controllerImage}
           ImageUpdatePolicy: {get_param: ImageUpdatePolicy}
           KeyName: {get_param: KeyName}
@@ -572,6 +710,7 @@ resources:
           NeutronPublicInterfaceIP: {get_param: NeutronPublicInterfaceIP}
           NeutronFlatNetworks: {get_param: NeutronFlatNetworks}
           NeutronBridgeMappings: {get_param: NeutronBridgeMappings}
           NeutronPublicInterfaceIP: {get_param: NeutronPublicInterfaceIP}
           NeutronFlatNetworks: {get_param: NeutronFlatNetworks}
           NeutronBridgeMappings: {get_param: NeutronBridgeMappings}
+          NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling}
           NeutronNetworkVLANRanges: {get_param: NeutronNetworkVLANRanges}
           NeutronPublicInterface: {get_param: NeutronPublicInterface}
           NeutronPublicInterfaceDefaultRoute: {get_param: NeutronPublicInterfaceDefaultRoute}
           NeutronNetworkVLANRanges: {get_param: NeutronNetworkVLANRanges}
           NeutronPublicInterface: {get_param: NeutronPublicInterface}
           NeutronPublicInterfaceDefaultRoute: {get_param: NeutronPublicInterfaceDefaultRoute}
@@ -597,6 +736,7 @@ resources:
           RabbitClientPort: {get_param: RabbitClientPort}
           SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
           SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
           RabbitClientPort: {get_param: RabbitClientPort}
           SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
           SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
+          RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]}
           SSLCertificate: {get_param: SSLCertificate}
           SSLKey: {get_param: SSLKey}
           SSLCACertificate: {get_param: SSLCACertificate}
           SSLCertificate: {get_param: SSLCertificate}
           SSLKey: {get_param: SSLKey}
           SSLCACertificate: {get_param: SSLCACertificate}
@@ -606,11 +746,24 @@ resources:
           SwiftPartPower: {get_param: SwiftPartPower}
           SwiftPassword: {get_param: SwiftPassword}
           SwiftReplicas: { get_param: SwiftReplicas}
           SwiftPartPower: {get_param: SwiftPartPower}
           SwiftPassword: {get_param: SwiftPassword}
           SwiftReplicas: { get_param: SwiftReplicas}
-          VirtualIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
-          PublicVirtualIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
+          VirtualIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} # deprecated. Use per service VIP settings instead now.
+          PublicVirtualIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]} # deprecated. Use per service VIP settings instead now.
+          ServiceNetMap: {get_param: ServiceNetMap}
+          HeatApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
+          GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
+          MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
+          KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
+          NeutronApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
+          UpdateIdentifier: {get_param: UpdateIdentifier}
+          Hostname:
+            str_replace:
+              template: {get_param: ControllerHostnameFormat}
+              params:
+                '%stackname%': {get_param: 'OS::stack_name'}
 
   Compute:
     type: OS::Heat::ResourceGroup
 
   Compute:
     type: OS::Heat::ResourceGroup
+    depends_on: Networks
     properties:
       count: {get_param: ComputeCount}
       resource_def:
     properties:
       count: {get_param: ComputeCount}
       resource_def:
@@ -620,20 +773,21 @@ resources:
           CeilometerComputeAgent: {get_param: CeilometerComputeAgent}
           CeilometerMeteringSecret: {get_param: CeilometerMeteringSecret}
           CeilometerPassword: {get_param: CeilometerPassword}
           CeilometerComputeAgent: {get_param: CeilometerComputeAgent}
           CeilometerMeteringSecret: {get_param: CeilometerMeteringSecret}
           CeilometerPassword: {get_param: CeilometerPassword}
+          CinderEnableNfsBackend: {get_param: CinderEnableNfsBackend}
           Debug: {get_param: Debug}
           ExtraConfig: {get_param: ExtraConfig}
           Flavor: {get_param: OvercloudComputeFlavor}
           Debug: {get_param: Debug}
           ExtraConfig: {get_param: ExtraConfig}
           Flavor: {get_param: OvercloudComputeFlavor}
-          GlanceHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+          GlanceHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
           GlancePort: {get_param: GlancePort}
           GlanceProtocol: {get_param: GlanceProtocol}
           Image: {get_param: NovaImage}
           ImageUpdatePolicy: {get_param: ImageUpdatePolicy}
           KeyName: {get_param: KeyName}
           GlancePort: {get_param: GlancePort}
           GlanceProtocol: {get_param: GlanceProtocol}
           Image: {get_param: NovaImage}
           ImageUpdatePolicy: {get_param: ImageUpdatePolicy}
           KeyName: {get_param: KeyName}
-          KeystoneHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+          KeystoneHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
           NeutronBridgeMappings: {get_param: NeutronBridgeMappings}
           NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling}
           NeutronFlatNetworks: {get_param: NeutronFlatNetworks}
           NeutronBridgeMappings: {get_param: NeutronBridgeMappings}
           NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling}
           NeutronFlatNetworks: {get_param: NeutronFlatNetworks}
-          NeutronHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+          NeutronHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
           NeutronNetworkType: {get_param: NeutronNetworkType}
           NeutronTunnelTypes: {get_param: NeutronTunnelTypes}
           NeutronNetworkVLANRanges: {get_param: NeutronNetworkVLANRanges}
           NeutronNetworkType: {get_param: NeutronNetworkType}
           NeutronTunnelTypes: {get_param: NeutronTunnelTypes}
           NeutronNetworkVLANRanges: {get_param: NeutronNetworkVLANRanges}
@@ -648,7 +802,7 @@ resources:
           # L3 HA and Failover is not relevant for Computes, should be removed
           NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover}
           NeutronL3HA: {get_param: NeutronL3HA}
           # L3 HA and Failover is not relevant for Computes, should be removed
           NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover}
           NeutronL3HA: {get_param: NeutronL3HA}
-          NovaApiHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+          NovaApiHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
           NovaComputeDriver: {get_param: NovaComputeDriver}
           NovaComputeExtraConfig: {get_param: NovaComputeExtraConfig}
           NovaComputeLibvirtType: {get_param: NovaComputeLibvirtType}
           NovaComputeDriver: {get_param: NovaComputeDriver}
           NovaComputeExtraConfig: {get_param: NovaComputeExtraConfig}
           NovaComputeLibvirtType: {get_param: NovaComputeLibvirtType}
@@ -656,16 +810,24 @@ resources:
           NovaPublicIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
           NovaPassword: {get_param: NovaPassword}
           NtpServer: {get_param: NtpServer}
           NovaPublicIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
           NovaPassword: {get_param: NovaPassword}
           NtpServer: {get_param: NtpServer}
-          RabbitHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+          RabbitHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
           RabbitPassword: {get_param: RabbitPassword}
           RabbitUserName: {get_param: RabbitUserName}
           RabbitClientUseSSL: {get_param: RabbitClientUseSSL}
           RabbitClientPort: {get_param: RabbitClientPort}
           SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
           SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
           RabbitPassword: {get_param: RabbitPassword}
           RabbitUserName: {get_param: RabbitUserName}
           RabbitClientUseSSL: {get_param: RabbitClientUseSSL}
           RabbitClientPort: {get_param: RabbitClientPort}
           SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
           SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
+          ServiceNetMap: {get_param: ServiceNetMap}
+          UpdateIdentifier: {get_param: UpdateIdentifier}
+          Hostname:
+            str_replace:
+              template: {get_param: ComputeHostnameFormat}
+              params:
+                '%stackname%': {get_param: 'OS::stack_name'}
 
   BlockStorage:
     type: OS::Heat::ResourceGroup
 
   BlockStorage:
     type: OS::Heat::ResourceGroup
+    depends_on: Networks
     properties:
       count: {get_param: BlockStorageCount}
       resource_def:
     properties:
       count: {get_param: BlockStorageCount}
       resource_def:
@@ -677,17 +839,30 @@ resources:
           CinderLVMLoopDeviceSize: {get_param: CinderLVMLoopDeviceSize}
           # Purpose of the dedicated BlockStorage nodes should be to use their local LVM
           CinderEnableIscsiBackend: {get_param: CinderEnableIscsiBackend}
           CinderLVMLoopDeviceSize: {get_param: CinderLVMLoopDeviceSize}
           # Purpose of the dedicated BlockStorage nodes should be to use their local LVM
           CinderEnableIscsiBackend: {get_param: CinderEnableIscsiBackend}
-          VirtualIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+          CinderPassword: {get_param: CinderPassword}
           KeyName: {get_param: KeyName}
           Flavor: {get_param: OvercloudBlockStorageFlavor}
           KeyName: {get_param: KeyName}
           Flavor: {get_param: OvercloudBlockStorageFlavor}
+          VirtualIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+          GlancePort: {get_param: GlancePort}
+          GlanceProtocol: {get_param: GlanceProtocol}
+          GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
           RabbitPassword: {get_param: RabbitPassword}
           RabbitUserName: {get_param: RabbitUserName}
           RabbitClientUseSSL: {get_param: RabbitClientUseSSL}
           RabbitClientPort: {get_param: RabbitClientPort}
           NtpServer: {get_param: NtpServer}
           RabbitPassword: {get_param: RabbitPassword}
           RabbitUserName: {get_param: RabbitUserName}
           RabbitClientUseSSL: {get_param: RabbitClientUseSSL}
           RabbitClientPort: {get_param: RabbitClientPort}
           NtpServer: {get_param: NtpServer}
+          UpdateIdentifier: {get_param: UpdateIdentifier}
+          Hostname:
+            str_replace:
+              template: {get_param: BlockStorageHostnameFormat}
+              params:
+                '%stackname%': {get_param: 'OS::stack_name'}
+          ServiceNetMap: {get_param: ServiceNetMap}
+          MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
 
   ObjectStorage:
     type: OS::Heat::ResourceGroup
 
   ObjectStorage:
     type: OS::Heat::ResourceGroup
+    depends_on: Networks
     properties:
       count: {get_param: ObjectStorageCount}
       resource_def:
     properties:
       count: {get_param: ObjectStorageCount}
       resource_def:
@@ -702,9 +877,17 @@ resources:
           Image: {get_param: SwiftStorageImage}
           Replicas: { get_param: SwiftReplicas}
           NtpServer: {get_param: NtpServer}
           Image: {get_param: SwiftStorageImage}
           Replicas: { get_param: SwiftReplicas}
           NtpServer: {get_param: NtpServer}
+          UpdateIdentifier: {get_param: UpdateIdentifier}
+          ServiceNetMap: {get_param: ServiceNetMap}
+          Hostname:
+            str_replace:
+              template: {get_param: ObjectStorageHostnameFormat}
+              params:
+                '%stackname%': {get_param: 'OS::stack_name'}
 
   CephStorage:
     type: OS::Heat::ResourceGroup
 
   CephStorage:
     type: OS::Heat::ResourceGroup
+    depends_on: Networks
     properties:
       count: {get_param: CephStorageCount}
       resource_def:
     properties:
       count: {get_param: CephStorageCount}
       resource_def:
@@ -714,6 +897,22 @@ resources:
           KeyName: {get_param: KeyName}
           Flavor: {get_param: OvercloudCephStorageFlavor}
           NtpServer: {get_param: NtpServer}
           KeyName: {get_param: KeyName}
           Flavor: {get_param: OvercloudCephStorageFlavor}
           NtpServer: {get_param: NtpServer}
+          ServiceNetMap: {get_param: ServiceNetMap}
+          UpdateIdentifier: {get_param: UpdateIdentifier}
+          Hostname:
+            str_replace:
+              template: {get_param: CephStorageHostnameFormat}
+              params:
+                '%stackname%': {get_param: 'OS::stack_name'}
+
+  ControllerIpListMap:
+    type: OS::TripleO::Network::Ports::NetIpListMap
+    properties:
+      ExternalIpList: {get_attr: [Controller, external_ip_address]}
+      InternalApiIpList: {get_attr: [Controller, internal_api_ip_address]}
+      StorageIpList: {get_attr: [Controller, storage_ip_address]}
+      StorageMgmtIpList: {get_attr: [Controller, storage_mgmt_ip_address]}
+      TenantIpList: {get_attr: [Controller, tenant_ip_address]}
 
   allNodesConfig:
     type: OS::TripleO::AllNodes::SoftwareConfig
 
   allNodesConfig:
     type: OS::TripleO::AllNodes::SoftwareConfig
@@ -725,6 +924,23 @@ resources:
       object_storage_hosts: {get_attr: [ObjectStorage, hosts_entry]}
       ceph_storage_hosts: {get_attr: [CephStorage, hosts_entry]}
       controller_names: {get_attr: [Controller, hostname]}
       object_storage_hosts: {get_attr: [ObjectStorage, hosts_entry]}
       ceph_storage_hosts: {get_attr: [CephStorage, hosts_entry]}
       controller_names: {get_attr: [Controller, hostname]}
+      rabbit_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
+      mongo_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
+      redis_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
+      memcache_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
+      mysql_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
+      horizon_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
+      heat_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
+      swift_proxy_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
+      ceilometer_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
+      nova_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
+      nova_metadata_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
+      glance_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
+      glance_registry_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
+      cinder_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
+      neutron_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
+      keystone_public_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
+      keystone_admin_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
 
   MysqlRootPassword:
     type: OS::Heat::RandomString
 
   MysqlRootPassword:
     type: OS::Heat::RandomString
@@ -742,22 +958,100 @@ resources:
       length: 20
       salt: {get_param: RabbitCookieSalt}
 
       length: 20
       salt: {get_param: RabbitCookieSalt}
 
+  # creates the network architecture
+  Networks:
+    type: OS::TripleO::Network
+
   ControlVirtualIP:
     type: OS::Neutron::Port
   ControlVirtualIP:
     type: OS::Neutron::Port
+    depends_on: Networks
     properties:
       name: control_virtual_ip
       network_id: {get_param: NeutronControlPlaneID}
       fixed_ips: {get_param: ControlFixedIPs}
       replacement_policy: AUTO
 
     properties:
       name: control_virtual_ip
       network_id: {get_param: NeutronControlPlaneID}
       fixed_ips: {get_param: ControlFixedIPs}
       replacement_policy: AUTO
 
+  RedisVirtualIP:
+    depends_on: Networks
+    type: OS::TripleO::Controller::Ports::RedisVipPort
+    properties:
+      ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+      ControlPlaneNetwork: {get_param: NeutronControlPlaneID}
+      PortName: redis_virtual_ip
+      NetworkName: {get_param: [ServiceNetMap, RedisNetwork]}
+
+  # same as external
   PublicVirtualIP:
     type: OS::Neutron::Port
   PublicVirtualIP:
     type: OS::Neutron::Port
+    depends_on: Networks
     properties:
       name: public_virtual_ip
       network: {get_param: PublicVirtualNetwork}
       fixed_ips: {get_param: PublicVirtualFixedIPs}
       replacement_policy: AUTO
 
     properties:
       name: public_virtual_ip
       network: {get_param: PublicVirtualNetwork}
       fixed_ips: {get_param: PublicVirtualFixedIPs}
       replacement_policy: AUTO
 
+  InternalApiVirtualIP:
+    depends_on: Networks
+    type: OS::TripleO::Controller::Ports::InternalApiPort
+    properties:
+      ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+      PortName: internal_api_virtual_ip
+
+  StorageVirtualIP:
+    depends_on: Networks
+    type: OS::TripleO::Controller::Ports::StoragePort
+    properties:
+      ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+      PortName: storage_virtual_ip
+
+  StorageMgmtVirtualIP:
+    depends_on: Networks
+    type: OS::TripleO::Controller::Ports::StorageMgmtPort
+    properties:
+      ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+      PortName: storage_management_virtual_ip
+
+  VipMap:
+    type: OS::TripleO::Network::Ports::NetIpMap
+    properties:
+      ExternalIp: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
+      InternalApiIp: {get_attr: [InternalApiVirtualIP, ip_address]}
+      StorageIp: {get_attr: [StorageVirtualIP, ip_address]}
+      StorageMgmtIp: {get_attr: [StorageMgmtVirtualIP, ip_address]}
+      # No tenant VIP required
+
+  VipConfig:
+    type: OS::TripleO::VipConfig
+
+  VipDeployment:
+    type: OS::Heat::StructuredDeployments
+    properties:
+      config: {get_resource: VipConfig}
+      servers: {get_attr: [Controller, attributes, nova_server_resource]}
+      input_values:
+        # service VIP mappings
+        keystone_admin_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
+        keystone_public_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
+        neutron_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
+        cinder_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
+        glance_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
+        glance_registry_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
+        swift_proxy_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
+        nova_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
+        nova_metadata_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
+        ceilometer_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
+        heat_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
+        horizon_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
+        redis_vip: {get_attr: [RedisVirtualIP, ip_address]}
+        mysql_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
+        rabbit_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
+        # direct configuration of Virtual IPs for each network
+        control_virtual_ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+        public_virtual_ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
+        internal_api_virtual_ip: {get_attr: [InternalApiVirtualIP, ip_address]}
+        storage_virtual_ip: {get_attr: [StorageVirtualIP, ip_address]}
+        storage_mgmt_virtual_ip: {get_attr: [StorageMgmtVirtualIP, ip_address]}
+
   ControllerBootstrapNodeConfig:
     type: OS::TripleO::BootstrapNode::SoftwareConfig
     properties:
   ControllerBootstrapNodeConfig:
     type: OS::TripleO::BootstrapNode::SoftwareConfig
     properties:
@@ -769,21 +1063,18 @@ resources:
     properties:
       config: {get_attr: [ControllerBootstrapNodeConfig, config_id]}
       servers: {get_attr: [Controller, attributes, nova_server_resource]}
     properties:
       config: {get_attr: [ControllerBootstrapNodeConfig, config_id]}
       servers: {get_attr: [Controller, attributes, nova_server_resource]}
-      signal_transport: NO_SIGNAL
 
   ControllerSwiftDeployment:
     type: OS::Heat::StructuredDeployments
     properties:
       config: {get_attr: [SwiftDevicesAndProxyConfig, config_id]}
       servers: {get_attr: [Controller, attributes, nova_server_resource]}
 
   ControllerSwiftDeployment:
     type: OS::Heat::StructuredDeployments
     properties:
       config: {get_attr: [SwiftDevicesAndProxyConfig, config_id]}
       servers: {get_attr: [Controller, attributes, nova_server_resource]}
-      signal_transport: NO_SIGNAL
 
   ObjectStorageSwiftDeployment:
     type: OS::Heat::StructuredDeployments
     properties:
       config: {get_attr: [SwiftDevicesAndProxyConfig, config_id]}
       servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
 
   ObjectStorageSwiftDeployment:
     type: OS::Heat::StructuredDeployments
     properties:
       config: {get_attr: [SwiftDevicesAndProxyConfig, config_id]}
       servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
-      signal_transport: NO_SIGNAL
 
   SwiftDevicesAndProxyConfig:
     type: OS::TripleO::SwiftDevicesAndProxy::SoftwareConfig
 
   SwiftDevicesAndProxyConfig:
     type: OS::TripleO::SwiftDevicesAndProxy::SoftwareConfig
@@ -817,11 +1108,12 @@ resources:
       ceph_mon_key: {get_param: CephMonKey}
       ceph_admin_key: {get_param: CephAdminKey}
       ceph_mon_names: {get_attr: [Controller, hostname]}
       ceph_mon_key: {get_param: CephMonKey}
       ceph_admin_key: {get_param: CephAdminKey}
       ceph_mon_names: {get_attr: [Controller, hostname]}
-      ceph_mon_ips: {get_attr: [Controller, ip_address]}
+      ceph_mon_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
 
   ControllerClusterConfig:
     type: OS::Heat::StructuredConfig
     properties:
 
   ControllerClusterConfig:
     type: OS::Heat::StructuredConfig
     properties:
+      group: os-apply-config
       config:
         corosync:
           nodes: {get_attr: [Controller, corosync_node]}
       config:
         corosync:
           nodes: {get_attr: [Controller, corosync_node]}
@@ -839,7 +1131,6 @@ resources:
     properties:
       config: {get_resource: ControllerClusterConfig}
       servers: {get_attr: [Controller, attributes, nova_server_resource]}
     properties:
       config: {get_resource: ControllerClusterConfig}
       servers: {get_attr: [Controller, attributes, nova_server_resource]}
-      signal_transport: NO_SIGNAL
 
   ControllerAllNodesDeployment:
     type: OS::Heat::StructuredDeployments
 
   ControllerAllNodesDeployment:
     type: OS::Heat::StructuredDeployments
@@ -877,30 +1168,36 @@ resources:
     depends_on: [ControllerBootstrapNodeDeployment, ControllerAllNodesDeployment, ControllerSwiftDeployment, ControllerCephDeployment]
     properties:
       servers: {get_attr: [Controller, attributes, nova_server_resource]}
     depends_on: [ControllerBootstrapNodeDeployment, ControllerAllNodesDeployment, ControllerSwiftDeployment, ControllerCephDeployment]
     properties:
       servers: {get_attr: [Controller, attributes, nova_server_resource]}
+      NodeConfigIdentifiers: {get_attr: [Controller, attributes, config_identifier]}
 
   ComputeNodesPostDeployment:
     type: OS::TripleO::ComputePostDeployment
     depends_on: [ComputeAllNodesDeployment, ComputeCephDeployment]
     properties:
       servers: {get_attr: [Compute, attributes, nova_server_resource]}
 
   ComputeNodesPostDeployment:
     type: OS::TripleO::ComputePostDeployment
     depends_on: [ComputeAllNodesDeployment, ComputeCephDeployment]
     properties:
       servers: {get_attr: [Compute, attributes, nova_server_resource]}
+      NodeConfigIdentifiers: {get_attr: [Compute, attributes, config_identifier]}
 
   ObjectStorageNodesPostDeployment:
     type: OS::TripleO::ObjectStoragePostDeployment
     depends_on: [ObjectStorageSwiftDeployment, ObjectStorageAllNodesDeployment]
     properties:
       servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
 
   ObjectStorageNodesPostDeployment:
     type: OS::TripleO::ObjectStoragePostDeployment
     depends_on: [ObjectStorageSwiftDeployment, ObjectStorageAllNodesDeployment]
     properties:
       servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
+      NodeConfigIdentifiers: {get_attr: [ObjectStorage, attributes, config_identifier]}
+
 
   BlockStorageNodesPostDeployment:
     type: OS::TripleO::BlockStoragePostDeployment
     depends_on: [ControllerNodesPostDeployment, BlockStorageAllNodesDeployment]
     properties:
       servers: {get_attr: [BlockStorage, attributes, nova_server_resource]}
 
   BlockStorageNodesPostDeployment:
     type: OS::TripleO::BlockStoragePostDeployment
     depends_on: [ControllerNodesPostDeployment, BlockStorageAllNodesDeployment]
     properties:
       servers: {get_attr: [BlockStorage, attributes, nova_server_resource]}
+      NodeConfigIdentifiers: {get_attr: [BlockStorage, attributes, config_identifier]}
 
   CephStorageNodesPostDeployment:
     type: OS::TripleO::CephStoragePostDeployment
     depends_on: [ControllerNodesPostDeployment, CephStorageCephDeployment, CephStorageAllNodesDeployment]
     properties:
       servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
 
   CephStorageNodesPostDeployment:
     type: OS::TripleO::CephStoragePostDeployment
     depends_on: [ControllerNodesPostDeployment, CephStorageCephDeployment, CephStorageAllNodesDeployment]
     properties:
       servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
+      NodeConfigIdentifiers: {get_attr: [CephStorage, attributes, config_identifier]}
 
 outputs:
   KeystoneURL:
 
 outputs:
   KeystoneURL:
@@ -909,5 +1206,5 @@ outputs:
       list_join:
       - ''
       - - http://
       list_join:
       - ''
       - - http://
-        - {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+        - {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
         - :5000/v2.0/
         - :5000/v2.0/