Merge "Update overcloud examples for ExtraConfig"

[apex-tripleo-heat-templates.git] / undercloud-source.yaml
diff --git a/undercloud-source.yaml b/undercloud-source.yaml

index aa0c9ee..0788e8b 100644 (file)
--- a/undercloud-source.yaml
+++ b/undercloud-source.yaml
@@ -1,46 +1,50 @@
-Description: All-in-one baremetal OpenStack and all dependencies.
-HeatTemplateFormatVersion: '2012-12-12'
-Parameters:
+description: All-in-one baremetal OpenStack and all dependencies.
+heat_template_version: 2013-05-23
+parameters:
    AdminPassword:
    AdminPassword:
-    Default: unset
-    Description: The password for the keystone admin account, used for monitoring, querying neutron etc.
-    Type: String
-    NoEcho: true
+    default: unset
+    description: The password for the keystone admin account, used for monitoring, querying neutron etc.
+    type: string
+    hidden: true
    AdminToken:
    AdminToken:
-    Default: unset
-    Description: The keystone auth secret.
-    Type: String
-    NoEcho: true
+    default: unset
+    description: The keystone auth secret.
+    type: string
+    hidden: true
    CinderLVMLoopDeviceSize:
    CinderLVMLoopDeviceSize:
-    Default: 5000
-    Description: The size of the loopback file used by the cinder LVM driver.
-    Type: Number
+    default: 5000
+    description: The size of the loopback file used by the cinder LVM driver.
+    type: number
    BaremetalArch:
    BaremetalArch:
-    Default: i386
-    Description: The architecture to use in Nova-BM - i386 or amd64.
-    Type: String
+    default: i386
+    description: The architecture to use in Nova-BM - i386 or amd64.
+    type: string
    CeilometerMeteringSecret:
    CeilometerMeteringSecret:
-    Default: unset
-    Description: Secret shared by the ceilometer services.
-    Type: String
-    NoEcho: true
+    default: unset
+    description: Secret shared by the ceilometer services.
+    type: string
+    hidden: true
    CeilometerPassword:
    CeilometerPassword:
-    Default: unset
-    Description: The password for the ceilometer service account.
-    Type: String
-    NoEcho: true
+    default: unset
+    description: The password for the ceilometer service account.
+    type: string
+    hidden: true
+  Debug:
+    default: ''
+    description: Set to True to enable debugging on all services.
+    type: string
    SnmpdReadonlyUserName:
    SnmpdReadonlyUserName:
-    Default: ro_snmp_user
-    Description: The user name for SNMPd with readonly rights running on all Overcloud nodes
-    Type: String
+    default: ro_snmp_user
+    description: The user name for SNMPd with readonly rights running on all Overcloud nodes
+    type: string
    SnmpdReadonlyUserPassword:
    SnmpdReadonlyUserPassword:
-    Default: unset
-    Description: The user password for SNMPd with readonly rights running on all Overcloud nodes
-    Type: String
-    NoEcho: true
+    default: unset
+    description: The user password for SNMPd with readonly rights running on all Overcloud nodes
+    type: string
+    hidden: true
    ExtraConfig:
    ExtraConfig:
-    Default: {}
-    Description: |
+    default: {}
+    description: |
        Additional configuration to inject into the cluster. The JSON should have
        the following structure:
          {"FILEKEY":
        Additional configuration to inject into the cluster. The JSON should have
        the following structure:
          {"FILEKEY":
@@ -75,128 +79,149 @@ Parameters:
              ]
            }
          }
              ]
            }
          }
-    Type: Json
+    type: json
    Flavor:
    Flavor:
-    Default: baremetal
-    Description: Flavor to request when deploying.
-    Type: String
+    default: baremetal
+    description: Flavor to request when deploying.
+    type: string
    GlancePort:
    GlancePort:
-   Default: 9292
-   Description: Glance port.
-   Type: String
+   default: 9292
+   description: Glance port.
+   type: string
    GlanceProtocol:
    GlanceProtocol:
-   Default: http
-   Description: Protocol to use when connecting to glance, set to https for SSL.
-   Type: String
+   default: http
+   description: Protocol to use when connecting to glance, set to https for SSL.
+   type: string
    GlancePassword:
    GlancePassword:
-    Default: unset
-    Description: The password for the glance service account, used by the glance services.
-    Type: String
-    NoEcho: true
+    default: unset
+    description: The password for the glance service account, used by the glance services.
+    type: string
+    hidden: true
    GlanceNotifierStrategy:
    GlanceNotifierStrategy:
-    Description: Strategy to use for Glance notification queue
-    Type: String
-    Default: noop
+    description: Strategy to use for Glance notification queue
+    type: string
+    default: noop
    GlanceLogFile:
    GlanceLogFile:
-    Description: The filepath of the file to use for logging messages from Glance.
-    Type: String
-    Default: ''
+    description: The filepath of the file to use for logging messages from Glance.
+    type: string
+    default: ''
    KeyName:
    KeyName:
-    Default: default
-    Description: Name of an existing EC2 KeyPair to enable SSH access to the instances
-    Type: String
+    default: default
+    description: Name of an existing EC2 KeyPair to enable SSH access to the instances
+    type: string
    HeatPassword:
    HeatPassword:
-    Default: unset
-    Description: The password for the Heat service account, used by the Heat services.
-    Type: String
-    NoEcho: true
+    default: unset
+    description: The password for the Heat service account, used by the Heat services.
+    type: string
+    hidden: true
    ImageUpdatePolicy:
    ImageUpdatePolicy:
-    Default: REBUILD_PRESERVE_EPHEMERAL
-    Description: What policy to use when reconstructing instances. REBUILD for rebuilds,
+    default: REBUILD_PRESERVE_EPHEMERAL
+    description: What policy to use when reconstructing instances. REBUILD for rebuilds,
        REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
        REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
-    Type: String
+    type: string
    undercloudImage:
    undercloudImage:
-    Default: undercloud
-    Type: String
+    default: undercloud
+    type: string
    NeutronPassword:
    NeutronPassword:
-    Default: unset
-    Description: The password for the neutron service account, used by neutron agents.
-    Type: String
-    NoEcho: true
+    default: unset
+    description: The password for the neutron service account, used by neutron agents.
+    type: string
+    hidden: true
    NovaPassword:
    NovaPassword:
-    Default: unset
-    Description: The password for the nova service account, used by nova-api.
-    Type: String
-    NoEcho: true
+    default: unset
+    description: The password for the nova service account, used by nova-api.
+    type: string
+    hidden: true
    NeutronPublicInterfaceDefaultRoute:
    NeutronPublicInterfaceDefaultRoute:
-    Default: ''
-    Description: A custom default route for the NeutronPublicInterface.
-    Type: String
+    default: ''
+    description: A custom default route for the NeutronPublicInterface.
+    type: string
    NeutronPublicInterfaceIP:
    NeutronPublicInterfaceIP:
-    Default: ''
-    Description: A custom IP address to put onto the NeutronPublicInterface.
-    Type: String
+    default: ''
+    description: >
+      A custom IP address to put onto the NeutronPublicInterface bridge.
+      See also NeutronPublicInterfaceTagIP for adding a VLAN tagging IP.
+      NeutronPublicInterfaceIP is deprecated in the context of deploying
+      underclouds - its only needed for the seed bootstrap process.
+    type: string
+  NeutronPublicInterfaceTag:
+    default: ''
+    description: >
+      VLAN tag for creating a public VLAN. The tag will be used to
+      create an access port on the exterior bridge, and that port will be
+      given the IP address returned by neutron from the public network.
+    type: string
    NeutronPublicInterfaceRawDevice:
    NeutronPublicInterfaceRawDevice:
-    Default: ''
-    Description: If set, the public interface is a vlan with this device as the raw device.
-    Type: String
+    default: ''
+    description: If set, the public interface is a vlan with this device as the raw device.
+    type: string
    NtpServer:
    NtpServer:
-    Type: String
-    Default: ''
+    type: string
+    default: ''
    RabbitUserName:
    RabbitUserName:
-    Default: guest
-    Description: The username for RabbitMQ
-    Type: String
+    default: guest
+    description: The username for RabbitMQ
+    type: string
    RabbitPassword:
    RabbitPassword:
-    Default: guest
-    Description: The password for RabbitMQ
-    Type: String
-    NoEcho: true
+    default: guest
+    description: The password for RabbitMQ
+    type: string
+    hidden: true
    RabbitCookieSalt:
    RabbitCookieSalt:
-    Type: String
-    Default: unset
-    Description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change.
+    type: string
+    default: unset
+    description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change.
    HeatStackDomainAdminPassword:
    HeatStackDomainAdminPassword:
-    Description: Password for heat_domain_admin user.
-    Type: String
-    Default: ''
-    NoEcho: true
+    description: Password for heat_domain_admin user.
+    type: string
+    default: ''
+    hidden: true
    MysqlInnodbBufferPoolSize:
    MysqlInnodbBufferPoolSize:
-    Description: >
+    description: >
          Specifies the size of the buffer pool in megabytes. Setting to
          zero should be interpreted as "no value" and will defer to the
          lower level default.
          Specifies the size of the buffer pool in megabytes. Setting to
          zero should be interpreted as "no value" and will defer to the
          lower level default.
-    Type: Number
-    Default: 0
+    type: number
+    default: 0
    KeystoneCACertificate:
    KeystoneCACertificate:
-    Default: ''
-    Description: Keystone self-signed certificate authority certificate.
-    Type: String
+    default: ''
+    description: Keystone self-signed certificate authority certificate.
+    type: string
    KeystoneSigningCertificate:
    KeystoneSigningCertificate:
-    Default: ''
-    Description: Keystone certificate for verifying token validity.
-    Type: String
+    default: ''
+    description: Keystone certificate for verifying token validity.
+    type: string
    KeystoneSigningKey:
    KeystoneSigningKey:
-    Default: ''
-    Description: Keystone key for signing tokens.
-    Type: String
-    NoEcho: true
-Resources:
+    default: ''
+    description: Keystone key for signing tokens.
+    type: string
+    hidden: true
+  DefaultSignalTransport:
+    default: CFN_SIGNAL
+    description: Transport to use for software-config signals.
+    type: string
+    constraints:
+      - allowed_values: [ CFN_SIGNAL, HEAT_SIGNAL, NO_SIGNAL ]
+resources:
    RabbitCookie:
    RabbitCookie:
-    Type: OS::Heat::RandomString
-    Properties:
+    type: OS::Heat::RandomString
+    properties:
        length: 20
        salt:
        length: 20
        salt:
-        Ref: RabbitCookieSalt
+        get_param: RabbitCookieSalt
+  MysqlRootPassword:
+    type: OS::Heat::RandomString
+    properties:
+      length: 10
    undercloudConfig:
    undercloudConfig:
-    Type: OS::Heat::StructuredConfig
-    Properties:
+    type: OS::Heat::StructuredConfig
+    properties:
        config:
          completion-signal: {get_input: deploy_signal_id}
          admin-password:
        config:
          completion-signal: {get_input: deploy_signal_id}
          admin-password:
-          Ref: AdminPassword
+          get_param: AdminPassword
          admin-token:
          admin-token:
-          Ref: AdminToken
+          get_param: AdminToken
          bootstrap_host:
            bootstrap_nodeid:
              Fn::Select:
          bootstrap_host:
            bootstrap_nodeid:
              Fn::Select:
@@ -207,68 +232,87 @@ Resources:
                    undercloud:
                    - Fn::Select:
                      - name
                    undercloud:
                    - Fn::Select:
                      - name
-                    - Fn::GetAtt:
+                    - get_attr:
                        - undercloud
                        - show
            nodeid: {get_input: bootstack_nodeid}
          bootstack:
            public_interface_ip:
                        - undercloud
                        - show
            nodeid: {get_input: bootstack_nodeid}
          bootstack:
            public_interface_ip:
-            Ref: NeutronPublicInterfaceIP
+            get_param: NeutronPublicInterfaceIP
          controller-address:
            get_input: controller_host
          controller-address:
            get_input: controller_host
+        corosync:
+          bindnetaddr: {get_input: controller_host}
+          mcastport: 5577
+          nodes:
+            Merge::Map:
+              controller0:
+                ip: {get_attr: [undercloud, networks, ctlplane, 0]}
+        pacemaker:
+          stonith_enabled : false
+          recheck_interval : 5
+          quorum_policy : ignore
          ceilometer:
            db: mysql://ceilometer:unset@localhost/ceilometer
          ceilometer:
            db: mysql://ceilometer:unset@localhost/ceilometer
-          metering_secret: {Ref: CeilometerMeteringSecret}
+          debug: {get_param: Debug}
+          metering_secret: {get_param: CeilometerMeteringSecret}
            snmpd_readonly_user_name:
            snmpd_readonly_user_name:
-            Ref: SnmpdReadonlyUserName
+            get_param: SnmpdReadonlyUserName
            snmpd_readonly_user_password:
            snmpd_readonly_user_password:
-            Ref: SnmpdReadonlyUserPassword
+            get_param: SnmpdReadonlyUserPassword
            service-password:
            service-password:
-            Ref: CeilometerPassword
+            get_param: CeilometerPassword
          db-password: unset
          glance:
            backend: file
            db: mysql://glance:unset@localhost/glance
          db-password: unset
          glance:
            backend: file
            db: mysql://glance:unset@localhost/glance
+          debug: {get_param: Debug}
            host: 127.0.0.1
            port:
            host: 127.0.0.1
            port:
-            Ref: GlancePort
+            get_param: GlancePort
            protocol:
            protocol:
-            Ref: GlanceProtocol
+            get_param: GlanceProtocol
            service-password:
            service-password:
-            Ref: GlancePassword
+            get_param: GlancePassword
            notifier-strategy:
            notifier-strategy:
-            Ref: GlanceNotifierStrategy
+            get_param: GlanceNotifierStrategy
            log-file:
            log-file:
-            Ref: GlanceLogFile
+            get_param: GlanceLogFile
          heat:
            admin_password:
          heat:
            admin_password:
-            Ref: HeatPassword
+            get_param: HeatPassword
            admin_tenant_name: service
            admin_user: heat
            auth_encryption_key: unset___________
            db: mysql://heat:unset@localhost/heat
            admin_tenant_name: service
            admin_user: heat
            auth_encryption_key: unset___________
            db: mysql://heat:unset@localhost/heat
-          stack_domain_admin_password: {Ref: HeatStackDomainAdminPassword}
+          debug: {get_param: Debug}
+          stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
            watch_server_url: {get_input: heat.watch_server_url}
            metadata_server_url: {get_input: heat.metadata_server_url}
            waitcondition_server_url: {get_input: heat.waitcondition_server_url}
          keystone:
            db: mysql://keystone:unset@localhost/keystone
            watch_server_url: {get_input: heat.watch_server_url}
            metadata_server_url: {get_input: heat.metadata_server_url}
            waitcondition_server_url: {get_input: heat.waitcondition_server_url}
          keystone:
            db: mysql://keystone:unset@localhost/keystone
+          debug: {get_param: Debug}
            host: 127.0.0.1
            host: 127.0.0.1
-          ca_certificate: {Ref: KeystoneCACertificate}
-          signing_key: {Ref: KeystoneSigningKey}
-          signing_certificate: {Ref: KeystoneSigningCertificate}
+          ca_certificate: {get_param: KeystoneCACertificate}
+          signing_key: {get_param: KeystoneSigningKey}
+          signing_certificate: {get_param: KeystoneSigningCertificate}
          mysql:
          mysql:
-          innodb_buffer_pool_size: {Ref: MysqlInnodbBufferPoolSize}
+          innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
+          root-password: {get_resource: MysqlRootPassword}
          neutron:
          neutron:
+          debug: {get_param: Debug}
            host: 127.0.0.1
            ovs_db: mysql://neutron:unset@localhost/ovs_neutron?charset=utf8
            ovs:
              public_interface:
            host: 127.0.0.1
            ovs_db: mysql://neutron:unset@localhost/ovs_neutron?charset=utf8
            ovs:
              public_interface:
-              Ref: NeutronPublicInterface
+              get_param: NeutronPublicInterface
              public_interface_raw_device:
              public_interface_raw_device:
-              Ref: NeutronPublicInterfaceRawDevice
+              get_param: NeutronPublicInterfaceRawDevice
              public_interface_route:
              public_interface_route:
-              Ref: NeutronPublicInterfaceDefaultRoute
+              get_param: NeutronPublicInterfaceDefaultRoute
+            public_interface_tag:
+              get_param: NeutronPublicInterfaceTag
              physical_bridge: br-ctlplane
              physical_network: ctlplane
              network_vlan_ranges: ctlplane
              physical_bridge: br-ctlplane
              physical_network: ctlplane
              network_vlan_ranges: ctlplane
@@ -276,81 +320,81 @@ Resources:
              tenant_network_type: vlan
              enable_tunneling: 'False'
            service-password:
              tenant_network_type: vlan
              enable_tunneling: 'False'
            service-password:
-            Ref: NeutronPassword
+            get_param: NeutronPassword
          rabbit:
            host: 127.0.0.1
            username:
          rabbit:
            host: 127.0.0.1
            username:
-            Ref: RabbitUserName
+            get_param: RabbitUserName
            password:
            password:
-            Ref: RabbitPassword
+            get_param: RabbitPassword
            cookie:
            cookie:
-            Fn::GetAtt:
+            get_attr:
              - RabbitCookie
              - value
          ntp:
            servers:
              - RabbitCookie
              - value
          ntp:
            servers:
-            - {server: {Ref: NtpServer}, fudge: "stratum 0"}
+            - {server: {get_param: NtpServer}, fudge: "stratum 0"}
    undercloudPassthroughConfig:
    undercloudPassthroughConfig:
-    Type: OS::Heat::StructuredConfig
-    Properties:
+    type: OS::Heat::StructuredConfig
+    properties:
        config: {get_input: passthrough_config}
    undercloud:
        config: {get_input: passthrough_config}
    undercloud:
-    Type: OS::Nova::Server
-    Properties:
+    type: OS::Nova::Server
+    properties:
        image:
        image:
-        Ref: undercloudImage
+        get_param: undercloudImage
        flavor:
        flavor:
-        Ref: Flavor
+        get_param: Flavor
        key_name:
        key_name:
-        Ref: KeyName
+        get_param: KeyName
        image_update_policy:
        image_update_policy:
-        Ref: ImageUpdatePolicy
+        get_param: ImageUpdatePolicy
        networks:
          - network: ctlplane
        user_data_format: SOFTWARE_CONFIG
        networks:
          - network: ctlplane
        user_data_format: SOFTWARE_CONFIG
-  99_undercloudDeployment:
-    Type: OS::Heat::StructuredDeployment
-    Properties:
-      config: {Ref: undercloudConfig}
-      server: {Ref: undercloud}
+  undercloudDeployment:
+    depends_on: [undercloudPassthroughDeployment]
+    type: OS::Heat::StructuredDeployment
+    properties:
+      config: {get_resource: undercloudConfig}
+      server: {get_resource: undercloud}
+      signal_transport: {get_param: DefaultSignalTransport}
        input_values:
          bootstack_nodeid:
        input_values:
          bootstack_nodeid:
-          Fn::Select:
-            - name
-            - Fn::GetAtt:
-              - undercloud
-              - show
+          get_attr:
+          - undercloud
+          - show
+          - name
          controller_host:
          controller_host:
-          Fn::Select:
-            - 0
-            - Fn::Select:
-              - ctlplane
-              - Fn::GetAtt:
-                - undercloud
-                - networks
+          get_attr:
+          - undercloud
+          - networks
+          - ctlplane
+          - 0
          heat.watch_server_url:
            Fn::Join:
              - ''
              - - 'http://'
          heat.watch_server_url:
            Fn::Join:
              - ''
              - - 'http://'
-              - {"Fn::Select": [ 0, "Fn::Select": [ ctlplane, { "Fn::GetAtt": [ undercloud, networks ]}]]}
+              - get_attr: [undercloud, networks, ctlplane, 0]
                - ':8003'
          heat.metadata_server_url:
            Fn::Join:
              - ''
              - - 'http://'
                - ':8003'
          heat.metadata_server_url:
            Fn::Join:
              - ''
              - - 'http://'
-              - {"Fn::Select": [ 0, "Fn::Select": [ ctlplane, { "Fn::GetAtt": [ undercloud, networks ]}]]}
+              - {get_attr: [undercloud, networks, ctlplane, 0]}
                - ':8000'
          heat.waitcondition_server_url:
            Fn::Join:
              - ''
              - - 'http://'
                - ':8000'
          heat.waitcondition_server_url:
            Fn::Join:
              - ''
              - - 'http://'
-              - {"Fn::Select": [ 0, "Fn::Select": [ ctlplane, { "Fn::GetAtt": [ undercloud, networks ]}]]}
+              - {get_attr: [undercloud, networks, ctlplane, 0]}
                - ':8000/v1/waitcondition'
                - ':8000/v1/waitcondition'
-  00_undercloudPassthroughDeployment:
-    Type: OS::Heat::StructuredDeployment
-    Properties:
-      config: {Ref: undercloudPassthroughConfig}
-      server: {Ref: undercloud}
+  undercloudPassthroughDeployment:
+    depends_on: [undercloudNovaDeployment]
+    type: OS::Heat::StructuredDeployment
+    properties:
+      config: {get_resource: undercloudPassthroughConfig}
+      server: {get_resource: undercloud}
        signal_transport: NO_SIGNAL
        input_values:
        signal_transport: NO_SIGNAL
        input_values:
-        passthrough_config: {Ref: ExtraConfig}
+        passthrough_config: {get_param: ExtraConfig}