description: The password for the ceilometer service account.
type: string
hidden: true
+ CinderEnableIscsiBackend:
+ default: true
+ description: Whether to enable or not the Iscsi backend for Cinder
+ type: boolean
+ CinderEnableRbdBackend:
+ default: false
+ description: Whether to enable or not the Rbd backend for Cinder
+ type: boolean
CinderISCSIHelper:
default: tgtadm
description: The iSCSI helper to use with cinder.
}
type: json
Flavor:
- default: baremetal
description: Flavor for control nodes to request when deploying.
type: string
constraints:
type: string
default: ''
hidden: true
+ HeatAuthEncryptionKey:
+ description: Auth encryption key for heat-engine
+ type: string
Image:
type: string
default: overcloud-control
description: A unique identifier of the MySQL cluster the controller is in.
type: string
default: 'unset' # Has to be here because of the ignored empty value bug
- constraints:
- - length: {min: 4, max: 10}
+ # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
+ # constraints:
+ # - length: {min: 4, max: 10}
MysqlInnodbBufferPoolSize:
description: >
Specifies the size of the buffer pool in megabytes. Setting to
default: 'dhcp-option-force=26,1400'
description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
type: string
+ NeutronAgentMode:
+ default: 'dvr_snat'
+ description: Agent mode for the neutron-l3-agent on the controller hosts
+ type: string
+ NeutronDVR:
+ default: 'False'
+ description: Whether to configure Neutron Distributed Virtual Routers
+ type: string
+ NeutronMetadataProxySharedSecret:
+ default: 'unset'
+ description: Shared secret to prevent spoofing
+ type: string
+ NeutronMechanismDrivers:
+ default: 'openvswitch'
+ description: |
+ The mechanism drivers for the Neutron tenant network. To specify multiple
+ values, use a comma separated string, like so: 'openvswitch,l2_population'
+ type: string
+ NeutronAllowL3AgentFailover:
+ default: 'True'
+ description: Allow automatic l3-agent failover
+ type: string
+ NeutronL3HA:
+ default: 'False'
+ description: Whether to enable l3-agent HA
+ type: string
NeutronEnableTunnelling:
type: string
default: "True"
type: string
hidden: true
NeutronPublicInterface:
- default: eth0
+ default: nic1
description: What interface to bridge onto br-ex for network nodes.
type: string
NeutronPublicInterfaceTag:
in the ring.
hidden: true
type: string
+ SwiftMountCheck:
+ default: 'false'
+ description: Value of mount_check in Swift account/container/object -server.conf
+ type: boolean
+ SwiftMinPartHours:
+ type: number
+ default: 1
+ description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
SwiftPartPower:
default: 10
description: Partition Power to use when building Swift rings
type: string
SwiftReplicas:
type: number
- default: 1
+ default: 3
description: How many replicas to use in the swift rings.
VirtualIP:
type: string
- network: ctlplane
user_data_format: SOFTWARE_CONFIG
+ NetworkConfig:
+ type: OS::TripleO::Net::SoftwareConfig
+
+ NetworkDeployment:
+ type: OS::TripleO::SoftwareDeployment
+ properties:
+ signal_transport: NO_SIGNAL
+ config: {get_attr: [NetworkConfig, config_id]}
+ server: {get_resource: Controller}
+ input_values:
+ bridge_name: br-ex
+ interface_name: {get_param: NeutronPublicInterface}
+
+ ControllerPassthroughConfig:
+ type: OS::Heat::StructuredConfig
+ properties:
+ group: os-apply-config
+ config: {get_input: passthrough_config}
+
+ ControllerPassthroughConfigSpecific:
+ type: OS::Heat::StructuredConfig
+ properties:
+ group: os-apply-config
+ config: {get_input: passthrough_config_specific}
+
ControllerConfig:
type: OS::Heat::StructuredConfig
properties:
group: os-apply-config
config:
- admin-password: {get_param: AdminPassword}
- admin-token: {get_param: AdminToken}
+ admin-password: {get_input: admin_password}
+ admin-token: {get_input: admin_token}
bootstack:
- public_interface_ip: {get_param: NeutronPublicInterfaceIP}
+ public_interface_ip: {get_input: neutron_public_interface_ip}
bootstrap_host:
nodeid: {get_input: bootstack_nodeid}
- database:
- host: &database_host
- {get_param: VirtualIP}
cinder:
- db:
- list_join:
- - ''
- - - mysql://cinder:unset@
- - *database_host
- - /cinder
- debug: {get_param: Debug}
- volume_size_mb: {get_param: CinderLVMLoopDeviceSize}
- service-password: {get_param: CinderPassword}
- iscsi-helper: {get_param: CinderISCSIHelper}
+ db: {get_input: cinder_dsn}
+ debug: {get_input: debug}
+ volume_size_mb: {get_input: cinder_lvm_loop_device_size}
+ service-password: {get_input: cinder_password}
+ iscsi-helper: {get_input: CinderISCSIHelper}
controller-address: {get_input: controller_host}
corosync:
bindnetaddr: {get_input: controller_host}
registry:
host: {get_input: controller_virtual_ip}
backend: swift
- db:
- list_join:
- - ''
- - - mysql://glance:unset@
- - *database_host
- - /glance
- debug: {get_param: Debug}
+ db: {get_input: glance_dsn}
+ debug: {get_input: debug}
host: {get_input: controller_virtual_ip}
- port: {get_param: GlancePort}
- protocol: {get_param: GlanceProtocol}
- service-password: {get_param: GlancePassword}
+ port: {get_input: glance_port}
+ protocol: {get_input: glance_protocol}
+ service-password: {get_input: glance_password}
swift-store-user: service:glance
- swift-store-key: {get_param: GlancePassword}
- notifier-strategy: {get_param: GlanceNotifierStrategy}
- log-file: {get_param: GlanceLogFile}
+ swift-store-key: {get_input: glance_password}
+ notifier-strategy: {get_input: glance_notifier_strategy}
+ log-file: {get_input: glance_log_file}
heat:
- admin_password: {get_param: HeatPassword}
+ admin_password: {get_input: heat_password}
admin_tenant_name: service
admin_user: heat
- auth_encryption_key: unset___________
- db:
- list_join:
- - ''
- - - mysql://heat:unset@
- - *database_host
- - /heat
- debug: {get_param: Debug}
- stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
+ auth_encryption_key: {get_input: heat_auth_encryption_key}
+ db: {get_input: heat_dsn}
+ debug: {get_input: debug}
+ stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
watch_server_url: {get_input: heat.watch_server_url}
metadata_server_url: {get_input: heat.metadata_server_url}
waitcondition_server_url: {get_input: heat.waitcondition_server_url}
keystone:
- db:
- list_join:
- - ''
- - - mysql://keystone:unset@
- - *database_host
- - /keystone
- debug: {get_param: Debug}
+ db: {get_input: keystone_dsn}
+ debug: {get_input: debug}
host: {get_input: controller_virtual_ip}
- ca_certificate: {get_param: KeystoneCACertificate}
- signing_key: {get_param: KeystoneSigningKey}
- signing_certificate: {get_param: KeystoneSigningCertificate}
+ ca_certificate: {get_input: keystone_ca_certificate}
+ signing_key: {get_input: keystone_signing_key}
+ signing_certificate: {get_input: keystone_signing_certificate}
ssl:
- certificate: {get_param: KeystoneSSLCertificate}
- certificate_key: {get_param: KeystoneSSLCertificateKey}
+ certificate: {get_input: keystone_ssl_certificate}
+ certificate_key: {get_input: keystone_ssl_certificate_key}
mysql:
- innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
+ innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
local_bind: true
- root-password: {get_param: MysqlRootPassword}
- cluster_name:
- str_replace:
- template: tripleo-CLUSTER
- params:
- CLUSTER: {get_param: MysqlClusterUniquePart}
+ root-password: {get_input: mysql_root_password}
+ cluster_name: {get_input: mysql_cluster_name}
neutron:
- debug: {get_param: Debug}
- flat-networks: {get_param: NeutronFlatNetworks}
+ debug: {get_input: debug}
+ flat-networks: {get_input: neutron_flat_networks}
host: {get_input: controller_virtual_ip}
- metadata_proxy_shared_secret: unset
+ metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
+ agent_mode: {get_input: neutron_agent_mode}
+ router_distributed: {get_input: neutron_router_distributed}
+ mechanism_drivers: {get_input: neutron_mechanism_drivers}
+ allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
+ l3_ha: {get_input: neutron_l3_ha}
ovs:
enable_tunneling: {get_input: neutron_enable_tunneling}
local_ip: {get_input: controller_host}
- network_vlan_ranges: {get_param: NeutronNetworkVLANRanges}
- bridge_mappings: {get_param: NeutronBridgeMappings}
- public_interface: {get_param: NeutronPublicInterface}
- public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
- public_interface_route: {get_param: NeutronPublicInterfaceDefaultRoute}
- public_interface_tag: {get_param: NeutronPublicInterfaceTag}
+ network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
+ bridge_mappings: {get_input: neutron_bridge_mappings}
+ public_interface: {get_input: neutron_public_interface}
+ public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
+ public_interface_route: {get_input: neutron_public_interface_default_route}
+ public_interface_tag: {get_input: neutron_public_interface_tag}
physical_bridge: br-ex
- tenant_network_type: {get_param: NeutronNetworkType}
- tunnel_types: {get_param: NeutronTunnelTypes}
- ovs_db:
- list_join:
- - ''
- - - mysql://neutron:unset@
- - *database_host
- - /ovs_neutron?charset=utf8
- service-password: {get_param: NeutronPassword}
- dnsmasq-options: {get_param: NeutronDnsmasqOptions}
+ tenant_network_type: {get_input: neutron_tenant_network_type}
+ tunnel_types: {get_input: neutron_tunnel_types}
+ ovs_db: {get_input: neutron_dsn}
+ service-password: {get_input: neutron_password}
+ dnsmasq-options: {get_input: neutron_dnsmasq_options}
ceilometer:
- db:
- list_join:
- - ''
- - - mysql://ceilometer:unset@
- - *database_host
- - /ceilometer
- debug: {get_param: Debug}
- metering_secret: {get_param: CeilometerMeteringSecret}
- service-password: {get_param: CeilometerPassword}
+ db: {get_input: ceilometer_dsn}
+ debug: {get_input: debug}
+ metering_secret: {get_input: ceilometer_metering_secret}
+ service-password: {get_input: ceilometer_password}
snmpd:
export_MIB: UCD-SNMP-MIB
- readonly_user_name: {get_param: SnmpdReadonlyUserName}
- readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
+ readonly_user_name: {get_input: snmpd_readonly_user_name}
+ readonly_user_password: {get_input: snmpd_readonly_user_password}
nova:
compute_driver: libvirt.LibvirtDriver
- db:
- list_join:
- - ''
- - - mysql://nova:unset@
- - *database_host
- - /nova
+ db: {get_input: nova_dsn}
default_floating_pool:
ext-net
host: {get_input: controller_virtual_ip}
metadata-proxy: true
- service-password: {get_param: NovaPassword}
+ service-password: {get_input: nova_password}
rabbit:
host: {get_input: controller_virtual_ip}
- username: {get_param: RabbitUserName}
- password: {get_param: RabbitPassword}
- cookie: {get_param: RabbitCookie}
- rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
- rabbit_port: {get_param: RabbitClientPort}
+ username: {get_input: rabbit_username}
+ password: {get_input: rabbit_password}
+ cookie: {get_input: rabbit_cookie}
+ rabbit_client_use_ssl: {get_input: rabbit_client_use_ssl}
+ rabbit_port: {get_input: rabbit_client_port}
ntp:
servers:
- - {server: {get_param: NtpServer}, fudge: "stratum 0"}
+ - {server: {get_input: ntp_server}}
virtual_interfaces:
instances:
- vrrp_instance_name: VI_CONTROL
virtual_router_id: 51
- keepalive_interface: {get_param: ControlVirtualInterface}
+ keepalive_interface: {get_input: control_virtual_interface}
priority: 101
virtual_ips:
- - ip: {get_param: VirtualIP}
- interface: {get_param: ControlVirtualInterface}
+ - ip: {get_input: controller_virtual_ip}
+ interface: {get_input: control_virtual_interface}
- vrrp_instance_name: VI_PUBLIC
virtual_router_id: 52
- keepalive_interface: {get_param: PublicVirtualInterface}
+ keepalive_interface: {get_input: public_virtual_interface}
priority: 101
virtual_ips:
- - ip: {get_param: PublicVirtualIP}
- interface: {get_param: PublicVirtualInterface}
+ - ip: {get_input: public_virtual_ip}
+ interface: {get_input: public_virtual_interface}
vrrp_sync_groups:
- name: VG1
members:
- VI_CONTROL
- VI_PUBLIC
keepalived:
- keepalive_interface: {get_param: PublicVirtualInterface}
+ keepalive_interface: {get_input: public_virtual_interface}
priority: 101
virtual_ips:
-
- ip: {get_param: VirtualIP}
- interface: {get_param: ControlVirtualInterface}
+ ip: {get_input: controller_virtual_ip}
+ interface: {get_input: control_virtual_interface}
-
- ip: {get_param: PublicVirtualIP}
- interface: {get_param: PublicVirtualInterface}
+ ip: {get_input: public_virtual_ip}
+ interface: {get_input: public_virtual_interface}
haproxy:
net_binds:
- - ip: {get_param: VirtualIP}
+ - ip: {get_input: controller_virtual_ip}
+ options:
+ - option httpchk GET /
services:
- name: keystone_admin
port: 35357
net_binds: &public_binds
- - ip: {get_param: VirtualIP}
- - ip: {get_param: PublicVirtualIP}
+ - ip: {get_input: controller_virtual_ip}
+ - ip: {get_input: public_virtual_ip}
- name: keystone_public
port: 5000
net_binds: *public_binds
- name: glance_registry
port: 9191
net_binds: *public_binds
+ options: # overwrite options as glace_reg needs auth for http req
- name: heat_api
port: 8004
net_binds: *public_binds
- name: nova_metadata
port: 8775
net_binds: *public_binds
+ - name: nova_novncproxy
+ port: 6080
+ net_binds: *public_binds
- name: ceilometer
port: 8777
net_binds: *public_binds
+ options: # overwrite options as ceil needs auth for http req
- name: swift_proxy_server
port: 8080
net_binds: *public_binds
+ options:
+ - option httpchk GET /info
- name: rabbitmq
port: 5672
options:
- timeout client 0
- timeout server 0
-
- ControllerPassthroughConfig:
- type: OS::Heat::StructuredConfig
- properties:
- group: os-apply-config
- config: {get_input: passthrough_config}
-
- ControllerPassthroughConfigSpecific:
- type: OS::Heat::StructuredConfig
- properties:
- group: os-apply-config
- config: {get_input: passthrough_config_specific}
+ - maxconn 1500
ControllerDeployment:
- type: OS::Heat::StructuredDeployment
+ type: OS::TripleO::SoftwareDeployment
properties:
signal_transport: NO_SIGNAL
config: {get_resource: ControllerConfig}
- - 'http://'
- {get_param: VirtualIP}
- ':8000/v1/waitcondition'
+ admin_password: {get_param: AdminPassword}
+ admin_token: {get_param: AdminToken}
+ neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
+ debug: {get_param: Debug}
+ cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
+ cinder_password: {get_param: CinderPassword}
+ cinder_iscsi_helper: {get_param: CinderISCSIHelper}
+ cinder_dsn:
+ list_join:
+ - ''
+ - - 'mysql://cinder:unset@'
+ - {get_param: VirtualIP}
+ - '/cinder'
+ glance_port: {get_param: GlancePort}
+ glance_protocol: {get_param: GlanceProtocol}
+ glance_password: {get_param: GlancePassword}
+ glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
+ glance_log_file: {get_param: GlanceLogFile}
+ glance_dsn:
+ list_join:
+ - ''
+ - - 'mysql://glance:unset@'
+ - {get_param: VirtualIP}
+ - '/glance'
+ heat_password: {get_param: HeatPassword}
+ heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
+ heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
+ heat_dsn:
+ list_join:
+ - ''
+ - - 'mysql://heat:unset@'
+ - {get_param: VirtualIP}
+ - '/heat'
+ keystone_ca_certificate: {get_param: KeystoneCACertificate}
+ keystone_signing_key: {get_param: KeystoneSigningKey}
+ keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
+ keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
+ keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
+ keystone_dsn:
+ list_join:
+ - ''
+ - - 'mysql://keystone:unset@'
+ - {get_param: VirtualIP}
+ - '/keystone'
+ mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
+ mysql_root_password: {get_param: MysqlRootPassword}
+ mysql_cluster_name:
+ str_replace:
+ template: tripleo-CLUSTER
+ params:
+ CLUSTER: {get_param: MysqlClusterUniquePart}
+ neutron_flat_networks: {get_param: NeutronFlatNetworks}
+ neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
+ neutron_agent_mode: {get_param: NeutronAgentMode}
+ neutron_router_distributed: {get_param: NeutronDVR}
+ neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers}
+ neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
+ neutron_l3_ha: {get_param: NeutronL3HA}
+ neutron_network_vlan_ranges: {get_param: NeutronNetworkVLANRanges}
+ neutron_bridge_mappings: {get_param: NeutronBridgeMappings}
+ neutron_public_interface: {get_param: NeutronPublicInterface}
+ neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
+ neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
+ neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
+ neutron_tenant_network_type: {get_param: NeutronNetworkType}
+ neutron_tunnel_types: {get_param: NeutronTunnelTypes}
+ neutron_password: {get_param: NeutronPassword}
+ neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
+ neutron_dsn:
+ list_join:
+ - ''
+ - - 'mysql://neutron:unset@'
+ - {get_param: VirtualIP}
+ - '/ovs_neutron?charset=utf8'
+ ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
+ ceilometer_password: {get_param: CeilometerPassword}
+ ceilometer_dsn:
+ list_join:
+ - ''
+ - - 'mysql://ceilometer:unset@'
+ - {get_param: VirtualIP}
+ - '/ceilometer'
+ snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
+ snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
+ nova_password: {get_param: NovaPassword}
+ nova_dsn:
+ list_join:
+ - ''
+ - - 'mysql://nova:unset@'
+ - {get_param: VirtualIP}
+ - '/nova'
+ rabbit_username: {get_param: RabbitUserName}
+ rabbit_password: {get_param: RabbitPassword}
+ rabbit_cookie: {get_param: RabbitCookie}
+ rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
+ rabbit_client_port: {get_param: RabbitClientPort}
+ ntp_server: {get_param: NtpServer}
+ control_virtual_interface: {get_param: ControlVirtualInterface}
+ public_virtual_interface: {get_param: PublicVirtualInterface}
+ public_virtual_ip: {get_param: PublicVirtualIP}
SSLConfig:
type: OS::Heat::StructuredConfig
swift:
hash: { get_input: swift_hash_suffix }
part-power: { get_input: swift_part_power }
+ mount-check: { get_input: swift_mount_check }
+ min-part-hours: { get_input: swift_min_part_hours }
replicas: {get_input: swift_replicas }
service-password: { get_input: swift_password }
signal_transport: NO_SIGNAL
input_values:
swift_hash_suffix: {get_param: SwiftHashSuffix}
+ swift_mount_check: {get_param: SwiftMountCheck}
swift_password: {get_param: SwiftPassword}
+ swift_min_part_hours: {get_param: SwiftMinPartHours}
swift_part_power: {get_param: SwiftPartPower}
swift_replicas: { get_param: SwiftReplicas}
Code Review / apex-tripleo-heat-templates.git / blobdiff