description: The password for the ceilometer service account.
type: string
hidden: true
+ CinderEnableIscsiBackend:
+ default: true
+ description: Whether to enable or not the Iscsi backend for Cinder
+ type: boolean
+ CinderEnableRbdBackend:
+ default: false
+ description: Whether to enable or not the Rbd backend for Cinder
+ type: boolean
CinderISCSIHelper:
default: tgtadm
description: The iSCSI helper to use with cinder.
default: ''
description: Set to True to enable debugging on all services.
type: string
+ EnableGalera:
+ default: true
+ description: Whether to use Galera instead of regular MariaDB.
+ type: boolean
+ EnablePacemaker:
+ default: false
+ description: If enabled services will be monitored by Pacemaker; it
+ will manage VIPs as well, in place of Keepalived.
+ type: boolean
+ EnableCephStorage:
+ default: false
+ description: Whether to deploy Ceph Storage (OSD) on the Controller
+ type: boolean
+ EnableSwiftStorage:
+ default: true
+ description: Whether to enable Swift Storage on the Controller
+ type: boolean
ExtraConfig:
default: {}
description: |
type: string
default: ''
hidden: true
+ HeatAuthEncryptionKey:
+ description: Auth encryption key for heat-engine
+ type: string
Image:
type: string
default: overcloud-control
NtpServer:
type: string
default: ''
+ PcsdPassword:
+ type: string
+ description: The password for the 'pcsd' user.
PublicVirtualInterface:
default: 'br-ex'
description: >
in the ring.
hidden: true
type: string
+ SwiftMountCheck:
+ default: 'false'
+ description: Value of mount_check in Swift account/container/object -server.conf
+ type: boolean
+ SwiftMinPartHours:
+ type: number
+ default: 1
+ description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
SwiftPartPower:
default: 10
description: Partition Power to use when building Swift rings
type: string
SwiftReplicas:
type: number
- default: 1
+ default: 3
description: How many replicas to use in the swift rings.
VirtualIP:
type: string
networks:
- network: ctlplane
user_data_format: SOFTWARE_CONFIG
+ user_data: {get_resource: NodeUserData}
+
+ NodeUserData:
+ type: OS::TripleO::NodeUserData
NetworkConfig:
type: OS::TripleO::Net::SoftwareConfig
bridge_name: br-ex
interface_name: {get_param: NeutronPublicInterface}
- ControllerConfig:
- type: OS::TripleO::Controller::SoftwareConfig
- properties:
- # allow configs to create sub-resources attached to the controller
- controller_id: {get_resource: Controller}
-
ControllerPassthroughConfig:
type: OS::Heat::StructuredConfig
properties:
group: os-apply-config
config: {get_input: passthrough_config_specific}
+ ControllerConfig:
+ type: OS::Heat::StructuredConfig
+ properties:
+ group: os-apply-config
+ config:
+ admin-password: {get_input: admin_password}
+ admin-token: {get_input: admin_token}
+ bootstack:
+ public_interface_ip: {get_input: neutron_public_interface_ip}
+ bootstrap_host:
+ nodeid: {get_input: bootstack_nodeid}
+ cinder:
+ db: {get_input: cinder_dsn}
+ debug: {get_input: debug}
+ volume_size_mb: {get_input: cinder_lvm_loop_device_size}
+ service-password: {get_input: cinder_password}
+ iscsi-helper: {get_input: CinderISCSIHelper}
+ controller-address: {get_input: controller_host}
+ corosync:
+ bindnetaddr: {get_input: controller_host}
+ mcastport: 5577
+ pacemaker:
+ stonith_enabled : false
+ recheck_interval : 5
+ quorum_policy : ignore
+ db-password: unset
+ glance:
+ registry:
+ host: {get_input: controller_virtual_ip}
+ backend: swift
+ db: {get_input: glance_dsn}
+ debug: {get_input: debug}
+ host: {get_input: controller_virtual_ip}
+ port: {get_input: glance_port}
+ protocol: {get_input: glance_protocol}
+ service-password: {get_input: glance_password}
+ swift-store-user: service:glance
+ swift-store-key: {get_input: glance_password}
+ notifier-strategy: {get_input: glance_notifier_strategy}
+ log-file: {get_input: glance_log_file}
+ heat:
+ admin_password: {get_input: heat_password}
+ admin_tenant_name: service
+ admin_user: heat
+ auth_encryption_key: {get_input: heat_auth_encryption_key}
+ db: {get_input: heat_dsn}
+ debug: {get_input: debug}
+ stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
+ watch_server_url: {get_input: heat.watch_server_url}
+ metadata_server_url: {get_input: heat.metadata_server_url}
+ waitcondition_server_url: {get_input: heat.waitcondition_server_url}
+ keystone:
+ db: {get_input: keystone_dsn}
+ debug: {get_input: debug}
+ host: {get_input: controller_virtual_ip}
+ ca_certificate: {get_input: keystone_ca_certificate}
+ signing_key: {get_input: keystone_signing_key}
+ signing_certificate: {get_input: keystone_signing_certificate}
+ ssl:
+ certificate: {get_input: keystone_ssl_certificate}
+ certificate_key: {get_input: keystone_ssl_certificate_key}
+ mysql:
+ innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
+ local_bind: true
+ root-password: {get_input: mysql_root_password}
+ cluster_name: {get_input: mysql_cluster_name}
+ neutron:
+ debug: {get_input: debug}
+ flat-networks: {get_input: neutron_flat_networks}
+ host: {get_input: controller_virtual_ip}
+ metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
+ agent_mode: {get_input: neutron_agent_mode}
+ router_distributed: {get_input: neutron_router_distributed}
+ mechanism_drivers: {get_input: neutron_mechanism_drivers}
+ allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
+ l3_ha: {get_input: neutron_l3_ha}
+ ovs:
+ enable_tunneling: {get_input: neutron_enable_tunneling}
+ local_ip: {get_input: controller_host}
+ network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
+ bridge_mappings: {get_input: neutron_bridge_mappings}
+ public_interface: {get_input: neutron_public_interface}
+ public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
+ public_interface_route: {get_input: neutron_public_interface_default_route}
+ public_interface_tag: {get_input: neutron_public_interface_tag}
+ physical_bridge: br-ex
+ tenant_network_type: {get_input: neutron_tenant_network_type}
+ tunnel_types: {get_input: neutron_tunnel_types}
+ ovs_db: {get_input: neutron_dsn}
+ service-password: {get_input: neutron_password}
+ dnsmasq-options: {get_input: neutron_dnsmasq_options}
+ ceilometer:
+ db: {get_input: ceilometer_dsn}
+ debug: {get_input: debug}
+ metering_secret: {get_input: ceilometer_metering_secret}
+ service-password: {get_input: ceilometer_password}
+ snmpd:
+ export_MIB: UCD-SNMP-MIB
+ readonly_user_name: {get_input: snmpd_readonly_user_name}
+ readonly_user_password: {get_input: snmpd_readonly_user_password}
+ nova:
+ compute_driver: libvirt.LibvirtDriver
+ db: {get_input: nova_dsn}
+ default_floating_pool:
+ ext-net
+ host: {get_input: controller_virtual_ip}
+ metadata-proxy: true
+ service-password: {get_input: nova_password}
+ rabbit:
+ host: {get_input: controller_virtual_ip}
+ username: {get_input: rabbit_username}
+ password: {get_input: rabbit_password}
+ cookie: {get_input: rabbit_cookie}
+ rabbit_client_use_ssl: {get_input: rabbit_client_use_ssl}
+ rabbit_port: {get_input: rabbit_client_port}
+ ntp:
+ servers:
+ - {server: {get_input: ntp_server}}
+ virtual_interfaces:
+ instances:
+ - vrrp_instance_name: VI_CONTROL
+ virtual_router_id: 51
+ keepalive_interface: {get_input: control_virtual_interface}
+ priority: 101
+ virtual_ips:
+ - ip: {get_input: controller_virtual_ip}
+ interface: {get_input: control_virtual_interface}
+ - vrrp_instance_name: VI_PUBLIC
+ virtual_router_id: 52
+ keepalive_interface: {get_input: public_virtual_interface}
+ priority: 101
+ virtual_ips:
+ - ip: {get_input: public_virtual_ip}
+ interface: {get_input: public_virtual_interface}
+ vrrp_sync_groups:
+ - name: VG1
+ members:
+ - VI_CONTROL
+ - VI_PUBLIC
+ keepalived:
+ keepalive_interface: {get_input: public_virtual_interface}
+ priority: 101
+ virtual_ips:
+ -
+ ip: {get_input: controller_virtual_ip}
+ interface: {get_input: control_virtual_interface}
+ -
+ ip: {get_input: public_virtual_ip}
+ interface: {get_input: public_virtual_interface}
+ haproxy:
+ net_binds:
+ - ip: {get_input: controller_virtual_ip}
+ options:
+ - option httpchk GET /
+ services:
+ - name: keystone_admin
+ port: 35357
+ net_binds: &public_binds
+ - ip: {get_input: controller_virtual_ip}
+ - ip: {get_input: public_virtual_ip}
+ - name: keystone_public
+ port: 5000
+ net_binds: *public_binds
+ - name: horizon
+ port: 80
+ net_binds: *public_binds
+ - name: neutron
+ port: 9696
+ net_binds: *public_binds
+ - name: cinder
+ port: 8776
+ net_binds: *public_binds
+ - name: glance_api
+ port: 9292
+ net_binds: *public_binds
+ - name: glance_registry
+ port: 9191
+ net_binds: *public_binds
+ options: # overwrite options as glace_reg needs auth for http req
+ - name: heat_api
+ port: 8004
+ net_binds: *public_binds
+ - name: heat_cloudwatch
+ port: 8003
+ net_binds: *public_binds
+ - name: heat_cfn
+ port: 8000
+ net_binds: *public_binds
+ - name: mysql
+ port: 3306
+ extra_server_params:
+ - backup
+ options:
+ - timeout client 0
+ - timeout server 0
+ - name: nova_ec2
+ port: 8773
+ - name: nova_osapi
+ port: 8774
+ net_binds: *public_binds
+ - name: nova_metadata
+ port: 8775
+ net_binds: *public_binds
+ - name: nova_novncproxy
+ port: 6080
+ net_binds: *public_binds
+ - name: ceilometer
+ port: 8777
+ net_binds: *public_binds
+ options: # overwrite options as ceil needs auth for http req
+ - name: swift_proxy_server
+ port: 8080
+ net_binds: *public_binds
+ options:
+ - option httpchk GET /info
+ - name: rabbitmq
+ port: 5672
+ options:
+ - timeout client 0
+ - timeout server 0
+ - maxconn 1500
+
ControllerDeployment:
type: OS::TripleO::SoftwareDeployment
properties:
signal_transport: NO_SIGNAL
- config: {get_attr: [ControllerConfig, config_id]}
+ config: {get_resource: ControllerConfig}
server: {get_resource: Controller}
input_values:
bootstack_nodeid: {get_attr: [Controller, name]}
- '/glance'
heat_password: {get_param: HeatPassword}
heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
+ heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
heat_dsn:
list_join:
- ''
neutron_router_distributed: {get_param: NeutronDVR}
neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers}
neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
+ neutron_l3_ha: {get_param: NeutronL3HA}
neutron_network_vlan_ranges: {get_param: NeutronNetworkVLANRanges}
neutron_bridge_mappings: {get_param: NeutronBridgeMappings}
neutron_public_interface: {get_param: NeutronPublicInterface}
swift:
hash: { get_input: swift_hash_suffix }
part-power: { get_input: swift_part_power }
+ mount-check: { get_input: swift_mount_check }
+ min-part-hours: { get_input: swift_min_part_hours }
replicas: {get_input: swift_replicas }
service-password: { get_input: swift_password }
signal_transport: NO_SIGNAL
input_values:
swift_hash_suffix: {get_param: SwiftHashSuffix}
+ swift_mount_check: {get_param: SwiftMountCheck}
swift_password: {get_param: SwiftPassword}
+ swift_min_part_hours: {get_param: SwiftMinPartHours}
swift_part_power: {get_param: SwiftPartPower}
swift_replicas: { get_param: SwiftReplicas}