description: Keystone key for signing tokens.
type: string
hidden: true
+ KeystoneSSLCertificate:
+ default: ''
+ description: Keystone certificate for verifying token validity.
+ type: string
+ KeystoneSSLCertificateKey:
+ default: ''
+ description: Keystone key for signing tokens.
+ type: string
+ hidden: true
LiveUpdateComputeImage:
type: string
description: The image ID for live-updates to the overcloud compute nodes.
default: guest
description: The username for RabbitMQ
type: string
+ RabbitClientUseSSL:
+ default: false
+ description: >
+ Rabbit client subscriber parameter to specify
+ an SSL connection to the RabbitMQ host.
+ type: string
+ RabbitClientPort:
+ default: 5672
+ description: Set rabbit subscriber port, change this if using SSL
+ type: number
SnmpdReadonlyUserName:
default: ro_snmp_user
description: The user name for SNMPd with readonly rights running on all Overcloud nodes
network_id: {get_param: NeutronControlPlaneID}
fixed_ips:
get_param: ControlFixedIPs
+ replacement_policy: AUTO
MysqlClusterUniquePart:
type: OS::Heat::RandomString
properties:
network: {get_param: PublicVirtualNetwork}
fixed_ips:
get_param: PublicVirtualFixedIPs
+ replacement_policy: AUTO
RabbitCookie:
type: OS::Heat::RandomString
properties:
ca_certificate: {get_param: KeystoneCACertificate}
signing_key: {get_param: KeystoneSigningKey}
signing_certificate: {get_param: KeystoneSigningCertificate}
+ ssl:
+ certificate: {get_param: KeystoneSSLCertificate}
+ certificate_key: {get_param: KeystoneSSLCertificateKey}
mysql:
innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
local_bind: true
get_attr:
- RabbitCookie
- value
+ rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
+ rabbit_port: {get_param: RabbitClientPort}
ntp:
servers:
- {server: {get_param: NtpServer}, fudge: "stratum 0"}
ip: {get_attr: [controller0, networks, ctlplane, 0]}
name: {get_attr: [controller0, name]}
net_binds:
- - ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+ - &control_vip {ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}}
+ - &public_vip {ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}}
services:
- name: keystone_admin
port: 35357
- net_binds: &public_binds
- - ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
- - ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
- name: keystone_public
port: 5000
- net_binds: *public_binds
- name: horizon
port: 80
- net_binds: *public_binds
- name: neutron
port: 9696
- net_binds: *public_binds
- name: cinder
port: 8776
- net_binds: *public_binds
- name: glance_api
port: 9292
- net_binds: *public_binds
- name: glance_registry
port: 9191
- net_binds: *public_binds
- name: heat_api
port: 8004
- net_binds: *public_binds
- name: heat_cloudwatch
port: 8003
- net_binds: *public_binds
- name: heat_cfn
port: 8000
- net_binds: *public_binds
- name: mysql
port: 3306
+ net_binds:
+ - *control_vip
extra_server_params:
- backup
options:
port: 8773
- name: nova_osapi
port: 8774
- net_binds: *public_binds
- name: nova_metadata
port: 8775
- net_binds: *public_binds
+ - name: nova_novncproxy
+ port: 6080
- name: ceilometer
port: 8777
- net_binds: *public_binds
- name: swift_proxy_server
port: 8080
- net_binds: *public_binds
- name: rabbitmq
port: 5672
+ net_binds:
+ - *control_vip
options:
- timeout client 0
- timeout server 0
Code Review / apex-tripleo-heat-templates.git / blobdiff