default: ''
description: The Ceph monitors key. Can be created with ceph-authtool --gen-print-key.
type: string
+ hidden: true
CephAdminKey:
default: ''
description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key.
type: string
+ hidden: true
CinderEnableNfsBackend:
default: false
description: Whether to enable or not the NFS backend for Cinder
type: boolean
+ CephClientKey:
+ default: ''
+ description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. Currently only used for external Ceph deployments to create the openstack user keyring.
+ type: string
+ hidden: true
+ CephExternalMonHost:
+ default: ''
+ type: string
+ description: List of externally managed Ceph Mon Host IPs. Only used for external Ceph deployments.
CinderEnableIscsiBackend:
default: true
description: Whether to enable or not the Iscsi backend for Cinder
default: http
description: Protocol to use when connecting to glance, set to https for SSL.
type: string
+ HorizonAllowedHosts:
+ default: '*'
+ description: A list of IP/Hostname allowed to connect to horizon
+ type: comma_delimited_list
ImageUpdatePolicy:
default: 'REBUILD_PRESERVE_EPHEMERAL'
description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
default: 'unset'
description: Shared secret to prevent spoofing
type: string
+ hidden: true
NeutronTunnelTypes:
default: 'vxlan'
description: |
of VXLAN VNI IDs that are available for tenant network allocation
default: ["1:1000", ]
type: comma_delimited_list
+ NeutronCorePlugin:
+ default: 'ml2'
+ description: |
+ The core plugin for Neutron. The value should be the entrypoint to be loaded
+ from neutron.core_plugins namespace.
+ type: string
+ NeutronServicePlugins:
+ default: "router"
+ description: |
+ Comma-separated list of service plugin entrypoints to be loaded from the
+ neutron.service_plugins namespace.
+ type: comma_delimited_list
+ NeutronTypeDrivers:
+ default: "vxlan,vlan,flat,gre"
+ description: |
+ Comma-separated list of network type driver entrypoints to be loaded.
+ type: comma_delimited_list
NeutronMechanismDrivers:
default: 'openvswitch'
description: |
default: 5672
description: Set rabbit subscriber port, change this if using SSL
type: number
+ # We need to set this as string because 'unlimited' is a valid setting
+ RabbitFDLimit:
+ default: 16384
+ description: Configures RabbitMQ FD limit
+ type: string
SnmpdReadonlyUserName:
default: ro_snmp_user
description: The user name for SNMPd with readonly rights running on all Overcloud nodes
description: Keystone key for signing tokens.
type: string
hidden: true
+ KeystoneNotificationDriver:
+ description: Comma-separated list of Oslo notification drivers used by Keystone
+ default: ['messaging']
+ type: comma_delimited_list
+ KeystoneNotificationFormat:
+ description: The Keystone notification format
+ default: 'basic'
+ type: string
+ constraints:
+ - allowed_values: [ 'basic', 'cadf' ]
MysqlInnodbBufferPoolSize:
description: >
Specifies the size of the buffer pool in megabytes. Setting to
CinderIscsiNetwork: storage
GlanceApiNetwork: storage
GlanceRegistryNetwork: internal_api
- KeystoneAdminApiNetwork: internal_api
+ KeystoneAdminApiNetwork: ctlplane # allows undercloud to config endpoints
KeystonePublicApiNetwork: internal_api
NeutronApiNetwork: internal_api
HeatApiNetwork: internal_api
HeatPassword: {get_param: HeatPassword}
HeatStackDomainAdminPassword: {get_param: HeatStackDomainAdminPassword}
HeatAuthEncryptionKey: {get_resource: HeatAuthEncryptionKey}
+ HorizonAllowedHosts: {get_param: HorizonAllowedHosts}
HorizonSecret: {get_resource: HorizonSecret}
Image: {get_param: controllerImage}
ImageUpdatePolicy: {get_param: ImageUpdatePolicy}
KeystoneSigningKey: {get_param: KeystoneSigningKey}
KeystoneSSLCertificate: {get_param: KeystoneSSLCertificate}
KeystoneSSLCertificateKey: {get_param: KeystoneSSLCertificateKey}
+ KeystoneNotificationDriver: {get_param: KeystoneNotificationDriver}
+ KeystoneNotificationFormat: {get_param: KeystoneNotificationFormat}
MysqlClusterUniquePart: {get_attr: [MysqlClusterUniquePart, value]}
MysqlInnodbBufferPoolSize: {get_param: MysqlInnodbBufferPoolSize}
MysqlMaxConnections: {get_param: MysqlMaxConnections}
NeutronDVR: {get_param: NeutronDVR}
NeutronMetadataProxySharedSecret: {get_param: NeutronMetadataProxySharedSecret}
NeutronAgentMode: {get_param: NeutronAgentMode}
+ NeutronCorePlugin: {get_param: NeutronCorePlugin}
+ NeutronServicePlugins: {get_param: NeutronServicePlugins}
+ NeutronTypeDrivers: {get_param: NeutronTypeDrivers}
NeutronMechanismDrivers: {get_param: NeutronMechanismDrivers}
NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover}
NeutronL3HA: {get_param: NeutronL3HA}
RabbitCookie: {get_attr: [RabbitCookie, value]}
RabbitClientUseSSL: {get_param: RabbitClientUseSSL}
RabbitClientPort: {get_param: RabbitClientPort}
+ RabbitFDLimit: {get_param: RabbitFDLimit}
SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]}
VirtualIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} # deprecated. Use per service VIP settings instead now.
PublicVirtualIP: {get_attr: [PublicVirtualIP, ip_address]}
ServiceNetMap: {get_param: ServiceNetMap}
+ CeilometerApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
+ CinderApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
HeatApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
+ GlanceRegistryVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
+ NovaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
+ SwiftProxyVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
+ KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
NeutronApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
UpdateIdentifier: {get_param: UpdateIdentifier}
Image: {get_param: NovaImage}
ImageUpdatePolicy: {get_param: ImageUpdatePolicy}
KeyName: {get_param: KeyName}
- KeystoneHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
+ KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
+ KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
NeutronBridgeMappings: {get_param: NeutronBridgeMappings}
NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling}
NeutronFlatNetworks: {get_param: NeutronFlatNetworks}
NeutronMetadataProxySharedSecret: {get_param: NeutronMetadataProxySharedSecret}
NeutronAgentMode: {get_param: NeutronComputeAgentMode}
NeutronPublicInterfaceRawDevice: {get_param: NeutronPublicInterfaceRawDevice}
+ NeutronCorePlugin: {get_param: NeutronCorePlugin}
+ NeutronServicePlugins: {get_param: NeutronServicePlugins}
+ NeutronTypeDrivers: {get_param: NeutronTypeDrivers}
NeutronMechanismDrivers: {get_param: NeutronMechanismDrivers}
# L3 HA and Failover is not relevant for Computes, should be removed
NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover}
ControllerIpListMap:
type: OS::TripleO::Network::Ports::NetIpListMap
properties:
+ ControlPlaneIpList: {get_attr: [Controller, ip_address]}
ExternalIpList: {get_attr: [Controller, external_ip_address]}
InternalApiIpList: {get_attr: [Controller, internal_api_ip_address]}
StorageIpList: {get_attr: [Controller, storage_ip_address]}
VipMap:
type: OS::TripleO::Network::Ports::NetIpMap
properties:
+ ControlPlaneIp: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
ExternalIp: {get_attr: [PublicVirtualIP, ip_address]}
InternalApiIp: {get_attr: [InternalApiVirtualIP, ip_address]}
StorageIp: {get_attr: [StorageVirtualIP, ip_address]}
CephClusterConfig:
type: OS::TripleO::CephClusterConfig::SoftwareConfig
properties:
+ ceph_storage_count: {get_param: CephStorageCount}
ceph_fsid: {get_param: CephClusterFSID}
ceph_mon_key: {get_param: CephMonKey}
ceph_admin_key: {get_param: CephAdminKey}
+ ceph_client_key: {get_param: CephClientKey}
+ ceph_external_mon_ips: {get_param: CephExternalMonHost}
ceph_mon_names: {get_attr: [Controller, hostname]}
ceph_mon_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
config: {get_attr: [allNodesConfig, config_id]}
servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
+ # All Nodes Validations
+ AllNodesValidationConfig:
+ type: OS::TripleO::AllNodes::Validation
+ properties:
+ PingTestIps:
+ list_join:
+ - ' '
+ - - {get_attr: [Controller, resource.0.external_ip_address]}
+ - {get_attr: [Controller, resource.0.internal_api_ip_address]}
+ - {get_attr: [Controller, resource.0.storage_ip_address]}
+ - {get_attr: [Controller, resource.0.storage_mgmt_ip_address]}
+ - {get_attr: [Controller, resource.0.tenant_ip_address]}
+
+ ControllerAllNodesValidationDeployment:
+ type: OS::Heat::StructuredDeployments
+ depends_on: ControllerAllNodesDeployment
+ properties:
+ config: {get_resource: AllNodesValidationConfig}
+ servers: {get_attr: [Controller, attributes, nova_server_resource]}
+
+ ComputeAllNodesValidationDeployment:
+ type: OS::Heat::StructuredDeployments
+ depends_on: ComputeAllNodesDeployment
+ properties:
+ config: {get_resource: AllNodesValidationConfig}
+ servers: {get_attr: [Compute, attributes, nova_server_resource]}
+
+ BlockStorageAllNodesValidationDeployment:
+ type: OS::Heat::StructuredDeployments
+ depends_on: BlockStorageAllNodesDeployment
+ properties:
+ config: {get_resource: AllNodesValidationConfig}
+ servers: {get_attr: [BlockStorage, attributes, nova_server_resource]}
+
+ ObjectStorageAllNodesValidationDeployment:
+ type: OS::Heat::StructuredDeployments
+ depends_on: ObjectStorageAllNodesDeployment
+ properties:
+ config: {get_resource: AllNodesValidationConfig}
+ servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
+
+ CephStorageAllNodesValidationDeployment:
+ type: OS::Heat::StructuredDeployments
+ depends_on: CephStorageAllNodesDeployment
+ properties:
+ config: {get_resource: AllNodesValidationConfig}
+ servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
+
+ # Optional ExtraConfig for all nodes - all roles are passed in here, but
+ # the nested template may configure each role differently (or not at all)
+ AllNodesExtraConfig:
+ type: OS::TripleO::AllNodesExtraConfig
+ properties:
+ controller_servers: {get_attr: [Controller, attributes, nova_server_resource]}
+ compute_servers: {get_attr: [Compute, attributes, nova_server_resource]}
+ blockstorage_servers: {get_attr: [BlockStorage, attributes, nova_server_resource]}
+ objectstorage_servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
+ cephstorage_servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
+
# Nested stack deployment runs after all other controller deployments
ControllerNodesPostDeployment:
type: OS::TripleO::ControllerPostDeployment
depends_on: [ControllerBootstrapNodeDeployment, ControllerAllNodesDeployment, ControllerSwiftDeployment, ControllerCephDeployment]
properties:
servers: {get_attr: [Controller, attributes, nova_server_resource]}
- NodeConfigIdentifiers: {get_attr: [Controller, attributes, config_identifier]}
+ NodeConfigIdentifiers:
+ allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]}
+ controller_config: {get_attr: [Controller, attributes, config_identifier]}
ComputeNodesPostDeployment:
type: OS::TripleO::ComputePostDeployment
depends_on: [ComputeAllNodesDeployment, ComputeCephDeployment]
properties:
servers: {get_attr: [Compute, attributes, nova_server_resource]}
- NodeConfigIdentifiers: {get_attr: [Compute, attributes, config_identifier]}
+ NodeConfigIdentifiers:
+ allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]}
+ compute_config: {get_attr: [Compute, attributes, config_identifier]}
ObjectStorageNodesPostDeployment:
type: OS::TripleO::ObjectStoragePostDeployment
depends_on: [ObjectStorageSwiftDeployment, ObjectStorageAllNodesDeployment]
properties:
servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
- NodeConfigIdentifiers: {get_attr: [ObjectStorage, attributes, config_identifier]}
-
+ NodeConfigIdentifiers:
+ allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]}
+ objectstorage_config: {get_attr: [ObjectStorage, attributes, config_identifier]}
BlockStorageNodesPostDeployment:
type: OS::TripleO::BlockStoragePostDeployment
depends_on: [ControllerNodesPostDeployment, BlockStorageAllNodesDeployment]
properties:
servers: {get_attr: [BlockStorage, attributes, nova_server_resource]}
- NodeConfigIdentifiers: {get_attr: [BlockStorage, attributes, config_identifier]}
+ NodeConfigIdentifiers:
+ allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]}
+ blockstorage_config: {get_attr: [BlockStorage, attributes, config_identifier]}
CephStorageNodesPostDeployment:
type: OS::TripleO::CephStoragePostDeployment
depends_on: [ControllerNodesPostDeployment, CephStorageCephDeployment, CephStorageAllNodesDeployment]
properties:
servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
- NodeConfigIdentifiers: {get_attr: [CephStorage, attributes, config_identifier]}
+ NodeConfigIdentifiers:
+ allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]}
+ cephstorage_config: {get_attr: [CephStorage, attributes, config_identifier]}
outputs:
KeystoneURL:
- - http://
- {get_attr: [PublicVirtualIP, ip_address]}
- :5000/v2.0/
+ KeystoneAdminVip:
+ description: Keystone Admin VIP endpoint
+ value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
PublicVip:
description: Controller VIP for public API endpoints
value: {get_attr: [PublicVirtualIP, ip_address]}
Code Review / apex-tripleo-heat-templates.git / blobdiff