-heat_template_version: 2015-10-15
+heat_template_version: 2016-10-14
description: >
OpenStack hypervisor node configured via Puppet.
parameters:
- AdminPassword:
- description: The password for the keystone admin account, used for monitoring, querying neutron etc.
- type: string
- hidden: true
- CeilometerComputeAgent:
- description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
- type: string
- default: ''
- constraints:
- - allowed_values: ['', Present]
- CeilometerMeteringSecret:
- description: Secret shared by the ceilometer services.
- type: string
- hidden: true
- CeilometerPassword:
- description: The password for the ceilometer service account.
- type: string
- hidden: true
- CinderEnableNfsBackend:
- default: false
- description: Whether to enable or not the NFS backend for Cinder
- type: boolean
- CinderEnableRbdBackend:
- default: false
- description: Whether to enable or not the Rbd backend for Cinder
- type: boolean
- Debug:
- default: ''
- description: Set to True to enable debugging on all services.
- type: string
ExtraConfig:
default: {}
description: |
Additional hiera configuration to inject into the cluster. Note
that NovaComputeExtraConfig takes precedence over ExtraConfig.
type: json
- Flavor:
+ OvercloudComputeFlavor:
description: Flavor for the nova compute node
+ default: baremetal
type: string
constraints:
- custom_constraint: nova.flavor
- GlanceHost:
+ NovaImage:
type: string
- default: '' # Has to be here because of the ignored empty value bug
- Image:
- type: string
- default: overcloud-compute
+ default: overcloud-full
constraints:
- custom_constraint: glance.image
ImageUpdatePolicy:
default: default
constraints:
- custom_constraint: nova.keypair
- KeystoneAdminApiVirtualIP:
- type: string
- default: ''
- KeystonePublicApiVirtualIP:
- type: string
- default: ''
- NeutronPassword:
- description: The password for the neutron service account, used by neutron agents.
- type: string
- hidden: true
NeutronPhysicalBridge:
default: 'br-ex'
description: An OVS bridge to create for accessing external networks.
NovaApiHost:
type: string
default: '' # Has to be here because of the ignored empty value bug
- NovaComputeDriver:
- type: string
- default: libvirt.LibvirtDriver
NovaComputeExtraConfig:
default: {}
description: |
NovaComputeIPs:
default: {}
type: json
- NovaComputeLibvirtType:
- type: string
- default: kvm
- NovaComputeLibvirtVifDriver:
- default: ''
- description: Libvirt VIF driver configuration for the network
- type: string
- NovaEnableRbdBackend:
- default: false
- description: Whether to enable or not the Rbd backend for Nova
- type: boolean
- NovaIPv6:
- default: false
- description: Enable IPv6 features in Nova
- type: boolean
- NovaPassword:
- description: The password for the nova service account, used by nova-api.
- type: string
- hidden: true
NovaPublicIP:
type: string
default: '' # Has to be here because of the ignored empty value bug
- NovaOVSBridge:
- default: 'br-int'
- description: Name of integration bridge used by Open vSwitch
- type: string
- NovaSecurityGroupAPI:
- default: 'neutron'
- description: The full class name of the security API class
- type: string
- RabbitHost:
- type: string
- default: '' # Has to be here because of the ignored empty value bug
- RabbitPassword:
- description: The password for RabbitMQ
- type: string
- hidden: true
- RabbitUserName:
- default: guest
- description: The username for RabbitMQ
- type: string
- RabbitClientUseSSL:
- default: false
- description: >
- Rabbit client subscriber parameter to specify
- an SSL connection to the RabbitMQ host.
- type: string
- RabbitClientPort:
- default: 5672
- description: Set rabbit subscriber port, change this if using SSL
- type: number
- UpgradeLevelNovaCompute:
- type: string
- description: Nova Compute upgrade level
- default: ''
- EnablePackageInstall:
- default: 'false'
- description: Set to true to enable package installation via Puppet
- type: boolean
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
constraints:
- allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
CloudDomain:
- default: ''
type: string
description: >
The DNS domain used for the hosts. This should match the dhcp_domain
Extra properties or metadata passed to Nova for the created nodes in
the overcloud. It's accessible via the Nova metadata API.
type: json
- SchedulerHints:
+ NovaComputeSchedulerHints:
type: json
description: Optional scheduler hints to pass to nova
default: {}
ServiceConfigSettings:
type: json
default: {}
+ ServiceNames:
+ type: comma_delimited_list
+ default: []
ConfigCommand:
type: string
description: Command which will be run whenever configuration data changes
os-collect-config:
command: {get_param: ConfigCommand}
properties:
- image:
- {get_param: Image}
+ image: {get_param: NovaImage}
image_update_policy:
get_param: ImageUpdatePolicy
- flavor: {get_param: Flavor}
+ flavor: {get_param: OvercloudComputeFlavor}
key_name: {get_param: KeyName}
networks:
- network: ctlplane
params: {get_param: HostnameMap}
software_config_transport: {get_param: SoftwareConfigTransport}
metadata: {get_param: ServerMetadata}
- scheduler_hints: {get_param: SchedulerHints}
+ scheduler_hints: {get_param: NovaComputeSchedulerHints}
# Combine the NodeAdminUserData and NodeUserData mime archives
UserData:
- heat_config_%{::deploy_config_name}
- compute_extraconfig
- extraconfig
+ - service_names
- service_configs
- compute
- - ceph_cluster # provided by CephClusterConfig
- - ceph
- all_nodes # provided by allNodesConfig
- '"%{::osfamily}"'
- - common
- - network
- neutron_bigswitch_data # Optionally provided by ComputeExtraConfigPre
- cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre
- nova_nuage_data # Optionally provided by ComputeExtraConfigPre
- midonet_data # Optionally provided by AllNodesExtraConfig
- neutron_opencontrail_data # Optionally provided by ComputeExtraConfigPre
+ - cisco_aci_data # Optionally provided by ComputeExtraConfigPre
merge_behavior: deeper
datafiles:
+ service_names:
+ mapped_data:
+ service_names: {get_param: ServiceNames}
service_configs:
- mapped_data: {get_param: ServiceConfigSettings}
+ mapped_data:
+ map_replace:
+ - {get_param: ServiceConfigSettings}
+ - values: {get_attr: [NetIpMap, net_ip_map]}
compute_extraconfig:
mapped_data: {get_param: NovaComputeExtraConfig}
extraconfig:
mapped_data: {get_param: ExtraConfig}
- common:
- raw_data: {get_file: hieradata/common.yaml}
- network:
- mapped_data:
- net_ip_map: {get_attr: [NetIpMap, net_ip_map]}
- net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]}
- net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]}
- ceph:
- raw_data: {get_file: hieradata/ceph.yaml}
compute:
- raw_data: {get_file: hieradata/compute.yaml}
mapped_data:
- cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
- nova::use_ipv6: {get_input: nova_ipv6}
- nova::debug: {get_input: debug}
- nova::rabbit_userid: {get_input: rabbit_username}
- nova::rabbit_password: {get_input: rabbit_password}
- nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
- nova::rabbit_port: {get_input: rabbit_client_port}
- nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
- nova_compute_driver: {get_input: nova_compute_driver}
- # TODO(emilien): move libvirt & migration parameters in libvirt profile
- # used to deploy libvirt/kvm dependencies:
- nova::compute::libvirt::services::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
- # used to configured nova.conf:
- nova::compute::libvirt::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
- nova::compute::neutron::libvirt_vif_driver: {get_input: nova_compute_libvirt_vif_driver}
nova_api_host: {get_input: nova_api_host}
nova::compute::vncproxy_host: {get_input: nova_public_ip}
- nova::compute::rbd::ephemeral_storage: {get_input: nova_enable_rbd_backend}
- # TUNNELLED mode provides a security enhancement when using shared storage but is not
- # supported when not using shared storage.
- # See https://bugzilla.redhat.com/show_bug.cgi?id=1301986#c12
- # In future versions of QEMU (2.6, mostly), Dan's native encryption
- # work will obsolete the need to use TUNNELLED transport mode.
- nova::migration::live_migration_tunnelled: {get_input: nova_enable_rbd_backend}
- rbd_persistent_storage: {get_input: cinder_enable_rbd_backend}
- nova_password: {get_input: nova_password}
nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address}
- nova::vncproxy::common::vncproxy_protocol: {get_input: nova_vncproxy_protocol}
- nova::vncproxy::common::vncproxy_host: {get_input: nova_vncproxy_host}
- nova::vncproxy::common::vncproxy_port: {get_input: nova_vncproxy_port}
- nova::network::neutron::neutron_ovs_bridge: {get_input: nova_ovs_bridge}
- nova::network::neutron::security_group_api: {get_input: nova_security_group_api}
- ceilometer::debug: {get_input: debug}
- ceilometer::rabbit_userid: {get_input: rabbit_username}
- ceilometer::rabbit_password: {get_input: rabbit_password}
- ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
- ceilometer::rabbit_port: {get_input: rabbit_client_port}
- ceilometer::telemetry_secret: {get_input: ceilometer_metering_secret}
- ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
- ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url}
- ceilometer_compute_agent: {get_input: ceilometer_compute_agent}
- nova::glance_api_servers: {get_input: glance_api_servers}
- neutron::debug: {get_input: debug}
- neutron::rabbit_password: {get_input: rabbit_password}
- neutron::rabbit_user: {get_input: rabbit_username}
- neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
- neutron::rabbit_port: {get_input: rabbit_client_port}
neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
- nova::network::neutron::neutron_password: {get_input: neutron_password}
- nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
- nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
- keystone_public_api_virtual_ip: {get_input: keystone_vip}
- admin_password: {get_input: admin_password}
- tripleo::packages::enable_install: {get_input: enable_package_install}
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
NovaComputeDeployment:
config: {get_resource: NovaComputeConfig}
server: {get_resource: NovaCompute}
input_values:
- cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
- debug: {get_param: Debug}
- nova_compute_driver: {get_param: NovaComputeDriver}
- nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
- nova_compute_libvirt_vif_driver: {get_param: NovaComputeLibvirtVifDriver}
nova_public_ip: {get_param: NovaPublicIP}
nova_api_host: {get_param: NovaApiHost}
- nova_password: {get_param: NovaPassword}
- nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend}
- nova_ipv6: {get_param: NovaIPv6}
- cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]}
- nova_vncproxy_protocol: {get_param: [EndpointMap, NovaVNCProxyPublic, protocol]}
- # Remove brackets that may come if the IP address is IPv6.
- # For DNS names and IPv4, this will just get the NovaVNCProxyPublic value
- nova_vncproxy_host:
- str_replace:
- template: {get_param: [EndpointMap, NovaVNCProxyPublic, host]}
- params:
- '[': ''
- ']': ''
- nova_vncproxy_port: {get_param: [EndpointMap, NovaVNCProxyPublic, port]}
- nova_ovs_bridge: {get_param: NovaOVSBridge}
- nova_security_group_api: {get_param: NovaSecurityGroupAPI}
- upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
- ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
- ceilometer_password: {get_param: CeilometerPassword}
- ceilometer_compute_agent: {get_param: CeilometerComputeAgent}
- ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri]}
- glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
- neutron_password: {get_param: NeutronPassword}
- neutron_internal_url: {get_param: [EndpointMap, NeutronInternal, uri]}
- neutron_auth_url: {get_param: [EndpointMap, KeystoneV3Admin, uri]}
- keystone_vip: {get_param: KeystonePublicApiVirtualIP}
- admin_password: {get_param: AdminPassword}
- rabbit_username: {get_param: RabbitUserName}
- rabbit_password: {get_param: RabbitPassword}
- rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
- rabbit_client_port: {get_param: RabbitClientPort}
- enable_package_install: {get_param: EnablePackageInstall}
enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
# Resource for site-specific injection of root certificate
Code Review / apex-tripleo-heat-templates.git / blobdiff