-heat_template_version: 2015-10-15
+heat_template_version: 2016-10-14
description: >
OpenStack hypervisor node configured via Puppet.
parameters:
- AdminPassword:
- description: The password for the keystone admin account, used for monitoring, querying neutron etc.
- type: string
- hidden: true
- CeilometerComputeAgent:
- description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
- type: string
- default: ''
- constraints:
- - allowed_values: ['', Present]
- CeilometerMeteringSecret:
- description: Secret shared by the ceilometer services.
- type: string
- hidden: true
- CeilometerPassword:
- description: The password for the ceilometer service account.
- type: string
- hidden: true
- CinderEnableNfsBackend:
- default: false
- description: Whether to enable or not the NFS backend for Cinder
- type: boolean
- CinderEnableRbdBackend:
- default: false
- description: Whether to enable or not the Rbd backend for Cinder
- type: boolean
- Debug:
- default: ''
- description: Set to True to enable debugging on all services.
- type: string
ExtraConfig:
default: {}
description: |
Additional hiera configuration to inject into the cluster. Note
that NovaComputeExtraConfig takes precedence over ExtraConfig.
type: json
- Flavor:
+ OvercloudComputeFlavor:
description: Flavor for the nova compute node
+ default: baremetal
type: string
constraints:
- custom_constraint: nova.flavor
- GlanceHost:
+ NovaImage:
type: string
- default: '' # Has to be here because of the ignored empty value bug
- Image:
- type: string
- default: overcloud-compute
+ default: overcloud-full
constraints:
- custom_constraint: glance.image
ImageUpdatePolicy:
default: default
constraints:
- custom_constraint: nova.keypair
- KeystoneAdminApiVirtualIP:
- type: string
- default: ''
- KeystonePublicApiVirtualIP:
- type: string
- default: ''
- NeutronBridgeMappings:
- description: >
- The OVS logical->physical bridge mappings to use. See the Neutron
- documentation for details. Defaults to mapping br-ex - the external
- bridge on hosts - to a physical name 'datacentre' which can be used
- to create provider networks (and we use this for the default floating
- network) - if changing this either use different post-install network
- scripts or be sure to keep 'datacentre' as a mapping network name.
- type: comma_delimited_list
- default: "datacentre:br-ex"
- NeutronEnableTunnelling:
- type: string
- default: "True"
- NeutronEnableL2Pop:
- type: string
- description: >
- Enable/disable the L2 population feature in the Neutron agents.
- default: "False"
- NeutronFlatNetworks:
- type: comma_delimited_list
- default: 'datacentre'
- description: >
- If set, flat networks to configure in neutron plugins.
- NeutronHost:
- type: string
- default: '' # Has to be here because of the ignored empty value bug
- NeutronNetworkType:
- type: comma_delimited_list
- description: The tenant network type for Neutron.
- default: 'vxlan'
- NeutronNetworkVLANRanges:
- default: 'datacentre:1:1000'
- description: >
- The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
- Neutron documentation for permitted values. Defaults to permitting any
- VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
- type: comma_delimited_list
- NeutronPassword:
- description: The password for the neutron service account, used by neutron agents.
- type: string
- hidden: true
NeutronPhysicalBridge:
default: 'br-ex'
description: An OVS bridge to create for accessing external networks.
default: nic1
description: A port to add to the NeutronPhysicalBridge.
type: string
- NeutronTunnelTypes:
- type: comma_delimited_list
- description: |
- The tunnel types for the Neutron tenant network.
- default: 'vxlan'
- NeutronTunnelIdRanges:
- description: |
- Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
- of GRE tunnel IDs that are available for tenant network allocation
- default: ["1:4094", ]
- type: comma_delimited_list
- NeutronVniRanges:
- description: |
- Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
- of VXLAN VNI IDs that are available for tenant network allocation
- default: ["1:4094", ]
- type: comma_delimited_list
- NeutronMetadataProxySharedSecret:
- description: Shared secret to prevent spoofing
- type: string
- hidden: true
- NeutronCorePlugin:
- default: 'ml2'
- description: |
- The core plugin for Neutron. The value should be the entrypoint to be loaded
- from neutron.core_plugins namespace.
- type: string
- NeutronServicePlugins:
- default: "router,qos"
- description: |
- Comma-separated list of service plugin entrypoints to be loaded from the
- neutron.service_plugins namespace.
- type: comma_delimited_list
- NeutronTypeDrivers:
- default: "vxlan,vlan,flat,gre"
- description: |
- Comma-separated list of network type driver entrypoints to be loaded.
- type: comma_delimited_list
- NeutronMechanismDrivers:
- default: 'openvswitch'
- description: |
- The mechanism drivers for the Neutron tenant network.
- type: comma_delimited_list
- NeutronAgentExtensions:
- default: "qos"
- description: |
- Comma-separated list of extensions enabled for the Neutron agents.
- type: comma_delimited_list
- # Not relevant for Computes, should be removed
- NeutronAllowL3AgentFailover:
- default: 'True'
- description: Allow automatic l3-agent failover
- type: string
- # Not relevant for Computes, should be removed
- NeutronL3HA:
- default: 'False'
- description: Whether to enable l3-agent HA
- type: string
NodeIndex:
type: number
default: 0
NovaApiHost:
type: string
default: '' # Has to be here because of the ignored empty value bug
- NovaComputeDriver:
- type: string
- default: libvirt.LibvirtDriver
NovaComputeExtraConfig:
default: {}
description: |
NovaComputeIPs:
default: {}
type: json
- NovaComputeLibvirtType:
- type: string
- default: kvm
- NovaComputeLibvirtVifDriver:
- default: ''
- description: Libvirt VIF driver configuration for the network
- type: string
- NovaEnableRbdBackend:
- default: false
- description: Whether to enable or not the Rbd backend for Nova
- type: boolean
- NovaIPv6:
- default: false
- description: Enable IPv6 features in Nova
- type: boolean
- NovaPassword:
- description: The password for the nova service account, used by nova-api.
- type: string
- hidden: true
NovaPublicIP:
type: string
default: '' # Has to be here because of the ignored empty value bug
- NovaOVSBridge:
- default: 'br-int'
- description: Name of integration bridge used by Open vSwitch
- type: string
- NovaSecurityGroupAPI:
- default: 'neutron'
- description: The full class name of the security API class
- type: string
- RabbitHost:
- type: string
- default: '' # Has to be here because of the ignored empty value bug
- RabbitPassword:
- description: The password for RabbitMQ
- type: string
- hidden: true
- RabbitUserName:
- default: guest
- description: The username for RabbitMQ
- type: string
- RabbitClientUseSSL:
- default: false
- description: >
- Rabbit client subscriber parameter to specify
- an SSL connection to the RabbitMQ host.
- type: string
- RabbitClientPort:
- default: 5672
- description: Set rabbit subscriber port, change this if using SSL
- type: number
- UpgradeLevelNovaCompute:
- type: string
- description: Nova Compute upgrade level
- default: ''
- EnablePackageInstall:
- default: 'false'
- description: Set to true to enable package installation via Puppet
- type: boolean
ServiceNetMap:
default: {}
description: Mapping of service_name -> network name. Typically set
constraints:
- allowed_values: [POLL_SERVER_CFN, POLL_SERVER_HEAT, POLL_TEMP_URL, ZAQAR_MESSAGE]
CloudDomain:
- default: ''
type: string
description: >
The DNS domain used for the hosts. This should match the dhcp_domain
Extra properties or metadata passed to Nova for the created nodes in
the overcloud. It's accessible via the Nova metadata API.
type: json
- SchedulerHints:
+ NovaComputeSchedulerHints:
type: json
description: Optional scheduler hints to pass to nova
default: {}
ServiceConfigSettings:
type: json
default: {}
+ ServiceNames:
+ type: comma_delimited_list
+ default: []
ConfigCommand:
type: string
description: Command which will be run whenever configuration data changes
resources:
NovaCompute:
- type: OS::Nova::Server
+ type: OS::TripleO::Server
metadata:
os-collect-config:
command: {get_param: ConfigCommand}
properties:
- image:
- {get_param: Image}
+ image: {get_param: NovaImage}
image_update_policy:
get_param: ImageUpdatePolicy
- flavor: {get_param: Flavor}
+ flavor: {get_param: OvercloudComputeFlavor}
key_name: {get_param: KeyName}
networks:
- network: ctlplane
params: {get_param: HostnameMap}
software_config_transport: {get_param: SoftwareConfigTransport}
metadata: {get_param: ServerMetadata}
- scheduler_hints: {get_param: SchedulerHints}
+ scheduler_hints: {get_param: NovaComputeSchedulerHints}
# Combine the NodeAdminUserData and NodeUserData mime archives
UserData:
- heat_config_%{::deploy_config_name}
- compute_extraconfig
- extraconfig
+ - service_names
- service_configs
- compute
- ceph_cluster # provided by CephClusterConfig
- - ceph
- all_nodes # provided by allNodesConfig
- '"%{::osfamily}"'
- - common
- - network
- neutron_bigswitch_data # Optionally provided by ComputeExtraConfigPre
- cisco_n1kv_data # Optionally provided by ComputeExtraConfigPre
- nova_nuage_data # Optionally provided by ComputeExtraConfigPre
- neutron_opencontrail_data # Optionally provided by ComputeExtraConfigPre
merge_behavior: deeper
datafiles:
+ service_names:
+ mapped_data:
+ service_names: {get_param: ServiceNames}
service_configs:
- mapped_data: {get_param: ServiceConfigSettings}
+ mapped_data:
+ map_replace:
+ - {get_param: ServiceConfigSettings}
+ - values: {get_attr: [NetIpMap, net_ip_map]}
compute_extraconfig:
mapped_data: {get_param: NovaComputeExtraConfig}
extraconfig:
mapped_data: {get_param: ExtraConfig}
- common:
- raw_data: {get_file: hieradata/common.yaml}
- network:
- mapped_data:
- net_ip_map: {get_attr: [NetIpMap, net_ip_map]}
- net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]}
- net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]}
- ceph:
- raw_data: {get_file: hieradata/ceph.yaml}
compute:
- raw_data: {get_file: hieradata/compute.yaml}
mapped_data:
- cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
- nova::use_ipv6: {get_input: nova_ipv6}
- nova::debug: {get_input: debug}
- nova::rabbit_userid: {get_input: rabbit_username}
- nova::rabbit_password: {get_input: rabbit_password}
- nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
- nova::rabbit_port: {get_input: rabbit_client_port}
- nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
- nova_compute_driver: {get_input: nova_compute_driver}
- # TODO(emilien): move libvirt & migration parameters in libvirt profile
- # used to deploy libvirt/kvm dependencies:
- nova::compute::libvirt::services::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
- # used to configured nova.conf:
- nova::compute::libvirt::libvirt_virt_type: {get_input: nova_compute_libvirt_type}
- nova::compute::neutron::libvirt_vif_driver: {get_input: nova_compute_libvirt_vif_driver}
nova_api_host: {get_input: nova_api_host}
nova::compute::vncproxy_host: {get_input: nova_public_ip}
- nova::compute::rbd::ephemeral_storage: {get_input: nova_enable_rbd_backend}
- # TUNNELLED mode provides a security enhancement when using shared storage but is not
- # supported when not using shared storage.
- # See https://bugzilla.redhat.com/show_bug.cgi?id=1301986#c12
- # In future versions of QEMU (2.6, mostly), Dan's native encryption
- # work will obsolete the need to use TUNNELLED transport mode.
- nova::migration::live_migration_tunnelled: {get_input: nova_enable_rbd_backend}
- rbd_persistent_storage: {get_input: cinder_enable_rbd_backend}
- nova_password: {get_input: nova_password}
nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address}
- nova::vncproxy::common::vncproxy_protocol: {get_input: nova_vncproxy_protocol}
- nova::vncproxy::common::vncproxy_host: {get_input: nova_vncproxy_host}
- nova::vncproxy::common::vncproxy_port: {get_input: nova_vncproxy_port}
- nova::network::neutron::neutron_ovs_bridge: {get_input: nova_ovs_bridge}
- nova::network::neutron::security_group_api: {get_input: nova_security_group_api}
- ceilometer::debug: {get_input: debug}
- ceilometer::rabbit_userid: {get_input: rabbit_username}
- ceilometer::rabbit_password: {get_input: rabbit_password}
- ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
- ceilometer::rabbit_port: {get_input: rabbit_client_port}
- ceilometer::telemetry_secret: {get_input: ceilometer_metering_secret}
- ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
- ceilometer::agent::auth::auth_url: {get_input: ceilometer_agent_auth_url}
- ceilometer_compute_agent: {get_input: ceilometer_compute_agent}
- nova::glance_api_servers: {get_input: glance_api_servers}
- neutron::debug: {get_input: debug}
- neutron::rabbit_password: {get_input: rabbit_password}
- neutron::rabbit_user: {get_input: rabbit_username}
- neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
- neutron::rabbit_port: {get_input: rabbit_client_port}
- neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
- neutron_host: {get_input: neutron_host}
neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
- neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
- neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types}
- neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions}
- neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
- neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
- neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
- neutron::agents::ml2::ovs::bridge_mappings: {get_input: neutron_bridge_mappings}
- neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
- neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
- neutron_physical_bridge: {get_input: neutron_physical_bridge}
- neutron_public_interface: {get_input: neutron_public_interface}
- nova::network::neutron::neutron_password: {get_input: neutron_password}
- nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
- nova::network::neutron::neutron_auth_url: {get_input: neutron_auth_url}
- neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
- neutron::core_plugin: {get_input: neutron_core_plugin}
- neutron::service_plugins: {get_input: neutron_service_plugins}
- neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
- neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
- keystone_public_api_virtual_ip: {get_input: keystone_vip}
- admin_password: {get_input: admin_password}
- tripleo::packages::enable_install: {get_input: enable_package_install}
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
NovaComputeDeployment:
config: {get_resource: NovaComputeConfig}
server: {get_resource: NovaCompute}
input_values:
- cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
- debug: {get_param: Debug}
- nova_compute_driver: {get_param: NovaComputeDriver}
- nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
- nova_compute_libvirt_vif_driver: {get_param: NovaComputeLibvirtVifDriver}
nova_public_ip: {get_param: NovaPublicIP}
nova_api_host: {get_param: NovaApiHost}
- nova_password: {get_param: NovaPassword}
- nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend}
- nova_ipv6: {get_param: NovaIPv6}
- cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]}
- nova_vncproxy_protocol: {get_param: [EndpointMap, NovaVNCProxyPublic, protocol]}
- # Remove brackets that may come if the IP address is IPv6.
- # For DNS names and IPv4, this will just get the NovaVNCProxyPublic value
- nova_vncproxy_host:
- str_replace:
- template: {get_param: [EndpointMap, NovaVNCProxyPublic, host]}
- params:
- '[': ''
- ']': ''
- nova_vncproxy_port: {get_param: [EndpointMap, NovaVNCProxyPublic, port]}
- nova_ovs_bridge: {get_param: NovaOVSBridge}
- nova_security_group_api: {get_param: NovaSecurityGroupAPI}
- upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
- ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
- ceilometer_password: {get_param: CeilometerPassword}
- ceilometer_compute_agent: {get_param: CeilometerComputeAgent}
- ceilometer_agent_auth_url: {get_param: [EndpointMap, KeystoneInternal, uri]}
- glance_api_servers: {get_param: [EndpointMap, GlanceInternal, uri]}
- neutron_flat_networks:
- str_replace:
- template: NETWORKS
- params:
- NETWORKS: {get_param: NeutronFlatNetworks}
- neutron_host: {get_param: NeutronHost}
neutron_local_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NeutronTenantNetwork]}]}
- neutron_tunnel_id_ranges:
- str_replace:
- template: RANGES
- params:
- RANGES: {get_param: NeutronTunnelIdRanges}
- neutron_vni_ranges:
- str_replace:
- template: RANGES
- params:
- RANGES: {get_param: NeutronVniRanges}
- neutron_tenant_network_types:
- str_replace:
- template: TYPES
- params:
- TYPES: {get_param: NeutronNetworkType}
- neutron_tunnel_types:
- str_replace:
- template: TYPES
- params:
- TYPES: {get_param: NeutronTunnelTypes}
- neutron_network_vlan_ranges:
- str_replace:
- template: RANGES
- params:
- RANGES: {get_param: NeutronNetworkVLANRanges}
- neutron_bridge_mappings:
- str_replace:
- template: MAPPINGS
- params:
- MAPPINGS: {get_param: NeutronBridgeMappings}
- neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
- neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
- neutron_physical_bridge: {get_param: NeutronPhysicalBridge}
- neutron_public_interface: {get_param: NeutronPublicInterface}
- neutron_password: {get_param: NeutronPassword}
- neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
- neutron_core_plugin: {get_param: NeutronCorePlugin}
- neutron_service_plugins:
- str_replace:
- template: PLUGINS
- params:
- PLUGINS: {get_param: NeutronServicePlugins}
- neutron_type_drivers:
- str_replace:
- template: DRIVERS
- params:
- DRIVERS: {get_param: NeutronTypeDrivers}
- neutron_mechanism_drivers:
- str_replace:
- template: MECHANISMS
- params:
- MECHANISMS: {get_param: NeutronMechanismDrivers}
- neutron_agent_extensions:
- str_replace:
- template: AGENT_EXTENSIONS
- params:
- AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
- neutron_internal_url: {get_param: [EndpointMap, NeutronInternal, uri]}
- neutron_auth_url: {get_param: [EndpointMap, KeystoneV3Admin, uri]}
- keystone_vip: {get_param: KeystonePublicApiVirtualIP}
- admin_password: {get_param: AdminPassword}
- rabbit_username: {get_param: RabbitUserName}
- rabbit_password: {get_param: RabbitPassword}
- rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
- rabbit_client_port: {get_param: RabbitClientPort}
- enable_package_install: {get_param: EnablePackageInstall}
enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
# Resource for site-specific injection of root certificate
Code Review / apex-tripleo-heat-templates.git / blobdiff