description: The password for the ceilometer service and db account.
type: string
hidden: true
+ CinderEnableNfsBackend:
+ default: false
+ description: Whether to enable or not the NFS backend for Cinder
+ type: boolean
CinderEnableIscsiBackend:
default: true
description: Whether to enable or not the Iscsi backend for Cinder
default: 5000
description: The size of the loopback file used by the cinder LVM driver.
type: number
+ CinderNfsMountOptions:
+ default: ''
+ description: >
+ Mount options for NFS mounts used by Cinder NFS backend. Effective
+ when CinderEnableNfsBackend is true.
+ type: string
+ CinderNfsServers:
+ default: ''
+ description: >
+ NFS servers used by Cinder NFS backend. Effective when
+ CinderEnableNfsBackend is true.
+ type: comma_delimited_list
CinderPassword:
default: unset
description: The password for the cinder service and db account, used by cinder-api.
ControllerExtraConfig:
default: {}
description: |
- Controller specific configuration to inject into the cluster. Same
- structure as ExtraConfig.
+ Controller specific hiera configuration data to inject into the cluster.
type: json
ControlVirtualInterface:
default: 'br-ex'
default: ''
description: Set to True to enable debugging on all services.
type: string
+ EnableFencing:
+ default: false
+ description: Whether to enable fencing in Pacemaker or not.
+ type: boolean
EnableGalera:
default: true
description: Whether to use Galera instead of regular MariaDB.
ExtraConfig:
default: {}
description: |
- Additional configuration to inject into the cluster. The JSON should have
+ Additional hieradata to inject into the cluster, note that
+ ControllerExtraConfig takes precedence over ExtraConfig.
+ type: json
+ FencingConfig:
+ default: {}
+ description: |
+ Pacemaker fencing configuration. The JSON should have
the following structure:
- {"FILEKEY":
- {"config":
- [{"section": "SECTIONNAME",
- "values":
- [{"option": "OPTIONNAME",
- "value": "VALUENAME"
- }
- ]
- }
- ]
- }
+ {
+ "devices": [
+ {
+ "agent": "AGENT_NAME",
+ "host_mac": "HOST_MAC_ADDRESS",
+ "params": {"PARAM_NAME": "PARAM_VALUE"}
+ }
+ ]
}
For instance:
- {"nova":
- {"config":
- [{"section": "default",
- "values":
- [{"option": "compute_manager",
- "value": "ironic.nova.compute.manager.ClusterComputeManager"
- }
- ]
- },
- {"section": "cells",
- "values":
- [{"option": "driver",
- "value": "nova.cells.rpc_driver.CellsRPCDriver"
- }
- ]
- }
- ]
- }
+ {
+ "devices": [
+ {
+ "agent": "fence_xvm",
+ "host_mac": "52:54:00:aa:bb:cc",
+ "params": {
+ "multicast_address": "225.0.0.12",
+ "port": "baremetal_0",
+ "manage_fw": true,
+ "manage_key_file": true,
+ "key_file": "/etc/fence_xvm.key",
+ "key_file_password": "abcdef"
+ }
+ }
+ ]
}
type: json
Flavor:
description: Keystone key for signing tokens.
type: string
hidden: true
+ KeystoneNotificationDriver:
+ description: Comma-separated list of Oslo notification drivers used by Keystone
+ default: ['messaging']
+ type: comma_delimited_list
+ KeystoneNotificationFormat:
+ description: The Keystone notification format
+ default: 'basic'
+ type: string
+ constraints:
+ - allowed_values: [ 'basic', 'cadf' ]
MysqlClusterUniquePart:
description: A unique identifier of the MySQL cluster the controller is in.
type: string
lower level default.
type: number
default: 0
+ MysqlMaxConnections:
+ description: Configures MySQL max_connections config setting
+ type: number
+ default: 4096
MysqlRootPassword:
type: string
hidden: true
default: '' # Has to be here because of the ignored empty value bug
+ NeutronExternalNetworkBridge:
+ description: Name of bridge used for external network traffic.
+ type: string
+ default: 'br-ex'
NeutronBridgeMappings:
description: >
The OVS logical->physical bridge mappings to use. See the Neutron
default: 'False'
description: Whether to enable l3-agent HA
type: string
+ NeutronDhcpAgentsPerNetwork:
+ type: number
+ default: 3
+ description: The number of neutron dhcp agents to schedule per network
NeutronDVR:
default: 'False'
description: Whether to configure Neutron Distributed Virtual Routers
The tunnel types for the Neutron tenant network. To specify multiple
values, use a comma separated string, like so: 'gre,vxlan'
type: string
+ NeutronTunnelIdRanges:
+ description: |
+ Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
+ of GRE tunnel IDs that are available for tenant network allocation
+ default: ["1:1000", ]
+ type: comma_delimited_list
+ NeutronVniRanges:
+ description: |
+ Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
+ of VXLAN VNI IDs that are available for tenant network allocation
+ default: ["1:1000", ]
+ type: comma_delimited_list
NovaPassword:
default: unset
description: The password for the nova service and db account, used by nova-api.
type: string
hidden: true
+ MongoDbNoJournal:
+ default: false
+ description: Should MongoDb journaling be disabled
+ type: boolean
NtpServer:
type: string
default: ''
networks:
- network: ctlplane
user_data_format: SOFTWARE_CONFIG
- user_data: {get_resource: NodeUserData}
+ user_data: {get_resource: UserData}
name: {get_param: Hostname}
+ # Combine the NodeAdminUserData and NodeUserData mime archives
+ UserData:
+ type: OS::Heat::MultipartMime
+ properties:
+ parts:
+ - config: {get_resource: NodeAdminUserData}
+ type: multipart
+ - config: {get_resource: NodeUserData}
+ type: multipart
+
+ # Creates the "heat-admin" user if configured via the environment
+ # Should return a OS::Heat::MultipartMime reference via OS::stack_id
+ NodeAdminUserData:
+ type: OS::TripleO::NodeAdminUserData
+
+ # For optional operator additional userdata
+ # Should return a OS::Heat::MultipartMime reference via OS::stack_id
NodeUserData:
type: OS::TripleO::NodeUserData
admin_token: {get_param: AdminToken}
neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
debug: {get_param: Debug}
+ cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
+ cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
+ cinder_nfs_servers:
+ str_replace:
+ template: "['SERVERS']"
+ params:
+ SERVERS:
+ list_join:
+ - "','"
+ - {get_param: CinderNfsServers}
cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
cinder_password: {get_param: CinderPassword}
cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
+ keystone_notification_driver: {get_param: KeystoneNotificationDriver}
+ keystone_notification_format: {get_param: KeystoneNotificationFormat}
keystone_dsn:
list_join:
- ''
- - 'http://'
- {get_param: KeystonePublicApiVirtualIP}
- ':5000/v2.0/'
+ keystone_ec2_uri:
+ list_join:
+ - ''
+ - - 'http://'
+ - {get_param: KeystonePublicApiVirtualIP}
+ - ':5000/v2.0/ec2tokens'
+ enable_fencing: {get_param: EnableFencing}
enable_galera: {get_param: EnableGalera}
enable_ceph_storage: {get_param: EnableCephStorage}
enable_swift_storage: {get_param: EnableSwiftStorage}
mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
+ mysql_max_connections: {get_param: MysqlMaxConnections}
mysql_root_password: {get_param: MysqlRootPassword}
mysql_cluster_name:
str_replace:
neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers}
neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
neutron_l3_ha: {get_param: NeutronL3HA}
+ neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
neutron_network_vlan_ranges:
str_replace:
template: "['RANGES']"
- "','"
- {get_param: NeutronNetworkVLANRanges}
neutron_bridge_mappings: {get_param: NeutronBridgeMappings}
+ neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
neutron_public_interface: {get_param: NeutronPublicInterface}
neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
neutron_tenant_network_type: {get_param: NeutronNetworkType}
neutron_tunnel_types: {get_param: NeutronTunnelTypes}
+ neutron_tunnel_id_ranges:
+ str_replace:
+ template: "['RANGES']"
+ params:
+ RANGES:
+ list_join:
+ - "','"
+ - {get_param: NeutronTunnelIdRanges}
+ neutron_vni_ranges:
+ str_replace:
+ template: "['RANGES']"
+ params:
+ RANGES:
+ list_join:
+ - "','"
+ - {get_param: NeutronVniRanges}
neutron_password: {get_param: NeutronPassword}
neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
neutron_dsn:
- '@'
- {get_param: MysqlVirtualIP}
- '/nova'
+ fencing_config: {get_param: FencingConfig}
pcsd_password: {get_param: PcsdPassword}
rabbit_username: {get_param: RabbitUserName}
rabbit_password: {get_param: RabbitPassword}
rabbit_cookie: {get_param: RabbitCookie}
rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
rabbit_client_port: {get_param: RabbitClientPort}
+ mongodb_no_journal: {get_param: MongoDbNoJournal}
ntp_servers:
str_replace:
template: '["server"]'
redis_vip: {get_param: RedisVirtualIP}
memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
+ mysql_virtual_ip: {get_param: MysqlVirtualIP}
ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
hiera:
hierarchy:
- heat_config_%{::deploy_config_name}
+ - controller_extraconfig
+ - extraconfig
- controller
+ - database
- object
- swift_devices_and_proxy # provided by SwiftDevicesAndProxyConfig
- ceph_cluster # provided by CephClusterConfig
- vip_data # provided by vip-config
- '"%{::osfamily}"'
- common
+ - cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
datafiles:
+ controller_extraconfig:
+ mapped_data: {get_param: ControllerExtraConfig}
+ extraconfig:
+ mapped_data: {get_param: ExtraConfig}
common:
raw_data: {get_file: hieradata/common.yaml}
ceph:
ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
ceph::profile::params::public_network: {get_input: ceph_public_network}
ceph::mon::public_addr: {get_input: ceph_public_ip}
+ database:
+ raw_data: {get_file: hieradata/database.yaml}
object:
raw_data: {get_file: hieradata/object.yaml}
controller:
bootstack_nodeid: {get_input: bootstack_nodeid}
# Pacemaker
+ enable_fencing: {get_input: enable_fencing}
hacluster_pwd: {get_input: pcsd_password}
+ tripleo::fencing::config: {get_input: fencing_config}
# Swift
swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
tripleo::ringbuilder::build_ring: True
# Cinder
+ cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
+ cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
+ cinder_nfs_servers: {get_input: cinder_nfs_servers}
cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
cinder::glance::glance_api_servers: {get_input: glance_api_servers}
cinder_backend_config: {get_input: CinderBackendConfig}
+ cinder::db::mysql::password: {get_input: cinder_password}
# Glance
glance::api::bind_port: {get_input: glance_port}
glance::backend::swift::swift_store_user: service:glance
glance::backend::swift::swift_store_key: {get_input: glance_password}
glance_backend: {get_input: glance_backend}
+ glance::db::mysql::password: {get_input: glance_password}
# Heat
heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
heat::rabbit_port: {get_input: rabbit_client_port}
heat::auth_uri: {get_input: keystone_auth_uri}
+ heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
heat::identity_uri: {get_input: keystone_identity_uri}
heat::keystone_password: {get_input: heat_password}
heat::api::bind_host: {get_input: heat_api_network}
heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
heat::api_cfn::bind_host: {get_input: heat_api_network}
heat::database_connection: {get_input: heat_dsn}
- heat::instance_user: heat-admin
heat::debug: {get_input: debug}
+ heat::db::mysql::password: {get_input: heat_password}
# Keystone
keystone::admin_token: {get_input: admin_token}
keystone::public_bind_host: {get_input: keystone_public_api_network}
keystone::admin_bind_host: {get_input: keystone_admin_api_network}
keystone::debug: {get_input: debug}
+ keystone::db::mysql::password: {get_input: admin_token}
+ keystone::rabbit_userid: {get_input: rabbit_username}
+ keystone::rabbit_password: {get_input: rabbit_password}
+ keystone::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
+ keystone::rabbit_port: {get_input: rabbit_client_port}
+ keystone::notification_driver: {get_input: keystone_notification_driver}
+ keystone::notification_format: {get_input: keystone_notification_format}
# MongoDB
mongodb::server::bind_ip: {get_input: mongo_db_network}
+ mongodb::server::nojournal: {get_input: mongodb_no_journal}
# MySQL
admin_password: {get_input: admin_password}
enable_galera: {get_input: enable_galera}
enable_ceph_storage: {get_input: enable_ceph_storage}
enable_swift_storage: {get_input: enable_swift_storage}
mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
+ mysql_max_connections: {get_input: mysql_max_connections}
mysql::server::root_password: {get_input: mysql_root_password}
mysql_cluster_name: {get_input: mysql_cluster_name}
mysql_bind_host: {get_input: mysql_network}
+ mysql_virtual_ip: {get_input: mysql_virtual_ip}
# Neutron
neutron::bind_host: {get_input: neutron_api_network}
neutron::server::auth_uri: {get_input: keystone_auth_uri}
neutron::server::identity_uri: {get_input: keystone_identity_uri}
neutron::server::database_connection: {get_input: neutron_dsn}
+ neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
neutron_flat_networks: {get_input: neutron_flat_networks}
neutron_mechanism_drivers: {get_input: neutron_mechanism_drivers}
neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
neutron::server::l3_ha: {get_input: neutron_l3_ha}
+ neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
+ neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
+ neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
neutron_bridge_mappings: {get_input: neutron_bridge_mappings}
neutron_public_interface: {get_input: neutron_public_interface}
neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
neutron_dsn: {get_input: neutron_dsn}
neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
+ neutron::db::mysql::password: {get_input: neutron_password}
# Ceilometer
ceilometer_backend: {get_input: ceilometer_backend}
ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
ceilometer::agent::auth::auth_url: {get_input: keystone_auth_address}
ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
+ ceilometer::db::mysql::password: {get_input: ceilometer_password}
snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
nova::network::neutron::neutron_url: {get_input: neutron_url}
nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
nova::vncproxy::host: {get_input: nova_api_network}
+ nova::db::mysql::password: {get_input: nova_password}
# Horizon
apache::ip: {get_input: horizon_network}
public_virtual_interface: {get_input: public_virtual_interface}
tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
- enable_package_install: {get_input: enable_package_install}
+ tripleo::packages::enable_install: {get_input: enable_package_install}
+
+ # Hook for site-specific additional pre-deployment config, e.g extra hieradata
+ ControllerExtraConfigPre:
+ depends_on: ControllerDeployment
+ type: OS::TripleO::ControllerExtraConfigPre
+ properties:
+ server: {get_resource: Controller}
UpdateConfig:
type: OS::TripleO::Tasks::PackageUpdate
str_replace:
template: IP HOST.localdomain HOST CLOUDNAME
params:
- IP: {get_attr: [Controller, networks, ctlplane, 0]}
+ IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, ControllerHostnameResolveNetwork]}]}
HOST: {get_attr: [Controller, name]}
CLOUDNAME: {get_param: CloudName}
nova_server_resource:
IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
config_identifier:
description: identifier which changes if the controller configuration may need re-applying
- value: {get_attr: [ControllerDeployment, deploy_stdout]}
+ value:
+ list_join:
+ - ','
+ - - {get_attr: [ControllerDeployment, deploy_stdout]}
+ - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
Code Review / apex-tripleo-heat-templates.git / blobdiff