description: The password for the ceilometer service and db account.
type: string
hidden: true
+ CeilometerStoreEvents:
+ default: false
+ description: Whether to store events in ceilometer.
+ type: boolean
CinderApiVirtualIP:
type: string
default: ''
description: Whether to enable or not the Rbd backend for Cinder
type: boolean
CinderISCSIHelper:
- default: tgtadm
+ default: lioadm
description: The iSCSI helper to use with cinder.
type: string
CinderLVMLoopDeviceSize:
default: 'br-ex'
description: Interface where virtual ip will be assigned.
type: string
+ CorosyncIPv6:
+ default: false
+ description: Enable IPv6 in Corosync
+ type: boolean
Debug:
default: ''
description: Set to True to enable debugging on all services.
Mount options for Pacemaker mount used as Glance storage.
Effective when GlanceFilePcmkManage is true.
type: string
+ HAProxyStatsPassword:
+ description: Password for HAProxy stats endpoint
+ type: string
+ HAProxyStatsUser:
+ description: User for HAProxy stats endpoint
+ default: admin
+ type: string
HAProxySyslogAddress:
default: /dev/log
description: Syslog address where HAproxy will send its log
type: string
hidden: true
HeatStackDomainAdminPassword:
- description: Password for heat_domain_admin user.
+ description: Password for heat_stack_domain_admin user.
type: string
hidden: true
HeatAuthEncryptionKey:
default: 0
description: Number of workers for Heat service.
type: number
+ HeatEnableDBPurge:
+ type: boolean
+ default: true
+ description: |
+ Whether to create cron job for purging soft deleted rows in the Heat database.
HorizonSecret:
description: Secret key for Django
type: string
default: false
description: Whether to manage IPtables rules.
type: boolean
+ MemcachedIPv6:
+ default: false
+ description: Enable IPv6 features in Memcached.
+ type: boolean
PurgeFirewallRules:
default: false
description: Whether IPtables rules should be purged before setting up the new ones.
description: |
Whether to create cron job for purging soft deleted rows in Nova database.
type: boolean
+ NovaIPv6:
+ default: false
+ description: Enable IPv6 features in Nova
+ type: boolean
NovaPassword:
description: The password for the nova service and db account, used by nova-api.
type: string
default: false
description: Should MongoDb journaling be disabled
type: boolean
+ MongoDbIPv6:
+ default: false
+ description: Enable IPv6 if Mongo DB VIP is IPv6
+ type: boolean
NtpServer:
default: ''
description: Comma-separated list of ntp servers
default: '' # Has to be here because of the ignored empty value bug
hidden: true
RabbitPassword:
- default: guest
description: The password for RabbitMQ
type: string
hidden: true
default: 16384
description: Configures RabbitMQ FD limit
type: string
+ RabbitIPv6:
+ default: false
+ description: Enable IPv6 in RabbitMQ
+ type: boolean
+ RedisPassword:
+ type: string
+ description: The password to access the Redis service
+ hidden: true
RedisVirtualIP:
type: string
default: '' # Has to be here because of the ignored empty value bug
+ RedisVirtualIPUri:
+ type: string
+ default: '' # Has to be here because of the ignored empty value bug
+ description: An IP address which is wrapped in brackets in case of IPv6
SnmpdReadonlyUserName:
default: ro_snmp_user
description: The user name for SNMPd with readonly rights running on all Overcloud nodes
default: 10
description: Partition Power to use when building Swift rings
type: number
+ SwiftRingBuild:
+ default: true
+ description: Whether to manage Swift rings or not
+ type: boolean
SwiftPassword:
description: The password for the swift service account, used by the swift proxy
services.
HeatApiVirtualIP:
type: string
default: ''
+ HeatApiVirtualIPUri:
+ type: string
+ default: ''
GlanceApiVirtualIP:
type: string
default: ''
MysqlVirtualIP:
type: string
default: ''
+ MysqlVirtualIPUri:
+ type: string
+ default: ''
KeystoneAdminApiVirtualIP:
type: string
default: ''
Hostname:
type: string
default: '' # Defaults to Heat created hostname
+ HostnameMap:
+ type: json
+ default: {}
+ description: Optional mapping to override hostnames
NetworkDeploymentActions:
type: comma_delimited_list
description: >
- network: ctlplane
user_data_format: SOFTWARE_CONFIG
user_data: {get_resource: UserData}
- name: {get_param: Hostname}
+ name:
+ str_replace:
+ template: {get_param: Hostname}
+ params: {get_param: HostnameMap}
software_config_transport: {get_param: SoftwareConfigTransport}
metadata: {get_param: ServerMetadata}
scheduler_hints: {get_param: SchedulerHints}
ManagementPort:
type: OS::TripleO::Controller::Ports::ManagementPort
properties:
+ IPPool: {get_param: ControllerIPs}
+ NodeIndex: {get_param: NodeIndex}
ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
NetIpMap:
properties:
ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
ExternalIp: {get_attr: [ExternalPort, ip_address]}
+ ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
+ InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
StorageIp: {get_attr: [StoragePort, ip_address]}
+ StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
+ StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
TenantIp: {get_attr: [TenantPort, ip_address]}
+ TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
ManagementIp: {get_attr: [ManagementPort, ip_address]}
+ ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
NetIpSubnetMap:
type: OS::TripleO::Network::Ports::NetIpSubnetMap
neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
haproxy_log_address: {get_param: HAProxySyslogAddress}
+ haproxy_stats_password: {get_param: HAProxyStatsPassword}
+ haproxy_stats_user: {get_param: HAProxyStatsUser}
heat.watch_server_url:
list_join:
- ''
- - 'http://'
- - {get_param: HeatApiVirtualIP}
+ - {get_param: HeatApiVirtualIPUri}
- ':8003'
heat.metadata_server_url:
list_join:
- ''
- - 'http://'
- - {get_param: HeatApiVirtualIP}
+ - {get_param: HeatApiVirtualIPUri}
- ':8000'
heat.waitcondition_server_url:
list_join:
- ''
- - 'http://'
- - {get_param: HeatApiVirtualIP}
+ - {get_param: HeatApiVirtualIPUri}
- ':8000/v1/waitcondition'
heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
+ heat_enable_db_purge: {get_param: HeatEnableDBPurge}
horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
horizon_secret: {get_param: HorizonSecret}
admin_email: {get_param: AdminEmail}
- - 'mysql+pymysql://cinder:'
- {get_param: CinderPassword}
- '@'
- - {get_param: MysqlVirtualIP}
+ - {get_param: MysqlVirtualIPUri}
- '/cinder'
glance_port: {get_param: [EndpointMap, GlanceInternal, port]}
glance_password: {get_param: GlancePassword}
- - 'mysql+pymysql://glance:'
- {get_param: GlancePassword}
- '@'
- - {get_param: MysqlVirtualIP}
+ - {get_param: MysqlVirtualIPUri}
- '/glance'
heat_password: {get_param: HeatPassword}
heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
- - 'mysql+pymysql://heat:'
- {get_param: HeatPassword}
- '@'
- - {get_param: MysqlVirtualIP}
+ - {get_param: MysqlVirtualIPUri}
- '/heat'
keystone_ca_certificate: {get_param: KeystoneCACertificate}
keystone_signing_key: {get_param: KeystoneSigningKey}
- - 'mysql+pymysql://keystone:'
- {get_param: AdminToken}
- '@'
- - {get_param: MysqlVirtualIP}
+ - {get_param: MysqlVirtualIPUri}
- '/keystone'
keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
- - 'mysql+pymysql://neutron:'
- {get_param: NeutronPassword}
- '@'
- - {get_param: MysqlVirtualIP}
+ - {get_param: MysqlVirtualIPUri}
- '/ovs_neutron?charset=utf8'
neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
ceilometer_backend: {get_param: CeilometerBackend}
ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
ceilometer_password: {get_param: CeilometerPassword}
+ ceilometer_store_events: {get_param: CeilometerStoreEvents}
ceilometer_coordination_url:
list_join:
- ''
- - - 'redis://'
- - {get_param: RedisVirtualIP}
- - ':6379'
+ - - 'redis://:'
+ - {get_param: RedisPassword}
+ - '@'
+ - {get_param: RedisVirtualIPUri}
+ - ':6379/'
ceilometer_dsn:
list_join:
- ''
- - 'mysql+pymysql://ceilometer:'
- {get_param: CeilometerPassword}
- '@'
- - {get_param: MysqlVirtualIP}
+ - {get_param: MysqlVirtualIPUri}
- '/ceilometer'
snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
nova_enable_db_purge: {get_param: NovaEnableDBPurge}
+ nova_ipv6: {get_param: NovaIPv6}
+ corosync_ipv6: {get_param: CorosyncIPv6}
+ memcached_ipv6: {get_param: MemcachedIPv6}
nova_password: {get_param: NovaPassword}
nova_dsn:
list_join:
- - 'mysql+pymysql://nova:'
- {get_param: NovaPassword}
- '@'
- - {get_param: MysqlVirtualIP}
+ - {get_param: MysqlVirtualIPUri}
- '/nova'
nova_api_dsn:
list_join:
- - 'mysql+pymysql://nova_api:'
- {get_param: NovaPassword}
- '@'
- - {get_param: MysqlVirtualIP}
+ - {get_param: MysqlVirtualIPUri}
- '/nova_api'
upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
instance_name_template: {get_param: InstanceNameTemplate}
rabbit_cookie: {get_param: RabbitCookie}
rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
rabbit_client_port: {get_param: RabbitClientPort}
+ rabbit_ipv6: {get_param: RabbitIPv6}
+ rabbit_fd_limit: {get_param: RabbitFDLimit}
mongodb_no_journal: {get_param: MongoDbNoJournal}
- # We need to force this into quotes or hiera will return integer causing
- # the puppet module validation regexp to fail.
- # Remove when: https://github.com/puppetlabs/puppetlabs-rabbitmq/pull/401
- rabbit_fd_limit:
- str_replace:
- template: "'LIMIT'"
- params:
- LIMIT: {get_param: RabbitFDLimit}
+ mongodb_ipv6: {get_param: MongoDbIPv6}
ntp_servers: {get_param: NtpServer}
timezone: {get_param: TimeZone}
control_virtual_interface: {get_param: ControlVirtualInterface}
swift_hash_suffix: {get_param: SwiftHashSuffix}
swift_password: {get_param: SwiftPassword}
swift_part_power: {get_param: SwiftPartPower}
+ swift_ring_build: {get_param: SwiftRingBuild}
swift_replicas: {get_param: SwiftReplicas}
swift_min_part_hours: {get_param: SwiftMinPartHours}
swift_mount_check: {get_param: SwiftMountCheck}
- - 'mysql://sahara:'
- {get_param: SaharaPassword}
- '@'
- - {get_param: MysqlVirtualIP}
+ - {get_param: MysqlVirtualIPUri}
- '/sahara'
swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
- cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
+ cinder_iscsi_network: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderIscsiNetwork]}]}
cinder_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
glance_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
glance_registry_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
horizon_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
+ redis_password: {get_param: RedisPassword}
redis_vip: {get_param: RedisVirtualIP}
sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
- cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
- neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
- midonet_data #Optionally provided by AllNodesExtraConfig
+ - neutron_opencontrail_data # Optionally provided by ControllerExtraConfigPre
datafiles:
controller_extraconfig:
mapped_data: {get_param: ControllerExtraConfig}
mapped_data:
ceph::profile::params::cluster_network: {get_input: ceph_cluster_network}
ceph::profile::params::public_network: {get_input: ceph_public_network}
- ceph::mon::public_addr: {get_input: ceph_public_ip}
+ ceph::profile::params::public_addr: {get_input: ceph_public_ip}
database:
raw_data: {get_file: hieradata/database.yaml}
object:
enable_fencing: {get_input: enable_fencing}
enable_load_balancer: {get_input: enable_load_balancer}
hacluster_pwd: {get_input: pcsd_password}
+ corosync_ipv6: {get_input: corosync_ipv6}
tripleo::fencing::config: {get_input: fencing_config}
# Swift
swift::swift_hash_suffix: {get_input: swift_hash_suffix}
swift::proxy::authtoken::admin_password: {get_input: swift_password}
swift::proxy::workers: {get_input: swift_workers}
+ tripleo::ringbuilder::build_ring: { get_input: swift_ring_build }
tripleo::ringbuilder::part_power: {get_input: swift_part_power}
tripleo::ringbuilder::replicas: {get_input: swift_replicas}
tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
swift_mount_check: {get_input: swift_mount_check}
- # NOTE(dprince): build_ring support is currently not wired in.
- # See: https://review.openstack.org/#/c/109225/
- tripleo::ringbuilder::build_ring: True
-
# Cinder
cinder_enable_db_purge: {get_input: cinder_enable_db_purge}
cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
glance_file_pcmk_fstype: {get_input: glance_file_pcmk_fstype}
glance_file_pcmk_manage: {get_input: glance_file_pcmk_manage}
glance_file_pcmk_options: {get_input: glance_file_pcmk_options}
+ glance::notify::rabbitmq::rabbit_userid: {get_input: rabbit_username}
+ glance::notify::rabbitmq::rabbit_password: {get_input: rabbit_password}
+ glance::notify::rabbitmq::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
# Heat
heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
heat::database_connection: {get_input: heat_dsn}
heat::debug: {get_input: debug}
heat::db::mysql::password: {get_input: heat_password}
+ heat_enable_db_purge: {get_input: heat_enable_db_purge}
+ heat::keystone::domain::domain_password: {get_input: heat_stack_domain_admin_password}
# Keystone
keystone::admin_token: {get_input: admin_token}
+ keystone::roles::admin::password: {get_input: admin_password}
keystone_ca_certificate: {get_input: keystone_ca_certificate}
keystone_signing_key: {get_input: keystone_signing_key}
keystone_signing_certificate: {get_input: keystone_signing_certificate}
# MongoDB
mongodb::server::bind_ip: {get_input: mongo_db_network}
mongodb::server::nojournal: {get_input: mongodb_no_journal}
+ mongodb::server::ipv6: {get_input: mongodb_ipv6}
# MySQL
admin_password: {get_input: admin_password}
enable_galera: {get_input: enable_galera}
ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
+ ceilometer::agent::notification::store_events: {get_input: ceilometer_store_events}
ceilometer::db::mysql::password: {get_input: ceilometer_password}
snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
nova::rabbit_port: {get_input: rabbit_client_port}
nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
nova::debug: {get_input: debug}
+ nova::use_ipv6: {get_input: nova_ipv6}
nova::api::auth_uri: {get_input: keystone_auth_uri}
nova::api::identity_uri: {get_input: keystone_identity_uri}
nova::api::api_bind_address: {get_input: nova_api_network}
rabbitmq::file_limit: {get_input: rabbit_fd_limit}
rabbitmq::default_user: {get_input: rabbit_username}
rabbitmq::default_pass: {get_input: rabbit_password}
+ rabbit_ipv6: {get_input: rabbit_ipv6}
# Redis
redis::bind: {get_input: redis_network}
+ redis::requirepass: {get_input: redis_password}
+ redis::masterauth: {get_input: redis_password}
+ redis::sentinel_auth_pass: {get_input: redis_password}
redis_vip: {get_input: redis_vip}
# Firewall
tripleo::firewall::manage_firewall: {get_input: manage_firewall}
tripleo::firewall::purge_firewall_rules: {get_input: purge_firewall_rules}
# Misc
+ memcached_ipv6: {get_input: memcached_ipv6}
memcached::listen_ip: {get_input: memcached_network}
neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
ntp::servers: {get_input: ntp_servers}
tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address}
tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
+ tripleo::loadbalancer::haproxy_stats_user: {get_input: haproxy_stats_user}
+ tripleo::loadbalancer::haproxy_stats_password: {get_input: haproxy_stats_password}
+ tripleo::loadbalancer::redis_password: {get_input: redis_password}
tripleo::packages::enable_install: {get_input: enable_package_install}
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
str_replace:
template: 'r1z1-IP:%PORT%/d1'
params:
- IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
+ IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
swift_proxy_memcache:
description: Swift proxy-memcache value
value:
str_replace:
template: "IP:11211"
params:
- IP: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
+ IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
config_identifier:
description: identifier which changes if the controller configuration may need re-applying
value:
Code Review / apex-tripleo-heat-templates.git / blobdiff