X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=overcloud-source.yaml;h=950b39a5c6936551e89d3c53a289da3ad969f48a;hb=a830cea3b1071f70485f427877ac4577f5d13e16;hp=a6285f7a017821fe9b4e339fc3f57e3cbfca0b0d;hpb=94eb778d718877da2abfe2af22d6bccf01c45668;p=apex-tripleo-heat-templates.git diff --git a/overcloud-source.yaml b/overcloud-source.yaml index a6285f7a..950b39a5 100644 --- a/overcloud-source.yaml +++ b/overcloud-source.yaml @@ -2,136 +2,546 @@ Description: Nova API,Keystone,Heat Engine and API,Glance,Neutron,Dedicated MySQ server,Dedicated RabbitMQ Server,Group of Nova Computes HeatTemplateFormatVersion: '2012-12-12' Parameters: - InstanceType: + AdminPassword: + Default: unset + Description: The password for the keystone admin account, used for monitoring, querying neutron etc. + Type: String + NoEcho: true + AdminToken: + Default: unset + Description: The keystone auth secret. + Type: String + NoEcho: true + CinderPassword: + Default: unset + Description: The password for the cinder service account, used by cinder-api. + Type: String + NoEcho: true + CinderISCSIHelper: + Default: tgtadm + Description: The iSCSI helper to use with cinder. + Type: String + OvercloudControlFlavor: Default: baremetal - Description: Flavor to request when deploying. + Description: Flavor for control nodes to request when deploying. + Type: String + OvercloudComputeFlavor: + Default: baremetal + Description: Flavor for compute nodes to request when deploying. + Type: String + GlancePassword: + Default: unset + Description: The password for the glance service account, used by the glance services. + Type: String + NoEcho: true + GlanceNotifierStrategy: + Description: Strategy to use for Glance notification queue + Type: String + Default: noop + GlanceLogFile: + Description: The filepath of the file to use for logging messages from Glance. + Type: String + Default: '' + HeatPassword: + Default: unset + Description: The password for the Heat service account, used by the Heat services. + Type: String + NoEcho: true + ImageUpdatePolicy: + Default: 'REBUILD_PRESERVE_EPHEMERAL' + Description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt. Type: String KeyName: Default: default Description: Name of an existing EC2 KeyPair to enable SSH access to the instances Type: String + NeutronBridgeMappings: + Description: The OVS logical->physical bridge mappings to use. + Type: String + Default: '' + NeutronPassword: + Default: unset + Description: The password for the neutron service account, used by neutron agents. + Type: String + NoEcho: true + CeilometerComputeAgent: + Description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly + Type: String + Default: '' + AllowedValues: ['', Present] + CeilometerMeteringSecret: + Default: unset + Description: Secret shared by the ceilometer services. + Type: String + NoEcho: true + CeilometerPassword: + Default: unset + Description: The password for the ceilometer service account. + Type: String + NoEcho: true + CloudName: + Default: '' + Description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org + Type: String NovaComputeDriver: Default: libvirt.LibvirtDriver Type: String + NovaComputeLibvirtType: + Default: '' + Type: String NovaImage: Type: String Default: overcloud-compute - NovaInterfaces: + NovaPassword: + Default: unset + Description: The password for the nova service account, used by nova-api. + Type: String + NoEcho: true + NeutronFlatNetworks: + Type: String + Default: '' + Description: If set, flat networks to configure in neutron plugins. + HypervisorNeutronPhysicalBridge: + Default: '' + Description: An OVS bridge to create on each hypervisor. + Type: String + HypervisorNeutronPublicInterface: + Default: '' + Description: What interface to add to the HypervisorNeutronPhysicalBridge. + Type: String + NeutronPublicInterface: Default: eth0 + Description: What interface to bridge onto br-ex for network nodes. Type: String - PowerUserName: - Default: stack - Description: What username to ssh to the virtual power host with. + NeutronPublicInterfaceDefaultRoute: + Default: '' + Description: A custom default route for the NeutronPublicInterface. Type: String - notcomputeImage: + NeutronPublicInterfaceIP: + Default: '' + Description: A custom IP address to put onto the NeutronPublicInterface. + Type: String + NeutronPublicInterfaceRawDevice: + Default: '' + Description: If set, the public interface is a vlan with this device as the raw device. + Type: String + controllerImage: Type: String Default: overcloud-control + NtpServer: + Type: String + Default: '' + RabbitUserName: + Default: guest + Description: The username for RabbitMQ + Type: String + RabbitPassword: + Default: guest + Description: The password for RabbitMQ + Type: String + NoEcho: true + RabbitCookieSalt: + Type: String + Default: unset + Description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change. + HeatStackDomainAdminPassword: + Description: Password for heat_domain_admin user. + Type: String + Default: '' + NoEcho: true + LiveUpdateUserName: + Type: String + Description: The live-update username for the undercloud Glance API. + Default: '' + LiveUpdateTenantName: + Type: String + Description: The live-update tenant name for the undercloud Glance API. + Default: '' + LiveUpdateHost: + Type: String + Description: The IP address for the undercloud Glance API. + Default: '' + LiveUpdatePassword: + Type: String + Default: '' + Description: The live-update password for the undercloud Glance API. + NoEcho: true + LiveUpdateComputeImage: + Type: String + Description: The image ID for live-updates to the overcloud compute nodes. + Default: '' + MysqlInnodbBufferPoolSize: + Description: Specifies the size of the buffer pool in megabytes. + Type: Number + Default: 100 Resources: + RabbitCookie: + Type: OS::Heat::RandomString + Properties: + length: 20 + salt: + Ref: RabbitCookieSalt AccessPolicy: Properties: AllowedResources: - - notcompute + - controller0 + - controller0Config Type: OS::Heat::AccessPolicy - Key: + ComputeAccessPolicy: + Properties: + AllowedResources: + - NovaCompute0 + - NovaCompute0Config + Type: OS::Heat::AccessPolicy + controller0Key: Properties: UserName: Ref: User Type: AWS::IAM::AccessKey - NovaCompute0: + controller0CompletionCondition: + Type: AWS::CloudFormation::WaitCondition + DependsOn: controller0Config + Properties: + Handle: {Ref: controller0CompletionHandle} + Count: '1' + Timeout: '1800' + controller0CompletionHandle: + Type: OS::Heat::UpdateWaitConditionHandle + NovaCompute0Key: + Type: FileInclude + Path: nova-compute-instance.yaml + SubKey: Resources.NovaCompute0Key + NovaCompute0CompletionCondition: Type: FileInclude Path: nova-compute-instance.yaml - SubKey: Resources.NovaCompute + SubKey: Resources.NovaCompute0CompletionCondition + NovaCompute0CompletionHandle: + Type: FileInclude + Path: nova-compute-instance.yaml + SubKey: Resources.NovaCompute0CompletionHandle + ComputeUser: + Properties: + Policies: + - Ref: ComputeAccessPolicy + Type: AWS::IAM::User + NovaCompute0Config: + Type: FileInclude + Path: nova-compute-instance.yaml + SubKey: Resources.NovaCompute0Config Parameters: - NovaApiHost: {"Fn::GetAtt": [notcompute, PrivateIp]} - KeystoneHost: {"Fn::GetAtt": [notcompute, PrivateIp]} - RabbitHost: {"Fn::GetAtt": [notcompute, PrivateIp]} - NeutronHost: {"Fn::GetAtt": [notcompute, PrivateIp]} - GlanceHost: {"Fn::GetAtt": [notcompute, PrivateIp]} - NovaDSN: {"Fn::Join": ['', ['mysql://nova:unset@', {"Fn::GetAtt": [notcompute, PrivateIp]}, '/nova']]} - NeutronDSN: {"Fn::Join": ['', ['mysql://neutron:unset@', {"Fn::GetAtt": [notcompute, PrivateIp]}, '/neutron']]} + NovaApiHost: {"Fn::Select": [ 0, {"Fn::Select": [ "ctlplane", {"Fn::GetAtt": [controller0, networks]} ]} ] } + KeystoneHost: {"Fn::Select": [ 0, {"Fn::Select": [ "ctlplane", {"Fn::GetAtt": [controller0, networks]} ]} ] } + RabbitHost: {"Fn::Select": [ 0, {"Fn::Select": [ "ctlplane", {"Fn::GetAtt": [controller0, networks]} ]} ] } + NeutronHost: {"Fn::Select": [ 0, {"Fn::Select": [ "ctlplane", {"Fn::GetAtt": [controller0, networks]} ]} ] } + GlanceHost: {"Fn::Select": [ 0, {"Fn::Select": [ "ctlplane", {"Fn::GetAtt": [controller0, networks]} ]} ] } + NovaDSN: {"Fn::Join": ['', ['mysql://nova:unset@', {"Fn::Select": [ 0, {"Fn::Select": [ "ctlplane", {"Fn::GetAtt": [controller0, networks]} ]} ]}, '/nova']]} + CeilometerDSN: {"Fn::Join": ['', ['mysql://ceilometer:unset@', {"Fn::Select": [ 0, {"Fn::Select": [ "ctlplane", {"Fn::GetAtt": [controller0, networks]} ]} ]}, '/ceilometer']]} + NeutronDSN: {"Fn::Join": ['', ['mysql://neutron:unset@', {"Fn::Select": [ 0, {"Fn::Select": [ "ctlplane", {"Fn::GetAtt": [controller0, networks]} ]} ]}, '/neutron']]} NeutronNetworkType: "gre" NeutronEnableTunnelling: "True" + NeutronFlatNetworks: + Ref: NeutronFlatNetworks NeutronNetworkVLANRanges: "" - NeutronBridgeMappings: "" - RabbitPassword: "guest" - ServicePassword: "unset" + NeutronPhysicalBridge: + Ref: HypervisorNeutronPhysicalBridge + NeutronPublicInterface: + Ref: HypervisorNeutronPublicInterface + NeutronBridgeMappings: + Ref: NeutronBridgeMappings + StaticHosts: + Fn::Join: + - "\n" + - - Fn::Join: + - "\n" + - Merge::Map: + NovaCompute0: + Fn::Join: + - ' ' + - - Fn::Select: + - 0 + - Fn::Select: + - ctlplane + - Fn::GetAtt: + - NovaCompute0 + - networks + - Fn::Select: + - name + - Fn::GetAtt: + - NovaCompute0 + - show + - Fn::Join: + - '.' + - - Fn::Select: + - name + - Fn::GetAtt: + - NovaCompute0 + - show + - 'novalocal' + - Fn::Join: + - ' ' + - - Fn::Select: + - 0 + - Fn::Select: + - ctlplane + - Fn::GetAtt: + - controller0 + - networks + - {Ref: CloudName} + # If CloudName is unset, make the hosts line still valid + - unused + NovaCompute0: + Type: FileInclude + Path: nova-compute-instance.yaml + SubKey: Resources.NovaCompute0 User: Properties: Policies: - Ref: AccessPolicy Type: AWS::IAM::User - notcompute: + controller0Config: + Type: AWS::AutoScaling::LaunchConfiguration + Properties: + ImageId: '0' + InstanceType: '0' Metadata: OpenStack::Heat::Stack: {} - Openstack::ImageBuilder::Elements: + OpenStack::ImageBuilder::Elements: - boot-stack - heat-cfntools - heat-localip - neutron-network-node - admin-password: unset - admin-token: unset + admin-password: + Ref: AdminPassword + admin-token: + Ref: AdminToken + bootstack: + public_interface_ip: + Ref: NeutronPublicInterfaceIP cinder: db: mysql://cinder:unset@localhost/cinder volume_size_mb: '5000' - controller-address: 0.0.0.0 + service-password: + Ref: CinderPassword + iscsi-helper: + Ref: CinderISCSIHelper + completion-handle: + Ref: controller0CompletionHandle + controller-address: + Fn::Select: + - 0 + - Fn::Select: + - 'ctlplane' + - Fn::GetAtt: + - controller0 + - networks db-password: unset glance: + backend: swift db: mysql://glance:unset@localhost/glance - host: 0.0.0.0 + host: + Fn::Select: + - 0 + - Fn::Select: + - 'ctlplane' + - Fn::GetAtt: + - controller0 + - networks + service-password: + Ref: GlancePassword + swift-store-user: service:glance + swift-store-key: + Ref: GlancePassword + notifier-strategy: + Ref: GlanceNotifierStrategy + log-file: + Ref: GlanceLogFile heat: - access_key_id: - Ref: Key - admin_password: unset + admin_password: + Ref: HeatPassword admin_tenant_name: service admin_user: heat auth_encryption_key: unset___________ db: mysql://heat:unset@localhost/heat - heat_watch_server_url: http://0.0.0.0:8003 - metadata_server_url: http://0.0.0.0:8000 - refresh: - - resource: notcompute - secret_key: - Fn::GetAtt: - - Key - - SecretAccessKey - stack: - name: - Ref: AWS::StackName - region: - Ref: AWS::Region - waitcondition_server_url: http://0.0.0.0:8000/v1/waitcondition - interfaces: - control: eth2 + stack_domain_admin_password: {Ref: HeatStackDomainAdminPassword} + watch_server_url: + Fn::Join: + - '' + - - 'http://' + - Fn::Select: + - 0 + - Fn::Select: + - 'ctlplane' + - Fn::GetAtt: + - controller0 + - networks + - ':8003' + metadata_server_url: + Fn::Join: + - '' + - - 'http://' + - Fn::Select: + - 0 + - Fn::Select: + - 'ctlplane' + - Fn::GetAtt: + - controller0 + - networks + - ':8000' + waitcondition_server_url: + Fn::Join: + - '' + - - 'http://' + - Fn::Select: + - 0 + - Fn::Select: + - 'ctlplane' + - Fn::GetAtt: + - controller0 + - networks + - ':8000/v1/waitcondition' + hosts: + Fn::Join: + - ' ' + - - Fn::Select: + - 0 + - Fn::Select: + - ctlplane + - Fn::GetAtt: + - controller0 + - networks + - {Ref: CloudName} keystone: db: mysql://keystone:unset@localhost/keystone - host: 0.0.0.0 - nova: - compute_driver: libvirt.LibvirtDriver - db: mysql://nova:unset@localhost/nova - host: 0.0.0.0 - metadata-proxy: true + host: + Fn::Select: + - 0 + - Fn::Select: + - 'ctlplane' + - Fn::GetAtt: + - controller0 + - networks + mysql: + innodb_buffer_pool_size: {Ref: MysqlInnodbBufferPoolSize} neutron: - floatingip_end: 192.0.2.64 - floatingip_range: 192.0.2.0/24 - floatingip_start: 192.0.2.45 - host: 0.0.0.0 + flat-networks: {Ref: NeutronFlatNetworks} + host: + Fn::Select: + - 0 + - Fn::Select: + - ctlplane + - Fn::GetAtt: + - controller0 + - networks metadata_proxy_shared_secret: unset ovs: enable_tunneling: 'True' - ovs_range: 10.0.0.0/8 - local_ip: 0.0.0.0 - public_interface: eth2 + local_ip: + Fn::Select: + - 0 + - Fn::Select: + - ctlplane + - Fn::GetAtt: + - controller0 + - networks + bridge_mappings: {Ref: NeutronBridgeMappings} + public_interface: + Ref: NeutronPublicInterface + public_interface_raw_device: + Ref: NeutronPublicInterfaceRawDevice + public_interface_route: + Ref: NeutronPublicInterfaceDefaultRoute + physical_bridge: br-ex tenant_network_type: gre ovs_db: mysql://neutron:unset@localhost/ovs_neutron?charset=utf8 + service-password: + Ref: NeutronPassword + ceilometer: + db: mysql://ceilometer:unset@localhost/ceilometer + metering_secret: {Ref: CeilometerMeteringSecret} + service-password: + Ref: CeilometerPassword + nova: + compute_driver: libvirt.LibvirtDriver + db: mysql://nova:unset@localhost/nova + default_floating_pool: + ext-net + host: + Fn::Select: + - 0 + - Fn::Select: + - 'ctlplane' + - Fn::GetAtt: + - controller0 + - networks + metadata-proxy: true + service-password: + Ref: NovaPassword + os-collect-config: + cfn: + access_key_id: + Ref: controller0Key + path: controller0Config.Metadata + secret_access_key: + Fn::GetAtt: + - controller0Key + - SecretAccessKey + stack_name: + Ref: AWS::StackName rabbit: - host: 0.0.0.0 - password: guest - service-password: unset + host: + Fn::Select: + - 0 + - Fn::Select: + - ctlplane + - Fn::GetAtt: + - controller0 + - networks + username: + Ref: RabbitUserName + password: + Ref: RabbitPassword + cookie: + Fn::GetAtt: + - RabbitCookie + - value + ntp: + servers: + - {server: {Ref: NtpServer}, fudge: "stratum 0"} + controller0: + Type: OS::Nova::Server Properties: - ImageId: - Ref: notcomputeImage - InstanceType: - Ref: InstanceType - KeyName: + image: + Ref: controllerImage + image_update_policy: + Ref: ImageUpdatePolicy + flavor: + Ref: OvercloudControlFlavor + key_name: Ref: KeyName - Type: AWS::EC2::Instance + Metadata: + os-collect-config: + cfn: + access_key_id: + Ref: controller0Key + path: controller0Config.Metadata + secret_access_key: + Fn::GetAtt: + - controller0Key + - SecretAccessKey + stack_name: + Ref: AWS::StackName +Outputs: + KeystoneURL: + Description: URL for the Overcloud Keystone service + Value: + Fn::Join: + - '' + - - http:// + - Fn::Select: + - 0 + - Fn::Select: + - ctlplane + - Fn::GetAtt: + - controller0 + - networks + - :5000/v2.0/