X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=undercloud-source.yaml;h=0788e8b68cfbd5010c438b34bb8f4c268554d88e;hb=656b8385efde3e686c1f969bd5b32af0b08181af;hp=805239a9c2e6b56234b62dc4f91ff9f5f2b2edc6;hpb=c12483397cd1483ebe09a422477ac42a32bd9005;p=apex-tripleo-heat-templates.git diff --git a/undercloud-source.yaml b/undercloud-source.yaml index 805239a9..0788e8b6 100644 --- a/undercloud-source.yaml +++ b/undercloud-source.yaml @@ -1,226 +1,400 @@ -Description: All-in-one baremetal OpenStack and all dependencies. -HeatTemplateFormatVersion: '2012-12-12' -Parameters: +description: All-in-one baremetal OpenStack and all dependencies. +heat_template_version: 2013-05-23 +parameters: AdminPassword: - Default: unset - Description: The password for the keystone admin account, used for monitoring, querying neutron etc. - Type: String - NoEcho: true + default: unset + description: The password for the keystone admin account, used for monitoring, querying neutron etc. + type: string + hidden: true AdminToken: - Default: unset - Description: The keystone auth secret. - Type: String - NoEcho: true + default: unset + description: The keystone auth secret. + type: string + hidden: true + CinderLVMLoopDeviceSize: + default: 5000 + description: The size of the loopback file used by the cinder LVM driver. + type: number BaremetalArch: - Default: i386 - Description: The architecture to use in Nova-BM - i386 or amd64. - Type: String + default: i386 + description: The architecture to use in Nova-BM - i386 or amd64. + type: string + CeilometerMeteringSecret: + default: unset + description: Secret shared by the ceilometer services. + type: string + hidden: true + CeilometerPassword: + default: unset + description: The password for the ceilometer service account. + type: string + hidden: true + Debug: + default: '' + description: Set to True to enable debugging on all services. + type: string + SnmpdReadonlyUserName: + default: ro_snmp_user + description: The user name for SNMPd with readonly rights running on all Overcloud nodes + type: string + SnmpdReadonlyUserPassword: + default: unset + description: The user password for SNMPd with readonly rights running on all Overcloud nodes + type: string + hidden: true + ExtraConfig: + default: {} + description: | + Additional configuration to inject into the cluster. The JSON should have + the following structure: + {"FILEKEY": + {"config: + [{"section": "SECTIONNAME", + "values": + [{"option": "OPTIONNAME", + "value": "VALUENAME" + } + ] + } + ] + } + } + For instance: + {"nova": + {"config": + [{"section": "default", + "values": + [{"option": "compute_manager", + "value": "ironic.nova.compute.manager.ClusterComputeManager" + } + ] + }, + {"section": "cells", + "values": + [{"option": "driver", + "value": "nova.cells.rpc_driver.CellsRPCDriver" + } + ] + } + ] + } + } + type: json Flavor: - Default: baremetal - Description: Flavor to request when deploying. - Type: String + default: baremetal + description: Flavor to request when deploying. + type: string + GlancePort: + default: 9292 + description: Glance port. + type: string + GlanceProtocol: + default: http + description: Protocol to use when connecting to glance, set to https for SSL. + type: string GlancePassword: - Default: unset - Description: The password for the glance service account, used by the glance services. - Type: String - NoEcho: true + default: unset + description: The password for the glance service account, used by the glance services. + type: string + hidden: true GlanceNotifierStrategy: - Description: Strategy to use for Glance notification queue - Type: String - Default: noop + description: Strategy to use for Glance notification queue + type: string + default: noop GlanceLogFile: - Description: The filepath of the file to use for logging messages from Glance. - Type: String - Default: '' + description: The filepath of the file to use for logging messages from Glance. + type: string + default: '' KeyName: - Default: default - Description: Name of an existing EC2 KeyPair to enable SSH access to the instances - Type: String + default: default + description: Name of an existing EC2 KeyPair to enable SSH access to the instances + type: string HeatPassword: - Default: unset - Description: The password for the Heat service account, used by the Heat services. - Type: String - NoEcho: true + default: unset + description: The password for the Heat service account, used by the Heat services. + type: string + hidden: true + ImageUpdatePolicy: + default: REBUILD_PRESERVE_EPHEMERAL + description: What policy to use when reconstructing instances. REBUILD for rebuilds, + REBUILD_PRESERVE_EPHEMERAL to preserve /mnt. + type: string undercloudImage: - Default: undercloud - Type: String + default: undercloud + type: string NeutronPassword: - Default: unset - Description: The password for the neutron service account, used by neutron agents. - Type: String - NoEcho: true + default: unset + description: The password for the neutron service account, used by neutron agents. + type: string + hidden: true NovaPassword: - Default: unset - Description: The password for the nova service account, used by nova-api. - Type: String - NoEcho: true + default: unset + description: The password for the nova service account, used by nova-api. + type: string + hidden: true + NeutronPublicInterfaceDefaultRoute: + default: '' + description: A custom default route for the NeutronPublicInterface. + type: string + NeutronPublicInterfaceIP: + default: '' + description: > + A custom IP address to put onto the NeutronPublicInterface bridge. + See also NeutronPublicInterfaceTagIP for adding a VLAN tagging IP. + NeutronPublicInterfaceIP is deprecated in the context of deploying + underclouds - its only needed for the seed bootstrap process. + type: string + NeutronPublicInterfaceTag: + default: '' + description: > + VLAN tag for creating a public VLAN. The tag will be used to + create an access port on the exterior bridge, and that port will be + given the IP address returned by neutron from the public network. + type: string + NeutronPublicInterfaceRawDevice: + default: '' + description: If set, the public interface is a vlan with this device as the raw device. + type: string + NtpServer: + type: string + default: '' RabbitUserName: - Default: guest - Description: The username for RabbitMQ - Type: String + default: guest + description: The username for RabbitMQ + type: string RabbitPassword: - Default: guest - Description: The password for RabbitMQ - Type: String - NoEcho: true -Resources: - AccessPolicy: - Properties: - AllowedResources: - - undercloudConfig - Type: OS::Heat::AccessPolicy - notCompute0Key: - Properties: - UserName: - Ref: User - Type: AWS::IAM::AccessKey - notCompute0CompletionCondition: - Type: AWS::CloudFormation::WaitCondition - DependsOn: undercloud - Properties: - Handle: {Ref: notCompute0CompletionHandle} - Count: '1' - Timeout: '1800' - notCompute0CompletionHandle: - Type: AWS::CloudFormation::WaitConditionHandle - User: - Properties: - Policies: - - Ref: AccessPolicy - Type: AWS::IAM::User + default: guest + description: The password for RabbitMQ + type: string + hidden: true + RabbitCookieSalt: + type: string + default: unset + description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change. + HeatStackDomainAdminPassword: + description: Password for heat_domain_admin user. + type: string + default: '' + hidden: true + MysqlInnodbBufferPoolSize: + description: > + Specifies the size of the buffer pool in megabytes. Setting to + zero should be interpreted as "no value" and will defer to the + lower level default. + type: number + default: 0 + KeystoneCACertificate: + default: '' + description: Keystone self-signed certificate authority certificate. + type: string + KeystoneSigningCertificate: + default: '' + description: Keystone certificate for verifying token validity. + type: string + KeystoneSigningKey: + default: '' + description: Keystone key for signing tokens. + type: string + hidden: true + DefaultSignalTransport: + default: CFN_SIGNAL + description: Transport to use for software-config signals. + type: string + constraints: + - allowed_values: [ CFN_SIGNAL, HEAT_SIGNAL, NO_SIGNAL ] +resources: + RabbitCookie: + type: OS::Heat::RandomString + properties: + length: 20 + salt: + get_param: RabbitCookieSalt + MysqlRootPassword: + type: OS::Heat::RandomString + properties: + length: 10 undercloudConfig: - Type: AWS::AutoScaling::LaunchConfiguration - Properties: - ImageId: '0' - InstanceType: foo - Metadata: - OpenStack::Role: undercloudConfig - OpenStack::Heat::Stack: {} - OpenStack::ImageBuilder::Elements: [ boot-stack, heat-cfntools, neutron-network-node ] - admin-password: - Ref: AdminPassword - admin-token: - Ref: AdminToken - controller-address: - Fn::Select: + type: OS::Heat::StructuredConfig + properties: + config: + completion-signal: {get_input: deploy_signal_id} + admin-password: + get_param: AdminPassword + admin-token: + get_param: AdminToken + bootstrap_host: + bootstrap_nodeid: + Fn::Select: + - 0 + - Fn::Select: + - 0 + - Merge::Map: + undercloud: + - Fn::Select: + - name + - get_attr: + - undercloud + - show + nodeid: {get_input: bootstack_nodeid} + bootstack: + public_interface_ip: + get_param: NeutronPublicInterfaceIP + controller-address: + get_input: controller_host + corosync: + bindnetaddr: {get_input: controller_host} + mcastport: 5577 + nodes: + Merge::Map: + controller0: + ip: {get_attr: [undercloud, networks, ctlplane, 0]} + pacemaker: + stonith_enabled : false + recheck_interval : 5 + quorum_policy : ignore + ceilometer: + db: mysql://ceilometer:unset@localhost/ceilometer + debug: {get_param: Debug} + metering_secret: {get_param: CeilometerMeteringSecret} + snmpd_readonly_user_name: + get_param: SnmpdReadonlyUserName + snmpd_readonly_user_password: + get_param: SnmpdReadonlyUserPassword + service-password: + get_param: CeilometerPassword + db-password: unset + glance: + backend: file + db: mysql://glance:unset@localhost/glance + debug: {get_param: Debug} + host: 127.0.0.1 + port: + get_param: GlancePort + protocol: + get_param: GlanceProtocol + service-password: + get_param: GlancePassword + notifier-strategy: + get_param: GlanceNotifierStrategy + log-file: + get_param: GlanceLogFile + heat: + admin_password: + get_param: HeatPassword + admin_tenant_name: service + admin_user: heat + auth_encryption_key: unset___________ + db: mysql://heat:unset@localhost/heat + debug: {get_param: Debug} + stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword} + watch_server_url: {get_input: heat.watch_server_url} + metadata_server_url: {get_input: heat.metadata_server_url} + waitcondition_server_url: {get_input: heat.waitcondition_server_url} + keystone: + db: mysql://keystone:unset@localhost/keystone + debug: {get_param: Debug} + host: 127.0.0.1 + ca_certificate: {get_param: KeystoneCACertificate} + signing_key: {get_param: KeystoneSigningKey} + signing_certificate: {get_param: KeystoneSigningCertificate} + mysql: + innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize} + root-password: {get_resource: MysqlRootPassword} + neutron: + debug: {get_param: Debug} + host: 127.0.0.1 + ovs_db: mysql://neutron:unset@localhost/ovs_neutron?charset=utf8 + ovs: + public_interface: + get_param: NeutronPublicInterface + public_interface_raw_device: + get_param: NeutronPublicInterfaceRawDevice + public_interface_route: + get_param: NeutronPublicInterfaceDefaultRoute + public_interface_tag: + get_param: NeutronPublicInterfaceTag + physical_bridge: br-ctlplane + physical_network: ctlplane + network_vlan_ranges: ctlplane + bridge_mappings: ctlplane:br-ctlplane + tenant_network_type: vlan + enable_tunneling: 'False' + service-password: + get_param: NeutronPassword + rabbit: + host: 127.0.0.1 + username: + get_param: RabbitUserName + password: + get_param: RabbitPassword + cookie: + get_attr: + - RabbitCookie + - value + ntp: + servers: + - {server: {get_param: NtpServer}, fudge: "stratum 0"} + undercloudPassthroughConfig: + type: OS::Heat::StructuredConfig + properties: + config: {get_input: passthrough_config} + undercloud: + type: OS::Nova::Server + properties: + image: + get_param: undercloudImage + flavor: + get_param: Flavor + key_name: + get_param: KeyName + image_update_policy: + get_param: ImageUpdatePolicy + networks: + - network: ctlplane + user_data_format: SOFTWARE_CONFIG + undercloudDeployment: + depends_on: [undercloudPassthroughDeployment] + type: OS::Heat::StructuredDeployment + properties: + config: {get_resource: undercloudConfig} + server: {get_resource: undercloud} + signal_transport: {get_param: DefaultSignalTransport} + input_values: + bootstack_nodeid: + get_attr: + - undercloud + - show + - name + controller_host: + get_attr: + - undercloud + - networks + - ctlplane - 0 - - Fn::Select: - - "ctlplane" - - Fn::GetAtt: - - undercloud - - networks - cinder: - db: mysql://cinder:unset@localhost/cinder - volume_size_mb: '5000' - completion-handle: - Ref: notCompute0CompletionHandle - db-password: unset - glance: - backend: file - db: mysql://glance:unset@localhost/glance - host: 127.0.0.1 - service-password: - Ref: GlancePassword - notifier-strategy: - Ref: GlanceNotifierStrategy - log-file: - Ref: GlanceLogFile - heat: - admin_password: - Ref: HeatPassword - admin_tenant_name: service - admin_user: heat - auth_encryption_key: unset___________ - db: mysql://heat:unset@localhost/heat - watch_server_url: + heat.watch_server_url: Fn::Join: - '' - - - http:// - - Fn::Select: - - 0 - - Fn::Select: - - "ctlplane" - - Fn::GetAtt: - - undercloud - - networks - - ":8003" - metadata_server_url: + - - 'http://' + - get_attr: [undercloud, networks, ctlplane, 0] + - ':8003' + heat.metadata_server_url: Fn::Join: - '' - - - http:// - - Fn::Select: - - 0 - - Fn::Select: - - "ctlplane" - - Fn::GetAtt: - - undercloud - - networks - - ":8000" - waitcondition_server_url: + - - 'http://' + - {get_attr: [undercloud, networks, ctlplane, 0]} + - ':8000' + heat.waitcondition_server_url: Fn::Join: - '' - - - http:// - - Fn::Select: - - 0 - - Fn::Select: - - "ctlplane" - - Fn::GetAtt: - - undercloud - - networks - - ":8000/v1/waitcondition" - os-collect-config: - cfn: - access_key_id: - Ref: notCompute0Key - path: undercloudConfig.Metadata - secret_access_key: - Fn::GetAtt: - - notCompute0Key - - SecretAccessKey - stack_name: - Ref: AWS::StackName - keystone: - db: mysql://keystone:unset@localhost/keystone - host: 127.0.0.1 - neutron: - host: 127.0.0.1 - ovs_db: mysql://neutron:unset@localhost/ovs_neutron?charset=utf8 - ovs: - dnsmasq_range: [192.0.2.25, 192.0.2.44] - public_interface: - Ref: NeutronPublicInterface - physical_bridge: br-ctlplane - physical_network: ctlplane - network_vlan_ranges: ctlplane - bridge_mappings: ctlplane:br-ctlplane - tenant_network_type: vlan - enable_tunneling: 'False' - service-password: - Ref: NeutronPassword - rabbit: - host: 127.0.0.1 - username: - Ref: RabbitUserName - password: - Ref: RabbitPassword - undercloud: - Type: OS::Nova::Server - Properties: - image: - Ref: undercloudImage - flavor: - Ref: Flavor - key_name: - Ref: KeyName - Metadata: - os-collect-config: - cfn: - access_key_id: - Ref: notCompute0Key - path: undercloudConfig.Metadata - secret_access_key: - Fn::GetAtt: - - notCompute0Key - - SecretAccessKey - stack_name: - Ref: AWS::StackName + - - 'http://' + - {get_attr: [undercloud, networks, ctlplane, 0]} + - ':8000/v1/waitcondition' + undercloudPassthroughDeployment: + depends_on: [undercloudNovaDeployment] + type: OS::Heat::StructuredDeployment + properties: + config: {get_resource: undercloudPassthroughConfig} + server: {get_resource: undercloud} + signal_transport: NO_SIGNAL + input_values: + passthrough_config: {get_param: ExtraConfig}