X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=undercloud-source.yaml;h=6fe2066d24fcc4b27636fe8761f7f59b33b5b890;hb=71e9426f195cf3c17fc11adf17f14d41caa7cf30;hp=7206c67cecc0e8d1f79e585c34b742c675c24f42;hpb=af8767a644471d38e20915827224e5e63385756c;p=apex-tripleo-heat-templates.git diff --git a/undercloud-source.yaml b/undercloud-source.yaml index 7206c67c..6fe2066d 100644 --- a/undercloud-source.yaml +++ b/undercloud-source.yaml @@ -1,46 +1,43 @@ -Description: All-in-one baremetal OpenStack and all dependencies. -HeatTemplateFormatVersion: '2012-12-12' -Parameters: +description: All-in-one baremetal OpenStack and all dependencies. +heat_template_version: 2013-05-23 +parameters: AdminPassword: - Default: unset - Description: The password for the keystone admin account, used for monitoring, querying neutron etc. - Type: String - NoEcho: true + default: unset + description: The password for the keystone admin account, used for monitoring, querying neutron etc. + type: string + hidden: true AdminToken: - Default: unset - Description: The keystone auth secret. - Type: String - NoEcho: true - CinderLVMLoopDeviceSize: - Default: 5000 - Description: The size of the loopback file used by the cinder LVM driver. - Type: Number + default: unset + description: The keystone auth secret. + type: string + hidden: true BaremetalArch: - Default: i386 - Description: The architecture to use in Nova-BM - i386 or amd64. - Type: String + default: i386 + description: The architecture to use in Nova-BM - i386 or amd64. + type: string CeilometerMeteringSecret: - Default: unset - Description: Secret shared by the ceilometer services. - Type: String - NoEcho: true + default: unset + description: Secret shared by the ceilometer services. + type: string + hidden: true CeilometerPassword: - Default: unset - Description: The password for the ceilometer service account. - Type: String - NoEcho: true - SnmpdReadonlyUserName: - Default: ro_snmp_user - Description: The user name for SNMPd with readonly rights running on all Overcloud nodes - Type: String - SnmpdReadonlyUserPassword: - Default: unset - Description: The user password for SNMPd with readonly rights running on all Overcloud nodes - Type: String - NoEcho: true + default: unset + description: The password for the ceilometer service account. + type: string + hidden: true + Debug: + default: '' + description: Set to True to enable debugging on all services. + type: string + DefaultSignalTransport: + default: CFN_SIGNAL + description: Transport to use for software-config signals. + type: string + constraints: + - allowed_values: [ CFN_SIGNAL, HEAT_SIGNAL, NO_SIGNAL ] ExtraConfig: - Default: {} - Description: | + default: {} + description: | Additional configuration to inject into the cluster. The JSON should have the following structure: {"FILEKEY": @@ -75,95 +72,165 @@ Parameters: ] } } - Type: Json + type: json Flavor: - Default: baremetal - Description: Flavor to request when deploying. - Type: String + description: Flavor to request when deploying. + type: string + constraints: + - custom_constraint: nova.flavor + GlanceLogFile: + description: The filepath of the file to use for logging messages from Glance. + type: string + default: '' GlancePassword: - Default: unset - Description: The password for the glance service account, used by the glance services. - Type: String - NoEcho: true + default: unset + description: The password for the glance service account, used by the glance services. + type: string + hidden: true + GlancePort: + default: 9292 + description: Glance port. + type: string + GlanceProtocol: + default: http + description: Protocol to use when connecting to glance, set to https for SSL. + type: string GlanceNotifierStrategy: - Description: Strategy to use for Glance notification queue - Type: String - Default: noop - GlanceLogFile: - Description: The filepath of the file to use for logging messages from Glance. - Type: String - Default: '' + description: Strategy to use for Glance notification queue + type: string + default: noop KeyName: - Default: default - Description: Name of an existing EC2 KeyPair to enable SSH access to the instances - Type: String + default: default + description: Name of an existing EC2 KeyPair to enable SSH access to the instances + type: string + KeystoneCACertificate: + default: '' + description: Keystone self-signed certificate authority certificate. + type: string + KeystoneSigningCertificate: + default: '' + description: Keystone certificate for verifying token validity. + type: string + KeystoneSigningKey: + default: '' + description: Keystone key for signing tokens. + type: string + hidden: true + KeystoneSSLCertificate: + default: '' + description: Keystone certificate for verifying token validity. + type: string + KeystoneSSLCertificateKey: + default: '' + description: Keystone key for signing tokens. + type: string + hidden: true HeatPassword: - Default: unset - Description: The password for the Heat service account, used by the Heat services. - Type: String - NoEcho: true + default: unset + description: The password for the Heat service account, used by the Heat services. + type: string + hidden: true + HeatStackDomainAdminPassword: + description: Password for heat_domain_admin user. + type: string + default: '' + hidden: true ImageUpdatePolicy: - Default: REBUILD_PRESERVE_EPHEMERAL - Description: What policy to use when reconstructing instances. REBUILD for rebuilds, + default: REBUILD_PRESERVE_EPHEMERAL + description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt. - Type: String - undercloudImage: - Default: undercloud - Type: String + type: string + MysqlInnodbBufferPoolSize: + description: > + Specifies the size of the buffer pool in megabytes. Setting to + zero should be interpreted as "no value" and will defer to the + lower level default. + type: number + default: 0 NeutronPassword: - Default: unset - Description: The password for the neutron service account, used by neutron agents. - Type: String - NoEcho: true + default: unset + description: The password for the neutron service account, used by neutron agents. + type: string + hidden: true + NeutronPublicInterfaceDefaultRoute: + default: '' + description: A custom default route for the NeutronPublicInterface. + type: string + NeutronPublicInterfaceIP: + default: '' + description: > + A custom IP address to put onto the NeutronPublicInterface bridge. + See also NeutronPublicInterfaceTagIP for adding a VLAN tagging IP. + NeutronPublicInterfaceIP is deprecated in the context of deploying + underclouds - its only needed for the seed bootstrap process. + type: string + NeutronPublicInterfaceRawDevice: + default: '' + description: If set, the public interface is a vlan with this device as the raw device. + type: string + NeutronPublicInterfaceTag: + default: '' + description: > + VLAN tag for creating a public VLAN. The tag will be used to + create an access port on the exterior bridge, and that port will be + given the IP address returned by neutron from the public network. + type: string NovaPassword: - Default: unset - Description: The password for the nova service account, used by nova-api. - Type: String - NoEcho: true + default: unset + description: The password for the nova service account, used by nova-api. + type: string + hidden: true + NeutronDVR: + default: 'False' + type: string NtpServer: - Type: String - Default: '' + type: string + default: '' + RabbitCookieSalt: + type: string + default: unset + description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change. RabbitUserName: - Default: guest - Description: The username for RabbitMQ - Type: String + default: guest + description: The username for RabbitMQ + type: string RabbitPassword: - Default: guest - Description: The password for RabbitMQ - Type: String - NoEcho: true - RabbitCookieSalt: - Type: String - Default: unset - Description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change. - HeatStackDomainAdminPassword: - Description: Password for heat_domain_admin user. - Type: String - Default: '' - NoEcho: true - MysqlInnodbBufferPoolSize: - Description: > - Specifies the size of the buffer pool in megabytes. Setting to - zero should be interpreted as "no value" and will defer to the - lower level default. - Type: Number - Default: 0 -Resources: + default: guest + description: The password for RabbitMQ + type: string + hidden: true + SnmpdReadonlyUserName: + default: ro_snmp_user + description: The user name for SNMPd with readonly rights running on all Overcloud nodes + type: string + SnmpdReadonlyUserPassword: + default: unset + description: The user password for SNMPd with readonly rights running on all Overcloud nodes + type: string + hidden: true + undercloudImage: + default: undercloud + type: string +resources: RabbitCookie: - Type: OS::Heat::RandomString - Properties: + type: OS::Heat::RandomString + properties: length: 20 salt: - Ref: RabbitCookieSalt + get_param: RabbitCookieSalt + MysqlRootPassword: + type: OS::Heat::RandomString + properties: + length: 10 undercloudConfig: - Type: OS::Heat::StructuredConfig - Properties: + type: OS::Heat::StructuredConfig + properties: config: completion-signal: {get_input: deploy_signal_id} admin-password: - Ref: AdminPassword + get_param: AdminPassword admin-token: - Ref: AdminToken + get_param: AdminToken bootstrap_host: bootstrap_nodeid: Fn::Select: @@ -172,56 +239,93 @@ Resources: - 0 - Merge::Map: undercloud: - - Fn::Select: + - get_attr: + - undercloud - name - - Fn::GetAtt: - - undercloud - - show nodeid: {get_input: bootstack_nodeid} + bootstack: + public_interface_ip: + get_param: NeutronPublicInterfaceIP controller-address: get_input: controller_host + corosync: + bindnetaddr: {get_input: controller_host} + mcastport: 5577 + nodes: + Merge::Map: + controller0: + ip: {get_attr: [undercloud, networks, ctlplane, 0]} + pacemaker: + stonith_enabled : false + recheck_interval : 5 + quorum_policy : ignore ceilometer: - db: mysql://ceilometer:unset@localhost/ceilometer - metering_secret: {Ref: CeilometerMeteringSecret} + db: {list_join: ['', ['mysql://ceilometer:', {get_param: CeilometerPassword}, '@localhost/ceilometer']]} + debug: {get_param: Debug} + metering_secret: {get_param: CeilometerMeteringSecret} snmpd_readonly_user_name: - Ref: SnmpdReadonlyUserName + get_param: SnmpdReadonlyUserName snmpd_readonly_user_password: - Ref: SnmpdReadonlyUserPassword + get_param: SnmpdReadonlyUserPassword service-password: - Ref: CeilometerPassword + get_param: CeilometerPassword db-password: unset glance: backend: file - db: mysql://glance:unset@localhost/glance + db: {list_join: ['', ['mysql://glance:', {get_param: GlancePassword}, '@localhost/glance']]} + debug: {get_param: Debug} host: 127.0.0.1 + port: + get_param: GlancePort + protocol: + get_param: GlanceProtocol service-password: - Ref: GlancePassword + get_param: GlancePassword notifier-strategy: - Ref: GlanceNotifierStrategy + get_param: GlanceNotifierStrategy log-file: - Ref: GlanceLogFile + get_param: GlanceLogFile heat: admin_password: - Ref: HeatPassword + get_param: HeatPassword admin_tenant_name: service admin_user: heat auth_encryption_key: unset___________ - db: mysql://heat:unset@localhost/heat - stack_domain_admin_password: {Ref: HeatStackDomainAdminPassword} + db: {list_join: ['', ['mysql://heat:', {get_param: HeatPassword}, '@localhost/heat']]} + debug: {get_param: Debug} + stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword} watch_server_url: {get_input: heat.watch_server_url} metadata_server_url: {get_input: heat.metadata_server_url} waitcondition_server_url: {get_input: heat.waitcondition_server_url} keystone: - db: mysql://keystone:unset@localhost/keystone + db: {list_join: ['', ['mysql://keystone:', {get_param: AdminToken}, '@localhost/keystone']]} + debug: {get_param: Debug} host: 127.0.0.1 + ca_certificate: {get_param: KeystoneCACertificate} + signing_key: {get_param: KeystoneSigningKey} + signing_certificate: {get_param: KeystoneSigningCertificate} + ssl: + certificate: {get_param: KeystoneSSLCertificate} + certificate_key: {get_param: KeystoneSSLCertificateKey} mysql: - innodb_buffer_pool_size: {Ref: MysqlInnodbBufferPoolSize} + innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize} + root-password: {get_resource: MysqlRootPassword} + bind_address: 127.0.0.1 neutron: + debug: {get_param: Debug} host: 127.0.0.1 - ovs_db: mysql://neutron:unset@localhost/ovs_neutron?charset=utf8 + ovs_db: {list_join: ['', ['mysql://neutron:', {get_param: NeutronPassword}, '@localhost/ovs_neutron?charset=utf8']]} ovs: + local_ip: + get_input: controller_host public_interface: - Ref: NeutronPublicInterface + get_param: NeutronPublicInterface + public_interface_raw_device: + get_param: NeutronPublicInterfaceRawDevice + public_interface_route: + get_param: NeutronPublicInterfaceDefaultRoute + public_interface_tag: + get_param: NeutronPublicInterfaceTag physical_bridge: br-ctlplane physical_network: ctlplane network_vlan_ranges: ctlplane @@ -229,79 +333,80 @@ Resources: tenant_network_type: vlan enable_tunneling: 'False' service-password: - Ref: NeutronPassword + get_param: NeutronPassword rabbit: host: 127.0.0.1 username: - Ref: RabbitUserName + get_param: RabbitUserName password: - Ref: RabbitPassword + get_param: RabbitPassword cookie: - Fn::GetAtt: + get_attr: - RabbitCookie - value ntp: servers: - - {server: {Ref: NtpServer}, fudge: "stratum 0"} + - {server: {get_param: NtpServer}} undercloudPassthroughConfig: - Type: OS::Heat::StructuredConfig - Properties: + type: OS::Heat::StructuredConfig + properties: config: {get_input: passthrough_config} undercloud: - Type: OS::Nova::Server - Properties: + type: OS::Nova::Server + properties: image: - Ref: undercloudImage + get_param: undercloudImage flavor: - Ref: Flavor + get_param: Flavor key_name: - Ref: KeyName + get_param: KeyName image_update_policy: - Ref: ImageUpdatePolicy + get_param: ImageUpdatePolicy + networks: + - network: ctlplane user_data_format: SOFTWARE_CONFIG - 99_undercloudDeployment: - Type: OS::Heat::StructuredDeployment - Properties: - config: {Ref: undercloudConfig} - server: {Ref: undercloud} + undercloudDeployment: + depends_on: [undercloudPassthroughDeployment] + type: OS::Heat::StructuredDeployment + properties: + config: {get_resource: undercloudConfig} + server: {get_resource: undercloud} + signal_transport: {get_param: DefaultSignalTransport} input_values: bootstack_nodeid: - Fn::Select: - - name - - Fn::GetAtt: - - undercloud - - show + get_attr: + - undercloud + - name controller_host: - Fn::Select: - - 0 - - Fn::Select: - - ctlplane - - Fn::GetAtt: - - undercloud - - networks + get_attr: + - undercloud + - networks + - ctlplane + - 0 heat.watch_server_url: Fn::Join: - '' - - 'http://' - - {"Fn::Select": [ 0, "Fn::Select": [ ctlplane, { "Fn::GetAtt": [ undercloud, networks ]}]]} + - get_attr: [undercloud, networks, ctlplane, 0] - ':8003' heat.metadata_server_url: Fn::Join: - '' - - 'http://' - - {"Fn::Select": [ 0, "Fn::Select": [ ctlplane, { "Fn::GetAtt": [ undercloud, networks ]}]]} + - {get_attr: [undercloud, networks, ctlplane, 0]} - ':8000' heat.waitcondition_server_url: Fn::Join: - '' - - 'http://' - - {"Fn::Select": [ 0, "Fn::Select": [ ctlplane, { "Fn::GetAtt": [ undercloud, networks ]}]]} + - {get_attr: [undercloud, networks, ctlplane, 0]} - ':8000/v1/waitcondition' - 00_undercloudPassthroughDeployment: - Type: OS::Heat::StructuredDeployment - Properties: - config: {Ref: undercloudPassthroughConfig} - server: {Ref: undercloud} + undercloudPassthroughDeployment: + depends_on: [undercloudNovaDeployment] + type: OS::Heat::StructuredDeployment + properties: + config: {get_resource: undercloudPassthroughConfig} + server: {get_resource: undercloud} signal_transport: NO_SIGNAL input_values: - passthrough_config: {Ref: ExtraConfig} + passthrough_config: {get_param: ExtraConfig}