summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Makefile6
-rw-r--r--undercloud-bm-nova-config.yaml21
-rw-r--r--undercloud-bm-nova-deploy.yaml25
-rw-r--r--undercloud-bm-source.yaml37
-rw-r--r--undercloud-source.yaml300
-rw-r--r--undercloud-vm-ironic-config.yaml25
-rw-r--r--undercloud-vm-ironic-deploy.yaml31
-rw-r--r--undercloud-vm-ironic-source.yaml36
-rw-r--r--undercloud-vm-nova-config.yaml27
-rw-r--r--undercloud-vm-nova-deploy.yaml40
-rw-r--r--undercloud-vm-source.yaml57
11 files changed, 291 insertions, 314 deletions
diff --git a/Makefile b/Makefile
index 17da039a..29e25b3d 100644
--- a/Makefile
+++ b/Makefile
@@ -21,11 +21,11 @@ overcloud-with-block-storage-nfs.yaml: overcloud-source.yaml block-storage-nfs.y
python ./tripleo_heat_merge/merge.py --scale NovaCompute=$${COMPUTESCALE:-'1'} --scale SwiftStorage=$${SWIFTSTORAGESCALE='0'} --scale BlockStorage=$${BLOCKSTORAGESCALE:-'1'} overcloud-source.yaml block-storage-nfs.yaml nfs-server-source.yaml swift-source.yaml swift-storage-source.yaml ssl-source.yaml > $@.tmp
mv $@.tmp $@
-undercloud-vm.yaml: undercloud-source.yaml undercloud-vm-source.yaml
+undercloud-vm.yaml: undercloud-source.yaml undercloud-vm-nova-config.yaml undercloud-vm-nova-deploy.yaml
python ./tripleo_heat_merge/merge.py $^ > $@.tmp
mv $@.tmp $@
-undercloud-bm.yaml: undercloud-source.yaml undercloud-bm-source.yaml
+undercloud-bm.yaml: undercloud-source.yaml undercloud-bm-nova-config.yaml undercloud-bm-nova-deploy.yaml
python ./tripleo_heat_merge/merge.py $^ > $@.tmp
mv $@.tmp $@
@@ -33,7 +33,7 @@ undercloud-vm-tuskar.yaml: undercloud-source.yaml undercloud-vm-source.yaml tusk
python ./tripleo_heat_merge/merge.py $^ > $@.tmp
mv $@.tmp $@
-undercloud-vm-ironic.yaml: undercloud-source.yaml undercloud-vm-ironic-source.yaml
+undercloud-vm-ironic.yaml: undercloud-source.yaml undercloud-vm-ironic-config.yaml undercloud-vm-ironic-deploy.yaml
python ./tripleo_heat_merge/merge.py $^ > $@.tmp
mv $@.tmp $@
diff --git a/undercloud-bm-nova-config.yaml b/undercloud-bm-nova-config.yaml
new file mode 100644
index 00000000..1d40121a
--- /dev/null
+++ b/undercloud-bm-nova-config.yaml
@@ -0,0 +1,21 @@
+Resources:
+ undercloudNovaConfig:
+ Type: OS::Heat::StructuredConfig
+ Properties:
+ config:
+ nova:
+ compute_hostname: undercloud
+ compute_driver: baremetal.driver.BareMetalDriver
+ db: mysql://nova:unset@localhost/nova
+ default_ephemeral_format: ext4
+ host: 127.0.0.1
+ metadata-proxy: false
+ tuning:
+ ram_allocation_ratio: 1.0
+ reserved_host_memory_mb: 0
+ baremetal:
+ arch: {get_input: nova_arch}
+ db: mysql://nova:unset@localhost/nova_bm
+ power_manager: {get_input: power_manager}
+ pxe_deploy_timeout: {get_input: pxe_deploy_timeout}
+ service-password: {get_input: nova_service_password}
diff --git a/undercloud-bm-nova-deploy.yaml b/undercloud-bm-nova-deploy.yaml
new file mode 100644
index 00000000..41cf10a5
--- /dev/null
+++ b/undercloud-bm-nova-deploy.yaml
@@ -0,0 +1,25 @@
+Parameters:
+ NeutronPublicInterface:
+ Default: eth2
+ Description: What interface to bridge onto br-ex for network nodes.
+ Type: String
+ PowerManager:
+ Default: nova.virt.baremetal.ipmi.IPMI
+ Description: Bare metal power manager driver.
+ Type: String
+ PxeDeployTimeout:
+ Default: 2400
+ Description: Timeout for PXE deployment of baremetal nodes
+ Type: Number
+Resources:
+ 01_undercloudNovaDeployment:
+ Type: OS::Heat::StructuredDeployment
+ Properties:
+ config: {Ref: undercloudNovaConfig}
+ server: {Ref: undercloud}
+ signal_transport: NO_SIGNAL
+ input_values:
+ nova_arch: {Ref: BaremetalArch}
+ power_manager: {Ref: PowerManager}
+ pxe_deploy_timeout: {Ref: PxeDeployTimeout}
+ nova_service_password: {Ref: NovaPassword}
diff --git a/undercloud-bm-source.yaml b/undercloud-bm-source.yaml
deleted file mode 100644
index a1c0b98a..00000000
--- a/undercloud-bm-source.yaml
+++ /dev/null
@@ -1,37 +0,0 @@
-Parameters:
- NeutronPublicInterface:
- Default: eth2
- Description: What interface to bridge onto br-ex for network nodes.
- Type: String
- PowerManager:
- Default: nova.virt.baremetal.ipmi.IPMI
- Description: Bare metal power manager driver.
- Type: String
- PxeDeployTimeout:
- Default: 2400
- Description: Timeout for PXE deployment of baremetal nodes
- Type: Number
-Resources:
- undercloudConfig:
- Type: AWS::AutoScaling::LaunchConfiguration
- Metadata:
- nova:
- compute_hostname: undercloud
- compute_driver: baremetal.driver.BareMetalDriver
- db: mysql://nova:unset@localhost/nova
- default_ephemeral_format: ext4
- host: 127.0.0.1
- metadata-proxy: false
- tuning:
- ram_allocation_ratio: 1.0
- reserved_host_memory_mb: 0
- baremetal:
- arch:
- Ref: BaremetalArch
- db: mysql://nova:unset@localhost/nova_bm
- power_manager:
- Ref: PowerManager
- pxe_deploy_timeout:
- Ref: PxeDeployTimeout
- service-password:
- Ref: NovaPassword
diff --git a/undercloud-source.yaml b/undercloud-source.yaml
index cf9a43b8..58e4eda8 100644
--- a/undercloud-source.yaml
+++ b/undercloud-source.yaml
@@ -117,183 +117,94 @@ Resources:
length: 20
salt:
Ref: RabbitCookieSalt
- AccessPolicy:
- Properties:
- AllowedResources:
- - undercloudConfig
- Type: OS::Heat::AccessPolicy
- controller0Key:
- Properties:
- UserName:
- Ref: User
- Type: AWS::IAM::AccessKey
- controller0CompletionCondition:
- Type: AWS::CloudFormation::WaitCondition
- DependsOn: undercloud
- Properties:
- Handle: {Ref: controller0CompletionHandle}
- Count: '1'
- Timeout: '1800'
- controller0CompletionHandle:
- Type: AWS::CloudFormation::WaitConditionHandle
- User:
- Properties:
- Policies:
- - Ref: AccessPolicy
- Type: AWS::IAM::User
undercloudConfig:
- Type: AWS::AutoScaling::LaunchConfiguration
+ Type: OS::Heat::StructuredConfig
Properties:
- ImageId: '0'
- InstanceType: foo
- Metadata:
- OpenStack::Role: undercloudConfig
- OpenStack::Heat::Stack: {}
- OpenStack::ImageBuilder::Elements: [ boot-stack, heat-cfntools, neutron-network-node ]
- admin-password:
- Ref: AdminPassword
- admin-token:
- Ref: AdminToken
- bootstrap_host:
- bootstrap_nodeid:
- Fn::Select:
- - 0
- - Fn::Select:
+ config:
+ completion-signal: {get_input: deploy_signal_id}
+ admin-password:
+ Ref: AdminPassword
+ admin-token:
+ Ref: AdminToken
+ bootstrap_host:
+ bootstrap_nodeid:
+ Fn::Select:
- 0
- - Merge::Map:
- undercloud:
- - Fn::Select:
- - name
- - Fn::GetAtt:
- - undercloud
- - show
- nodeid:
- Fn::Select:
- - name
- - Fn::GetAtt:
- - undercloud
- - show
- controller-address:
- Fn::Select:
- - 0
- - Fn::Select:
- - "ctlplane"
- - Fn::GetAtt:
- - undercloud
- - networks
- ceilometer:
- db: mysql://ceilometer:unset@localhost/ceilometer
- metering_secret: {Ref: CeilometerMeteringSecret}
- snmpd_readonly_user_name:
- Ref: SnmpdReadonlyUserName
- snmpd_readonly_user_password:
- Ref: SnmpdReadonlyUserPassword
- service-password:
- Ref: CeilometerPassword
- cinder:
- db: mysql://cinder:unset@localhost/cinder
- volume_size_mb:
- Ref: CinderLVMLoopDeviceSize
- completion-handle:
- Ref: controller0CompletionHandle
- db-password: unset
- glance:
- backend: file
- db: mysql://glance:unset@localhost/glance
- host: 127.0.0.1
- service-password:
- Ref: GlancePassword
- notifier-strategy:
- Ref: GlanceNotifierStrategy
- log-file:
- Ref: GlanceLogFile
- heat:
- admin_password:
- Ref: HeatPassword
- admin_tenant_name: service
- admin_user: heat
- auth_encryption_key: unset___________
- db: mysql://heat:unset@localhost/heat
- stack_domain_admin_password: {Ref: HeatStackDomainAdminPassword}
- watch_server_url:
- Fn::Join:
- - ''
- - - http://
- - Fn::Select:
- - 0
- - Fn::Select:
- - "ctlplane"
- - Fn::GetAtt:
- - undercloud
- - networks
- - ":8003"
- metadata_server_url:
- Fn::Join:
- - ''
- - - http://
- - Fn::Select:
- - 0
+ - Fn::Select:
+ - 0
+ - Merge::Map:
+ undercloud:
- Fn::Select:
- - "ctlplane"
+ - name
- Fn::GetAtt:
- undercloud
- - networks
- - ":8000"
- waitcondition_server_url:
- Fn::Join:
- - ''
- - - http://
- - Fn::Select:
- - 0
- - Fn::Select:
- - "ctlplane"
- - Fn::GetAtt:
- - undercloud
- - networks
- - ":8000/v1/waitcondition"
- os-collect-config:
- cfn:
- access_key_id:
- Ref: controller0Key
- path: undercloudConfig.Metadata
- secret_access_key:
+ - show
+ nodeid: {get_input: bootstack_nodeid}
+ controller-address:
+ get_input: controller_host
+ ceilometer:
+ db: mysql://ceilometer:unset@localhost/ceilometer
+ metering_secret: {Ref: CeilometerMeteringSecret}
+ snmpd_readonly_user_name:
+ Ref: SnmpdReadonlyUserName
+ snmpd_readonly_user_password:
+ Ref: SnmpdReadonlyUserPassword
+ service-password:
+ Ref: CeilometerPassword
+ db-password: unset
+ glance:
+ backend: file
+ db: mysql://glance:unset@localhost/glance
+ host: 127.0.0.1
+ service-password:
+ Ref: GlancePassword
+ notifier-strategy:
+ Ref: GlanceNotifierStrategy
+ log-file:
+ Ref: GlanceLogFile
+ heat:
+ admin_password:
+ Ref: HeatPassword
+ admin_tenant_name: service
+ admin_user: heat
+ auth_encryption_key: unset___________
+ db: mysql://heat:unset@localhost/heat
+ stack_domain_admin_password: {Ref: HeatStackDomainAdminPassword}
+ watch_server_url: {get_input: heat.watch_server_url}
+ metadata_server_url: {get_input: heat.metadata_server_url}
+ waitcondition_server_url: {get_input: heat.waitcondition_server_url}
+ keystone:
+ db: mysql://keystone:unset@localhost/keystone
+ host: 127.0.0.1
+ mysql:
+ innodb_buffer_pool_size: {Ref: MysqlInnodbBufferPoolSize}
+ neutron:
+ host: 127.0.0.1
+ ovs_db: mysql://neutron:unset@localhost/ovs_neutron?charset=utf8
+ ovs:
+ public_interface:
+ Ref: NeutronPublicInterface
+ physical_bridge: br-ctlplane
+ physical_network: ctlplane
+ network_vlan_ranges: ctlplane
+ bridge_mappings: ctlplane:br-ctlplane
+ tenant_network_type: vlan
+ enable_tunneling: 'False'
+ service-password:
+ Ref: NeutronPassword
+ rabbit:
+ host: 127.0.0.1
+ username:
+ Ref: RabbitUserName
+ password:
+ Ref: RabbitPassword
+ cookie:
Fn::GetAtt:
- - controller0Key
- - SecretAccessKey
- stack_name:
- Ref: AWS::StackName
- keystone:
- db: mysql://keystone:unset@localhost/keystone
- host: 127.0.0.1
- mysql:
- innodb_buffer_pool_size: {Ref: MysqlInnodbBufferPoolSize}
- neutron:
- host: 127.0.0.1
- ovs_db: mysql://neutron:unset@localhost/ovs_neutron?charset=utf8
- ovs:
- public_interface:
- Ref: NeutronPublicInterface
- physical_bridge: br-ctlplane
- physical_network: ctlplane
- network_vlan_ranges: ctlplane
- bridge_mappings: ctlplane:br-ctlplane
- tenant_network_type: vlan
- enable_tunneling: 'False'
- service-password:
- Ref: NeutronPassword
- ntp:
- servers:
+ - RabbitCookie
+ - value
+ ntp:
+ servers:
- {server: {Ref: NtpServer}, fudge: "stratum 0"}
- rabbit:
- host: 127.0.0.1
- username:
- Ref: RabbitUserName
- password:
- Ref: RabbitPassword
- cookie:
- Fn::GetAtt:
- - RabbitCookie
- - value
undercloud:
Type: OS::Nova::Server
Properties:
@@ -305,15 +216,42 @@ Resources:
Ref: KeyName
image_update_policy:
Ref: ImageUpdatePolicy
- Metadata:
- os-collect-config:
- cfn:
- access_key_id:
- Ref: controller0Key
- path: undercloudConfig.Metadata
- secret_access_key:
- Fn::GetAtt:
- - controller0Key
- - SecretAccessKey
- stack_name:
- Ref: AWS::StackName
+ user_data_format: SOFTWARE_CONFIG
+ 99_undercloudDeployment:
+ Type: OS::Heat::StructuredDeployment
+ Properties:
+ config: {Ref: undercloudConfig}
+ server: {Ref: undercloud}
+ input_values:
+ bootstack_nodeid:
+ Fn::Select:
+ - name
+ - Fn::GetAtt:
+ - undercloud
+ - show
+ controller_host:
+ Fn::Select:
+ - 0
+ - Fn::Select:
+ - ctlplane
+ - Fn::GetAtt:
+ - undercloud
+ - networks
+ heat.watch_server_url:
+ Fn::Join:
+ - ''
+ - - 'http://'
+ - {"Fn::Select": [ 0, "Fn::Select": [ ctlplane, { "Fn::GetAtt": [ undercloud, networks ]}]]}
+ - ':8003'
+ heat.metadata_server_url:
+ Fn::Join:
+ - ''
+ - - 'http://'
+ - {"Fn::Select": [ 0, "Fn::Select": [ ctlplane, { "Fn::GetAtt": [ undercloud, networks ]}]]}
+ - ':8000'
+ heat.waitcondition_server_url:
+ Fn::Join:
+ - ''
+ - - 'http://'
+ - {"Fn::Select": [ 0, "Fn::Select": [ ctlplane, { "Fn::GetAtt": [ undercloud, networks ]}]]}
+ - ':8000/v1/waitcondition'
diff --git a/undercloud-vm-ironic-config.yaml b/undercloud-vm-ironic-config.yaml
new file mode 100644
index 00000000..241efa19
--- /dev/null
+++ b/undercloud-vm-ironic-config.yaml
@@ -0,0 +1,25 @@
+Resources:
+ undercloudNovaConfig:
+ Type: OS::Heat::StructuredConfig
+ Properties:
+ config:
+ nova:
+ compute_hostname: undercloud
+ compute_driver: ironic.nova.virt.ironic.driver.IronicDriver
+ compute_manager: ironic.nova.compute.manager.ClusteredComputeManager
+ db: mysql://nova:unset@localhost/nova
+ default_ephemeral_format: ext4
+ host: 127.0.0.1
+ metadata-proxy: false
+ tuning:
+ ram_allocation_ratio: 1.0
+ reserved_host_memory_mb: 0
+ service-password: {get_input: nova_service_password}
+ undercloudIronicConfig:
+ Type: OS::Heat::StructuredConfig
+ Properties:
+ config:
+ ironic:
+ db: mysql://ironic:unset@localhost/ironic
+ service-password: {get_input: ironic_service_password}
+ virtual_power_ssh_key: {get_input: virtual_power_ssh_key}
diff --git a/undercloud-vm-ironic-deploy.yaml b/undercloud-vm-ironic-deploy.yaml
new file mode 100644
index 00000000..10eb44d2
--- /dev/null
+++ b/undercloud-vm-ironic-deploy.yaml
@@ -0,0 +1,31 @@
+Parameters:
+ IronicPassword:
+ Type: String
+ Description: Ironic password for keystone access
+ NoEcho: true
+ NeutronPublicInterface:
+ Default: eth0
+ Description: What interface to bridge onto br-ex for network nodes.
+ Type: String
+ PowerSSHPrivateKey:
+ Description: Private key for using to ssh to a virtual power host.
+ Type: String
+ NoEcho: true
+Resources:
+ 01_undercloudNovaDeployment:
+ Type: OS::Heat::StructuredDeployment
+ Properties:
+ config: {Ref: undercloudNovaConfig}
+ server: {Ref: undercloud}
+ signal_transport: NO_SIGNAL
+ input_values:
+ nova_service_password: {Ref: NovaPassword}
+ 02_undercloudIronicDeployment:
+ Type: OS::Heat::StructuredDeployment
+ Properties:
+ config: {Ref: undercloudIronicConfig}
+ server: {Ref: undercloud}
+ signal_transport: NO_SIGNAL
+ input_values:
+ ironic_service_password: {Ref: IronicPassword}
+ virtual_power_ssh_key: {Ref: PowerSSHPrivateKey}
diff --git a/undercloud-vm-ironic-source.yaml b/undercloud-vm-ironic-source.yaml
deleted file mode 100644
index 2e9555ae..00000000
--- a/undercloud-vm-ironic-source.yaml
+++ /dev/null
@@ -1,36 +0,0 @@
-Parameters:
- IronicPassword:
- Type: String
- Description: Ironic password for keystone access
- NoEcho: true
- NeutronPublicInterface:
- Default: eth0
- Description: What interface to bridge onto br-ex for network nodes.
- Type: String
- PowerSSHPrivateKey:
- Description: Private key for using to ssh to a virtual power host.
- Type: String
- NoEcho: true
-Resources:
- undercloudConfig:
- Type: AWS::AutoScaling::LaunchConfiguration
- Metadata:
- ironic:
- db: mysql://ironic:unset@localhost/ironic
- service-password:
- Ref: IronicPassword
- virtual_power_ssh_key:
- Ref: PowerSSHPrivateKey
- nova:
- compute_hostname: undercloud
- compute_driver: ironic.nova.virt.ironic.driver.IronicDriver
- compute_manager: ironic.nova.compute.manager.ClusteredComputeManager
- db: mysql://nova:unset@localhost/nova
- default_ephemeral_format: ext4
- host: 127.0.0.1
- metadata-proxy: false
- tuning:
- ram_allocation_ratio: 1.0
- reserved_host_memory_mb: 0
- service-password:
- Ref: NovaPassword
diff --git a/undercloud-vm-nova-config.yaml b/undercloud-vm-nova-config.yaml
new file mode 100644
index 00000000..99da8059
--- /dev/null
+++ b/undercloud-vm-nova-config.yaml
@@ -0,0 +1,27 @@
+Resources:
+ undercloudNovaConfig:
+ Type: OS::Heat::StructuredConfig
+ Properties:
+ config:
+ nova:
+ compute_hostname: undercloud
+ compute_driver: baremetal.driver.BareMetalDriver
+ db: mysql://nova:unset@localhost/nova
+ default_ephemeral_format: ext4
+ host: 127.0.0.1
+ metadata-proxy: false
+ tuning:
+ ram_allocation_ratio: 1.0
+ reserved_host_memory_mb: 0
+ baremetal:
+ arch: {get_input: nova_arch}
+ db: mysql://nova:unset@localhost/nova_bm
+ power_manager: {get_input: power_manager}
+ pxe_deploy_timeout: {get_input: pxe_deploy_timeout}
+ virtual_power:
+ user: {get_input: user}
+ ssh_host: {get_input: ssh_host}
+ ssh_key: {get_input: ssh_key}
+ type: virsh
+ service-password: {get_input: nova_service_password}
+
diff --git a/undercloud-vm-nova-deploy.yaml b/undercloud-vm-nova-deploy.yaml
new file mode 100644
index 00000000..16890360
--- /dev/null
+++ b/undercloud-vm-nova-deploy.yaml
@@ -0,0 +1,40 @@
+Parameters:
+ NeutronPublicInterface:
+ Default: eth0
+ Description: What interface to bridge onto br-ex for network nodes.
+ Type: String
+ PowerManager:
+ Default: nova.virt.baremetal.virtual_power_driver.VirtualPowerManager
+ Description: Bare metal power manager driver.
+ Type: String
+ PxeDeployTimeout:
+ Default: 2400
+ Description: Timeout for PXE deployment of baremetal nodes
+ Type: Number
+ PowerSSHHost:
+ Default: 192.168.122.1
+ Description: SSH host to ssh to for power management operations.
+ Type: String
+ PowerSSHPrivateKey:
+ Description: Private key for using to ssh to a virtual power host.
+ Type: String
+ NoEcho: true
+ PowerUserName:
+ Default: stack
+ Description: What username to ssh to the virtual power host with.
+ Type: String
+Resources:
+ 01_undercloudNovaDeployment:
+ Type: OS::Heat::StructuredDeployment
+ Properties:
+ config: {Ref: undercloudNovaConfig}
+ server: {Ref: undercloud}
+ signal_transport: NO_SIGNAL
+ input_values:
+ nova_arch: {Ref: BaremetalArch}
+ power_manager: {Ref: PowerManager}
+ pxe_deploy_timeout: {Ref: PxeDeployTimeout}
+ nova_service_password: {Ref: NovaPassword}
+ user: {Ref: PowerUserName}
+ ssh_host: {Ref: PowerSSHHost}
+ ssh_key: {Ref: PowerSSHPrivateKey}
diff --git a/undercloud-vm-source.yaml b/undercloud-vm-source.yaml
deleted file mode 100644
index 4e076fd3..00000000
--- a/undercloud-vm-source.yaml
+++ /dev/null
@@ -1,57 +0,0 @@
-Parameters:
- NeutronPublicInterface:
- Default: eth0
- Description: What interface to bridge onto br-ex for network nodes.
- Type: String
- PowerManager:
- Default: nova.virt.baremetal.virtual_power_driver.VirtualPowerManager
- Description: Bare metal power manager driver.
- Type: String
- PxeDeployTimeout:
- Default: 2400
- Description: Timeout for PXE deployment of baremetal nodes
- Type: Number
- PowerSSHHost:
- Default: 192.168.122.1
- Description: SSH host to ssh to for power management operations.
- Type: String
- PowerSSHPrivateKey:
- Description: Private key for using to ssh to a virtual power host.
- Type: String
- NoEcho: true
- PowerUserName:
- Default: stack
- Description: What username to ssh to the virtual power host with.
- Type: String
-Resources:
- undercloudConfig:
- Type: AWS::AutoScaling::LaunchConfiguration
- Metadata:
- nova:
- compute_hostname: undercloud
- compute_driver: baremetal.driver.BareMetalDriver
- db: mysql://nova:unset@localhost/nova
- default_ephemeral_format: ext4
- host: 127.0.0.1
- metadata-proxy: false
- tuning:
- ram_allocation_ratio: 1.0
- reserved_host_memory_mb: 0
- baremetal:
- arch:
- Ref: BaremetalArch
- db: mysql://nova:unset@localhost/nova_bm
- power_manager:
- Ref: PowerManager
- pxe_deploy_timeout:
- Ref: PxeDeployTimeout
- virtual_power:
- user:
- Ref: PowerUserName
- ssh_host:
- Ref: PowerSSHHost
- ssh_key:
- Ref: PowerSSHPrivateKey
- type: virsh
- service-password:
- Ref: NovaPassword