diff options
26 files changed, 1562 insertions, 4252 deletions
@@ -1,12 +1,3 @@ -# Built via Makefile -overcloud.yaml -overcloud-with-block-storage.yaml -overcloud-with-block-storage-nfs.yaml -undercloud-bm.yaml -undercloud-vm.yaml -undercloud-vm-ironic.yaml -undercloud-vm-ironic-vlan.yaml - *.py[cod] # C extensions @@ -15,8 +15,7 @@ Features The ability to deploy a multi-node, role based OpenStack deployment using OpenStack Heat. Notable features include: - * Choice of deployment/configuration tooling: puppet, os-apply-config, and - (soon) docker + * Choice of deployment/configuration tooling: puppet, (soon) docker * Role based deployment: roles for the controller, compute, ceph, swift, and cinder storage @@ -43,11 +42,5 @@ A description of the directory layout in TripleO Heat Templates. * puppet: templates mostly driven by configuration with puppet. To use these templates you can use the overcloud-resource-registry-puppet.yaml. - * os-apply-config: templates mostly driven by configuration w/ - os-collect-config and bash based - elements (which use the Heat os-apply-config group). - These will soon be deprecated and are no longer part - of the upstream CI testing efforts. - * validation-scripts: validation scripts useful to all deployment configurations diff --git a/os-apply-config/all-nodes-config.yaml b/os-apply-config/all-nodes-config.yaml deleted file mode 100644 index 3f0bd61c..00000000 --- a/os-apply-config/all-nodes-config.yaml +++ /dev/null @@ -1,93 +0,0 @@ -heat_template_version: 2015-04-30 -description: 'All Nodes Config' - -parameters: - compute_hosts: - type: comma_delimited_list - controller_hosts: - type: comma_delimited_list - controller_ips: - type: comma_delimited_list - block_storage_hosts: - type: comma_delimited_list - object_storage_hosts: - type: comma_delimited_list - ceph_storage_hosts: - type: comma_delimited_list - controller_names: - type: comma_delimited_list - rabbit_node_ips: - type: comma_delimited_list - mongo_node_ips: - type: comma_delimited_list - redis_node_ips: - type: comma_delimited_list - memcache_node_ips: - type: comma_delimited_list - mysql_node_ips: - type: comma_delimited_list - horizon_node_ips: - type: comma_delimited_list - heat_api_node_ips: - type: comma_delimited_list - swift_proxy_node_ips: - type: comma_delimited_list - ceilometer_api_node_ips: - type: comma_delimited_list - nova_api_node_ips: - type: comma_delimited_list - nova_metadata_node_ips: - type: comma_delimited_list - glance_api_node_ips: - type: comma_delimited_list - glance_registry_node_ips: - type: comma_delimited_list - cinder_api_node_ips: - type: comma_delimited_list - neutron_api_node_ips: - type: comma_delimited_list - keystone_public_api_node_ips: - type: comma_delimited_list - keystone_admin_api_node_ips: - type: comma_delimited_list - -resources: - - allNodesConfigImpl: - type: OS::Heat::StructuredConfig - properties: - config: - completion-signal: {get_input: deploy_signal_id} - hosts: - list_join: - - "\n" - - - list_join: - - "\n" - - {get_param: compute_hosts} - - list_join: - - "\n" - - {get_param: controller_hosts} - - list_join: - - "\n" - - {get_param: block_storage_hosts} - - list_join: - - "\n" - - {get_param: object_storage_hosts} - - list_join: - - "\n" - - {get_param: ceph_storage_hosts} - rabbit: - nodes: - list_join: - - ',' - - {get_param: controller_names} - sysctl: - net.ipv4.tcp_keepalive_time: 5 - net.ipv4.tcp_keepalive_probes: 5 - net.ipv4.tcp_keepalive_intvl: 1 - -outputs: - config_id: - description: The ID of the allNodesConfigImpl resource. - value: - {get_resource: allNodesConfigImpl} diff --git a/os-apply-config/ceph-cluster-config.yaml b/os-apply-config/ceph-cluster-config.yaml deleted file mode 100644 index 115de085..00000000 --- a/os-apply-config/ceph-cluster-config.yaml +++ /dev/null @@ -1,69 +0,0 @@ -heat_template_version: 2015-04-30 -description: 'Ceph Cluster config data' - -parameters: - ceph_storage_count: - default: 0 - type: number - description: Number of Ceph storage nodes. Used to enable/disable managed Ceph installation. - ceph_external_mon_ips: - default: '' - type: string - description: List of external Ceph Mon host IPs. - ceph_client_key: - default: '' - type: string - description: Ceph key used to create the client user keyring. - ceph_fsid: - default: '' - type: string - ceph_admin_key: - default: '' - type: string - ceph_mon_key: - default: '' - type: string - ceph_mon_names: - type: comma_delimited_list - ceph_mon_ips: - type: comma_delimited_list - NovaRbdPoolName: - default: vms - type: string - CinderRbdPoolName: - default: volumes - type: string - GlanceRbdPoolName: - default: images - type: string - CephClientUserName: - default: openstack - type: string - -resources: - CephClusterConfigImpl: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: - ceph_cluster: - mon_initial_members: - list_join: - - ',' - - {get_param: ceph_mon_names} - mon_host: - list_join: - - ',' - - {get_param: ceph_mon_ips} - fsid: {get_param: ceph_fsid} - admin_key: {get_param: ceph_admin_key} - mon_key: {get_param: ceph_mon_key} - # We would need a dedicated key for OSD bootstrap - bootstrap_osd_key: {get_param: ceph_mon_key} - osds: '{"/srv/data": {}}' - -outputs: - config_id: - description: The ID of the CephClusterConfigImpl resource. - value: - {get_resource: CephClusterConfigImpl} diff --git a/os-apply-config/ceph-storage-post.yaml b/os-apply-config/ceph-storage-post.yaml deleted file mode 100644 index 734f90bd..00000000 --- a/os-apply-config/ceph-storage-post.yaml +++ /dev/null @@ -1,21 +0,0 @@ -heat_template_version: 2015-04-30 -description: 'Ceph Storage Post Deployment' -# NOTE: this is a noop for os-apply-config style deployments because -# post deployment ordering is controlled by tripleo-image-elements - -parameters: - servers: - type: json - NodeConfigIdentifiers: - type: json - description: Value which changes if the node configuration may need to be re-applied - -resources: - - # Note, this should come last, so use depends_on to ensure - # this is created after any other resources. - ExtraConfig: - type: OS::TripleO::NodeExtraConfigPost - properties: - servers: {get_param: servers} - diff --git a/os-apply-config/ceph-storage.yaml b/os-apply-config/ceph-storage.yaml deleted file mode 100644 index fc321d88..00000000 --- a/os-apply-config/ceph-storage.yaml +++ /dev/null @@ -1,172 +0,0 @@ -heat_template_version: 2015-04-30 -description: 'Common Ceph Storage Configuration' -parameters: - Image: - type: string - default: overcloud-ceph-storage - KeyName: - default: default - description: Name of an existing EC2 KeyPair to enable SSH access to the instances - type: string - Flavor: - default: baremetal - description: Flavor for block storage nodes to request when deploying. - type: string - CephClusterFSID: - default: '' - type: string - description: The Ceph cluster FSID. Must be a UUID. - CephMonKey: - default: '' - description: The Ceph monitors key. Can be created with ceph-authtool --gen-print-key. - type: string - hidden: true - CephAdminKey: - default: '' - description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key. - type: string - hidden: true - CephMonitors: - default: '' - description: The list of ip/names to use as Ceph monitors - type: json - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. - type: json - UpdateIdentifier: - default: '' - type: string - description: > - Setting to a previously unused value during stack-update will trigger - package update on all nodes - Hostname: - type: string - default: '' # Defaults to Heat created hostname - ExtraConfig: - default: {} - description: | - Additional configuration to inject into the cluster. Note - that CephStorageExtraConfig takes precedence over ExtraConfig. - type: json - CephStorageExtraConfig: - default: {} - description: | - Role specific additional configuration to inject into the cluster. - type: json - - -resources: - CephStorage: - type: OS::Nova::Server - properties: - image: - {get_param: Image} - flavor: {get_param: OvercloudCephStorageFlavor} - key_name: {get_param: KeyName} - networks: - - network: ctlplane - user_data_format: SOFTWARE_CONFIG - user_data: {get_resource: NodeUserData} - name: {get_param: Hostname} - - NodeUserData: - type: OS::TripleO::NodeUserData - - StoragePort: - type: OS::TripleO::CephStorage::Ports::StoragePort - properties: - ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]} - - StorageMgmtPort: - type: OS::TripleO::CephStorage::Ports::StorageMgmtPort - properties: - ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]} - - NetworkConfig: - type: OS::TripleO::CephStorage::Net::SoftwareConfig - properties: - ControlPlaneIp: {get_attr: [CephStorage, networks, ctlplane, 0]} - StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} - StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} - - NetworkDeployment: - type: OS::TripleO::SoftwareDeployment - properties: - config: {get_resource: NetworkConfig} - server: {get_resource: CephStorage} - - CephStorageDeployment: - type: OS::Heat::StructuredDeployment - properties: - server: {get_resource: CephStorage} - config: {get_resource: CephStorageConfig} - signal_transport: NO_SIGNAL - CephStorageConfig: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: - ceph: - fsid: {get_param: CephClusterFSID} - keyrings: - admin: - key: {get_param: CephAdminKey} - mon_nodes: {get_param: CephMonitors} - ControllerCephDeployment: - type: OS::Heat::StructuredDeployment - properties: - server: {get_resource: Controller} - config: {get_resource: ControllerCephConfig} - signal_transport: NO_SIGNAL - ControllerCephConfig: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: - cinder: - include_ceph_backend: true - ceph: - fsid: {get_param: CephClusterFSID} - keyrings: - mon: - key: {get_param: CephMonKey} - admin: - key: {get_param: CephAdminKey} - mon_nodes: {get_param: CephMonitors} - NovaComputeCephDeployment: - depends_on: [ControllerCephDeployment] - type: OS::Heat::StructuredDeployment - properties: - server: {get_resource: NovaCompute} - config: {get_resource: NovaComputeCephConfig} - signal_transport: NO_SIGNAL - NovaComputeCephConfig: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: - ceph: - fsid: {get_param: CephClusterFSID} - keyrings: - admin: - key: {get_param: CephAdminKey} - mon_nodes: {get_param: CephMonitors} -outputs: - hosts_entry: - value: - str_replace: - template: "IP HOST" - params: - IP: {get_attr: [CephStorage, networks, ctlplane, 0]} - HOST: {get_attr: [CephStorage, name]} - storage_ip_address: - description: IP address of the server in the storage network - value: {get_attr: [StoragePort, ip_address]} - storage_mgmt_ip_address: - description: IP address of the server in the storage_mgmt network - value: {get_attr: [StorageMgmtPort, ip_address]} - config_identifier: - description: identifier which changes if the node configuration may need re-applying - value: "None - NO_SIGNAL" diff --git a/os-apply-config/cinder-storage-post.yaml b/os-apply-config/cinder-storage-post.yaml deleted file mode 100644 index ad4e0460..00000000 --- a/os-apply-config/cinder-storage-post.yaml +++ /dev/null @@ -1,21 +0,0 @@ -heat_template_version: 2015-04-30 -description: 'Common Block Storage Post Deployment' -# NOTE: this is a noop for os-apply-config style deployments because -# post deployment ordering is controlled by tripleo-image-elements - -parameters: - servers: - type: json - NodeConfigIdentifiers: - type: json - description: Value which changes if the node configuration may need to be re-applied - -resources: - - # Note, this should come last, so use depends_on to ensure - # this is created after any other resources. - ExtraConfig: - type: OS::TripleO::NodeExtraConfigPost - properties: - servers: {get_param: servers} - diff --git a/os-apply-config/cinder-storage.yaml b/os-apply-config/cinder-storage.yaml deleted file mode 100644 index 7f1164c4..00000000 --- a/os-apply-config/cinder-storage.yaml +++ /dev/null @@ -1,234 +0,0 @@ -heat_template_version: 2015-04-30 -description: 'Common Block Storage Configuration' -parameters: - Image: - default: overcloud-cinder-volume - type: string - CinderEnableIscsiBackend: - default: true - description: Whether to enable or not the Iscsi backend for Cinder - type: boolean - CinderISCSIHelper: - default: tgtadm - description: The iSCSI helper to use with cinder. - type: string - CinderLVMLoopDeviceSize: - default: 5000 - description: The size of the loopback file used by the cinder LVM driver. - type: number - CinderPassword: - default: unset - description: The password for the cinder service and db account, used by cinder-api. - type: string - hidden: true - VirtualIP: - default: '' - type: string - ExtraConfig: - default: {} - description: | - Additional configuration to inject into the cluster. The JSON should have - the following structure: - {"FILEKEY": - {"config": - [{"section": "SECTIONNAME", - "values": - [{"option": "OPTIONNAME", - "value": "VALUENAME" - } - ] - } - ] - } - } - For instance: - {"nova": - {"config": - [{"section": "default", - "values": - [{"option": "force_config_drive", - "value": "always" - } - ] - }, - {"section": "cells", - "values": - [{"option": "driver", - "value": "nova.cells.rpc_driver.CellsRPCDriver" - } - ] - } - ] - } - } - type: json - BlockStorageExtraConfig: - default: {} - description: | - Role specific additional configuration to inject into the cluster. - type: json - Flavor: - description: Flavor for block storage nodes to request when deploying. - type: string - constraints: - - custom_constraint: nova.flavor - GlancePort: - default: "9292" - description: Glance port. - type: string - GlanceProtocol: - default: http - description: Protocol to use when connecting to glance, set to https for SSL. - type: string - KeyName: - default: default - description: Name of an existing EC2 KeyPair to enable SSH access to the instances - type: string - RabbitPassword: - default: 'guest' - type: string - hidden: true - RabbitUserName: - default: 'guest' - type: string - RabbitClientUseSSL: - default: false - description: > - Rabbit client subscriber parameter to specify - an SSL connection to the RabbitMQ host. - type: string - RabbitClientPort: - default: 5672 - description: Set rabbit subscriber port, change this if using SSL - type: number - SnmpdReadonlyUserName: - default: ro_snmp_user - description: The user name for SNMPd with readonly rights running on all Overcloud nodes - type: string - SnmpdReadonlyUserPassword: - default: unset - description: The user password for SNMPd with readonly rights running on all Overcloud nodes - type: string - hidden: true - UpdateIdentifier: - default: '' - type: string - description: > - Setting to a previously unused value during stack-update will trigger - package update on all nodes - Hostname: - type: string - default: '' # Defaults to Heat created hostname - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. - type: json - GlanceApiVirtualIP: - type: string - default: '' - MysqlVirtualIP: - type: string - default: '' - -resources: - BlockStorage: - type: OS::Nova::Server - properties: - image: - {get_param: Image} - flavor: {get_param: Flavor} - key_name: {get_param: KeyName} - networks: - - network: ctlplane - user_data_format: SOFTWARE_CONFIG - user_data: {get_resource: NodeUserData} - name: {get_param: Hostname} - - NodeUserData: - type: OS::TripleO::NodeUserData - - InternalApiPort: - type: OS::TripleO::BlockStorage::Ports::InternalApiPort - properties: - ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]} - - StoragePort: - type: OS::TripleO::BlockStorage::Ports::StoragePort - properties: - ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]} - - StorageMgmtPort: - type: OS::TripleO::BlockStorage::Ports::StorageMgmtPort - properties: - ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]} - - NetworkConfig: - type: OS::TripleO::BlockStorage::Net::SoftwareConfig - properties: - ControlPlaneIp: {get_attr: [BlockStorage, networks, ctlplane, 0]} - InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} - StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} - StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} - - NetworkDeployment: - type: OS::TripleO::SoftwareDeployment - properties: - config: {get_resource: NetworkConfig} - server: {get_resource: BlockStorage} - - BlockStorageDeployment: - type: OS::Heat::StructuredDeployment - properties: - server: {get_resource: BlockStorage} - config: {get_resource: BlockStorageConfig} - input_values: - controller_virtual_ip: {get_param: VirtualIP} - cinder_dsn: {list_join: ['', ['mysql://cinder:', {get_param: CinderPassword}, '@', {get_param: VirtualIP} , '/cinder']]} - snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} - snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} - signal_transport: NO_SIGNAL - BlockStorageConfig: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: - keystone: - host: {get_input: controller_virtual_ip} - cinder: - db: {get_input: cinder_dsn} - volume_size_mb: - get_param: CinderLVMLoopDeviceSize - iscsi-helper: - get_param: CinderISCSIHelper - snmpd: - export_MIB: UCD-SNMP-MIB - readonly_user_name: {get_input: snmpd_readonly_user_name} - readonly_user_password: {get_input: snmpd_readonly_user_password} - rabbit: - host: {get_input: controller_virtual_ip} - username: {get_param: RabbitUserName} - password: {get_param: RabbitPassword} - glance: - host: {get_input: controller_virtual_ip} - port: {get_param: GlancePort} -outputs: - hosts_entry: - value: - str_replace: - template: "IP HOST" - params: - IP: {get_attr: [BlockStorage, networks, ctlplane, 0]} - HOST: {get_attr: [BlockStorage, name]} - internal_api_ip_address: - description: IP address of the server in the internal_api network - value: {get_attr: [InternalApiPort, ip_address]} - storage_ip_address: - description: IP address of the server in the storage network - value: {get_attr: [StoragePort, ip_address]} - storage_mgmt_ip_address: - description: IP address of the server in the storage_mgmt network - value: {get_attr: [StorageMgmtPort, ip_address]} - config_identifier: - description: identifier which changes if the node configuration may need re-applying - value: "None - NO_SIGNAL" diff --git a/os-apply-config/compute-post.yaml b/os-apply-config/compute-post.yaml deleted file mode 100644 index 695690d4..00000000 --- a/os-apply-config/compute-post.yaml +++ /dev/null @@ -1,22 +0,0 @@ -heat_template_version: 2015-04-30 -description: 'Compute Post Deployment' -# NOTE: this is a noop for os-apply-config style deployments because -# post deployment ordering is controlled by tripleo-image-elements - -parameters: - servers: - type: json - NodeConfigIdentifiers: - type: json - description: Value which changes if the node configuration may need to be re-applied - -resources: - - - # Note, this should come last, so use depends_on to ensure - # this is created after any other resources. - ExtraConfig: - type: OS::TripleO::NodeExtraConfigPost - properties: - servers: {get_param: servers} - diff --git a/os-apply-config/compute.yaml b/os-apply-config/compute.yaml deleted file mode 100644 index c829248b..00000000 --- a/os-apply-config/compute.yaml +++ /dev/null @@ -1,569 +0,0 @@ -heat_template_version: 2015-04-30 - -description: > - OpenStack hypervisor node. Can be wrapped in a ResourceGroup for scaling. - -parameters: - AdminPassword: - default: unset - description: The password for the keystone admin account, used for monitoring, querying neutron etc. - type: string - hidden: true - CeilometerComputeAgent: - description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly - type: string - default: '' - constraints: - - allowed_values: ['', Present] - CeilometerMeteringSecret: - default: unset - description: Secret shared by the ceilometer services. - type: string - hidden: true - CeilometerPassword: - default: unset - description: The password for the ceilometer service account. - type: string - hidden: true - CinderEnableNfsBackend: - default: false - description: Whether to enable or not the NFS backend for Cinder - type: boolean - CinderEnableRbdBackend: - default: false - description: Whether to enable or not the Rbd backend for Cinder - type: boolean - Debug: - default: '' - description: Set to True to enable debugging on all services. - type: string - ExtraConfig: - default: {} - description: | - Additional configuration to inject into the cluster. The JSON should have - the following structure: - {"FILEKEY": - {"config": - [{"section": "SECTIONNAME", - "values": - [{"option": "OPTIONNAME", - "value": "VALUENAME" - } - ] - } - ] - } - } - For instance: - {"nova": - {"config": - [{"section": "default", - "values": - [{"option": "force_config_drive", - "value": "always" - } - ] - }, - {"section": "cells", - "values": - [{"option": "driver", - "value": "nova.cells.rpc_driver.CellsRPCDriver" - } - ] - } - ] - } - } - type: json - Flavor: - description: Flavor for the nova compute node - type: string - constraints: - - custom_constraint: nova.flavor - GlanceHost: - type: string - default: '' # Has to be here because of the ignored empty value bug - GlancePort: - default: "9292" - description: Glance port. - type: string - GlanceProtocol: - default: http - description: Protocol to use when connecting to glance, set to https for SSL. - type: string - Image: - type: string - default: overcloud-compute - constraints: - - custom_constraint: glance.image - ImageUpdatePolicy: - default: 'REBUILD_PRESERVE_EPHEMERAL' - description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt. - type: string - KeyName: - description: Name of an existing EC2 KeyPair to enable SSH access to the instances - type: string - default: default - constraints: - - custom_constraint: nova.keypair - KeystoneAdminApiVirtualIP: - type: string - default: '' - KeystonePublicApiVirtualIP: - type: string - default: '' - NeutronBridgeMappings: - description: > - The OVS logical->physical bridge mappings to use. See the Neutron - documentation for details. Defaults to mapping br-ex - the external - bridge on hosts - to a physical name 'datacentre' which can be used - to create provider networks (and we use this for the default floating - network) - if changing this either use different post-install network - scripts or be sure to keep 'datacentre' as a mapping network name. - type: string - default: "datacentre:br-ex" - NeutronEnableTunnelling: - type: string - default: "True" - NeutronEnableL2Pop: - type: string - description: > - Enable/disable the L2 population feature in the Neutron agents. - default: "False" - NeutronFlatNetworks: - type: string - default: 'datacentre' - description: > - If set, flat networks to configure in neutron plugins. - NeutronHost: - type: string - default: '' # Has to be here because of the ignored empty value bug - NeutronNetworkType: - type: string - description: The tenant network type for Neutron, either gre or vxlan. - default: 'vxlan' - NeutronNetworkVLANRanges: - default: 'datacentre' - description: > - The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the - Neutron documentation for permitted values. Defaults to permitting any - VLAN on the 'datacentre' physical network (See NeutronBridgeMappings). - type: comma_delimited_list - NeutronPassword: - default: unset - description: The password for the neutron service account, used by neutron agents. - type: string - hidden: true - NeutronPhysicalBridge: - default: '' - description: An OVS bridge to create for accessing external networks. - type: string - NeutronPublicInterface: - default: nic1 - description: A port to add to the NeutronPhysicalBridge. - type: string - NeutronTunnelTypes: - type: string - description: | - The tunnel types for the Neutron tenant network. To specify multiple - values, use a comma separated string, like so: 'gre,vxlan' - default: 'vxlan' - NeutronTunnelIdRanges: - description: | - Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges - of GRE tunnel IDs that are available for tenant network allocation - default: ["1:1000", ] - type: comma_delimited_list - NeutronVniRanges: - description: | - Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges - of VXLAN VNI IDs that are available for tenant network allocation - default: ["1:1000", ] - type: comma_delimited_list - NeutronPublicInterfaceRawDevice: - default: '' - type: string - NeutronDVR: - default: 'False' - type: string - NeutronMetadataProxySharedSecret: - default: 'unset' - description: Shared secret to prevent spoofing - type: string - hidden: true - NeutronCorePlugin: - default: "ml2" - description: | - The core plugin for Neutron. The value should be the entrypoint to be loaded - from neutron.core_plugins namespace. - type: string - NeutronServicePlugins: - default: "router" - description: | - Comma-separated list of service plugin entrypoints to be loaded from the - neutron.service_plugins namespace. - type: comma_delimited_list - NeutronTypeDrivers: - default: "vxlan,vlan,flat,gre" - description: | - Comma-separated list of network type driver entrypoints to be loaded. - type: comma_delimited_list - NeutronMechanismDrivers: - default: 'openvswitch' - description: | - The mechanism drivers for the Neutron tenant network. To specify multiple - values, use a comma separated string, like so: 'openvswitch,l2_population' - type: string - # Not relevant for Computes, should be removed - NeutronAllowL3AgentFailover: - default: 'True' - description: Allow automatic l3-agent failover - type: string - # Not relevant for Computes, should be removed - NeutronL3HA: - default: 'False' - description: Whether to enable l3-agent HA - type: string - NeutronAgentMode: - default: 'dvr_snat' - description: Agent mode for the neutron-l3-agent on the controller hosts - type: string - NovaApiHost: - type: string - default: '' # Has to be here because of the ignored empty value bug - NovaComputeDriver: - type: string - default: libvirt.LibvirtDriver - NovaComputeExtraConfig: - default: {} - description: | - NovaCompute specific configuration to inject into the cluster. Same - structure as ExtraConfig. - type: json - NovaComputeLibvirtType: - type: string - default: '' - NovaEnableRbdBackend: - default: false - description: Whether to enable or not the Rbd backend for Nova - type: boolean - NovaPassword: - default: unset - description: The password for the nova service account, used by nova-api. - type: string - hidden: true - NovaPublicIP: - type: string - default: '' # Has to be here because of the ignored empty value bug - NtpServer: - type: string - default: '' - RabbitHost: - type: string - default: '' # Has to be here because of the ignored empty value bug - RabbitPassword: - default: guest - description: The password for RabbitMQ - type: string - hidden: true - RabbitUserName: - default: guest - description: The username for RabbitMQ - type: string - RabbitClientUseSSL: - default: false - description: > - Rabbit client subscriber parameter to specify - an SSL connection to the RabbitMQ host. - type: string - RabbitClientPort: - default: 5672 - description: Set rabbit subscriber port, change this if using SSL - type: number - SnmpdReadonlyUserName: - default: ro_snmp_user - description: The user name for SNMPd with readonly rights running on all Overcloud nodes - type: string - SnmpdReadonlyUserPassword: - default: unset - description: The user password for SNMPd with readonly rights running on all Overcloud nodes - type: string - hidden: true - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. - type: json - UpdateIdentifier: - default: '' - type: string - description: > - Setting to a previously unused value during stack-update will trigger - package update on all nodes - Hostname: - type: string - default: '' # Defaults to Heat created hostname - -resources: - - NovaCompute: - type: OS::Nova::Server - properties: - image: - {get_param: Image} - image_update_policy: - get_param: ImageUpdatePolicy - flavor: {get_param: Flavor} - key_name: {get_param: KeyName} - networks: - - network: ctlplane - user_data_format: SOFTWARE_CONFIG - user_data: {get_resource: NodeUserData} - name: {get_param: Hostname} - - NodeUserData: - type: OS::TripleO::NodeUserData - - InternalApiPort: - type: OS::TripleO::Compute::Ports::InternalApiPort - properties: - ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]} - - StoragePort: - type: OS::TripleO::Compute::Ports::StoragePort - properties: - ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]} - - TenantPort: - type: OS::TripleO::Compute::Ports::TenantPort - properties: - ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]} - - NetworkConfig: - type: OS::TripleO::Compute::Net::SoftwareConfig - properties: - ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]} - InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} - StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} - TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} - - NetworkDeployment: - type: OS::TripleO::SoftwareDeployment - properties: - signal_transport: NO_SIGNAL - config: {get_resource: NetworkConfig} - server: {get_resource: NovaCompute} - input_values: - bridge_name: {get_param: NeutronPhysicalBridge} - interface_name: {get_param: NeutronPublicInterface} - - NovaComputeConfig: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: - nova: - compute_driver: { get_input: nova_compute_driver } - compute_libvirt_type: { get_input: nova_compute_libvirt_type } - debug: {get_input: debug} - host: {get_input: nova_api_host} - public_ip: {get_input: nova_public_ip} - service-password: {get_input: nova_password} - ceilometer: - debug: {get_input: debug} - metering_secret: {get_input: ceilometer_metering_secret} - service-password: {get_input: ceilometer_password} - compute_agent: {get_input: ceilometer_compute_agent} - snmpd: - export_MIB: UCD-SNMP-MIB - readonly_user_name: {get_input: snmpd_readonly_user_name} - readonly_user_password: {get_input: snmpd_readonly_user_password} - glance: - debug: {get_input: debug} - host: {get_input: glance_host} - port: {get_input: glance_port} - protocol: {get_input: glance_protocol} - keystone: - debug: {get_input: debug} - host: {get_input: keystone_host} - neutron: - debug: {get_input: debug} - flat-networks: {get_input: neutron_flat_networks} - host: {get_input: neutron_host} - router_distributed: {get_input: neutron_router_distributed} - agent_mode: {get_input: neutron_agent_mode} - ovs_db: {get_input: neutron_dsn} - metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret} - core_plugin: {get_input: neutron_core_plugin} - service_plugins: {get_input: neutron_service_plugins} - type_drivers: {get_input: neutron_type_drivers} - mechanism_drivers: {get_input: neutron_mechanism_drivers} - allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover} - l3_ha: {get_input: neutron_l3_ha} - ovs: - local_ip: {get_input: neutron_local_ip} - tenant_network_type: {get_input: neutron_tenant_network_type} - tunnel_types: {get_input: neutron_tunnel_types} - network_vlan_ranges: {get_input: neutron_network_vlan_ranges} - tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges} - vni_ranges: {get_input: neutron_vni_ranges} - bridge_mappings: {get_input: neutron_bridge_mappings} - enable_tunneling: {get_input: neutron_enable_tunneling} - l2_population: {get_input: neutron_enable_l2pop} - physical_bridge: {get_input: neutron_physical_bridge} - public_interface: {get_input: neutron_public_interface} - public_interface_raw_device: {get_input: neutron_public_interface_raw_device} - service-password: {get_input: neutron_password} - admin-password: {get_input: admin_password} - rabbit: - host: {get_input: rabbit_host} - username: {get_input: rabbit_username} - password: {get_input: rabbit_password} - ntp: - servers: - - {server: {get_input: ntp_server}} - - NovaComputeDeployment: - type: OS::TripleO::SoftwareDeployment - properties: - signal_transport: NO_SIGNAL - config: {get_resource: NovaComputeConfig} - server: {get_resource: NovaCompute} - input_values: - debug: {get_param: Debug} - nova_compute_driver: {get_param: NovaComputeDriver} - nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType} - nova_public_ip: {get_param: NovaPublicIP} - nova_api_host: {get_param: NovaApiHost} - nova_password: {get_param: NovaPassword} - ceilometer_metering_secret: {get_param: CeilometerMeteringSecret} - ceilometer_password: {get_param: CeilometerPassword} - ceilometer_compute_agent: {get_param: CeilometerComputeAgent} - snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} - snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} - glance_host: {get_param: GlanceHost} - glance_port: {get_param: GlancePort} - glance_protocol: {get_param: GlanceProtocol} - keystone_host: {get_param: KeystonePublicApiVirtualIP} - neutron_flat_networks: {get_param: NeutronFlatNetworks} - neutron_host: {get_param: NeutronHost} - neutron_local_ip: {get_attr: [NovaCompute, networks, ctlplane, 0]} - neutron_tenant_network_type: {get_param: NeutronNetworkType} - neutron_tunnel_types: {get_param: NeutronTunnelTypes} - neutron_tunnel_id_ranges: - str_replace: - template: "['RANGES']" - params: - RANGES: - list_join: - - "','" - - {get_param: NeutronTunnelIdRanges} - neutron_vni_ranges: - str_replace: - template: "['RANGES']" - params: - RANGES: - list_join: - - "','" - - {get_param: NeutronVniRanges} - neutron_network_vlan_ranges: {get_param: NeutronNetworkVLANRanges} - neutron_bridge_mappings: {get_param: NeutronBridgeMappings} - neutron_enable_tunneling: {get_param: NeutronEnableTunnelling} - neutron_enable_l2pop: {get_param: NeutronEnableL2Pop} - neutron_physical_bridge: {get_param: NeutronPhysicalBridge} - neutron_public_interface: {get_param: NeutronPublicInterface} - neutron_password: {get_param: NeutronPassword} - neutron_agent_mode: {get_param: NeutronAgentMode} - neutron_router_distributed: {get_param: NeutronDVR} - neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret} - neutron_core_plugin: {get_param: NeutronCorePlugin} - neutron_service_plugins: - str_replace: - template: "['PLUGINS']" - params: - PLUGINS: - list_join: - - "','" - - {get_param: NeutronServicePlugins} - neutron_type_drivers: - str_replace: - template: "['DRIVERS']" - params: - DRIVERS: - list_join: - - "','" - - {get_param: NeutronTypeDrivers} - neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers} - neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover} - neutron_l3_ha: {get_param: NeutronL3HA} - neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice} - admin_password: {get_param: AdminPassword} - rabbit_host: {get_param: RabbitHost} - rabbit_username: {get_param: RabbitUserName} - rabbit_password: {get_param: RabbitPassword} - ntp_server: {get_param: NtpServer} - - NovaComputePassthrough: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: {get_input: passthrough_config} - - NovaComputePassthroughSpecific: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: {get_input: passthrough_config_specific} - - NovaComputePassthroughDeployment: - depends_on: [NovaComputeDeployment] - type: OS::Heat::StructuredDeployment - properties: - config: {get_resource: NovaComputePassthrough} - server: {get_resource: NovaCompute} - signal_transport: NO_SIGNAL - input_values: - passthrough_config: {get_param: ExtraConfig} - - NovaComputePassthroughDeploymentSpecific: - depends_on: [NovaComputePassthroughDeployment] - type: OS::Heat::StructuredDeployment - properties: - config: {get_resource: NovaComputePassthroughSpecific} - server: {get_resource: NovaCompute} - signal_transport: NO_SIGNAL - input_values: - passthrough_config_specific: {get_param: NovaComputeExtraConfig} - -outputs: - ip_address: - description: IP address of the server in the ctlplane network - value: {get_attr: [NovaCompute, networks, ctlplane, 0]} - internal_api_ip_address: - description: IP address of the server in the internal_api network - value: {get_attr: [InternalApiPort, ip_address]} - storage_ip_address: - description: IP address of the server in the storage network - value: {get_attr: [StoragePort, ip_address]} - tenant_ip_address: - description: IP address of the server in the tenant network - value: {get_attr: [TenantPort, ip_address]} - hostname: - description: Hostname of the server - value: {get_attr: [NovaCompute, name]} - hosts_entry: - description: > - Server's IP address and hostname in the /etc/hosts format - value: - str_replace: - template: "IP HOST" - params: - IP: {get_attr: [NovaCompute, networks, ctlplane, 0]} - HOST: {get_attr: [NovaCompute, name]} - nova_server_resource: - description: Heat resource handle for the Nova compute server - value: - {get_resource: NovaCompute} - config_identifier: - description: identifier which changes if the node configuration may need re-applying - value: "None - NO_SIGNAL" diff --git a/os-apply-config/controller-post.yaml b/os-apply-config/controller-post.yaml deleted file mode 100644 index aac96357..00000000 --- a/os-apply-config/controller-post.yaml +++ /dev/null @@ -1,20 +0,0 @@ -heat_template_version: 2015-04-30 -description: 'Controller Post Deployment' -# NOTE: this is a noop for os-apply-config style deployments because -# post deployment ordering is controlled by tripleo-image-elements - -parameters: - servers: - type: json - NodeConfigIdentifiers: - type: json - description: Value which changes if the node configuration may need to be re-applied - -resources: - - # Note, this should come last, so use depends_on to ensure - # this is created after any other resources. - ExtraConfig: - type: OS::TripleO::NodeExtraConfigPost - properties: - servers: {get_param: servers} diff --git a/os-apply-config/controller.yaml b/os-apply-config/controller.yaml deleted file mode 100644 index aed2367c..00000000 --- a/os-apply-config/controller.yaml +++ /dev/null @@ -1,1230 +0,0 @@ -heat_template_version: 2015-04-30 - -description: > - OpenStack control plane node. Can be wrapped in a ResourceGroup for scaling. - -parameters: - AdminPassword: - default: unset - description: The password for the keystone admin account, used for monitoring, querying neutron etc. - type: string - hidden: true - AdminToken: - default: unset - description: The keystone auth secret and db password. - type: string - hidden: true - CeilometerBackend: - default: 'mongodb' - description: The ceilometer backend type. - type: string - CeilometerMeteringSecret: - default: unset - description: Secret shared by the ceilometer services. - type: string - hidden: true - CeilometerPassword: - default: unset - description: The password for the ceilometer service and db account. - type: string - hidden: true - CinderEnableNfsBackend: - default: false - description: Whether to enable or not the NFS backend for Cinder - type: boolean - CinderEnableIscsiBackend: - default: true - description: Whether to enable or not the Iscsi backend for Cinder - type: boolean - CinderEnableRbdBackend: - default: false - description: Whether to enable or not the Rbd backend for Cinder - type: boolean - CinderISCSIHelper: - default: tgtadm - description: The iSCSI helper to use with cinder. - type: string - CinderLVMLoopDeviceSize: - default: 5000 - description: The size of the loopback file used by the cinder LVM driver. - type: number - CinderNfsMountOptions: - default: '' - description: > - Mount options for NFS mounts used by Cinder NFS backend. Effective - when CinderEnableNfsBackend is true. - type: string - CinderNfsServers: - default: '' - description: > - NFS servers used by Cinder NFS backend. Effective when - CinderEnableNfsBackend is true. - type: comma_delimited_list - CinderPassword: - default: unset - description: The password for the cinder service and db account, used by cinder-api. - type: string - hidden: true - CloudName: - default: '' - description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org - type: string - ControllerExtraConfig: - default: {} - description: | - Controller specific configuration to inject into the cluster. Same - structure as ExtraConfig. - type: json - ControlVirtualInterface: - default: 'br-ex' - description: Interface where virtual ip will be assigned. - type: string - Debug: - default: '' - description: Set to True to enable debugging on all services. - type: string - EnableFencing: - default: false - description: Whether to enable fencing in Pacemaker or not. - type: boolean - EnableGalera: - default: true - description: Whether to use Galera instead of regular MariaDB. - type: boolean - EnableCephStorage: - default: false - description: Whether to deploy Ceph Storage (OSD) on the Controller - type: boolean - EnableSwiftStorage: - default: true - description: Whether to enable Swift Storage on the Controller - type: boolean - ExtraConfig: - default: {} - description: | - Additional configuration to inject into the cluster. The JSON should have - the following structure: - {"FILEKEY": - {"config": - [{"section": "SECTIONNAME", - "values": - [{"option": "OPTIONNAME", - "value": "VALUENAME" - } - ] - } - ] - } - } - For instance: - {"nova": - {"config": - [{"section": "default", - "values": - [{"option": "compute_manager", - "value": "ironic.nova.compute.manager.ClusterComputeManager" - } - ] - }, - {"section": "cells", - "values": - [{"option": "driver", - "value": "nova.cells.rpc_driver.CellsRPCDriver" - } - ] - } - ] - } - } - type: json - FencingConfig: - default: {} - description: | - Pacemaker fencing configuration. The JSON should have - the following structure: - { - "devices": [ - { - "agent": "AGENT_NAME", - "host_mac": "HOST_MAC_ADDRESS", - "params": {"PARAM_NAME": "PARAM_VALUE"} - } - ] - } - For instance: - { - "devices": [ - { - "agent": "fence_xvm", - "host_mac": "52:54:00:aa:bb:cc", - "params": { - "multicast_address": "225.0.0.12", - "port": "baremetal_0", - "manage_fw": true, - "manage_key_file": true, - "key_file": "/etc/fence_xvm.key", - "key_file_password": "abcdef" - } - } - ] - } - type: json - Flavor: - description: Flavor for control nodes to request when deploying. - type: string - constraints: - - custom_constraint: nova.flavor - GlanceNotifierStrategy: - description: Strategy to use for Glance notification queue - type: string - default: noop - GlanceLogFile: - description: The filepath of the file to use for logging messages from Glance. - type: string - default: '' - GlancePassword: - default: unset - description: The password for the glance service and db account, used by the glance services. - type: string - hidden: true - GlancePort: - default: "9292" - description: Glance port. - type: string - GlanceProtocol: - default: http - description: Protocol to use when connecting to glance, set to https for SSL. - type: string - GlanceBackend: - default: swift - description: The short name of the Glance backend to use. Should be one - of swift, rbd, or file - type: string - constraints: - - allowed_values: ['swift', 'file', 'rbd'] - HeatPassword: - default: unset - description: The password for the Heat service and db account, used by the Heat services. - type: string - hidden: true - HeatStackDomainAdminPassword: - description: Password for heat_domain_admin user. - type: string - default: '' - hidden: true - HeatAuthEncryptionKey: - description: Auth encryption key for heat-engine - type: string - hidden: true - HorizonSecret: - description: Secret key for Django - type: string - hidden: true - Image: - type: string - default: overcloud-control - constraints: - - custom_constraint: glance.image - ImageUpdatePolicy: - default: 'REBUILD_PRESERVE_EPHEMERAL' - description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt. - type: string - KeyName: - default: default - description: Name of an existing EC2 KeyPair to enable SSH access to the instances - type: string - constraints: - - custom_constraint: nova.keypair - KeystoneCACertificate: - default: '' - description: Keystone self-signed certificate authority certificate. - type: string - KeystoneSigningCertificate: - default: '' - description: Keystone certificate for verifying token validity. - type: string - KeystoneSigningKey: - default: '' - description: Keystone key for signing tokens. - type: string - hidden: true - KeystoneSSLCertificate: - default: '' - description: Keystone certificate for verifying token validity. - type: string - KeystoneSSLCertificateKey: - default: '' - description: Keystone key for signing tokens. - type: string - hidden: true - KeystoneNotificationDriver: - description: Comma-separated list of Oslo notification drivers used by Keystone - default: ['messaging'] - type: comma_delimited_list - KeystoneNotificationFormat: - description: The Keystone notification format - default: 'basic' - type: string - constraints: - - allowed_values: [ 'basic', 'cadf' ] - MysqlClusterUniquePart: - description: A unique identifier of the MySQL cluster the controller is in. - type: string - default: 'unset' # Has to be here because of the ignored empty value bug - # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446 - # constraints: - # - length: {min: 4, max: 10} - MysqlInnodbBufferPoolSize: - description: > - Specifies the size of the buffer pool in megabytes. Setting to - zero should be interpreted as "no value" and will defer to the - lower level default. - type: number - default: 0 - MysqlMaxConnections: - description: Configures MySQL max_connections config setting - type: number - default: 4096 - MysqlRootPassword: - type: string - hidden: true - default: '' # Has to be here because of the ignored empty value bug - NeutronExternalNetworkBridge: - description: Name of bridge used for external network traffic. - type: string - default: 'br-ex' - NeutronBridgeMappings: - description: > - The OVS logical->physical bridge mappings to use. See the Neutron - documentation for details. Defaults to mapping br-ex - the external - bridge on hosts - to a physical name 'datacentre' which can be used - to create provider networks (and we use this for the default floating - network) - if changing this either use different post-install network - scripts or be sure to keep 'datacentre' as a mapping network name. - type: string - default: "datacentre:br-ex" - NeutronDnsmasqOptions: - default: 'dhcp-option-force=26,1400' - description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead. - type: string - NeutronAgentMode: - default: 'dvr_snat' - description: Agent mode for the neutron-l3-agent on the controller hosts - type: string - NeutronDVR: - default: 'False' - description: Whether to configure Neutron Distributed Virtual Routers - type: string - NeutronMetadataProxySharedSecret: - default: 'unset' - description: Shared secret to prevent spoofing - type: string - hidden: true - NeutronCorePlugin: - default: 'ml2' - description: | - The core plugin for Neutron. The value should be the entrypoint to be loaded - from neutron.core_plugins namespace. - type: string - NeutronServicePlugins: - default: "router" - description: | - Comma-separated list of service plugin entrypoints to be loaded from the - neutron.service_plugins namespace. - type: comma_delimited_list - NeutronTypeDrivers: - default: "vxlan,vlan,flat,gre" - description: | - Comma-separated list of network type driver entrypoints to be loaded. - type: comma_delimited_list - NeutronMechanismDrivers: - default: 'openvswitch' - description: | - The mechanism drivers for the Neutron tenant network. To specify multiple - values, use a comma separated string, like so: 'openvswitch,l2_population' - type: string - NeutronAllowL3AgentFailover: - default: 'True' - description: Allow automatic l3-agent failover - type: string - NeutronL3HA: - default: 'False' - description: Whether to enable l3-agent HA - type: string - NeutronDhcpAgentsPerNetwork: - type: number - default: 3 - description: The number of neutron dhcp agents to schedule per network - NeutronEnableIsolatedMetadata: - default: 'False' - description: If True, DHCP provide metadata route to VM. - type: string - NeutronEnableTunnelling: - type: string - default: "True" - NeutronEnableL2Pop: - type: string - description: > - Enable/disable the L2 population feature in the Neutron agents. - default: "False" - NeutronFlatNetworks: - type: string - default: 'datacentre' - description: If set, flat networks to configure in neutron plugins. - NeutronNetworkType: - default: 'vxlan' - description: The tenant network type for Neutron, either gre or vxlan. - type: string - NeutronNetworkVLANRanges: - default: 'datacentre' - description: > - The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the - Neutron documentation for permitted values. Defaults to permitting any - VLAN on the 'datacentre' physical network (See NeutronBridgeMappings). - type: comma_delimited_list - NeutronPassword: - default: unset - description: The password for the neutron service and db account, used by neutron agents. - type: string - hidden: true - NeutronPublicInterface: - default: nic1 - description: What interface to bridge onto br-ex for network nodes. - type: string - NeutronPublicInterfaceTag: - default: '' - description: > - VLAN tag for creating a public VLAN. The tag will be used to - create an access port on the exterior bridge for each control plane node, - and that port will be given the IP address returned by neutron from the - public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling - overcloud.yaml to include the deployment of VLAN ports to the control - plane. - type: string - NeutronPublicInterfaceDefaultRoute: - default: '' - description: A custom default route for the NeutronPublicInterface. - type: string - NeutronPublicInterfaceIP: - default: '' - description: A custom IP address to put onto the NeutronPublicInterface. - type: string - NeutronPublicInterfaceRawDevice: - default: '' - description: If set, the public interface is a vlan with this device as the raw device. - type: string - NeutronTunnelTypes: - default: 'vxlan' - description: | - The tunnel types for the Neutron tenant network. To specify multiple - values, use a comma separated string, like so: 'gre,vxlan' - type: string - NeutronTunnelIdRanges: - description: | - Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges - of GRE tunnel IDs that are available for tenant network allocation - default: ["1:1000", ] - type: comma_delimited_list - NeutronVniRanges: - description: | - Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges - of VXLAN VNI IDs that are available for tenant network allocation - default: ["1:1000", ] - type: comma_delimited_list - NovaPassword: - default: unset - description: The password for the nova service and db account, used by nova-api. - type: string - hidden: true - MongoDbNoJournal: - default: false - description: Should MongoDb journaling be disabled - type: boolean - NtpServer: - type: string - default: '' - PcsdPassword: - type: string - description: The password for the 'pcsd' user. - hidden: true - PublicVirtualInterface: - default: 'br-ex' - description: > - Specifies the interface where the public-facing virtual ip will be assigned. - This should be int_public when a VLAN is being used. - type: string - PublicVirtualIP: - type: string - default: '' # Has to be here because of the ignored empty value bug - RabbitCookie: - type: string - default: '' # Has to be here because of the ignored empty value bug - hidden: true - RabbitPassword: - default: guest - description: The password for RabbitMQ - type: string - hidden: true - RabbitUserName: - default: guest - description: The username for RabbitMQ - type: string - RabbitClientUseSSL: - default: false - description: > - Rabbit client subscriber parameter to specify - an SSL connection to the RabbitMQ host. - type: string - RabbitClientPort: - default: 5672 - description: Set rabbit subscriber port, change this if using SSL - type: number - RabbitFDLimit: - default: 16384 - description: Configures RabbitMQ FD limit - type: string - RedisVirtualIP: - type: string - default: '' # Has to be here because of the ignored empty value bug - SnmpdReadonlyUserName: - default: ro_snmp_user - description: The user name for SNMPd with readonly rights running on all Overcloud nodes - type: string - SnmpdReadonlyUserPassword: - default: unset - description: The user password for SNMPd with readonly rights running on all Overcloud nodes - type: string - hidden: true - SSLCACertificate: - default: '' - description: If set, the contents of an SSL certificate authority file. - type: string - SSLCertificate: - default: '' - description: If set, the contents of an SSL certificate .crt file for encrypting SSL endpoints. - type: string - hidden: true - SSLKey: - default: '' - description: If set, the contents of an SSL certificate .key file for encrypting SSL endpoints. - type: string - hidden: true - SwiftHashSuffix: - default: unset - description: A random string to be used as a salt when hashing to determine mappings - in the ring. - hidden: true - type: string - SwiftMountCheck: - default: 'false' - description: Value of mount_check in Swift account/container/object -server.conf - type: boolean - SwiftMinPartHours: - type: number - default: 1 - description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance. - SwiftPartPower: - default: 10 - description: Partition Power to use when building Swift rings - type: number - SwiftPassword: - default: unset - description: The password for the swift service account, used by the swift proxy - services. - hidden: true - type: string - SwiftReplicas: - type: number - default: 3 - description: How many replicas to use in the swift rings. - VirtualIP: - type: string - default: '' # Has to be here because of the ignored empty value bug - HeatApiVirtualIP: - type: string - default: '' - GlanceApiVirtualIP: - type: string - default: '' - MysqlVirtualIP: - type: string - default: '' - KeystoneAdminApiVirtualIP: - type: string - default: '' - KeystonePublicApiVirtualIP: - type: string - default: '' - NeutronApiVirtualIP: - type: string - default: '' - NovaApiVirtualIP: - type: string - default: '' - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. - type: json - UpdateIdentifier: - default: '' - type: string - description: > - Setting to a previously unused value during stack-update will trigger - package update on all nodes - Hostname: - type: string - default: '' # Defaults to Heat created hostname - -resources: - - Controller: - type: OS::Nova::Server - properties: - image: {get_param: Image} - image_update_policy: {get_param: ImageUpdatePolicy} - flavor: {get_param: Flavor} - key_name: {get_param: KeyName} - networks: - - network: ctlplane - user_data_format: SOFTWARE_CONFIG - user_data: {get_resource: NodeUserData} - name: {get_param: Hostname} - - NodeUserData: - type: OS::TripleO::NodeUserData - - ExternalPort: - type: OS::TripleO::Controller::Ports::ExternalPort - properties: - ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} - - InternalApiPort: - type: OS::TripleO::Controller::Ports::InternalApiPort - properties: - ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} - - StoragePort: - type: OS::TripleO::Controller::Ports::StoragePort - properties: - ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} - - StorageMgmtPort: - type: OS::TripleO::Controller::Ports::StorageMgmtPort - properties: - ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} - - TenantPort: - type: OS::TripleO::Controller::Ports::TenantPort - properties: - ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} - - NetworkConfig: - type: OS::TripleO::Controller::Net::SoftwareConfig - properties: - ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]} - ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]} - InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} - StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} - StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} - TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} - - NetworkDeployment: - type: OS::TripleO::SoftwareDeployment - properties: - signal_transport: NO_SIGNAL - config: {get_resource: NetworkConfig} - server: {get_resource: Controller} - input_values: - bridge_name: br-ex - interface_name: {get_param: NeutronPublicInterface} - - ControllerPassthroughConfig: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: {get_input: passthrough_config} - - ControllerPassthroughConfigSpecific: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: {get_input: passthrough_config_specific} - - ControllerConfig: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: - admin-password: {get_input: admin_password} - admin-token: {get_input: admin_token} - bootstack: - public_interface_ip: {get_input: neutron_public_interface_ip} - bootstrap_host: - nodeid: {get_input: bootstack_nodeid} - cinder: - db: {get_input: cinder_dsn} - debug: {get_input: debug} - volume_size_mb: {get_input: cinder_lvm_loop_device_size} - service-password: {get_input: cinder_password} - iscsi-helper: {get_input: CinderISCSIHelper} - controller-address: {get_input: controller_host} - corosync: - bindnetaddr: {get_input: controller_host} - mcastport: 5577 - pacemaker: - stonith_enabled : false - recheck_interval : 5 - quorum_policy : ignore - db-password: unset - glance: - registry: - host: {get_input: controller_virtual_ip} - backend: swift - db: {get_input: glance_dsn} - debug: {get_input: debug} - host: {get_input: controller_virtual_ip} - port: {get_input: glance_port} - uri: {get_input: glance_uri} - protocol: {get_input: glance_protocol} - service-password: {get_input: glance_password} - swift-store-user: service:glance - swift-store-key: {get_input: glance_password} - notifier-strategy: {get_input: glance_notifier_strategy} - log-file: {get_input: glance_log_file} - heat: - admin_password: {get_input: heat_password} - admin_tenant_name: service - admin_user: heat - auth_encryption_key: {get_input: heat_auth_encryption_key} - db: {get_input: heat_dsn} - debug: {get_input: debug} - stack_domain_admin_password: {get_input: heat_stack_domain_admin_password} - watch_server_url: {get_input: heat.watch_server_url} - metadata_server_url: {get_input: heat.metadata_server_url} - waitcondition_server_url: {get_input: heat.waitcondition_server_url} - keystone: - db: {get_input: keystone_dsn} - debug: {get_input: debug} - host: {get_input: controller_virtual_ip} - ca_certificate: {get_input: keystone_ca_certificate} - signing_key: {get_input: keystone_signing_key} - signing_certificate: {get_input: keystone_signing_certificate} - ssl: - certificate: {get_input: keystone_ssl_certificate} - certificate_key: {get_input: keystone_ssl_certificate_key} - mysql: - innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size} - local_bind: true - root-password: {get_input: mysql_root_password} - cluster_name: {get_input: mysql_cluster_name} - neutron: - debug: {get_input: debug} - flat-networks: {get_input: neutron_flat_networks} - host: {get_input: controller_virtual_ip} - metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret} - agent_mode: {get_input: neutron_agent_mode} - router_distributed: {get_input: neutron_router_distributed} - core_plugin: {get_input: neutron_core_plugin} - service_plugins: {get_input: neutron_service_plugins} - type_drivers: {get_input: neutron_type_drivers} - mechanism_drivers: {get_input: neutron_mechanism_drivers} - allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover} - l3_ha: {get_input: neutron_l3_ha} - dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network} - enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata} - ovs: - enable_tunneling: {get_input: neutron_enable_tunneling} - l2_population: {get_input: neutron_enable_l2pop} - local_ip: {get_input: controller_host} - network_vlan_ranges: {get_input: neutron_network_vlan_ranges} - bridge_mappings: {get_input: neutron_bridge_mappings} - public_interface: {get_input: neutron_public_interface} - public_interface_raw_device: {get_input: neutron_public_interface_raw_device} - public_interface_route: {get_input: neutron_public_interface_default_route} - public_interface_tag: {get_input: neutron_public_interface_tag} - physical_bridge: br-ex - tenant_network_type: {get_input: neutron_tenant_network_type} - tunnel_types: {get_input: neutron_tunnel_types} - tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges} - vni_ranges: {get_input: neutron_vni_ranges} - ovs_db: {get_input: neutron_dsn} - service-password: {get_input: neutron_password} - dnsmasq-options: {get_input: neutron_dnsmasq_options} - ceilometer: - db: {get_input: ceilometer_dsn} - debug: {get_input: debug} - metering_secret: {get_input: ceilometer_metering_secret} - service-password: {get_input: ceilometer_password} - snmpd: - export_MIB: UCD-SNMP-MIB - readonly_user_name: {get_input: snmpd_readonly_user_name} - readonly_user_password: {get_input: snmpd_readonly_user_password} - nova: - compute_driver: libvirt.LibvirtDriver - db: {get_input: nova_dsn} - default_floating_pool: - ext-net - host: {get_input: controller_virtual_ip} - metadata-proxy: true - service-password: {get_input: nova_password} - mongodb: - nojournal: {get_input: mongodb_no_journal} - rabbit: - host: {get_input: controller_virtual_ip} - username: {get_input: rabbit_username} - password: {get_input: rabbit_password} - cookie: {get_input: rabbit_cookie} - rabbit_client_use_ssl: {get_input: rabbit_client_use_ssl} - rabbit_port: {get_input: rabbit_client_port} - ntp: - servers: - - {server: {get_input: ntp_server}} - virtual_interfaces: - instances: - - vrrp_instance_name: VI_CONTROL - virtual_router_id: 51 - keepalive_interface: {get_input: control_virtual_interface} - priority: 101 - virtual_ips: - - ip: {get_input: controller_virtual_ip} - interface: {get_input: control_virtual_interface} - - vrrp_instance_name: VI_PUBLIC - virtual_router_id: 52 - keepalive_interface: {get_input: public_virtual_interface} - priority: 101 - virtual_ips: - - ip: {get_input: public_virtual_ip} - interface: {get_input: public_virtual_interface} - vrrp_sync_groups: - - name: VG1 - members: - - VI_CONTROL - - VI_PUBLIC - keepalived: - keepalive_interface: {get_input: public_virtual_interface} - priority: 101 - virtual_ips: - - - ip: {get_input: controller_virtual_ip} - interface: {get_input: control_virtual_interface} - - - ip: {get_input: public_virtual_ip} - interface: {get_input: public_virtual_interface} - haproxy: - net_binds: - - ip: {get_input: controller_virtual_ip} - options: - - option httpchk GET / - services: - - name: keystone_admin - port: 35357 - net_binds: &public_binds - - ip: {get_input: controller_virtual_ip} - - ip: {get_input: public_virtual_ip} - - name: keystone_public - port: 5000 - net_binds: *public_binds - - name: horizon - port: 80 - net_binds: *public_binds - - name: neutron - port: 9696 - net_binds: *public_binds - - name: cinder - port: 8776 - net_binds: *public_binds - - name: glance_api - port: 9292 - net_binds: *public_binds - - name: glance_registry - port: 9191 - net_binds: *public_binds - options: # overwrite options as glace_reg needs auth for http req - - name: heat_api - port: 8004 - net_binds: *public_binds - - name: heat_cloudwatch - port: 8003 - net_binds: *public_binds - - name: heat_cfn - port: 8000 - net_binds: *public_binds - - name: mysql - port: 3306 - extra_server_params: - - backup - options: - - timeout client 0 - - timeout server 0 - - name: nova_ec2 - port: 8773 - - name: nova_osapi - port: 8774 - net_binds: *public_binds - - name: nova_metadata - port: 8775 - net_binds: *public_binds - - name: nova_novncproxy - port: 6080 - net_binds: *public_binds - - name: ceilometer - port: 8777 - net_binds: *public_binds - options: # overwrite options as ceil needs auth for http req - - name: swift_proxy_server - port: 8080 - net_binds: *public_binds - options: - - option httpchk GET /info - - name: rabbitmq - port: 5672 - options: - - timeout client 0 - - timeout server 0 - - maxconn 1500 - - ControllerDeployment: - type: OS::TripleO::SoftwareDeployment - properties: - signal_transport: NO_SIGNAL - config: {get_resource: ControllerConfig} - server: {get_resource: Controller} - input_values: - bootstack_nodeid: {get_attr: [Controller, name]} - controller_host: {get_attr: [Controller, networks, ctlplane, 0]} - controller_virtual_ip: {get_param: VirtualIP} - neutron_enable_tunneling: {get_param: NeutronEnableTunnelling} - neutron_enable_l2pop: {get_param: NeutronEnableL2Pop} - neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata} - heat.watch_server_url: - list_join: - - '' - - - 'http://' - - {get_param: VirtualIP} - - ':8003' - heat.metadata_server_url: - list_join: - - '' - - - 'http://' - - {get_param: VirtualIP} - - ':8000' - heat.waitcondition_server_url: - list_join: - - '' - - - 'http://' - - {get_param: VirtualIP} - - ':8000/v1/waitcondition' - admin_password: {get_param: AdminPassword} - admin_token: {get_param: AdminToken} - neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP} - debug: {get_param: Debug} - cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize} - cinder_password: {get_param: CinderPassword} - cinder_iscsi_helper: {get_param: CinderISCSIHelper} - cinder_dsn: - list_join: - - '' - - - 'mysql://cinder:' - - {get_param: CinderPassword} - - '@' - - {get_param: VirtualIP} - - '/cinder' - glance_port: {get_param: GlancePort} - glance_protocol: {get_param: GlanceProtocol} - glance_password: {get_param: GlancePassword} - glance_notifier_strategy: {get_param: GlanceNotifierStrategy} - glance_log_file: {get_param: GlanceLogFile} - glance_dsn: - list_join: - - '' - - - 'mysql://glance:' - - {get_param: GlancePassword} - - '@' - - {get_param: VirtualIP} - - '/glance' - heat_password: {get_param: HeatPassword} - heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword} - heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey} - heat_dsn: - list_join: - - '' - - - 'mysql://heat:' - - {get_param: HeatPassword} - - '@' - - {get_param: VirtualIP} - - '/heat' - keystone_ca_certificate: {get_param: KeystoneCACertificate} - keystone_signing_key: {get_param: KeystoneSigningKey} - keystone_signing_certificate: {get_param: KeystoneSigningCertificate} - keystone_ssl_certificate: {get_param: KeystoneSSLCertificate} - keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey} - keystone_dsn: - list_join: - - '' - - - 'mysql://keystone:' - - {get_param: AdminToken} - - '@' - - {get_param: VirtualIP} - - '/keystone' - mongodb_no_journal: {get_param: MongoDbNoJournal} - mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize} - mysql_root_password: {get_param: MysqlRootPassword} - mysql_cluster_name: - str_replace: - template: tripleo-CLUSTER - params: - CLUSTER: {get_param: MysqlClusterUniquePart} - neutron_flat_networks: {get_param: NeutronFlatNetworks} - neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret} - neutron_agent_mode: {get_param: NeutronAgentMode} - neutron_router_distributed: {get_param: NeutronDVR} - neutron_core_plugin: {get_param: NeutronCorePlugin} - neutron_service_plugins: - str_replace: - template: "['PLUGINS']" - params: - PLUGINS: - list_join: - - "','" - - {get_param: NeutronServicePlugins} - neutron_type_drivers: - str_replace: - template: "['DRIVERS']" - params: - DRIVERS: - list_join: - - "','" - - {get_param: NeutronTypeDrivers} - neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers} - neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover} - neutron_l3_ha: {get_param: NeutronL3HA} - neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork} - neutron_network_vlan_ranges: {get_param: NeutronNetworkVLANRanges} - neutron_bridge_mappings: {get_param: NeutronBridgeMappings} - neutron_public_interface: {get_param: NeutronPublicInterface} - neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice} - neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute} - neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag} - neutron_tenant_network_type: {get_param: NeutronNetworkType} - neutron_tunnel_types: {get_param: NeutronTunnelTypes} - neutron_tunnel_id_ranges: - str_replace: - template: "['RANGES']" - params: - RANGES: - list_join: - - "','" - - {get_param: NeutronTunnelIdRanges} - neutron_vni_ranges: - str_replace: - template: "['RANGES']" - params: - RANGES: - list_join: - - "','" - - {get_param: NeutronVniRanges} - neutron_password: {get_param: NeutronPassword} - neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions} - neutron_dsn: - list_join: - - '' - - - 'mysql://neutron:' - - {get_param: NeutronPassword} - - '@' - - {get_param: VirtualIP} - - '/ovs_neutron?charset=utf8' - ceilometer_metering_secret: {get_param: CeilometerMeteringSecret} - ceilometer_password: {get_param: CeilometerPassword} - ceilometer_dsn: - list_join: - - '' - - - 'mysql://ceilometer:' - - {get_param: CeilometerPassword} - - '@' - - {get_param: VirtualIP} - - '/ceilometer' - snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} - snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} - nova_password: {get_param: NovaPassword} - nova_dsn: - list_join: - - '' - - - 'mysql://nova:' - - {get_param: NovaPassword} - - '@' - - {get_param: VirtualIP} - - '/nova' - rabbit_username: {get_param: RabbitUserName} - rabbit_password: {get_param: RabbitPassword} - rabbit_cookie: {get_param: RabbitCookie} - rabbit_client_use_ssl: {get_param: RabbitClientUseSSL} - rabbit_client_port: {get_param: RabbitClientPort} - ntp_server: {get_param: NtpServer} - control_virtual_interface: {get_param: ControlVirtualInterface} - public_virtual_interface: {get_param: PublicVirtualInterface} - public_virtual_ip: {get_param: PublicVirtualIP} - - SSLConfig: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: - ssl: - ca_certificate: {get_input: ssl_ca_certificate} - stunnel: - cert: {get_input: ssl_certificate} - key: {get_input: ssl_key} - cacert: {get_input: ssl_ca_certificate} - ports: - - name: 'ec2' - accept: 13773 - connect: 8773 - connect_host: {get_input: controller_host} - - name: 'image' - accept: 13292 - connect: 9292 - connect_host: {get_input: controller_host} - - name: 'identity' - accept: 13000 - connect: 5000 - connect_host: {get_input: controller_host} - - name: 'network' - accept: 13696 - connect: 9696 - connect_host: {get_input: controller_host} - - name: 'compute' - accept: 13774 - connect: 8774 - connect_host: {get_input: controller_host} - - name: 'swift-proxy' - accept: 13080 - connect: 8080 - connect_host: {get_input: controller_host} - - name: 'cinder' - accept: 13776 - connect: 8776 - connect_host: {get_input: controller_host} - - name: 'ceilometer' - accept: 13777 - connect: 8777 - connect_host: {get_input: controller_host} - - ControllerSSLDeployment: - type: OS::Heat::StructuredDeployment - properties: - config: {get_resource: SSLConfig} - server: {get_resource: Controller} - signal_transport: NO_SIGNAL - input_values: - controller_host: {get_attr: [Controller, networks, ctlplane, 0]} - ssl_certificate: {get_param: SSLCertificate} - ssl_key: {get_param: SSLKey} - ssl_ca_certificate: {get_param: SSLCACertificate} - - ControllerPassthroughDeployment: - type: OS::Heat::StructuredDeployment - properties: - config: {get_resource: ControllerPassthroughConfig} - server: {get_resource: Controller} - signal_transport: NO_SIGNAL - input_values: - passthrough_config: {get_param: ExtraConfig} - - ControllerPassthroughSpecificDeployment: - depends_on: [ControllerPassthroughDeployment] - type: OS::Heat::StructuredDeployment - properties: - config: {get_resource: ControllerPassthroughConfigSpecific} - server: {get_resource: Controller} - signal_transport: NO_SIGNAL - input_values: - passthrough_config_specific: {get_param: ControllerExtraConfig} - - SwiftConfig: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: - swift: - hash: { get_input: swift_hash_suffix } - part-power: { get_input: swift_part_power } - mount-check: { get_input: swift_mount_check } - min-part-hours: { get_input: swift_min_part_hours } - replicas: {get_input: swift_replicas } - service-password: { get_input: swift_password } - - SwiftStorageDeploy: - type: OS::Heat::StructuredDeployment - properties: - server: {get_resource: Controller} - config: {get_resource: SwiftConfig} - signal_transport: NO_SIGNAL - input_values: - swift_hash_suffix: {get_param: SwiftHashSuffix} - swift_mount_check: {get_param: SwiftMountCheck} - swift_password: {get_param: SwiftPassword} - swift_min_part_hours: {get_param: SwiftMinPartHours} - swift_part_power: {get_param: SwiftPartPower} - swift_replicas: { get_param: SwiftReplicas} - -outputs: - ip_address: - description: IP address of the server in the ctlplane network - value: {get_attr: [Controller, networks, ctlplane, 0]} - external_ip_address: - description: IP address of the server in the external network - value: {get_attr: [ExternalPort, ip_address]} - internal_api_ip_address: - description: IP address of the server in the internal_api network - value: {get_attr: [InternalApiPort, ip_address]} - storage_ip_address: - description: IP address of the server in the storage network - value: {get_attr: [StoragePort, ip_address]} - storage_mgmt_ip_address: - description: IP address of the server in the storage_mgmt network - value: {get_attr: [StorageMgmtPort, ip_address]} - tenant_ip_address: - description: IP address of the server in the tenant network - value: {get_attr: [TenantPort, ip_address]} - hostname: - description: Hostname of the server - value: {get_attr: [Controller, name]} - corosync_node: - description: > - Node object in the format {ip: ..., name: ...} format that the corosync - element expects - value: - ip: {get_attr: [Controller, networks, ctlplane, 0]} - name: {get_attr: [Controller, name]} - hosts_entry: - description: > - Server's IP address and hostname in the /etc/hosts format - value: - str_replace: - template: IP HOST CLOUDNAME - params: - IP: {get_attr: [Controller, networks, ctlplane, 0]} - HOST: {get_attr: [Controller, name]} - CLOUDNAME: {get_param: CloudName} - nova_server_resource: - description: Heat resource handle for the Nova compute server - value: - {get_resource: Controller} - swift_device: - description: Swift device formatted for swift-ring-builder - value: - str_replace: - template: 'r1z1-IP:%PORT%/d1' - params: - IP: {get_attr: [Controller, networks, ctlplane, 0]} - swift_proxy_memcache: - description: Swift proxy-memcache value - value: - str_replace: - template: "IP:11211" - params: - IP: {get_attr: [Controller, networks, ctlplane, 0]} - config_identifier: - description: identifier which changes if the node configuration may need re-applying - value: "None - NO_SIGNAL" diff --git a/os-apply-config/swift-devices-and-proxy-config.yaml b/os-apply-config/swift-devices-and-proxy-config.yaml deleted file mode 100644 index 4f01dbea..00000000 --- a/os-apply-config/swift-devices-and-proxy-config.yaml +++ /dev/null @@ -1,38 +0,0 @@ -heat_template_version: 2015-04-30 -description: 'Swift Devices and Proxy Config' - -parameters: - controller_swift_devices: - type: comma_delimited_list - object_store_swift_devices: - type: comma_delimited_list - controller_swift_proxy_memcaches: - type: comma_delimited_list - -resources: - - SwiftDevicesAndProxyConfigImpl: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: - swift: - devices: - list_join: - - ", " - - - list_join: - - ", " - - {get_param: controller_swift_devices} - - list_join: - - ", " - - {get_param: object_store_swift_devices} - proxy-memcache: - list_join: - - "," - - {get_param: controller_swift_proxy_memcaches} - -outputs: - config_id: - description: The ID of the SwiftDevicesAndProxyConfigImpl resource. - value: - {get_resource: SwiftDevicesAndProxyConfigImpl} diff --git a/os-apply-config/swift-storage-post.yaml b/os-apply-config/swift-storage-post.yaml deleted file mode 100644 index 1b1c406d..00000000 --- a/os-apply-config/swift-storage-post.yaml +++ /dev/null @@ -1,21 +0,0 @@ -heat_template_version: 2015-04-30 -description: 'Swift Storage Post Deployment' -# NOTE: this is a noop for os-apply-config style deployments because -# post deployment ordering is controlled by tripleo-image-elements - -parameters: - servers: - type: json - NodeConfigIdentifiers: - type: json - description: Value which changes if the node configuration may need to be re-applied - -resources: - - # Note, this should come last, so use depends_on to ensure - # this is created after any other resources. - ExtraConfig: - type: OS::TripleO::NodeExtraConfigPost - properties: - servers: {get_param: servers} - diff --git a/os-apply-config/swift-storage.yaml b/os-apply-config/swift-storage.yaml deleted file mode 100644 index d62d7d1a..00000000 --- a/os-apply-config/swift-storage.yaml +++ /dev/null @@ -1,209 +0,0 @@ -heat_template_version: 2015-04-30 -description: 'Common Swift Storage Configuration' -parameters: - ExtraConfig: - default: {} - description: | - Additional configuration to inject into the cluster. The JSON should have - the following structure: - {"FILEKEY": - {"config": - [{"section": "SECTIONNAME", - "values": - [{"option": "OPTIONNAME", - "value": "VALUENAME" - } - ] - } - ] - } - } - For instance: - {"nova": - {"config": - [{"section": "default", - "values": - [{"option": "force_config_drive", - "value": "always" - } - ] - }, - {"section": "cells", - "values": - [{"option": "driver", - "value": "nova.cells.rpc_driver.CellsRPCDriver" - } - ] - } - ] - } - } - type: json - ObjectStorageExtraConfig: - default: {} - description: | - Role specific additional configuration to inject into the cluster. - type: json - Flavor: - description: Flavor for Swift storage nodes to request when deploying. - type: string - constraints: - - custom_constraint: nova.flavor - HashSuffix: - default: unset - description: A random string to be used as a salt when hashing to determine mappings - in the ring. - hidden: true - type: string - Image: - default: overcloud-swift-storage - type: string - KeyName: - default: default - description: Name of an existing EC2 KeyPair to enable SSH access to the instances - type: string - MountCheck: - default: 'false' - description: Value of mount_check in Swift account/container/object -server.conf - type: boolean - MinPartHours: - type: number - default: 1 - description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance. - PartPower: - default: 10 - description: Partition Power to use when building Swift rings - type: number - Replicas: - type: number - default: 3 - description: How many replicas to use in the swift rings. - SnmpdReadonlyUserName: - default: ro_snmp_user - description: The user name for SNMPd with readonly rights running on all Overcloud nodes - type: string - SnmpdReadonlyUserPassword: - default: unset - description: The user password for SNMPd with readonly rights running on all Overcloud nodes - type: string - hidden: true - UpdateIdentifier: - default: '' - type: string - description: > - Setting to a previously unused value during stack-update will trigger - package update on all nodes - Hostname: - type: string - default: '' # Defaults to Heat created hostname - -resources: - SwiftConfig: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: - snmpd: - export_MIB: UCD-SNMP-MIB - readonly_user_name: {get_input: snmpd_readonly_user_name} - readonly_user_password: {get_input: snmpd_readonly_user_password} - swift: - hash: { get_input: swift_hash_suffix } - part-power: { get_input: swift_part_power } - min-part-hours: { get_input: swift_min_part_hours } - mount-check: { get_input: swift_mount_check } - replicas: {get_input: swift_replicas } - neutron: - ovs: - local_ip: { get_input: neutron_local_ip } - SwiftStorage: - type: OS::Nova::Server - properties: - image: {get_param: Image} - flavor: {get_param: Flavor} - key_name: {get_param: KeyName} - networks: - - network: ctlplane - user_data_format: SOFTWARE_CONFIG - user_data: {get_resource: NodeUserData} - name: {get_param: Hostname} - - NodeUserData: - type: OS::TripleO::NodeUserData - - InternalApiPort: - type: OS::TripleO::SwiftStorage::Ports::InternalApiPort - properties: - ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} - - StoragePort: - type: OS::TripleO::SwiftStorage::Ports::StoragePort - properties: - ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} - - StorageMgmtPort: - type: OS::TripleO::SwiftStorage::Ports::StorageMgmtPort - properties: - ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} - - NetworkConfig: - type: OS::TripleO::ObjectStorage::Net::SoftwareConfig - properties: - ControlPlaneIp: {get_attr: [SwiftStorage, networks, ctlplane, 0]} - InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} - StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} - StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} - - NetworkDeployment: - type: OS::TripleO::SoftwareDeployment - properties: - config: {get_resource: NetworkConfig} - server: {get_resource: SwiftStorage} - - SwiftStorageDeploy: - type: OS::Heat::StructuredDeployment - properties: - server: {get_resource: SwiftStorage} - config: {get_resource: SwiftConfig} - signal_transport: NO_SIGNAL - input_values: - neutron_local_ip: {get_attr: [SwiftStorage, networks, ctlplane, 0]} - snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} - snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} - swift_hash_suffix: {get_param: HashSuffix} - swift_mount_check: {get_param: MountCheck} - swift_min_part_hours: {get_param: MinPartHours} - swift_part_power: {get_param: PartPower} - swift_replicas: { get_param: Replicas} - -outputs: - hosts_entry: - value: - str_replace: - template: "IP HOST" - params: - IP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} - HOST: {get_attr: [SwiftStorage, name]} - nova_server_resource: - description: Heat resource handle for the swift storage server - value: - {get_resource: SwiftStorage} - swift_device: - description: Swift device formatted for swift-ring-builder - value: - str_replace: - template: 'r1z1-IP:%PORT%/d1' - params: - IP: {get_attr: [SwiftStorage, networks, ctlplane, 0]} - internal_api_ip_address: - description: IP address of the server in the internal_api network - value: {get_attr: [InternalApiPort, ip_address]} - storage_ip_address: - description: IP address of the server in the storage network - value: {get_attr: [StoragePort, ip_address]} - storage_mgmt_ip_address: - description: IP address of the server in the storage_mgmt network - value: {get_attr: [StorageMgmtPort, ip_address]} - config_identifier: - description: identifier which changes if the node configuration may need re-applying - value: "None - NO_SIGNAL" diff --git a/os-apply-config/vip-config.yaml b/os-apply-config/vip-config.yaml deleted file mode 100644 index 8f984ab7..00000000 --- a/os-apply-config/vip-config.yaml +++ /dev/null @@ -1,16 +0,0 @@ -heat_template_version: 2015-04-30 - -description: > - Configure hieradata for service -> virtual IP mappings. - -resources: - VipConfigImpl: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - # by default does nothing - -outputs: - OS::stack_id: - description: The VipConfigImpl resource. - value: {get_resource: VipConfigImpl} diff --git a/overcloud-without-mergepy.yaml b/overcloud-without-mergepy.yaml index 67636182..23dc6464 100644..120000 --- a/overcloud-without-mergepy.yaml +++ b/overcloud-without-mergepy.yaml @@ -1,1498 +1 @@ -heat_template_version: 2015-04-30 - -description: > - Deploy an OpenStack environment, consisting of several node types (roles), - Controller, Compute, BlockStorage, SwiftStorage and CephStorage. The Storage - roles enable independent scaling of the storage components, but the minimal - deployment is one Controller and one Compute node. - - -# TODO(shadower): we should probably use the parameter groups to put -# some order in here. -parameters: - - # Common parameters (not specific to a role) - AdminPassword: - default: unset - description: The password for the keystone admin account, used for monitoring, querying neutron etc. - type: string - hidden: true - CeilometerBackend: - default: 'mongodb' - description: The ceilometer backend type. - type: string - CeilometerMeteringSecret: - default: unset - description: Secret shared by the ceilometer services. - type: string - hidden: true - CeilometerPassword: - default: unset - description: The password for the ceilometer service account. - type: string - hidden: true - # This has to be an UUID so for now we generate it outside the template - CephClusterFSID: - default: '' - type: string - description: The Ceph cluster FSID. Must be a UUID. - CephMonKey: - default: '' - description: The Ceph monitors key. Can be created with ceph-authtool --gen-print-key. - type: string - hidden: true - CephAdminKey: - default: '' - description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key. - type: string - hidden: true - CinderEnableNfsBackend: - default: false - description: Whether to enable or not the NFS backend for Cinder - type: boolean - CephClientKey: - default: '' - description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. Currently only used for external Ceph deployments to create the openstack user keyring. - type: string - hidden: true - CephExternalMonHost: - default: '' - type: string - description: List of externally managed Ceph Mon Host IPs. Only used for external Ceph deployments. - CinderEnableIscsiBackend: - default: true - description: Whether to enable or not the Iscsi backend for Cinder - type: boolean - CinderEnableRbdBackend: - default: false - description: Whether to enable or not the Rbd backend for Cinder - type: boolean - CloudName: - default: '' - description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org - type: string - ControlFixedIPs: - default: [] - description: Should be used for arbitrary ips. - type: json - Debug: - default: '' - description: Set to True to enable debugging on all services. - type: string - HAProxySyslogAddress: - default: /dev/log - description: Syslog address where HAproxy will send its log - type: string - HorizonAllowedHosts: - default: '*' - description: A list of IP/Hostname allowed to connect to horizon - type: comma_delimited_list - ImageUpdatePolicy: - default: 'REBUILD_PRESERVE_EPHEMERAL' - description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt. - type: string - KeyName: - default: default - description: Name of an existing EC2 KeyPair to enable SSH access to the instances - type: string - constraints: - - custom_constraint: nova.keypair - NeutronExternalNetworkBridge: - description: Name of bridge used for external network traffic. - type: string - default: 'br-ex' - NeutronBridgeMappings: - description: > - The OVS logical->physical bridge mappings to use. See the Neutron - documentation for details. Defaults to mapping br-ex - the external - bridge on hosts - to a physical name 'datacentre' which can be used - to create provider networks (and we use this for the default floating - network) - if changing this either use different post-install network - scripts or be sure to keep 'datacentre' as a mapping network name. - type: string - default: "datacentre:br-ex" - NeutronControlPlaneID: - default: 'ctlplane' - type: string - description: Neutron ID or name for ctlplane network. - NeutronEnableIsolatedMetadata: - default: 'False' - description: If True, DHCP provide metadata route to VM. - type: string - NeutronEnableTunnelling: - type: string - default: "True" - NeutronEnableL2Pop: - type: string - description: > - Enable/disable the L2 population feature in the Neutron agents. - default: "False" - NeutronFlatNetworks: - type: string - default: 'datacentre' - description: > - If set, flat networks to configure in neutron plugins. Defaults to - 'datacentre' to permit external network creation. - NeutronNetworkType: - default: 'vxlan' - description: The tenant network type for Neutron, either gre or vxlan. - type: string - NeutronPassword: - default: unset - description: The password for the neutron service account, used by neutron agents. - type: string - hidden: true - NeutronPublicInterface: - default: nic1 - description: What interface to bridge onto br-ex for network nodes. - type: string - NeutronPublicInterfaceTag: - default: '' - description: > - VLAN tag for creating a public VLAN. The tag will be used to - create an access port on the exterior bridge for each control plane node, - and that port will be given the IP address returned by neutron from the - public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling - overcloud.yaml to include the deployment of VLAN ports to the control - plane. - type: string - NeutronComputeAgentMode: - default: 'dvr' - description: Agent mode for the neutron-l3-agent on the compute hosts - type: string - NeutronAgentMode: - default: 'dvr_snat' - description: Agent mode for the neutron-l3-agent on the controller hosts - type: string - NeutronDVR: - default: 'False' - description: Whether to configure Neutron Distributed Virtual Routers - type: string - NeutronMetadataProxySharedSecret: - default: 'unset' - description: Shared secret to prevent spoofing - type: string - hidden: true - NeutronTunnelTypes: - default: 'vxlan' - description: | - The tunnel types for the Neutron tenant network. To specify multiple - values, use a comma separated string, like so: 'gre,vxlan' - type: string - NeutronTunnelIdRanges: - description: | - Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges - of GRE tunnel IDs that are available for tenant network allocation - default: ["1:1000", ] - type: comma_delimited_list - NeutronVniRanges: - description: | - Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges - of VXLAN VNI IDs that are available for tenant network allocation - default: ["1:1000", ] - type: comma_delimited_list - NeutronCorePlugin: - default: 'ml2' - description: | - The core plugin for Neutron. The value should be the entrypoint to be loaded - from neutron.core_plugins namespace. - type: string - NeutronServicePlugins: - default: "router" - description: | - Comma-separated list of service plugin entrypoints to be loaded from the - neutron.service_plugins namespace. - type: comma_delimited_list - NeutronTypeDrivers: - default: "vxlan,vlan,flat,gre" - description: | - Comma-separated list of network type driver entrypoints to be loaded. - type: comma_delimited_list - NeutronMechanismDrivers: - default: 'openvswitch' - description: | - The mechanism drivers for the Neutron tenant network. To specify multiple - values, use a comma separated string, like so: 'openvswitch,l2_population' - type: string - NeutronAllowL3AgentFailover: - default: 'False' - description: Allow automatic l3-agent failover - type: string - NeutronL3HA: - default: 'False' - description: Whether to enable l3-agent HA - type: string - NeutronDhcpAgentsPerNetwork: - type: number - default: 1 - description: The number of neutron dhcp agents to schedule per network - NovaPassword: - default: unset - description: The password for the nova service account, used by nova-api. - type: string - hidden: true - NtpServer: - default: '' - description: Comma-separated list of ntp servers - type: comma_delimited_list - MongoDbNoJournal: - default: false - description: Should MongoDb journaling be disabled - type: boolean - PublicVirtualFixedIPs: - default: [] - description: > - Control the IP allocation for the PublicVirtualInterface port. E.g. - [{'ip_address':'1.2.3.4'}] - type: json - RabbitCookieSalt: - type: string - default: unset - description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change. - # FIXME: 'guest' is provisioned in RabbitMQ by default, we should create a user if these are changed - RabbitUserName: - default: guest - description: The username for RabbitMQ - type: string - RabbitPassword: - default: guest - description: The password for RabbitMQ - type: string - hidden: true - RabbitClientUseSSL: - default: false - description: > - Rabbit client subscriber parameter to specify - an SSL connection to the RabbitMQ host. - type: string - RabbitClientPort: - default: 5672 - description: Set rabbit subscriber port, change this if using SSL - type: number - # We need to set this as string because 'unlimited' is a valid setting - RabbitFDLimit: - default: 16384 - description: Configures RabbitMQ FD limit - type: string - SnmpdReadonlyUserName: - default: ro_snmp_user - description: The user name for SNMPd with readonly rights running on all Overcloud nodes - type: string - SnmpdReadonlyUserPassword: - default: unset - description: The user password for SNMPd with readonly rights running on all Overcloud nodes - type: string - hidden: true - CloudDomain: - default: 'localdomain' - type: string - description: > - The DNS domain used for the hosts. This should match the dhcp_domain - configured in the Undercloud neutron. Defaults to localdomain. - - # Controller-specific params - AdminToken: - default: unset - description: The keystone auth secret. - type: string - hidden: true - CinderLVMLoopDeviceSize: - default: 5000 - description: The size of the loopback file used by the cinder LVM driver. - type: number - CinderNfsMountOptions: - default: '' - description: > - Mount options for NFS mounts used by Cinder NFS backend. Effective - when CinderEnableNfsBackend is true. - type: string - CinderNfsServers: - default: '' - description: > - NFS servers used by Cinder NFS backend. Effective when - CinderEnableNfsBackend is true. - type: comma_delimited_list - CinderPassword: - default: unset - description: The password for the cinder service account, used by cinder-api. - type: string - hidden: true - CinderISCSIHelper: - default: tgtadm - description: The iSCSI helper to use with cinder. - type: string - ControllerCount: - type: number - default: 1 - constraints: - - range: {min: 1} - controllerExtraConfig: - default: {} - description: | - Controller specific configuration to inject into the cluster. Same - structure as ExtraConfig. - type: json - controllerImage: - type: string - default: overcloud-control - constraints: - - custom_constraint: glance.image - OvercloudControlFlavor: - description: Flavor for control nodes to request when deploying. - type: string - constraints: - - custom_constraint: nova.flavor - ControlVirtualInterface: - default: 'br-ex' - description: Interface where virtual ip will be assigned. - type: string - EnableFencing: - default: false - description: Whether to enable fencing in Pacemaker or not. - type: boolean - EnableGalera: - default: true - description: Whether to use Galera instead of regular MariaDB. - type: boolean - ControllerEnableCephStorage: - default: false - description: Whether to deploy Ceph Storage (OSD) on the Controller - type: boolean - ControllerEnableSwiftStorage: - default: true - description: Whether to enable Swift Storage on the Controller - type: boolean - ExtraConfig: - default: {} - description: | - Additional configuration to inject into the cluster. The format required - may be implementation specific, e.g puppet hieradata. Any role specific - ExtraConfig, e.g controllerExtraConfig takes precedence over ExtraConfig. - type: json - FencingConfig: - default: {} - description: | - Pacemaker fencing configuration. The JSON should have - the following structure: - { - "devices": [ - { - "agent": "AGENT_NAME", - "host_mac": "HOST_MAC_ADDRESS", - "params": {"PARAM_NAME": "PARAM_VALUE"} - } - ] - } - For instance: - { - "devices": [ - { - "agent": "fence_xvm", - "host_mac": "52:54:00:aa:bb:cc", - "params": { - "multicast_address": "225.0.0.12", - "port": "baremetal_0", - "manage_fw": true, - "manage_key_file": true, - "key_file": "/etc/fence_xvm.key", - "key_file_password": "abcdef" - } - } - ] - } - type: json - GlanceLogFile: - description: The filepath of the file to use for logging messages from Glance. - type: string - default: '' - GlanceNotifierStrategy: - description: Strategy to use for Glance notification queue - type: string - default: noop - GlancePassword: - default: unset - description: The password for the glance service account, used by the glance services. - type: string - hidden: true - GlanceBackend: - default: swift - description: The short name of the Glance backend to use. Should be one - of swift, rbd or file - type: string - constraints: - - allowed_values: ['swift', 'file', 'rbd'] - HeatPassword: - default: unset - description: The password for the Heat service account, used by the Heat services. - type: string - hidden: true - HeatStackDomainAdminPassword: - description: Password for heat_domain_admin user. - type: string - default: '' - hidden: true - KeystoneCACertificate: - default: '' - description: Keystone self-signed certificate authority certificate. - type: string - KeystoneSigningCertificate: - default: '' - description: Keystone certificate for verifying token validity. - type: string - KeystoneSigningKey: - default: '' - description: Keystone key for signing tokens. - type: string - hidden: true - KeystoneSSLCertificate: - default: '' - description: Keystone certificate for verifying token validity. - type: string - KeystoneSSLCertificateKey: - default: '' - description: Keystone key for signing tokens. - type: string - hidden: true - KeystoneNotificationDriver: - description: Comma-separated list of Oslo notification drivers used by Keystone - default: ['messaging'] - type: comma_delimited_list - KeystoneNotificationFormat: - description: The Keystone notification format - default: 'basic' - type: string - constraints: - - allowed_values: [ 'basic', 'cadf' ] - ManageFirewall: - default: false - description: Whether to manage IPtables rules. - type: boolean - PurgeFirewallRules: - default: false - description: Whether IPtables rules should be purged before setting up the ones. - type: boolean - MysqlInnodbBufferPoolSize: - description: > - Specifies the size of the buffer pool in megabytes. Setting to - zero should be interpreted as "no value" and will defer to the - lower level default. - type: number - default: 0 - MysqlMaxConnections: - description: Configures MySQL max_connections config setting - type: number - default: 4096 - NeutronDnsmasqOptions: - default: 'dhcp-option-force=26,1400' - description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the tunnel overhead. - type: string - NeutronPublicInterfaceDefaultRoute: - default: '' - description: A custom default route for the NeutronPublicInterface. - type: string - NeutronPublicInterfaceIP: - default: '' - description: A custom IP address to put onto the NeutronPublicInterface. - type: string - NeutronPublicInterfaceRawDevice: - default: '' - description: If set, the public interface is a vlan with this device as the raw device. - type: string - PublicVirtualInterface: - default: 'br-ex' - description: > - Specifies the interface where the public-facing virtual ip will be assigned. - This should be int_public when a VLAN is being used. - type: string - SwiftHashSuffix: - default: unset - description: A random string to be used as a salt when hashing to determine mappings in the ring. - type: string - hidden: true - SwiftPassword: - default: unset - description: The password for the swift service account, used by the swift proxy services. - type: string - hidden: true - SwiftMountCheck: - default: 'false' - description: Value of mount_check in Swift account/container/object -server.conf - type: boolean - SwiftMinPartHours: - type: number - default: 1 - description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance. - SwiftPartPower: - default: 10 - description: Partition Power to use when building Swift rings - type: number - SwiftReplicas: - type: number - default: 3 - description: How many replicas to use in the swift rings. - -# Compute-specific params - CeilometerComputeAgent: - description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly - type: string - default: '' - constraints: - - allowed_values: ['', Present] - ComputeCount: - type: number - default: 1 - HypervisorNeutronPhysicalBridge: - default: 'br-ex' - description: > - An OVS bridge to create on each hypervisor. This defaults to br-ex the - same as the control plane nodes, as we have a uniform configuration of - the openvswitch agent. Typically should not need to be changed. - type: string - HypervisorNeutronPublicInterface: - default: nic1 - description: What interface to add to the HypervisorNeutronPhysicalBridge. - type: string - NeutronNetworkVLANRanges: - default: 'datacentre' - description: > - The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the - Neutron documentation for permitted values. Defaults to permitting any - VLAN on the 'datacentre' physical network (See NeutronBridgeMappings). - type: comma_delimited_list - NovaComputeDriver: - type: string - default: libvirt.LibvirtDriver - NovaComputeExtraConfig: - default: {} - description: | - NovaCompute specific configuration to inject into the cluster. Same - structure as ExtraConfig. - type: json - NovaComputeLibvirtType: - default: '' - type: string - NovaComputeLibvirtVifDriver: - default: '' - description: Libvirt VIF driver configuration for the network - type: string - NovaEnableRbdBackend: - default: false - description: Whether to enable or not the Rbd backend for Nova - type: boolean - NovaImage: - type: string - default: overcloud-compute - constraints: - - custom_constraint: glance.image - NovaOVSBridge: - default: 'br-int' - description: Name of integration bridge used by Open vSwitch - type: string - NovaSecurityGroupAPI: - default: 'neutron' - description: The full class name of the security API class - type: string - OvercloudComputeFlavor: - description: Use this flavor - type: string - constraints: - - custom_constraint: nova.flavor - ServiceNetMap: - default: - NeutronTenantNetwork: tenant - CeilometerApiNetwork: internal_api - MongoDbNetwork: internal_api - CinderApiNetwork: internal_api - CinderIscsiNetwork: storage - GlanceApiNetwork: storage - GlanceRegistryNetwork: internal_api - KeystoneAdminApiNetwork: ctlplane # allows undercloud to config endpoints - KeystonePublicApiNetwork: internal_api - NeutronApiNetwork: internal_api - HeatApiNetwork: internal_api - NovaApiNetwork: internal_api - NovaMetadataNetwork: internal_api - NovaVncProxyNetwork: internal_api - SwiftMgmtNetwork: storage_mgmt - SwiftProxyNetwork: storage - HorizonNetwork: internal_api - MemcachedNetwork: internal_api - RabbitMqNetwork: internal_api - RedisNetwork: internal_api - MysqlNetwork: internal_api - CephClusterNetwork: storage_mgmt - CephPublicNetwork: storage - ControllerHostnameResolveNetwork: internal_api - ComputeHostnameResolveNetwork: internal_api - BlockStorageHostnameResolveNetwork: internal_api - ObjectStorageHostnameResolveNetwork: internal_api - CephStorageHostnameResolveNetwork: storage - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. - type: json - -# Block storage specific parameters - BlockStorageCount: - type: number - default: 0 - BlockStorageImage: - default: overcloud-cinder-volume - type: string - OvercloudBlockStorageFlavor: - description: Flavor for block storage nodes to request when deploying. - type: string - constraints: - - custom_constraint: nova.flavor - BlockStorageExtraConfig: - default: {} - description: | - BlockStorage specific configuration to inject into the cluster. Same - structure as ExtraConfig. - type: json - -# Object storage specific parameters - ObjectStorageCount: - type: number - default: 0 - OvercloudSwiftStorageFlavor: - description: Flavor for Swift storage nodes to request when deploying. - type: string - constraints: - - custom_constraint: nova.flavor - SwiftStorageImage: - default: overcloud-swift-storage - type: string - ObjectStorageExtraConfig: - default: {} - description: | - ObjectStorage specific configuration to inject into the cluster. Same - structure as ExtraConfig. - type: json - - -# Ceph storage specific parameters - CephStorageCount: - type: number - default: 0 - CephStorageImage: - default: overcloud-ceph-storage - type: string - OvercloudCephStorageFlavor: - default: baremetal - description: Flavor for Ceph storage nodes to request when deploying. - type: string - constraints: - - custom_constraint: nova.flavor - CephStorageExtraConfig: - default: {} - description: | - CephStorage specific configuration to inject into the cluster. Same - structure as ExtraConfig. - type: json - - # Hostname format for each role - # Note %index% is translated into the index of the node, e.g 0/1/2 etc - # and %stackname% is replaced with OS::stack_name in the template below. - # If you want to use the heat generated names, pass '' (empty string). - ControllerHostnameFormat: - type: string - description: Format for Controller node hostnames - default: '%stackname%-controller-%index%' - ComputeHostnameFormat: - type: string - description: Format for Compute node hostnames - default: '%stackname%-novacompute-%index%' - BlockStorageHostnameFormat: - type: string - description: Format for BlockStorage node hostnames - default: '%stackname%-blockstorage-%index%' - ObjectStorageHostnameFormat: - type: string - description: Format for SwiftStorage node hostnames - default: '%stackname%-objectstorage-%index%' - CephStorageHostnameFormat: - type: string - description: Format for CephStorage node hostnames - default: '%stackname%-cephstorage-%index%' - - # Identifiers to trigger tasks on nodes - UpdateIdentifier: - default: '' - type: string - description: > - Setting to a previously unused value during stack-update will trigger - package update on all nodes - DeployIdentifier: - default: '' - type: string - description: > - Setting this to a unique value will re-run any deployment tasks which - perform configuration on a Heat stack-update. - - # If you want to remove a specific node from a resource group, you can pass - # the node name or id as a <Group>RemovalPolicies parameter, for example: - # ComputeRemovalPolicies: [{'resource_list': ['0']}] - ControllerRemovalPolicies: - default: [] - type: json - description: > - List of resources to be removed from ControllerResourceGroup when - doing an update which requires removal of specific resources. - ComputeRemovalPolicies: - default: [] - type: json - description: > - List of resources to be removed from ComputeResourceGroup when - doing an update which requires removal of specific resources. - BlockStorageRemovalPolicies: - default: [] - type: json - description: > - List of resources to be removed from BlockStorageResourceGroup when - doing an update which requires removal of specific resources. - ObjectStorageRemovalPolicies: - default: [] - type: json - description: > - List of resources to be removed from ObjectStorageResourceGroup when - doing an update which requires removal of specific resources. - CephStorageRemovalPolicies: - default: [] - type: json - description: > - List of resources to be removed from CephStorageResourceGroup when - doing an update which requires removal of specific resources. - - -resources: - - HeatAuthEncryptionKey: - type: OS::Heat::RandomString - - PcsdPassword: - type: OS::Heat::RandomString - properties: - length: 16 - - HorizonSecret: - type: OS::Heat::RandomString - properties: - length: 10 - - EndpointMap: - type: OS::TripleO::EndpointMap - properties: - CloudName: {get_param: CloudName} - CeilometerApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} - CinderApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} - GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} - GlanceRegistryVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} - HeatApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} - KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} - KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} - MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} - NeutronApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} - NovaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} - SwiftProxyVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} - PublicVirtualIP: {get_attr: [VipMap, net_ip_map, external]} - - Controller: - type: OS::Heat::ResourceGroup - depends_on: Networks - properties: - count: {get_param: ControllerCount} - removal_policies: {get_param: ControllerRemovalPolicies} - resource_def: - type: OS::TripleO::Controller - properties: - AdminPassword: {get_param: AdminPassword} - AdminToken: {get_param: AdminToken} - CeilometerBackend: {get_param: CeilometerBackend} - CeilometerMeteringSecret: {get_param: CeilometerMeteringSecret} - CeilometerPassword: {get_param: CeilometerPassword} - CinderLVMLoopDeviceSize: {get_param: CinderLVMLoopDeviceSize} - CinderNfsMountOptions: {get_param: CinderNfsMountOptions} - CinderNfsServers: {get_param: CinderNfsServers} - CinderPassword: {get_param: CinderPassword} - CinderISCSIHelper: {get_param: CinderISCSIHelper} - CinderEnableNfsBackend: {get_param: CinderEnableNfsBackend} - CinderEnableIscsiBackend: {get_param: CinderEnableIscsiBackend} - CinderEnableRbdBackend: {get_param: CinderEnableRbdBackend} - CloudName: {get_param: CloudName} - CloudDomain: {get_param: CloudDomain} - ControlVirtualInterface: {get_param: ControlVirtualInterface} - ControllerExtraConfig: {get_param: controllerExtraConfig} - Debug: {get_param: Debug} - EnableFencing: {get_param: EnableFencing} - ManageFirewall: {get_param: ManageFirewall} - PurgeFirewallRules: {get_param: PurgeFirewallRules} - EnableGalera: {get_param: EnableGalera} - EnableCephStorage: {get_param: ControllerEnableCephStorage} - EnableSwiftStorage: {get_param: ControllerEnableSwiftStorage} - ExtraConfig: {get_param: ExtraConfig} - FencingConfig: {get_param: FencingConfig} - Flavor: {get_param: OvercloudControlFlavor} - GlancePassword: {get_param: GlancePassword} - GlanceBackend: {get_param: GlanceBackend} - GlanceNotifierStrategy: {get_param: GlanceNotifierStrategy} - GlanceLogFile: {get_param: GlanceLogFile} - HAProxySyslogAddress: {get_param: HAProxySyslogAddress} - HeatPassword: {get_param: HeatPassword} - HeatStackDomainAdminPassword: {get_param: HeatStackDomainAdminPassword} - HeatAuthEncryptionKey: {get_resource: HeatAuthEncryptionKey} - HorizonAllowedHosts: {get_param: HorizonAllowedHosts} - HorizonSecret: {get_resource: HorizonSecret} - Image: {get_param: controllerImage} - ImageUpdatePolicy: {get_param: ImageUpdatePolicy} - KeyName: {get_param: KeyName} - KeystoneCACertificate: {get_param: KeystoneCACertificate} - KeystoneSigningCertificate: {get_param: KeystoneSigningCertificate} - KeystoneSigningKey: {get_param: KeystoneSigningKey} - KeystoneSSLCertificate: {get_param: KeystoneSSLCertificate} - KeystoneSSLCertificateKey: {get_param: KeystoneSSLCertificateKey} - KeystoneNotificationDriver: {get_param: KeystoneNotificationDriver} - KeystoneNotificationFormat: {get_param: KeystoneNotificationFormat} - MysqlClusterUniquePart: {get_attr: [MysqlClusterUniquePart, value]} - MysqlInnodbBufferPoolSize: {get_param: MysqlInnodbBufferPoolSize} - MysqlMaxConnections: {get_param: MysqlMaxConnections} - MysqlRootPassword: {get_attr: [MysqlRootPassword, value]} - NeutronPublicInterfaceIP: {get_param: NeutronPublicInterfaceIP} - NeutronFlatNetworks: {get_param: NeutronFlatNetworks} - NeutronBridgeMappings: {get_param: NeutronBridgeMappings} - NeutronExternalNetworkBridge: {get_param: NeutronExternalNetworkBridge} - NeutronEnableIsolatedMetadata: {get_param: NeutronEnableIsolatedMetadata} - NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling} - NeutronEnableL2Pop: {get_param: NeutronEnableL2Pop} - NeutronNetworkVLANRanges: {get_param: NeutronNetworkVLANRanges} - NeutronPublicInterface: {get_param: NeutronPublicInterface} - NeutronPublicInterfaceDefaultRoute: {get_param: NeutronPublicInterfaceDefaultRoute} - NeutronPublicInterfaceRawDevice: {get_param: NeutronPublicInterfaceRawDevice} - NeutronPassword: {get_param: NeutronPassword} - NeutronDnsmasqOptions: {get_param: NeutronDnsmasqOptions} - NeutronDVR: {get_param: NeutronDVR} - NeutronMetadataProxySharedSecret: {get_param: NeutronMetadataProxySharedSecret} - NeutronAgentMode: {get_param: NeutronAgentMode} - NeutronCorePlugin: {get_param: NeutronCorePlugin} - NeutronServicePlugins: {get_param: NeutronServicePlugins} - NeutronTypeDrivers: {get_param: NeutronTypeDrivers} - NeutronMechanismDrivers: {get_param: NeutronMechanismDrivers} - NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover} - NeutronL3HA: {get_param: NeutronL3HA} - NeutronDhcpAgentsPerNetwork: {get_param: NeutronDhcpAgentsPerNetwork} - NeutronNetworkType: {get_param: NeutronNetworkType} - NeutronTunnelTypes: {get_param: NeutronTunnelTypes} - NovaPassword: {get_param: NovaPassword} - NtpServer: {get_param: NtpServer} - MongoDbNoJournal: {get_param: MongoDbNoJournal} - PcsdPassword: {get_resource: PcsdPassword} - PublicVirtualInterface: {get_param: PublicVirtualInterface} - RabbitPassword: {get_param: RabbitPassword} - RabbitUserName: {get_param: RabbitUserName} - RabbitCookie: {get_attr: [RabbitCookie, value]} - RabbitClientUseSSL: {get_param: RabbitClientUseSSL} - RabbitClientPort: {get_param: RabbitClientPort} - RabbitFDLimit: {get_param: RabbitFDLimit} - SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName} - SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword} - RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]} - SwiftHashSuffix: {get_param: SwiftHashSuffix} - SwiftMountCheck: {get_param: SwiftMountCheck} - SwiftMinPartHours: {get_param: SwiftMinPartHours} - SwiftPartPower: {get_param: SwiftPartPower} - SwiftPassword: {get_param: SwiftPassword} - SwiftReplicas: { get_param: SwiftReplicas} - VirtualIP: {get_attr: [VipMap, net_ip_map, ctlplane]} # deprecated. Use per service VIP settings instead now. - PublicVirtualIP: {get_attr: [VipMap, net_ip_map, external]} - ServiceNetMap: {get_param: ServiceNetMap} - EndpointMap: {get_attr: [EndpointMap, endpoint_map]} - CeilometerApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} - CinderApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} - HeatApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} - GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} - GlanceRegistryVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} - NovaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} - SwiftProxyVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} - MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} - KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} - KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} - NeutronApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} - NovaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} - UpdateIdentifier: {get_param: UpdateIdentifier} - Hostname: - str_replace: - template: {get_param: ControllerHostnameFormat} - params: - '%stackname%': {get_param: 'OS::stack_name'} - NodeIndex: '%index%' - - Compute: - type: OS::Heat::ResourceGroup - depends_on: Networks - properties: - count: {get_param: ComputeCount} - removal_policies: {get_param: ComputeRemovalPolicies} - resource_def: - type: OS::TripleO::Compute - properties: - AdminPassword: {get_param: AdminPassword} - CeilometerComputeAgent: {get_param: CeilometerComputeAgent} - CeilometerMeteringSecret: {get_param: CeilometerMeteringSecret} - CeilometerPassword: {get_param: CeilometerPassword} - CinderEnableNfsBackend: {get_param: CinderEnableNfsBackend} - CinderEnableRbdBackend: {get_param: CinderEnableRbdBackend} - Debug: {get_param: Debug} - ExtraConfig: {get_param: ExtraConfig} - Flavor: {get_param: OvercloudComputeFlavor} - GlanceHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} - Image: {get_param: NovaImage} - ImageUpdatePolicy: {get_param: ImageUpdatePolicy} - KeyName: {get_param: KeyName} - KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} - KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} - NeutronBridgeMappings: {get_param: NeutronBridgeMappings} - NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling} - NeutronEnableL2Pop : {get_param: NeutronEnableL2Pop} - NeutronFlatNetworks: {get_param: NeutronFlatNetworks} - NeutronHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} - NeutronNetworkType: {get_param: NeutronNetworkType} - NeutronTunnelTypes: {get_param: NeutronTunnelTypes} - NeutronNetworkVLANRanges: {get_param: NeutronNetworkVLANRanges} - NeutronPassword: {get_param: NeutronPassword} - NeutronPhysicalBridge: {get_param: HypervisorNeutronPhysicalBridge} - NeutronPublicInterface: {get_param: HypervisorNeutronPublicInterface} - NeutronDVR: {get_param: NeutronDVR} - NeutronMetadataProxySharedSecret: {get_param: NeutronMetadataProxySharedSecret} - NeutronAgentMode: {get_param: NeutronComputeAgentMode} - NeutronPublicInterfaceRawDevice: {get_param: NeutronPublicInterfaceRawDevice} - NeutronCorePlugin: {get_param: NeutronCorePlugin} - NeutronServicePlugins: {get_param: NeutronServicePlugins} - NeutronTypeDrivers: {get_param: NeutronTypeDrivers} - NeutronMechanismDrivers: {get_param: NeutronMechanismDrivers} - # L3 HA and Failover is not relevant for Computes, should be removed - NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover} - NeutronL3HA: {get_param: NeutronL3HA} - NovaApiHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} - NovaComputeDriver: {get_param: NovaComputeDriver} - NovaComputeExtraConfig: {get_param: NovaComputeExtraConfig} - NovaComputeLibvirtType: {get_param: NovaComputeLibvirtType} - NovaComputeLibvirtVifDriver: {get_param: NovaComputeLibvirtVifDriver} - NovaEnableRbdBackend: {get_param: NovaEnableRbdBackend} - NovaPublicIP: {get_attr: [VipMap, net_ip_map, external]} - NovaPassword: {get_param: NovaPassword} - NovaOVSBridge: {get_param: NovaOVSBridge} - NovaSecurityGroupAPI: {get_param: NovaSecurityGroupAPI} - NtpServer: {get_param: NtpServer} - RabbitHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]} - RabbitPassword: {get_param: RabbitPassword} - RabbitUserName: {get_param: RabbitUserName} - RabbitClientUseSSL: {get_param: RabbitClientUseSSL} - RabbitClientPort: {get_param: RabbitClientPort} - SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName} - SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword} - ServiceNetMap: {get_param: ServiceNetMap} - EndpointMap: {get_attr: [EndpointMap, endpoint_map]} - UpdateIdentifier: {get_param: UpdateIdentifier} - Hostname: - str_replace: - template: {get_param: ComputeHostnameFormat} - params: - '%stackname%': {get_param: 'OS::stack_name'} - CloudDomain: {get_param: CloudDomain} - - BlockStorage: - type: OS::Heat::ResourceGroup - depends_on: Networks - properties: - count: {get_param: BlockStorageCount} - removal_policies: {get_param: BlockStorageRemovalPolicies} - resource_def: - type: OS::TripleO::BlockStorage - properties: - Debug: {get_param: Debug} - Image: {get_param: BlockStorageImage} - CinderISCSIHelper: {get_param: CinderISCSIHelper} - CinderLVMLoopDeviceSize: {get_param: CinderLVMLoopDeviceSize} - # Purpose of the dedicated BlockStorage nodes should be to use their local LVM - CinderEnableIscsiBackend: {get_param: CinderEnableIscsiBackend} - CinderPassword: {get_param: CinderPassword} - KeyName: {get_param: KeyName} - Flavor: {get_param: OvercloudBlockStorageFlavor} - VirtualIP: {get_attr: [VipMap, net_ip_map, ctlplane]} - GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} - RabbitPassword: {get_param: RabbitPassword} - RabbitUserName: {get_param: RabbitUserName} - RabbitClientUseSSL: {get_param: RabbitClientUseSSL} - RabbitClientPort: {get_param: RabbitClientPort} - NtpServer: {get_param: NtpServer} - UpdateIdentifier: {get_param: UpdateIdentifier} - Hostname: - str_replace: - template: {get_param: BlockStorageHostnameFormat} - params: - '%stackname%': {get_param: 'OS::stack_name'} - ServiceNetMap: {get_param: ServiceNetMap} - EndpointMap: {get_attr: [EndpointMap, endpoint_map]} - MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} - ExtraConfig: {get_param: ExtraConfig} - BlockStorageExtraConfig: {get_param: BlockStorageExtraConfig} - CloudDomain: {get_param: CloudDomain} - - ObjectStorage: - type: OS::Heat::ResourceGroup - depends_on: Networks - properties: - count: {get_param: ObjectStorageCount} - removal_policies: {get_param: ObjectStorageRemovalPolicies} - resource_def: - type: OS::TripleO::ObjectStorage - properties: - KeyName: {get_param: KeyName} - Flavor: {get_param: OvercloudSwiftStorageFlavor} - HashSuffix: {get_param: SwiftHashSuffix} - MountCheck: {get_param: SwiftMountCheck} - MinPartHours: {get_param: SwiftMinPartHours} - PartPower: {get_param: SwiftPartPower} - Image: {get_param: SwiftStorageImage} - Replicas: { get_param: SwiftReplicas} - NtpServer: {get_param: NtpServer} - UpdateIdentifier: {get_param: UpdateIdentifier} - ServiceNetMap: {get_param: ServiceNetMap} - Hostname: - str_replace: - template: {get_param: ObjectStorageHostnameFormat} - params: - '%stackname%': {get_param: 'OS::stack_name'} - ExtraConfig: {get_param: ExtraConfig} - ObjectStorageExtraConfig: {get_param: ObjectStorageExtraConfig} - CloudDomain: {get_param: CloudDomain} - - CephStorage: - type: OS::Heat::ResourceGroup - depends_on: Networks - properties: - count: {get_param: CephStorageCount} - removal_policies: {get_param: CephStorageRemovalPolicies} - resource_def: - type: OS::TripleO::CephStorage - properties: - Image: {get_param: CephStorageImage} - KeyName: {get_param: KeyName} - Flavor: {get_param: OvercloudCephStorageFlavor} - NtpServer: {get_param: NtpServer} - ServiceNetMap: {get_param: ServiceNetMap} - UpdateIdentifier: {get_param: UpdateIdentifier} - Hostname: - str_replace: - template: {get_param: CephStorageHostnameFormat} - params: - '%stackname%': {get_param: 'OS::stack_name'} - ExtraConfig: {get_param: ExtraConfig} - CephStorageExtraConfig: {get_param: CephStorageExtraConfig} - CloudDomain: {get_param: CloudDomain} - - ControllerIpListMap: - type: OS::TripleO::Network::Ports::NetIpListMap - properties: - ControlPlaneIpList: {get_attr: [Controller, ip_address]} - ExternalIpList: {get_attr: [Controller, external_ip_address]} - InternalApiIpList: {get_attr: [Controller, internal_api_ip_address]} - StorageIpList: {get_attr: [Controller, storage_ip_address]} - StorageMgmtIpList: {get_attr: [Controller, storage_mgmt_ip_address]} - TenantIpList: {get_attr: [Controller, tenant_ip_address]} - - allNodesConfig: - type: OS::TripleO::AllNodes::SoftwareConfig - properties: - compute_hosts: {get_attr: [Compute, hosts_entry]} - controller_hosts: {get_attr: [Controller, hosts_entry]} - controller_ips: {get_attr: [Controller, ip_address]} - block_storage_hosts: {get_attr: [BlockStorage, hosts_entry]} - object_storage_hosts: {get_attr: [ObjectStorage, hosts_entry]} - ceph_storage_hosts: {get_attr: [CephStorage, hosts_entry]} - controller_names: {get_attr: [Controller, hostname]} - rabbit_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]} - mongo_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]} - redis_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]} - memcache_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]} - mysql_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} - horizon_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]} - heat_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} - swift_proxy_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} - ceilometer_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} - nova_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} - nova_metadata_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]} - glance_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} - glance_registry_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} - cinder_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} - neutron_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} - keystone_public_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} - keystone_admin_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} - - MysqlRootPassword: - type: OS::Heat::RandomString - properties: - length: 10 - - MysqlClusterUniquePart: - type: OS::Heat::RandomString - properties: - length: 10 - - RabbitCookie: - type: OS::Heat::RandomString - properties: - length: 20 - salt: {get_param: RabbitCookieSalt} - - # creates the network architecture - Networks: - type: OS::TripleO::Network - - ControlVirtualIP: - type: OS::Neutron::Port - depends_on: Networks - properties: - name: control_virtual_ip - network: {get_param: NeutronControlPlaneID} - fixed_ips: {get_param: ControlFixedIPs} - replacement_policy: AUTO - - RedisVirtualIP: - depends_on: Networks - type: OS::TripleO::Controller::Ports::RedisVipPort - properties: - ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} - ControlPlaneNetwork: {get_param: NeutronControlPlaneID} - PortName: redis_virtual_ip - NetworkName: {get_param: [ServiceNetMap, RedisNetwork]} - - # The public VIP is on the External net, falls back to ctlplane - PublicVirtualIP: - depends_on: Networks - type: OS::TripleO::Controller::Ports::ExternalPort - properties: - ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} - ControlPlaneNetwork: {get_param: NeutronControlPlaneID} - PortName: public_virtual_ip - FixedIPs: {get_param: PublicVirtualFixedIPs} - - InternalApiVirtualIP: - depends_on: Networks - type: OS::TripleO::Controller::Ports::InternalApiPort - properties: - ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} - PortName: internal_api_virtual_ip - - StorageVirtualIP: - depends_on: Networks - type: OS::TripleO::Controller::Ports::StoragePort - properties: - ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} - PortName: storage_virtual_ip - - StorageMgmtVirtualIP: - depends_on: Networks - type: OS::TripleO::Controller::Ports::StorageMgmtPort - properties: - ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} - PortName: storage_management_virtual_ip - - VipMap: - type: OS::TripleO::Network::Ports::NetVipMap - properties: - ControlPlaneIp: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} - ExternalIp: {get_attr: [PublicVirtualIP, ip_address]} - InternalApiIp: {get_attr: [InternalApiVirtualIP, ip_address]} - StorageIp: {get_attr: [StorageVirtualIP, ip_address]} - StorageMgmtIp: {get_attr: [StorageMgmtVirtualIP, ip_address]} - # No tenant VIP required - - VipConfig: - type: OS::TripleO::VipConfig - - VipDeployment: - type: OS::Heat::StructuredDeployments - properties: - config: {get_resource: VipConfig} - servers: {get_attr: [Controller, attributes, nova_server_resource]} - input_values: - # service VIP mappings - keystone_admin_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} - keystone_public_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} - neutron_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} - cinder_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} - glance_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} - glance_registry_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} - swift_proxy_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} - nova_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} - nova_metadata_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]} - ceilometer_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} - heat_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} - horizon_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]} - redis_vip: {get_attr: [RedisVirtualIP, ip_address]} - mysql_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} - rabbit_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]} - # direct configuration of Virtual IPs for each network - control_virtual_ip: {get_attr: [VipMap, net_ip_map, ctlplane]} - public_virtual_ip: {get_attr: [VipMap, net_ip_map, external]} - internal_api_virtual_ip: {get_attr: [VipMap, net_ip_map, internal_api]} - storage_virtual_ip: {get_attr: [VipMap, net_ip_map, storage]} - storage_mgmt_virtual_ip: {get_attr: [VipMap, net_ip_map, storage_mgmt]} - - ControllerBootstrapNodeConfig: - type: OS::TripleO::BootstrapNode::SoftwareConfig - properties: - bootstrap_nodeid: {get_attr: [Controller, resource.0.hostname]} - bootstrap_nodeid_ip: {get_attr: [Controller, resource.0.ip_address]} - - ControllerBootstrapNodeDeployment: - type: OS::Heat::StructuredDeployments - properties: - config: {get_attr: [ControllerBootstrapNodeConfig, config_id]} - servers: {get_attr: [Controller, attributes, nova_server_resource]} - - ControllerSwiftDeployment: - type: OS::Heat::StructuredDeployments - properties: - config: {get_attr: [SwiftDevicesAndProxyConfig, config_id]} - servers: {get_attr: [Controller, attributes, nova_server_resource]} - - ObjectStorageSwiftDeployment: - type: OS::Heat::StructuredDeployments - properties: - config: {get_attr: [SwiftDevicesAndProxyConfig, config_id]} - servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]} - - SwiftDevicesAndProxyConfig: - type: OS::TripleO::SwiftDevicesAndProxy::SoftwareConfig - properties: - controller_swift_devices: {get_attr: [Controller, swift_device]} - object_store_swift_devices: {get_attr: [ObjectStorage, swift_device]} - controller_swift_proxy_memcaches: {get_attr: [Controller, swift_proxy_memcache]} - - ComputeCephDeployment: - type: OS::Heat::StructuredDeployments - properties: - config: {get_attr: [CephClusterConfig, config_id]} - servers: {get_attr: [Compute, attributes, nova_server_resource]} - - ControllerCephDeployment: - type: OS::Heat::StructuredDeployments - properties: - config: {get_attr: [CephClusterConfig, config_id]} - servers: {get_attr: [Controller, attributes, nova_server_resource]} - - CephStorageCephDeployment: - type: OS::Heat::StructuredDeployments - properties: - config: {get_attr: [CephClusterConfig, config_id]} - servers: {get_attr: [CephStorage, attributes, nova_server_resource]} - - CephClusterConfig: - type: OS::TripleO::CephClusterConfig::SoftwareConfig - properties: - ceph_storage_count: {get_param: CephStorageCount} - ceph_fsid: {get_param: CephClusterFSID} - ceph_mon_key: {get_param: CephMonKey} - ceph_admin_key: {get_param: CephAdminKey} - ceph_client_key: {get_param: CephClientKey} - ceph_external_mon_ips: {get_param: CephExternalMonHost} - ceph_mon_names: {get_attr: [Controller, hostname]} - ceph_mon_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]} - - ControllerClusterConfig: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: - corosync: - nodes: {get_attr: [Controller, corosync_node]} - horizon: - caches: - memcached: - nodes: {get_attr: [Controller, hostname]} - mysql: - nodes: {get_attr: [Controller, corosync_node]} - haproxy: - nodes: {get_attr: [Controller, corosync_node]} - - ControllerClusterDeployment: - type: OS::Heat::StructuredDeployments - properties: - config: {get_resource: ControllerClusterConfig} - servers: {get_attr: [Controller, attributes, nova_server_resource]} - - ControllerAllNodesDeployment: - type: OS::Heat::StructuredDeployments - properties: - config: {get_attr: [allNodesConfig, config_id]} - servers: {get_attr: [Controller, attributes, nova_server_resource]} - - ComputeAllNodesDeployment: - type: OS::Heat::StructuredDeployments - properties: - config: {get_attr: [allNodesConfig, config_id]} - servers: {get_attr: [Compute, attributes, nova_server_resource]} - - BlockStorageAllNodesDeployment: - type: OS::Heat::StructuredDeployments - properties: - config: {get_attr: [allNodesConfig, config_id]} - servers: {get_attr: [BlockStorage, attributes, nova_server_resource]} - - ObjectStorageAllNodesDeployment: - type: OS::Heat::StructuredDeployments - properties: - config: {get_attr: [allNodesConfig, config_id]} - servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]} - - CephStorageAllNodesDeployment: - type: OS::Heat::StructuredDeployments - properties: - config: {get_attr: [allNodesConfig, config_id]} - servers: {get_attr: [CephStorage, attributes, nova_server_resource]} - - # All Nodes Validations - AllNodesValidationConfig: - type: OS::TripleO::AllNodes::Validation - properties: - PingTestIps: - list_join: - - ' ' - - - {get_attr: [Controller, resource.0.external_ip_address]} - - {get_attr: [Controller, resource.0.internal_api_ip_address]} - - {get_attr: [Controller, resource.0.storage_ip_address]} - - {get_attr: [Controller, resource.0.storage_mgmt_ip_address]} - - {get_attr: [Controller, resource.0.tenant_ip_address]} - - ControllerAllNodesValidationDeployment: - type: OS::Heat::StructuredDeployments - depends_on: ControllerAllNodesDeployment - properties: - config: {get_resource: AllNodesValidationConfig} - servers: {get_attr: [Controller, attributes, nova_server_resource]} - - ComputeAllNodesValidationDeployment: - type: OS::Heat::StructuredDeployments - depends_on: ComputeAllNodesDeployment - properties: - config: {get_resource: AllNodesValidationConfig} - servers: {get_attr: [Compute, attributes, nova_server_resource]} - - BlockStorageAllNodesValidationDeployment: - type: OS::Heat::StructuredDeployments - depends_on: BlockStorageAllNodesDeployment - properties: - config: {get_resource: AllNodesValidationConfig} - servers: {get_attr: [BlockStorage, attributes, nova_server_resource]} - - ObjectStorageAllNodesValidationDeployment: - type: OS::Heat::StructuredDeployments - depends_on: ObjectStorageAllNodesDeployment - properties: - config: {get_resource: AllNodesValidationConfig} - servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]} - - CephStorageAllNodesValidationDeployment: - type: OS::Heat::StructuredDeployments - depends_on: CephStorageAllNodesDeployment - properties: - config: {get_resource: AllNodesValidationConfig} - servers: {get_attr: [CephStorage, attributes, nova_server_resource]} - - # Optional ExtraConfig for all nodes - all roles are passed in here, but - # the nested template may configure each role differently (or not at all) - AllNodesExtraConfig: - type: OS::TripleO::AllNodesExtraConfig - properties: - controller_servers: {get_attr: [Controller, attributes, nova_server_resource]} - compute_servers: {get_attr: [Compute, attributes, nova_server_resource]} - blockstorage_servers: {get_attr: [BlockStorage, attributes, nova_server_resource]} - objectstorage_servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]} - cephstorage_servers: {get_attr: [CephStorage, attributes, nova_server_resource]} - - # Nested stack deployment runs after all other controller deployments - ControllerNodesPostDeployment: - type: OS::TripleO::ControllerPostDeployment - depends_on: [ControllerBootstrapNodeDeployment, ControllerAllNodesDeployment, ControllerSwiftDeployment, ControllerCephDeployment] - properties: - servers: {get_attr: [Controller, attributes, nova_server_resource]} - NodeConfigIdentifiers: - allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]} - controller_config: {get_attr: [Controller, attributes, config_identifier]} - deployment_identifier: {get_param: DeployIdentifier} - - ComputeNodesPostDeployment: - type: OS::TripleO::ComputePostDeployment - depends_on: [ComputeAllNodesDeployment, ComputeCephDeployment] - properties: - servers: {get_attr: [Compute, attributes, nova_server_resource]} - NodeConfigIdentifiers: - allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]} - compute_config: {get_attr: [Compute, attributes, config_identifier]} - deployment_identifier: {get_param: DeployIdentifier} - - ObjectStorageNodesPostDeployment: - type: OS::TripleO::ObjectStoragePostDeployment - depends_on: [ObjectStorageSwiftDeployment, ObjectStorageAllNodesDeployment] - properties: - servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]} - NodeConfigIdentifiers: - allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]} - objectstorage_config: {get_attr: [ObjectStorage, attributes, config_identifier]} - deployment_identifier: {get_param: DeployIdentifier} - - BlockStorageNodesPostDeployment: - type: OS::TripleO::BlockStoragePostDeployment - depends_on: [ControllerNodesPostDeployment, BlockStorageAllNodesDeployment] - properties: - servers: {get_attr: [BlockStorage, attributes, nova_server_resource]} - NodeConfigIdentifiers: - allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]} - blockstorage_config: {get_attr: [BlockStorage, attributes, config_identifier]} - deployment_identifier: {get_param: DeployIdentifier} - - CephStorageNodesPostDeployment: - type: OS::TripleO::CephStoragePostDeployment - depends_on: [ControllerNodesPostDeployment, CephStorageCephDeployment, CephStorageAllNodesDeployment] - properties: - servers: {get_attr: [CephStorage, attributes, nova_server_resource]} - NodeConfigIdentifiers: - allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]} - cephstorage_config: {get_attr: [CephStorage, attributes, config_identifier]} - deployment_identifier: {get_param: DeployIdentifier} - -outputs: - KeystoneURL: - description: URL for the Overcloud Keystone service - value: {get_attr: [EndpointMap, endpoint_map, KeystonePublic, uri]} - KeystoneAdminVip: - description: Keystone Admin VIP endpoint - value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} - PublicVip: - description: Controller VIP for public API endpoints - value: {get_attr: [VipMap, net_ip_map, external]} - CeilometerInternalVip: - description: VIP for Ceilometer API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} - CinderInternalVip: - description: VIP for Cinder API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} - GlanceInternalVip: - description: VIP for Glance API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} - HeatInternalVip: - description: VIP for Heat API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} - KeystoneInternalVip: - description: VIP for Keystone API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} - NeutronInternalVip: - description: VIP for Neutron API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} - NovaInternalVip: - description: VIP for Nova API internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} - SwiftInternalVip: - description: VIP for Swift Proxy internal endpoint - value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} +overcloud.yaml
\ No newline at end of file diff --git a/overcloud.yaml b/overcloud.yaml new file mode 100644 index 00000000..faec16dd --- /dev/null +++ b/overcloud.yaml @@ -0,0 +1,1514 @@ +heat_template_version: 2015-04-30 + +description: > + Deploy an OpenStack environment, consisting of several node types (roles), + Controller, Compute, BlockStorage, SwiftStorage and CephStorage. The Storage + roles enable independent scaling of the storage components, but the minimal + deployment is one Controller and one Compute node. + + +# TODO(shadower): we should probably use the parameter groups to put +# some order in here. +parameters: + + # Common parameters (not specific to a role) + AdminPassword: + default: unset + description: The password for the keystone admin account, used for monitoring, querying neutron etc. + type: string + hidden: true + CeilometerBackend: + default: 'mongodb' + description: The ceilometer backend type. + type: string + CeilometerMeteringSecret: + default: unset + description: Secret shared by the ceilometer services. + type: string + hidden: true + CeilometerPassword: + default: unset + description: The password for the ceilometer service account. + type: string + hidden: true + # This has to be an UUID so for now we generate it outside the template + CephClusterFSID: + default: '' + type: string + description: The Ceph cluster FSID. Must be a UUID. + CephMonKey: + default: '' + description: The Ceph monitors key. Can be created with ceph-authtool --gen-print-key. + type: string + hidden: true + CephAdminKey: + default: '' + description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key. + type: string + hidden: true + CinderEnableNfsBackend: + default: false + description: Whether to enable or not the NFS backend for Cinder + type: boolean + CephClientKey: + default: '' + description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. Currently only used for external Ceph deployments to create the openstack user keyring. + type: string + hidden: true + CephExternalMonHost: + default: '' + type: string + description: List of externally managed Ceph Mon Host IPs. Only used for external Ceph deployments. + CinderEnableIscsiBackend: + default: true + description: Whether to enable or not the Iscsi backend for Cinder + type: boolean + CinderEnableRbdBackend: + default: false + description: Whether to enable or not the Rbd backend for Cinder + type: boolean + CloudName: + default: '' + description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org + type: string + ControlFixedIPs: + default: [] + description: Should be used for arbitrary ips. + type: json + Debug: + default: '' + description: Set to True to enable debugging on all services. + type: string + HAProxySyslogAddress: + default: /dev/log + description: Syslog address where HAproxy will send its log + type: string + HorizonAllowedHosts: + default: '*' + description: A list of IP/Hostname allowed to connect to horizon + type: comma_delimited_list + ImageUpdatePolicy: + default: 'REBUILD_PRESERVE_EPHEMERAL' + description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt. + type: string + KeyName: + default: default + description: Name of an existing EC2 KeyPair to enable SSH access to the instances + type: string + constraints: + - custom_constraint: nova.keypair + NeutronExternalNetworkBridge: + description: Name of bridge used for external network traffic. + type: string + default: 'br-ex' + NeutronBridgeMappings: + description: > + The OVS logical->physical bridge mappings to use. See the Neutron + documentation for details. Defaults to mapping br-ex - the external + bridge on hosts - to a physical name 'datacentre' which can be used + to create provider networks (and we use this for the default floating + network) - if changing this either use different post-install network + scripts or be sure to keep 'datacentre' as a mapping network name. + type: string + default: "datacentre:br-ex" + NeutronControlPlaneID: + default: 'ctlplane' + type: string + description: Neutron ID or name for ctlplane network. + NeutronEnableIsolatedMetadata: + default: 'False' + description: If True, DHCP provide metadata route to VM. + type: string + NeutronEnableTunnelling: + type: string + default: "True" + NeutronEnableL2Pop: + type: string + description: > + Enable/disable the L2 population feature in the Neutron agents. + default: "False" + NeutronFlatNetworks: + type: string + default: 'datacentre' + description: > + If set, flat networks to configure in neutron plugins. Defaults to + 'datacentre' to permit external network creation. + NeutronNetworkType: + default: 'vxlan' + description: The tenant network type for Neutron, either gre or vxlan. + type: string + NeutronPassword: + default: unset + description: The password for the neutron service account, used by neutron agents. + type: string + hidden: true + NeutronPublicInterface: + default: nic1 + description: What interface to bridge onto br-ex for network nodes. + type: string + NeutronPublicInterfaceTag: + default: '' + description: > + VLAN tag for creating a public VLAN. The tag will be used to + create an access port on the exterior bridge for each control plane node, + and that port will be given the IP address returned by neutron from the + public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling + overcloud.yaml to include the deployment of VLAN ports to the control + plane. + type: string + NeutronComputeAgentMode: + default: 'dvr' + description: Agent mode for the neutron-l3-agent on the compute hosts + type: string + NeutronAgentMode: + default: 'dvr_snat' + description: Agent mode for the neutron-l3-agent on the controller hosts + type: string + NeutronDVR: + default: 'False' + description: Whether to configure Neutron Distributed Virtual Routers + type: string + NeutronMetadataProxySharedSecret: + default: 'unset' + description: Shared secret to prevent spoofing + type: string + hidden: true + NeutronTunnelTypes: + default: 'vxlan' + description: | + The tunnel types for the Neutron tenant network. To specify multiple + values, use a comma separated string, like so: 'gre,vxlan' + type: string + NeutronTunnelIdRanges: + description: | + Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges + of GRE tunnel IDs that are available for tenant network allocation + default: ["1:1000", ] + type: comma_delimited_list + NeutronVniRanges: + description: | + Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges + of VXLAN VNI IDs that are available for tenant network allocation + default: ["1:1000", ] + type: comma_delimited_list + NeutronCorePlugin: + default: 'ml2' + description: | + The core plugin for Neutron. The value should be the entrypoint to be loaded + from neutron.core_plugins namespace. + type: string + NeutronServicePlugins: + default: "router" + description: | + Comma-separated list of service plugin entrypoints to be loaded from the + neutron.service_plugins namespace. + type: comma_delimited_list + NeutronTypeDrivers: + default: "vxlan,vlan,flat,gre" + description: | + Comma-separated list of network type driver entrypoints to be loaded. + type: comma_delimited_list + NeutronMechanismDrivers: + default: 'openvswitch' + description: | + The mechanism drivers for the Neutron tenant network. To specify multiple + values, use a comma separated string, like so: 'openvswitch,l2_population' + type: string + NeutronAllowL3AgentFailover: + default: 'False' + description: Allow automatic l3-agent failover + type: string + NeutronL3HA: + default: 'False' + description: Whether to enable l3-agent HA + type: string + NeutronDhcpAgentsPerNetwork: + type: number + default: 1 + description: The number of neutron dhcp agents to schedule per network + NovaPassword: + default: unset + description: The password for the nova service account, used by nova-api. + type: string + hidden: true + NtpServer: + default: '' + description: Comma-separated list of ntp servers + type: comma_delimited_list + MongoDbNoJournal: + default: false + description: Should MongoDb journaling be disabled + type: boolean + PublicVirtualFixedIPs: + default: [] + description: > + Control the IP allocation for the PublicVirtualInterface port. E.g. + [{'ip_address':'1.2.3.4'}] + type: json + RabbitCookieSalt: + type: string + default: unset + description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change. + # FIXME: 'guest' is provisioned in RabbitMQ by default, we should create a user if these are changed + RabbitUserName: + default: guest + description: The username for RabbitMQ + type: string + RabbitPassword: + default: guest + description: The password for RabbitMQ + type: string + hidden: true + RabbitClientUseSSL: + default: false + description: > + Rabbit client subscriber parameter to specify + an SSL connection to the RabbitMQ host. + type: string + RabbitClientPort: + default: 5672 + description: Set rabbit subscriber port, change this if using SSL + type: number + # We need to set this as string because 'unlimited' is a valid setting + RabbitFDLimit: + default: 16384 + description: Configures RabbitMQ FD limit + type: string + SnmpdReadonlyUserName: + default: ro_snmp_user + description: The user name for SNMPd with readonly rights running on all Overcloud nodes + type: string + SnmpdReadonlyUserPassword: + default: unset + description: The user password for SNMPd with readonly rights running on all Overcloud nodes + type: string + hidden: true + CloudDomain: + default: 'localdomain' + type: string + description: > + The DNS domain used for the hosts. This should match the dhcp_domain + configured in the Undercloud neutron. Defaults to localdomain. + ServerMetadata: + default: {} + description: > + Extra properties or metadata passed to Nova for the created nodes in + the overcloud. It's accessible via the Nova metadata API. + type: json + + # Controller-specific params + AdminToken: + default: unset + description: The keystone auth secret. + type: string + hidden: true + CinderLVMLoopDeviceSize: + default: 5000 + description: The size of the loopback file used by the cinder LVM driver. + type: number + CinderNfsMountOptions: + default: '' + description: > + Mount options for NFS mounts used by Cinder NFS backend. Effective + when CinderEnableNfsBackend is true. + type: string + CinderNfsServers: + default: '' + description: > + NFS servers used by Cinder NFS backend. Effective when + CinderEnableNfsBackend is true. + type: comma_delimited_list + CinderPassword: + default: unset + description: The password for the cinder service account, used by cinder-api. + type: string + hidden: true + CinderISCSIHelper: + default: tgtadm + description: The iSCSI helper to use with cinder. + type: string + ControllerCount: + type: number + default: 1 + constraints: + - range: {min: 1} + controllerExtraConfig: + default: {} + description: | + Controller specific configuration to inject into the cluster. Same + structure as ExtraConfig. + type: json + controllerImage: + type: string + default: overcloud-control + constraints: + - custom_constraint: glance.image + OvercloudControlFlavor: + description: Flavor for control nodes to request when deploying. + type: string + constraints: + - custom_constraint: nova.flavor + ControlVirtualInterface: + default: 'br-ex' + description: Interface where virtual ip will be assigned. + type: string + EnableFencing: + default: false + description: Whether to enable fencing in Pacemaker or not. + type: boolean + EnableGalera: + default: true + description: Whether to use Galera instead of regular MariaDB. + type: boolean + ControllerEnableCephStorage: + default: false + description: Whether to deploy Ceph Storage (OSD) on the Controller + type: boolean + ControllerEnableSwiftStorage: + default: true + description: Whether to enable Swift Storage on the Controller + type: boolean + ExtraConfig: + default: {} + description: | + Additional configuration to inject into the cluster. The format required + may be implementation specific, e.g puppet hieradata. Any role specific + ExtraConfig, e.g controllerExtraConfig takes precedence over ExtraConfig. + type: json + FencingConfig: + default: {} + description: | + Pacemaker fencing configuration. The JSON should have + the following structure: + { + "devices": [ + { + "agent": "AGENT_NAME", + "host_mac": "HOST_MAC_ADDRESS", + "params": {"PARAM_NAME": "PARAM_VALUE"} + } + ] + } + For instance: + { + "devices": [ + { + "agent": "fence_xvm", + "host_mac": "52:54:00:aa:bb:cc", + "params": { + "multicast_address": "225.0.0.12", + "port": "baremetal_0", + "manage_fw": true, + "manage_key_file": true, + "key_file": "/etc/fence_xvm.key", + "key_file_password": "abcdef" + } + } + ] + } + type: json + GlanceLogFile: + description: The filepath of the file to use for logging messages from Glance. + type: string + default: '' + GlanceNotifierStrategy: + description: Strategy to use for Glance notification queue + type: string + default: noop + GlancePassword: + default: unset + description: The password for the glance service account, used by the glance services. + type: string + hidden: true + GlanceBackend: + default: swift + description: The short name of the Glance backend to use. Should be one + of swift, rbd or file + type: string + constraints: + - allowed_values: ['swift', 'file', 'rbd'] + HeatPassword: + default: unset + description: The password for the Heat service account, used by the Heat services. + type: string + hidden: true + HeatStackDomainAdminPassword: + description: Password for heat_domain_admin user. + type: string + default: '' + hidden: true + InstanceNameTemplate: + default: 'instance-%08x' + description: Template string to be used to generate instance names + type: string + KeystoneCACertificate: + default: '' + description: Keystone self-signed certificate authority certificate. + type: string + KeystoneSigningCertificate: + default: '' + description: Keystone certificate for verifying token validity. + type: string + KeystoneSigningKey: + default: '' + description: Keystone key for signing tokens. + type: string + hidden: true + KeystoneSSLCertificate: + default: '' + description: Keystone certificate for verifying token validity. + type: string + KeystoneSSLCertificateKey: + default: '' + description: Keystone key for signing tokens. + type: string + hidden: true + KeystoneNotificationDriver: + description: Comma-separated list of Oslo notification drivers used by Keystone + default: ['messaging'] + type: comma_delimited_list + KeystoneNotificationFormat: + description: The Keystone notification format + default: 'basic' + type: string + constraints: + - allowed_values: [ 'basic', 'cadf' ] + ManageFirewall: + default: false + description: Whether to manage IPtables rules. + type: boolean + PurgeFirewallRules: + default: false + description: Whether IPtables rules should be purged before setting up the ones. + type: boolean + MysqlInnodbBufferPoolSize: + description: > + Specifies the size of the buffer pool in megabytes. Setting to + zero should be interpreted as "no value" and will defer to the + lower level default. + type: number + default: 0 + MysqlMaxConnections: + description: Configures MySQL max_connections config setting + type: number + default: 4096 + NeutronDnsmasqOptions: + default: 'dhcp-option-force=26,1400' + description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the tunnel overhead. + type: string + NeutronPublicInterfaceDefaultRoute: + default: '' + description: A custom default route for the NeutronPublicInterface. + type: string + NeutronPublicInterfaceIP: + default: '' + description: A custom IP address to put onto the NeutronPublicInterface. + type: string + NeutronPublicInterfaceRawDevice: + default: '' + description: If set, the public interface is a vlan with this device as the raw device. + type: string + PublicVirtualInterface: + default: 'br-ex' + description: > + Specifies the interface where the public-facing virtual ip will be assigned. + This should be int_public when a VLAN is being used. + type: string + SwiftHashSuffix: + default: unset + description: A random string to be used as a salt when hashing to determine mappings in the ring. + type: string + hidden: true + SwiftPassword: + default: unset + description: The password for the swift service account, used by the swift proxy services. + type: string + hidden: true + SwiftMountCheck: + default: 'false' + description: Value of mount_check in Swift account/container/object -server.conf + type: boolean + SwiftMinPartHours: + type: number + default: 1 + description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance. + SwiftPartPower: + default: 10 + description: Partition Power to use when building Swift rings + type: number + SwiftReplicas: + type: number + default: 3 + description: How many replicas to use in the swift rings. + +# Compute-specific params + CeilometerComputeAgent: + description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly + type: string + default: '' + constraints: + - allowed_values: ['', Present] + ComputeCount: + type: number + default: 1 + HypervisorNeutronPhysicalBridge: + default: 'br-ex' + description: > + An OVS bridge to create on each hypervisor. This defaults to br-ex the + same as the control plane nodes, as we have a uniform configuration of + the openvswitch agent. Typically should not need to be changed. + type: string + HypervisorNeutronPublicInterface: + default: nic1 + description: What interface to add to the HypervisorNeutronPhysicalBridge. + type: string + NeutronNetworkVLANRanges: + default: 'datacentre' + description: > + The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the + Neutron documentation for permitted values. Defaults to permitting any + VLAN on the 'datacentre' physical network (See NeutronBridgeMappings). + type: comma_delimited_list + NovaComputeDriver: + type: string + default: libvirt.LibvirtDriver + NovaComputeExtraConfig: + default: {} + description: | + NovaCompute specific configuration to inject into the cluster. Same + structure as ExtraConfig. + type: json + NovaComputeLibvirtType: + default: '' + type: string + NovaComputeLibvirtVifDriver: + default: '' + description: Libvirt VIF driver configuration for the network + type: string + NovaEnableRbdBackend: + default: false + description: Whether to enable or not the Rbd backend for Nova + type: boolean + NovaImage: + type: string + default: overcloud-compute + constraints: + - custom_constraint: glance.image + NovaOVSBridge: + default: 'br-int' + description: Name of integration bridge used by Open vSwitch + type: string + NovaSecurityGroupAPI: + default: 'neutron' + description: The full class name of the security API class + type: string + OvercloudComputeFlavor: + description: Use this flavor + type: string + constraints: + - custom_constraint: nova.flavor + ServiceNetMap: + default: + NeutronTenantNetwork: tenant + CeilometerApiNetwork: internal_api + MongoDbNetwork: internal_api + CinderApiNetwork: internal_api + CinderIscsiNetwork: storage + GlanceApiNetwork: storage + GlanceRegistryNetwork: internal_api + KeystoneAdminApiNetwork: ctlplane # allows undercloud to config endpoints + KeystonePublicApiNetwork: internal_api + NeutronApiNetwork: internal_api + HeatApiNetwork: internal_api + NovaApiNetwork: internal_api + NovaMetadataNetwork: internal_api + NovaVncProxyNetwork: internal_api + SwiftMgmtNetwork: storage_mgmt + SwiftProxyNetwork: storage + HorizonNetwork: internal_api + MemcachedNetwork: internal_api + RabbitMqNetwork: internal_api + RedisNetwork: internal_api + MysqlNetwork: internal_api + CephClusterNetwork: storage_mgmt + CephPublicNetwork: storage + ControllerHostnameResolveNetwork: internal_api + ComputeHostnameResolveNetwork: internal_api + BlockStorageHostnameResolveNetwork: internal_api + ObjectStorageHostnameResolveNetwork: internal_api + CephStorageHostnameResolveNetwork: storage + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. + type: json + +# Block storage specific parameters + BlockStorageCount: + type: number + default: 0 + BlockStorageImage: + default: overcloud-cinder-volume + type: string + OvercloudBlockStorageFlavor: + description: Flavor for block storage nodes to request when deploying. + type: string + constraints: + - custom_constraint: nova.flavor + BlockStorageExtraConfig: + default: {} + description: | + BlockStorage specific configuration to inject into the cluster. Same + structure as ExtraConfig. + type: json + +# Object storage specific parameters + ObjectStorageCount: + type: number + default: 0 + OvercloudSwiftStorageFlavor: + description: Flavor for Swift storage nodes to request when deploying. + type: string + constraints: + - custom_constraint: nova.flavor + SwiftStorageImage: + default: overcloud-swift-storage + type: string + ObjectStorageExtraConfig: + default: {} + description: | + ObjectStorage specific configuration to inject into the cluster. Same + structure as ExtraConfig. + type: json + + +# Ceph storage specific parameters + CephStorageCount: + type: number + default: 0 + CephStorageImage: + default: overcloud-ceph-storage + type: string + OvercloudCephStorageFlavor: + default: baremetal + description: Flavor for Ceph storage nodes to request when deploying. + type: string + constraints: + - custom_constraint: nova.flavor + CephStorageExtraConfig: + default: {} + description: | + CephStorage specific configuration to inject into the cluster. Same + structure as ExtraConfig. + type: json + + # Hostname format for each role + # Note %index% is translated into the index of the node, e.g 0/1/2 etc + # and %stackname% is replaced with OS::stack_name in the template below. + # If you want to use the heat generated names, pass '' (empty string). + ControllerHostnameFormat: + type: string + description: Format for Controller node hostnames + default: '%stackname%-controller-%index%' + ComputeHostnameFormat: + type: string + description: Format for Compute node hostnames + default: '%stackname%-novacompute-%index%' + BlockStorageHostnameFormat: + type: string + description: Format for BlockStorage node hostnames + default: '%stackname%-blockstorage-%index%' + ObjectStorageHostnameFormat: + type: string + description: Format for SwiftStorage node hostnames + default: '%stackname%-objectstorage-%index%' + CephStorageHostnameFormat: + type: string + description: Format for CephStorage node hostnames + default: '%stackname%-cephstorage-%index%' + + # Identifiers to trigger tasks on nodes + UpdateIdentifier: + default: '' + type: string + description: > + Setting to a previously unused value during stack-update will trigger + package update on all nodes + DeployIdentifier: + default: '' + type: string + description: > + Setting this to a unique value will re-run any deployment tasks which + perform configuration on a Heat stack-update. + + # If you want to remove a specific node from a resource group, you can pass + # the node name or id as a <Group>RemovalPolicies parameter, for example: + # ComputeRemovalPolicies: [{'resource_list': ['0']}] + ControllerRemovalPolicies: + default: [] + type: json + description: > + List of resources to be removed from ControllerResourceGroup when + doing an update which requires removal of specific resources. + ComputeRemovalPolicies: + default: [] + type: json + description: > + List of resources to be removed from ComputeResourceGroup when + doing an update which requires removal of specific resources. + BlockStorageRemovalPolicies: + default: [] + type: json + description: > + List of resources to be removed from BlockStorageResourceGroup when + doing an update which requires removal of specific resources. + ObjectStorageRemovalPolicies: + default: [] + type: json + description: > + List of resources to be removed from ObjectStorageResourceGroup when + doing an update which requires removal of specific resources. + CephStorageRemovalPolicies: + default: [] + type: json + description: > + List of resources to be removed from CephStorageResourceGroup when + doing an update which requires removal of specific resources. + + +resources: + + HeatAuthEncryptionKey: + type: OS::Heat::RandomString + + PcsdPassword: + type: OS::Heat::RandomString + properties: + length: 16 + + HorizonSecret: + type: OS::Heat::RandomString + properties: + length: 10 + + EndpointMap: + type: OS::TripleO::EndpointMap + properties: + CloudName: {get_param: CloudName} + CeilometerApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} + CinderApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} + GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} + GlanceRegistryVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} + HeatApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} + KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} + KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} + MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} + NeutronApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} + NovaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} + SwiftProxyVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} + PublicVirtualIP: {get_attr: [VipMap, net_ip_map, external]} + + Controller: + type: OS::Heat::ResourceGroup + depends_on: Networks + properties: + count: {get_param: ControllerCount} + removal_policies: {get_param: ControllerRemovalPolicies} + resource_def: + type: OS::TripleO::Controller + properties: + AdminPassword: {get_param: AdminPassword} + AdminToken: {get_param: AdminToken} + CeilometerBackend: {get_param: CeilometerBackend} + CeilometerMeteringSecret: {get_param: CeilometerMeteringSecret} + CeilometerPassword: {get_param: CeilometerPassword} + CinderLVMLoopDeviceSize: {get_param: CinderLVMLoopDeviceSize} + CinderNfsMountOptions: {get_param: CinderNfsMountOptions} + CinderNfsServers: {get_param: CinderNfsServers} + CinderPassword: {get_param: CinderPassword} + CinderISCSIHelper: {get_param: CinderISCSIHelper} + CinderEnableNfsBackend: {get_param: CinderEnableNfsBackend} + CinderEnableIscsiBackend: {get_param: CinderEnableIscsiBackend} + CinderEnableRbdBackend: {get_param: CinderEnableRbdBackend} + CloudName: {get_param: CloudName} + CloudDomain: {get_param: CloudDomain} + ControlVirtualInterface: {get_param: ControlVirtualInterface} + ControllerExtraConfig: {get_param: controllerExtraConfig} + Debug: {get_param: Debug} + EnableFencing: {get_param: EnableFencing} + ManageFirewall: {get_param: ManageFirewall} + PurgeFirewallRules: {get_param: PurgeFirewallRules} + EnableGalera: {get_param: EnableGalera} + EnableCephStorage: {get_param: ControllerEnableCephStorage} + EnableSwiftStorage: {get_param: ControllerEnableSwiftStorage} + ExtraConfig: {get_param: ExtraConfig} + FencingConfig: {get_param: FencingConfig} + Flavor: {get_param: OvercloudControlFlavor} + GlancePassword: {get_param: GlancePassword} + GlanceBackend: {get_param: GlanceBackend} + GlanceNotifierStrategy: {get_param: GlanceNotifierStrategy} + GlanceLogFile: {get_param: GlanceLogFile} + HAProxySyslogAddress: {get_param: HAProxySyslogAddress} + HeatPassword: {get_param: HeatPassword} + HeatStackDomainAdminPassword: {get_param: HeatStackDomainAdminPassword} + HeatAuthEncryptionKey: {get_resource: HeatAuthEncryptionKey} + HorizonAllowedHosts: {get_param: HorizonAllowedHosts} + HorizonSecret: {get_resource: HorizonSecret} + Image: {get_param: controllerImage} + ImageUpdatePolicy: {get_param: ImageUpdatePolicy} + InstanceNameTemplate: {get_param: InstanceNameTemplate} + KeyName: {get_param: KeyName} + KeystoneCACertificate: {get_param: KeystoneCACertificate} + KeystoneSigningCertificate: {get_param: KeystoneSigningCertificate} + KeystoneSigningKey: {get_param: KeystoneSigningKey} + KeystoneSSLCertificate: {get_param: KeystoneSSLCertificate} + KeystoneSSLCertificateKey: {get_param: KeystoneSSLCertificateKey} + KeystoneNotificationDriver: {get_param: KeystoneNotificationDriver} + KeystoneNotificationFormat: {get_param: KeystoneNotificationFormat} + MysqlClusterUniquePart: {get_attr: [MysqlClusterUniquePart, value]} + MysqlInnodbBufferPoolSize: {get_param: MysqlInnodbBufferPoolSize} + MysqlMaxConnections: {get_param: MysqlMaxConnections} + MysqlRootPassword: {get_attr: [MysqlRootPassword, value]} + NeutronPublicInterfaceIP: {get_param: NeutronPublicInterfaceIP} + NeutronFlatNetworks: {get_param: NeutronFlatNetworks} + NeutronBridgeMappings: {get_param: NeutronBridgeMappings} + NeutronExternalNetworkBridge: {get_param: NeutronExternalNetworkBridge} + NeutronEnableIsolatedMetadata: {get_param: NeutronEnableIsolatedMetadata} + NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling} + NeutronEnableL2Pop: {get_param: NeutronEnableL2Pop} + NeutronNetworkVLANRanges: {get_param: NeutronNetworkVLANRanges} + NeutronPublicInterface: {get_param: NeutronPublicInterface} + NeutronPublicInterfaceDefaultRoute: {get_param: NeutronPublicInterfaceDefaultRoute} + NeutronPublicInterfaceRawDevice: {get_param: NeutronPublicInterfaceRawDevice} + NeutronPassword: {get_param: NeutronPassword} + NeutronDnsmasqOptions: {get_param: NeutronDnsmasqOptions} + NeutronDVR: {get_param: NeutronDVR} + NeutronMetadataProxySharedSecret: {get_param: NeutronMetadataProxySharedSecret} + NeutronAgentMode: {get_param: NeutronAgentMode} + NeutronCorePlugin: {get_param: NeutronCorePlugin} + NeutronServicePlugins: {get_param: NeutronServicePlugins} + NeutronTypeDrivers: {get_param: NeutronTypeDrivers} + NeutronMechanismDrivers: {get_param: NeutronMechanismDrivers} + NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover} + NeutronL3HA: {get_param: NeutronL3HA} + NeutronDhcpAgentsPerNetwork: {get_param: NeutronDhcpAgentsPerNetwork} + NeutronNetworkType: {get_param: NeutronNetworkType} + NeutronTunnelTypes: {get_param: NeutronTunnelTypes} + NovaPassword: {get_param: NovaPassword} + NtpServer: {get_param: NtpServer} + MongoDbNoJournal: {get_param: MongoDbNoJournal} + PcsdPassword: {get_resource: PcsdPassword} + PublicVirtualInterface: {get_param: PublicVirtualInterface} + RabbitPassword: {get_param: RabbitPassword} + RabbitUserName: {get_param: RabbitUserName} + RabbitCookie: {get_attr: [RabbitCookie, value]} + RabbitClientUseSSL: {get_param: RabbitClientUseSSL} + RabbitClientPort: {get_param: RabbitClientPort} + RabbitFDLimit: {get_param: RabbitFDLimit} + SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName} + SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword} + RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]} + SwiftHashSuffix: {get_param: SwiftHashSuffix} + SwiftMountCheck: {get_param: SwiftMountCheck} + SwiftMinPartHours: {get_param: SwiftMinPartHours} + SwiftPartPower: {get_param: SwiftPartPower} + SwiftPassword: {get_param: SwiftPassword} + SwiftReplicas: { get_param: SwiftReplicas} + VirtualIP: {get_attr: [VipMap, net_ip_map, ctlplane]} # deprecated. Use per service VIP settings instead now. + PublicVirtualIP: {get_attr: [VipMap, net_ip_map, external]} + ServiceNetMap: {get_param: ServiceNetMap} + EndpointMap: {get_attr: [EndpointMap, endpoint_map]} + CeilometerApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} + CinderApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} + HeatApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} + GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} + GlanceRegistryVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} + NovaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} + SwiftProxyVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} + MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} + KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} + KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} + NeutronApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} + NovaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} + UpdateIdentifier: {get_param: UpdateIdentifier} + Hostname: + str_replace: + template: {get_param: ControllerHostnameFormat} + params: + '%stackname%': {get_param: 'OS::stack_name'} + NodeIndex: '%index%' + ServerMetadata: {get_param: ServerMetadata} + + Compute: + type: OS::Heat::ResourceGroup + depends_on: Networks + properties: + count: {get_param: ComputeCount} + removal_policies: {get_param: ComputeRemovalPolicies} + resource_def: + type: OS::TripleO::Compute + properties: + AdminPassword: {get_param: AdminPassword} + CeilometerComputeAgent: {get_param: CeilometerComputeAgent} + CeilometerMeteringSecret: {get_param: CeilometerMeteringSecret} + CeilometerPassword: {get_param: CeilometerPassword} + CinderEnableNfsBackend: {get_param: CinderEnableNfsBackend} + CinderEnableRbdBackend: {get_param: CinderEnableRbdBackend} + Debug: {get_param: Debug} + ExtraConfig: {get_param: ExtraConfig} + Flavor: {get_param: OvercloudComputeFlavor} + GlanceHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} + Image: {get_param: NovaImage} + ImageUpdatePolicy: {get_param: ImageUpdatePolicy} + KeyName: {get_param: KeyName} + KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} + KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} + NeutronBridgeMappings: {get_param: NeutronBridgeMappings} + NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling} + NeutronEnableL2Pop : {get_param: NeutronEnableL2Pop} + NeutronFlatNetworks: {get_param: NeutronFlatNetworks} + NeutronHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} + NeutronNetworkType: {get_param: NeutronNetworkType} + NeutronTunnelTypes: {get_param: NeutronTunnelTypes} + NeutronNetworkVLANRanges: {get_param: NeutronNetworkVLANRanges} + NeutronPassword: {get_param: NeutronPassword} + NeutronPhysicalBridge: {get_param: HypervisorNeutronPhysicalBridge} + NeutronPublicInterface: {get_param: HypervisorNeutronPublicInterface} + NeutronDVR: {get_param: NeutronDVR} + NeutronMetadataProxySharedSecret: {get_param: NeutronMetadataProxySharedSecret} + NeutronAgentMode: {get_param: NeutronComputeAgentMode} + NeutronPublicInterfaceRawDevice: {get_param: NeutronPublicInterfaceRawDevice} + NeutronCorePlugin: {get_param: NeutronCorePlugin} + NeutronServicePlugins: {get_param: NeutronServicePlugins} + NeutronTypeDrivers: {get_param: NeutronTypeDrivers} + NeutronMechanismDrivers: {get_param: NeutronMechanismDrivers} + # L3 HA and Failover is not relevant for Computes, should be removed + NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover} + NeutronL3HA: {get_param: NeutronL3HA} + NovaApiHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} + NovaComputeDriver: {get_param: NovaComputeDriver} + NovaComputeExtraConfig: {get_param: NovaComputeExtraConfig} + NovaComputeLibvirtType: {get_param: NovaComputeLibvirtType} + NovaComputeLibvirtVifDriver: {get_param: NovaComputeLibvirtVifDriver} + NovaEnableRbdBackend: {get_param: NovaEnableRbdBackend} + NovaPublicIP: {get_attr: [VipMap, net_ip_map, external]} + NovaPassword: {get_param: NovaPassword} + NovaOVSBridge: {get_param: NovaOVSBridge} + NovaSecurityGroupAPI: {get_param: NovaSecurityGroupAPI} + NtpServer: {get_param: NtpServer} + RabbitHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]} + RabbitPassword: {get_param: RabbitPassword} + RabbitUserName: {get_param: RabbitUserName} + RabbitClientUseSSL: {get_param: RabbitClientUseSSL} + RabbitClientPort: {get_param: RabbitClientPort} + SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName} + SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword} + ServiceNetMap: {get_param: ServiceNetMap} + EndpointMap: {get_attr: [EndpointMap, endpoint_map]} + UpdateIdentifier: {get_param: UpdateIdentifier} + Hostname: + str_replace: + template: {get_param: ComputeHostnameFormat} + params: + '%stackname%': {get_param: 'OS::stack_name'} + CloudDomain: {get_param: CloudDomain} + ServerMetadata: {get_param: ServerMetadata} + + BlockStorage: + type: OS::Heat::ResourceGroup + depends_on: Networks + properties: + count: {get_param: BlockStorageCount} + removal_policies: {get_param: BlockStorageRemovalPolicies} + resource_def: + type: OS::TripleO::BlockStorage + properties: + Debug: {get_param: Debug} + Image: {get_param: BlockStorageImage} + CinderISCSIHelper: {get_param: CinderISCSIHelper} + CinderLVMLoopDeviceSize: {get_param: CinderLVMLoopDeviceSize} + # Purpose of the dedicated BlockStorage nodes should be to use their local LVM + CinderEnableIscsiBackend: {get_param: CinderEnableIscsiBackend} + CinderPassword: {get_param: CinderPassword} + KeyName: {get_param: KeyName} + Flavor: {get_param: OvercloudBlockStorageFlavor} + VirtualIP: {get_attr: [VipMap, net_ip_map, ctlplane]} + GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} + RabbitPassword: {get_param: RabbitPassword} + RabbitUserName: {get_param: RabbitUserName} + RabbitClientUseSSL: {get_param: RabbitClientUseSSL} + RabbitClientPort: {get_param: RabbitClientPort} + NtpServer: {get_param: NtpServer} + UpdateIdentifier: {get_param: UpdateIdentifier} + Hostname: + str_replace: + template: {get_param: BlockStorageHostnameFormat} + params: + '%stackname%': {get_param: 'OS::stack_name'} + ServiceNetMap: {get_param: ServiceNetMap} + EndpointMap: {get_attr: [EndpointMap, endpoint_map]} + MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} + ExtraConfig: {get_param: ExtraConfig} + BlockStorageExtraConfig: {get_param: BlockStorageExtraConfig} + CloudDomain: {get_param: CloudDomain} + ServerMetadata: {get_param: ServerMetadata} + + ObjectStorage: + type: OS::Heat::ResourceGroup + depends_on: Networks + properties: + count: {get_param: ObjectStorageCount} + removal_policies: {get_param: ObjectStorageRemovalPolicies} + resource_def: + type: OS::TripleO::ObjectStorage + properties: + KeyName: {get_param: KeyName} + Flavor: {get_param: OvercloudSwiftStorageFlavor} + HashSuffix: {get_param: SwiftHashSuffix} + MountCheck: {get_param: SwiftMountCheck} + MinPartHours: {get_param: SwiftMinPartHours} + PartPower: {get_param: SwiftPartPower} + Image: {get_param: SwiftStorageImage} + Replicas: { get_param: SwiftReplicas} + NtpServer: {get_param: NtpServer} + UpdateIdentifier: {get_param: UpdateIdentifier} + ServiceNetMap: {get_param: ServiceNetMap} + Hostname: + str_replace: + template: {get_param: ObjectStorageHostnameFormat} + params: + '%stackname%': {get_param: 'OS::stack_name'} + ExtraConfig: {get_param: ExtraConfig} + ObjectStorageExtraConfig: {get_param: ObjectStorageExtraConfig} + CloudDomain: {get_param: CloudDomain} + ServerMetadata: {get_param: ServerMetadata} + + CephStorage: + type: OS::Heat::ResourceGroup + depends_on: Networks + properties: + count: {get_param: CephStorageCount} + removal_policies: {get_param: CephStorageRemovalPolicies} + resource_def: + type: OS::TripleO::CephStorage + properties: + Image: {get_param: CephStorageImage} + KeyName: {get_param: KeyName} + Flavor: {get_param: OvercloudCephStorageFlavor} + NtpServer: {get_param: NtpServer} + ServiceNetMap: {get_param: ServiceNetMap} + UpdateIdentifier: {get_param: UpdateIdentifier} + Hostname: + str_replace: + template: {get_param: CephStorageHostnameFormat} + params: + '%stackname%': {get_param: 'OS::stack_name'} + ExtraConfig: {get_param: ExtraConfig} + CephStorageExtraConfig: {get_param: CephStorageExtraConfig} + CloudDomain: {get_param: CloudDomain} + ServerMetadata: {get_param: ServerMetadata} + + ControllerIpListMap: + type: OS::TripleO::Network::Ports::NetIpListMap + properties: + ControlPlaneIpList: {get_attr: [Controller, ip_address]} + ExternalIpList: {get_attr: [Controller, external_ip_address]} + InternalApiIpList: {get_attr: [Controller, internal_api_ip_address]} + StorageIpList: {get_attr: [Controller, storage_ip_address]} + StorageMgmtIpList: {get_attr: [Controller, storage_mgmt_ip_address]} + TenantIpList: {get_attr: [Controller, tenant_ip_address]} + + allNodesConfig: + type: OS::TripleO::AllNodes::SoftwareConfig + properties: + compute_hosts: {get_attr: [Compute, hosts_entry]} + controller_hosts: {get_attr: [Controller, hosts_entry]} + controller_ips: {get_attr: [Controller, ip_address]} + block_storage_hosts: {get_attr: [BlockStorage, hosts_entry]} + object_storage_hosts: {get_attr: [ObjectStorage, hosts_entry]} + ceph_storage_hosts: {get_attr: [CephStorage, hosts_entry]} + controller_names: {get_attr: [Controller, hostname]} + rabbit_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]} + mongo_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]} + redis_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]} + memcache_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]} + mysql_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} + horizon_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]} + heat_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} + swift_proxy_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} + ceilometer_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} + nova_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} + nova_metadata_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]} + glance_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} + glance_registry_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} + cinder_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} + neutron_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} + keystone_public_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} + keystone_admin_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} + + MysqlRootPassword: + type: OS::Heat::RandomString + properties: + length: 10 + + MysqlClusterUniquePart: + type: OS::Heat::RandomString + properties: + length: 10 + + RabbitCookie: + type: OS::Heat::RandomString + properties: + length: 20 + salt: {get_param: RabbitCookieSalt} + + # creates the network architecture + Networks: + type: OS::TripleO::Network + + ControlVirtualIP: + type: OS::Neutron::Port + depends_on: Networks + properties: + name: control_virtual_ip + network: {get_param: NeutronControlPlaneID} + fixed_ips: {get_param: ControlFixedIPs} + replacement_policy: AUTO + + RedisVirtualIP: + depends_on: Networks + type: OS::TripleO::Controller::Ports::RedisVipPort + properties: + ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} + ControlPlaneNetwork: {get_param: NeutronControlPlaneID} + PortName: redis_virtual_ip + NetworkName: {get_param: [ServiceNetMap, RedisNetwork]} + + # The public VIP is on the External net, falls back to ctlplane + PublicVirtualIP: + depends_on: Networks + type: OS::TripleO::Controller::Ports::ExternalPort + properties: + ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} + ControlPlaneNetwork: {get_param: NeutronControlPlaneID} + PortName: public_virtual_ip + FixedIPs: {get_param: PublicVirtualFixedIPs} + + InternalApiVirtualIP: + depends_on: Networks + type: OS::TripleO::Controller::Ports::InternalApiPort + properties: + ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} + PortName: internal_api_virtual_ip + + StorageVirtualIP: + depends_on: Networks + type: OS::TripleO::Controller::Ports::StoragePort + properties: + ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} + PortName: storage_virtual_ip + + StorageMgmtVirtualIP: + depends_on: Networks + type: OS::TripleO::Controller::Ports::StorageMgmtPort + properties: + ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} + PortName: storage_management_virtual_ip + + VipMap: + type: OS::TripleO::Network::Ports::NetVipMap + properties: + ControlPlaneIp: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} + ExternalIp: {get_attr: [PublicVirtualIP, ip_address]} + InternalApiIp: {get_attr: [InternalApiVirtualIP, ip_address]} + StorageIp: {get_attr: [StorageVirtualIP, ip_address]} + StorageMgmtIp: {get_attr: [StorageMgmtVirtualIP, ip_address]} + # No tenant VIP required + + VipConfig: + type: OS::TripleO::VipConfig + + VipDeployment: + type: OS::Heat::StructuredDeployments + properties: + config: {get_resource: VipConfig} + servers: {get_attr: [Controller, attributes, nova_server_resource]} + input_values: + # service VIP mappings + keystone_admin_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} + keystone_public_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} + neutron_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} + cinder_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} + glance_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} + glance_registry_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]} + swift_proxy_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} + nova_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} + nova_metadata_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]} + ceilometer_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} + heat_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} + horizon_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]} + redis_vip: {get_attr: [RedisVirtualIP, ip_address]} + mysql_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]} + rabbit_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]} + # direct configuration of Virtual IPs for each network + control_virtual_ip: {get_attr: [VipMap, net_ip_map, ctlplane]} + public_virtual_ip: {get_attr: [VipMap, net_ip_map, external]} + internal_api_virtual_ip: {get_attr: [VipMap, net_ip_map, internal_api]} + storage_virtual_ip: {get_attr: [VipMap, net_ip_map, storage]} + storage_mgmt_virtual_ip: {get_attr: [VipMap, net_ip_map, storage_mgmt]} + + ControllerBootstrapNodeConfig: + type: OS::TripleO::BootstrapNode::SoftwareConfig + properties: + bootstrap_nodeid: {get_attr: [Controller, resource.0.hostname]} + bootstrap_nodeid_ip: {get_attr: [Controller, resource.0.ip_address]} + + ControllerBootstrapNodeDeployment: + type: OS::Heat::StructuredDeployments + properties: + config: {get_attr: [ControllerBootstrapNodeConfig, config_id]} + servers: {get_attr: [Controller, attributes, nova_server_resource]} + + ControllerSwiftDeployment: + type: OS::Heat::StructuredDeployments + properties: + config: {get_attr: [SwiftDevicesAndProxyConfig, config_id]} + servers: {get_attr: [Controller, attributes, nova_server_resource]} + + ObjectStorageSwiftDeployment: + type: OS::Heat::StructuredDeployments + properties: + config: {get_attr: [SwiftDevicesAndProxyConfig, config_id]} + servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]} + + SwiftDevicesAndProxyConfig: + type: OS::TripleO::SwiftDevicesAndProxy::SoftwareConfig + properties: + controller_swift_devices: {get_attr: [Controller, swift_device]} + object_store_swift_devices: {get_attr: [ObjectStorage, swift_device]} + controller_swift_proxy_memcaches: {get_attr: [Controller, swift_proxy_memcache]} + + ComputeCephDeployment: + type: OS::Heat::StructuredDeployments + properties: + config: {get_attr: [CephClusterConfig, config_id]} + servers: {get_attr: [Compute, attributes, nova_server_resource]} + + ControllerCephDeployment: + type: OS::Heat::StructuredDeployments + properties: + config: {get_attr: [CephClusterConfig, config_id]} + servers: {get_attr: [Controller, attributes, nova_server_resource]} + + CephStorageCephDeployment: + type: OS::Heat::StructuredDeployments + properties: + config: {get_attr: [CephClusterConfig, config_id]} + servers: {get_attr: [CephStorage, attributes, nova_server_resource]} + + CephClusterConfig: + type: OS::TripleO::CephClusterConfig::SoftwareConfig + properties: + ceph_storage_count: {get_param: CephStorageCount} + ceph_fsid: {get_param: CephClusterFSID} + ceph_mon_key: {get_param: CephMonKey} + ceph_admin_key: {get_param: CephAdminKey} + ceph_client_key: {get_param: CephClientKey} + ceph_external_mon_ips: {get_param: CephExternalMonHost} + ceph_mon_names: {get_attr: [Controller, hostname]} + ceph_mon_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]} + + ControllerClusterConfig: + type: OS::Heat::StructuredConfig + properties: + group: os-apply-config + config: + corosync: + nodes: {get_attr: [Controller, corosync_node]} + horizon: + caches: + memcached: + nodes: {get_attr: [Controller, hostname]} + mysql: + nodes: {get_attr: [Controller, corosync_node]} + haproxy: + nodes: {get_attr: [Controller, corosync_node]} + + ControllerClusterDeployment: + type: OS::Heat::StructuredDeployments + properties: + config: {get_resource: ControllerClusterConfig} + servers: {get_attr: [Controller, attributes, nova_server_resource]} + + ControllerAllNodesDeployment: + type: OS::Heat::StructuredDeployments + properties: + config: {get_attr: [allNodesConfig, config_id]} + servers: {get_attr: [Controller, attributes, nova_server_resource]} + + ComputeAllNodesDeployment: + type: OS::Heat::StructuredDeployments + properties: + config: {get_attr: [allNodesConfig, config_id]} + servers: {get_attr: [Compute, attributes, nova_server_resource]} + + BlockStorageAllNodesDeployment: + type: OS::Heat::StructuredDeployments + properties: + config: {get_attr: [allNodesConfig, config_id]} + servers: {get_attr: [BlockStorage, attributes, nova_server_resource]} + + ObjectStorageAllNodesDeployment: + type: OS::Heat::StructuredDeployments + properties: + config: {get_attr: [allNodesConfig, config_id]} + servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]} + + CephStorageAllNodesDeployment: + type: OS::Heat::StructuredDeployments + properties: + config: {get_attr: [allNodesConfig, config_id]} + servers: {get_attr: [CephStorage, attributes, nova_server_resource]} + + # All Nodes Validations + AllNodesValidationConfig: + type: OS::TripleO::AllNodes::Validation + properties: + PingTestIps: + list_join: + - ' ' + - - {get_attr: [Controller, resource.0.external_ip_address]} + - {get_attr: [Controller, resource.0.internal_api_ip_address]} + - {get_attr: [Controller, resource.0.storage_ip_address]} + - {get_attr: [Controller, resource.0.storage_mgmt_ip_address]} + - {get_attr: [Controller, resource.0.tenant_ip_address]} + + ControllerAllNodesValidationDeployment: + type: OS::Heat::StructuredDeployments + depends_on: ControllerAllNodesDeployment + properties: + config: {get_resource: AllNodesValidationConfig} + servers: {get_attr: [Controller, attributes, nova_server_resource]} + + ComputeAllNodesValidationDeployment: + type: OS::Heat::StructuredDeployments + depends_on: ComputeAllNodesDeployment + properties: + config: {get_resource: AllNodesValidationConfig} + servers: {get_attr: [Compute, attributes, nova_server_resource]} + + BlockStorageAllNodesValidationDeployment: + type: OS::Heat::StructuredDeployments + depends_on: BlockStorageAllNodesDeployment + properties: + config: {get_resource: AllNodesValidationConfig} + servers: {get_attr: [BlockStorage, attributes, nova_server_resource]} + + ObjectStorageAllNodesValidationDeployment: + type: OS::Heat::StructuredDeployments + depends_on: ObjectStorageAllNodesDeployment + properties: + config: {get_resource: AllNodesValidationConfig} + servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]} + + CephStorageAllNodesValidationDeployment: + type: OS::Heat::StructuredDeployments + depends_on: CephStorageAllNodesDeployment + properties: + config: {get_resource: AllNodesValidationConfig} + servers: {get_attr: [CephStorage, attributes, nova_server_resource]} + + # Optional ExtraConfig for all nodes - all roles are passed in here, but + # the nested template may configure each role differently (or not at all) + AllNodesExtraConfig: + type: OS::TripleO::AllNodesExtraConfig + properties: + controller_servers: {get_attr: [Controller, attributes, nova_server_resource]} + compute_servers: {get_attr: [Compute, attributes, nova_server_resource]} + blockstorage_servers: {get_attr: [BlockStorage, attributes, nova_server_resource]} + objectstorage_servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]} + cephstorage_servers: {get_attr: [CephStorage, attributes, nova_server_resource]} + + # Nested stack deployment runs after all other controller deployments + ControllerNodesPostDeployment: + type: OS::TripleO::ControllerPostDeployment + depends_on: [ControllerBootstrapNodeDeployment, ControllerAllNodesDeployment, ControllerSwiftDeployment, ControllerCephDeployment] + properties: + servers: {get_attr: [Controller, attributes, nova_server_resource]} + NodeConfigIdentifiers: + allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]} + controller_config: {get_attr: [Controller, attributes, config_identifier]} + deployment_identifier: {get_param: DeployIdentifier} + + ComputeNodesPostDeployment: + type: OS::TripleO::ComputePostDeployment + depends_on: [ComputeAllNodesDeployment, ComputeCephDeployment] + properties: + servers: {get_attr: [Compute, attributes, nova_server_resource]} + NodeConfigIdentifiers: + allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]} + compute_config: {get_attr: [Compute, attributes, config_identifier]} + deployment_identifier: {get_param: DeployIdentifier} + + ObjectStorageNodesPostDeployment: + type: OS::TripleO::ObjectStoragePostDeployment + depends_on: [ObjectStorageSwiftDeployment, ObjectStorageAllNodesDeployment] + properties: + servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]} + NodeConfigIdentifiers: + allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]} + objectstorage_config: {get_attr: [ObjectStorage, attributes, config_identifier]} + deployment_identifier: {get_param: DeployIdentifier} + + BlockStorageNodesPostDeployment: + type: OS::TripleO::BlockStoragePostDeployment + depends_on: [ControllerNodesPostDeployment, BlockStorageAllNodesDeployment] + properties: + servers: {get_attr: [BlockStorage, attributes, nova_server_resource]} + NodeConfigIdentifiers: + allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]} + blockstorage_config: {get_attr: [BlockStorage, attributes, config_identifier]} + deployment_identifier: {get_param: DeployIdentifier} + + CephStorageNodesPostDeployment: + type: OS::TripleO::CephStoragePostDeployment + depends_on: [ControllerNodesPostDeployment, CephStorageCephDeployment, CephStorageAllNodesDeployment] + properties: + servers: {get_attr: [CephStorage, attributes, nova_server_resource]} + NodeConfigIdentifiers: + allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]} + cephstorage_config: {get_attr: [CephStorage, attributes, config_identifier]} + deployment_identifier: {get_param: DeployIdentifier} + +outputs: + KeystoneURL: + description: URL for the Overcloud Keystone service + value: {get_attr: [EndpointMap, endpoint_map, KeystonePublic, uri]} + KeystoneAdminVip: + description: Keystone Admin VIP endpoint + value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]} + PublicVip: + description: Controller VIP for public API endpoints + value: {get_attr: [VipMap, net_ip_map, external]} + CeilometerInternalVip: + description: VIP for Ceilometer API internal endpoint + value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]} + CinderInternalVip: + description: VIP for Cinder API internal endpoint + value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]} + GlanceInternalVip: + description: VIP for Glance API internal endpoint + value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]} + HeatInternalVip: + description: VIP for Heat API internal endpoint + value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]} + KeystoneInternalVip: + description: VIP for Keystone API internal endpoint + value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]} + NeutronInternalVip: + description: VIP for Neutron API internal endpoint + value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]} + NovaInternalVip: + description: VIP for Nova API internal endpoint + value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]} + SwiftInternalVip: + description: VIP for Swift Proxy internal endpoint + value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]} diff --git a/puppet/ceph-storage.yaml b/puppet/ceph-storage.yaml index 1dc20a50..b34d2c02 100644 --- a/puppet/ceph-storage.yaml +++ b/puppet/ceph-storage.yaml @@ -65,6 +65,12 @@ parameters: description: > The DNS domain used for the hosts. This should match the dhcp_domain configured in the Undercloud neutron. Defaults to localdomain. + ServerMetadata: + default: {} + description: > + Extra properties or metadata passed to Nova for the created nodes in + the overcloud. It's accessible via the Nova metadata API. + type: json resources: @@ -80,6 +86,7 @@ resources: user_data_format: SOFTWARE_CONFIG user_data: {get_resource: UserData} name: {get_param: Hostname} + metadata: {get_param: ServerMetadata} # Combine the NodeAdminUserData and NodeUserData mime archives UserData: diff --git a/puppet/cinder-storage.yaml b/puppet/cinder-storage.yaml index f1d25e78..82c0e814 100644 --- a/puppet/cinder-storage.yaml +++ b/puppet/cinder-storage.yaml @@ -118,6 +118,12 @@ parameters: description: > The DNS domain used for the hosts. This should match the dhcp_domain configured in the Undercloud neutron. Defaults to localdomain. + ServerMetadata: + default: {} + description: > + Extra properties or metadata passed to Nova for the created nodes in + the overcloud. It's accessible via the Nova metadata API. + type: json resources: @@ -133,6 +139,7 @@ resources: user_data_format: SOFTWARE_CONFIG user_data: {get_resource: UserData} name: {get_param: Hostname} + metadata: {get_param: ServerMetadata} # Combine the NodeAdminUserData and NodeUserData mime archives UserData: diff --git a/puppet/compute.yaml b/puppet/compute.yaml index c33373d1..42c6e276 100644 --- a/puppet/compute.yaml +++ b/puppet/compute.yaml @@ -297,6 +297,12 @@ parameters: The DNS domain used for the hosts. This should match the dhcp_domain configured in the Undercloud neutron. Defaults to localdomain. + ServerMetadata: + default: {} + description: > + Extra properties or metadata passed to Nova for the created nodes in + the overcloud. It's accessible via the Nova metadata API. + type: json resources: @@ -314,6 +320,7 @@ resources: user_data_format: SOFTWARE_CONFIG user_data: {get_resource: UserData} name: {get_param: Hostname} + metadata: {get_param: ServerMetadata} # Combine the NodeAdminUserData and NodeUserData mime archives UserData: @@ -466,6 +473,7 @@ resources: neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers} neutron_mechanism_drivers: {get_input: neutron_mechanism_drivers} neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device} + keystone_public_api_virtual_ip: {get_input: keystone_vip} admin_password: {get_input: admin_password} ntp::servers: {get_input: ntp_servers} tripleo::packages::enable_install: {get_input: enable_package_install} @@ -557,6 +565,7 @@ resources: neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice} neutron_internal_url: {get_param: [EndpointMap, NeutronInternal, uri]} neutron_admin_auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri]} + keystone_vip: {get_param: KeystonePublicApiVirtualIP} admin_password: {get_param: AdminPassword} rabbit_username: {get_param: RabbitUserName} rabbit_password: {get_param: RabbitPassword} diff --git a/puppet/controller.yaml b/puppet/controller.yaml index 2c1c18a3..97b5456b 100644 --- a/puppet/controller.yaml +++ b/puppet/controller.yaml @@ -240,6 +240,10 @@ parameters: default: 'REBUILD_PRESERVE_EPHEMERAL' description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt. type: string + InstanceNameTemplate: + default: 'instance-%08x' + description: Template string to be used to generate instance names + type: string KeyName: default: default description: Name of an existing EC2 KeyPair to enable SSH access to the instances @@ -634,6 +638,12 @@ parameters: description: > The DNS domain used for the hosts. This should match the dhcp_domain configured in the Undercloud neutron. Defaults to localdomain. + ServerMetadata: + default: {} + description: > + Extra properties or metadata passed to Nova for the created nodes in + the overcloud. It's accessible via the Nova metadata API. + type: json resources: @@ -649,6 +659,7 @@ resources: user_data_format: SOFTWARE_CONFIG user_data: {get_resource: UserData} name: {get_param: Hostname} + metadata: {get_param: ServerMetadata} # Combine the NodeAdminUserData and NodeUserData mime archives UserData: @@ -978,6 +989,7 @@ resources: - '@' - {get_param: MysqlVirtualIP} - '/nova' + instance_name_template: {get_param: InstanceNameTemplate} fencing_config: {get_param: FencingConfig} pcsd_password: {get_param: PcsdPassword} rabbit_username: {get_param: RabbitUserName} @@ -1308,6 +1320,7 @@ resources: nova::database_connection: {get_input: nova_dsn} nova::glance_api_servers: {get_input: glance_api_servers} nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret} + nova::api::instance_name_template: {get_input: instance_name_template} nova::network::neutron::neutron_admin_password: {get_input: neutron_password} nova::network::neutron::neutron_url: {get_input: neutron_internal_url} nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url} diff --git a/puppet/hieradata/common.yaml b/puppet/hieradata/common.yaml index 95f5ccb8..b4b51abf 100644 --- a/puppet/hieradata/common.yaml +++ b/puppet/hieradata/common.yaml @@ -7,6 +7,7 @@ ceilometer::agent::auth::auth_region: 'regionOne' # changes in the tripleo-incubator keystone role setup ceilometer::agent::auth::auth_tenant_name: 'admin' +nova::api::admin_tenant_name: 'service' nova::network::neutron::neutron_admin_tenant_name: 'service' nova::network::neutron::neutron_admin_username: 'neutron' nova::network::neutron::dhcp_domain: '' diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml index f42ddf6c..b0e6ae96 100644 --- a/puppet/hieradata/controller.yaml +++ b/puppet/hieradata/controller.yaml @@ -30,7 +30,6 @@ redis::sentinel::redis_host: "%{hiera('bootstrap_nodeid_ip')}" redis::sentinel::notification_script: '/usr/local/bin/redis-notifications.sh' # service tenant -nova::api::admin_tenant_name: 'service' glance::api::keystone_tenant: 'service' glance::registry::keystone_tenant: 'service' neutron::server::auth_tenant: 'service' diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp index 1a66c5ea..8459f1a3 100644 --- a/puppet/manifests/overcloud_controller_pacemaker.pp +++ b/puppet/manifests/overcloud_controller_pacemaker.pp @@ -534,11 +534,12 @@ if hiera('step') >= 3 { $glance_store = concat($http_store, $backend_store) if $glance_backend == 'file' and hiera('glance_file_pcmk_manage', false) { + $secontext = 'context="system_u:object_r:glance_var_lib_t:s0"' pacemaker::resource::filesystem { 'glance-fs': device => hiera('glance_file_pcmk_device'), directory => hiera('glance_file_pcmk_directory'), fstype => hiera('glance_file_pcmk_fstype'), - fsoptions => hiera('glance_file_pcmk_options', ''), + fsoptions => join([$secontext, hiera('glance_file_pcmk_options', '')],','), clone_params => '', } } diff --git a/puppet/swift-storage.yaml b/puppet/swift-storage.yaml index fbb2b878..a8183f76 100644 --- a/puppet/swift-storage.yaml +++ b/puppet/swift-storage.yaml @@ -88,6 +88,12 @@ parameters: description: > The DNS domain used for the hosts. This should match the dhcp_domain configured in the Undercloud neutron. Defaults to localdomain. + ServerMetadata: + default: {} + description: > + Extra properties or metadata passed to Nova for the created nodes in + the overcloud. It's accessible via the Nova metadata API. + type: json resources: @@ -103,6 +109,7 @@ resources: user_data_format: SOFTWARE_CONFIG user_data: {get_resource: UserData} name: {get_param: Hostname} + metadata: {get_param: ServerMetadata} # Combine the NodeAdminUserData and NodeUserData mime archives UserData: |