summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.gitignore9
-rw-r--r--README.rst9
-rw-r--r--os-apply-config/all-nodes-config.yaml93
-rw-r--r--os-apply-config/ceph-cluster-config.yaml69
-rw-r--r--os-apply-config/ceph-storage-post.yaml21
-rw-r--r--os-apply-config/ceph-storage.yaml172
-rw-r--r--os-apply-config/cinder-storage-post.yaml21
-rw-r--r--os-apply-config/cinder-storage.yaml234
-rw-r--r--os-apply-config/compute-post.yaml22
-rw-r--r--os-apply-config/compute.yaml569
-rw-r--r--os-apply-config/controller-post.yaml20
-rw-r--r--os-apply-config/controller.yaml1230
-rw-r--r--os-apply-config/swift-devices-and-proxy-config.yaml38
-rw-r--r--os-apply-config/swift-storage-post.yaml21
-rw-r--r--os-apply-config/swift-storage.yaml209
-rw-r--r--os-apply-config/vip-config.yaml16
l---------[-rw-r--r--]overcloud-without-mergepy.yaml1499
-rw-r--r--overcloud.yaml1514
-rw-r--r--puppet/ceph-storage.yaml7
-rw-r--r--puppet/cinder-storage.yaml7
-rw-r--r--puppet/compute.yaml9
-rw-r--r--puppet/controller.yaml13
-rw-r--r--puppet/hieradata/common.yaml1
-rw-r--r--puppet/hieradata/controller.yaml1
-rw-r--r--puppet/manifests/overcloud_controller_pacemaker.pp3
-rw-r--r--puppet/swift-storage.yaml7
26 files changed, 1562 insertions, 4252 deletions
diff --git a/.gitignore b/.gitignore
index 6996d500..3d7aded8 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,12 +1,3 @@
-# Built via Makefile
-overcloud.yaml
-overcloud-with-block-storage.yaml
-overcloud-with-block-storage-nfs.yaml
-undercloud-bm.yaml
-undercloud-vm.yaml
-undercloud-vm-ironic.yaml
-undercloud-vm-ironic-vlan.yaml
-
*.py[cod]
# C extensions
diff --git a/README.rst b/README.rst
index 3093fc48..36f9fba0 100644
--- a/README.rst
+++ b/README.rst
@@ -15,8 +15,7 @@ Features
The ability to deploy a multi-node, role based OpenStack deployment using
OpenStack Heat. Notable features include:
- * Choice of deployment/configuration tooling: puppet, os-apply-config, and
- (soon) docker
+ * Choice of deployment/configuration tooling: puppet, (soon) docker
* Role based deployment: roles for the controller, compute, ceph, swift,
and cinder storage
@@ -43,11 +42,5 @@ A description of the directory layout in TripleO Heat Templates.
* puppet: templates mostly driven by configuration with puppet. To use these
templates you can use the overcloud-resource-registry-puppet.yaml.
- * os-apply-config: templates mostly driven by configuration w/
- os-collect-config and bash based
- elements (which use the Heat os-apply-config group).
- These will soon be deprecated and are no longer part
- of the upstream CI testing efforts.
-
* validation-scripts: validation scripts useful to all deployment
configurations
diff --git a/os-apply-config/all-nodes-config.yaml b/os-apply-config/all-nodes-config.yaml
deleted file mode 100644
index 3f0bd61c..00000000
--- a/os-apply-config/all-nodes-config.yaml
+++ /dev/null
@@ -1,93 +0,0 @@
-heat_template_version: 2015-04-30
-description: 'All Nodes Config'
-
-parameters:
- compute_hosts:
- type: comma_delimited_list
- controller_hosts:
- type: comma_delimited_list
- controller_ips:
- type: comma_delimited_list
- block_storage_hosts:
- type: comma_delimited_list
- object_storage_hosts:
- type: comma_delimited_list
- ceph_storage_hosts:
- type: comma_delimited_list
- controller_names:
- type: comma_delimited_list
- rabbit_node_ips:
- type: comma_delimited_list
- mongo_node_ips:
- type: comma_delimited_list
- redis_node_ips:
- type: comma_delimited_list
- memcache_node_ips:
- type: comma_delimited_list
- mysql_node_ips:
- type: comma_delimited_list
- horizon_node_ips:
- type: comma_delimited_list
- heat_api_node_ips:
- type: comma_delimited_list
- swift_proxy_node_ips:
- type: comma_delimited_list
- ceilometer_api_node_ips:
- type: comma_delimited_list
- nova_api_node_ips:
- type: comma_delimited_list
- nova_metadata_node_ips:
- type: comma_delimited_list
- glance_api_node_ips:
- type: comma_delimited_list
- glance_registry_node_ips:
- type: comma_delimited_list
- cinder_api_node_ips:
- type: comma_delimited_list
- neutron_api_node_ips:
- type: comma_delimited_list
- keystone_public_api_node_ips:
- type: comma_delimited_list
- keystone_admin_api_node_ips:
- type: comma_delimited_list
-
-resources:
-
- allNodesConfigImpl:
- type: OS::Heat::StructuredConfig
- properties:
- config:
- completion-signal: {get_input: deploy_signal_id}
- hosts:
- list_join:
- - "\n"
- - - list_join:
- - "\n"
- - {get_param: compute_hosts}
- - list_join:
- - "\n"
- - {get_param: controller_hosts}
- - list_join:
- - "\n"
- - {get_param: block_storage_hosts}
- - list_join:
- - "\n"
- - {get_param: object_storage_hosts}
- - list_join:
- - "\n"
- - {get_param: ceph_storage_hosts}
- rabbit:
- nodes:
- list_join:
- - ','
- - {get_param: controller_names}
- sysctl:
- net.ipv4.tcp_keepalive_time: 5
- net.ipv4.tcp_keepalive_probes: 5
- net.ipv4.tcp_keepalive_intvl: 1
-
-outputs:
- config_id:
- description: The ID of the allNodesConfigImpl resource.
- value:
- {get_resource: allNodesConfigImpl}
diff --git a/os-apply-config/ceph-cluster-config.yaml b/os-apply-config/ceph-cluster-config.yaml
deleted file mode 100644
index 115de085..00000000
--- a/os-apply-config/ceph-cluster-config.yaml
+++ /dev/null
@@ -1,69 +0,0 @@
-heat_template_version: 2015-04-30
-description: 'Ceph Cluster config data'
-
-parameters:
- ceph_storage_count:
- default: 0
- type: number
- description: Number of Ceph storage nodes. Used to enable/disable managed Ceph installation.
- ceph_external_mon_ips:
- default: ''
- type: string
- description: List of external Ceph Mon host IPs.
- ceph_client_key:
- default: ''
- type: string
- description: Ceph key used to create the client user keyring.
- ceph_fsid:
- default: ''
- type: string
- ceph_admin_key:
- default: ''
- type: string
- ceph_mon_key:
- default: ''
- type: string
- ceph_mon_names:
- type: comma_delimited_list
- ceph_mon_ips:
- type: comma_delimited_list
- NovaRbdPoolName:
- default: vms
- type: string
- CinderRbdPoolName:
- default: volumes
- type: string
- GlanceRbdPoolName:
- default: images
- type: string
- CephClientUserName:
- default: openstack
- type: string
-
-resources:
- CephClusterConfigImpl:
- type: OS::Heat::StructuredConfig
- properties:
- group: os-apply-config
- config:
- ceph_cluster:
- mon_initial_members:
- list_join:
- - ','
- - {get_param: ceph_mon_names}
- mon_host:
- list_join:
- - ','
- - {get_param: ceph_mon_ips}
- fsid: {get_param: ceph_fsid}
- admin_key: {get_param: ceph_admin_key}
- mon_key: {get_param: ceph_mon_key}
- # We would need a dedicated key for OSD bootstrap
- bootstrap_osd_key: {get_param: ceph_mon_key}
- osds: '{"/srv/data": {}}'
-
-outputs:
- config_id:
- description: The ID of the CephClusterConfigImpl resource.
- value:
- {get_resource: CephClusterConfigImpl}
diff --git a/os-apply-config/ceph-storage-post.yaml b/os-apply-config/ceph-storage-post.yaml
deleted file mode 100644
index 734f90bd..00000000
--- a/os-apply-config/ceph-storage-post.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-heat_template_version: 2015-04-30
-description: 'Ceph Storage Post Deployment'
-# NOTE: this is a noop for os-apply-config style deployments because
-# post deployment ordering is controlled by tripleo-image-elements
-
-parameters:
- servers:
- type: json
- NodeConfigIdentifiers:
- type: json
- description: Value which changes if the node configuration may need to be re-applied
-
-resources:
-
- # Note, this should come last, so use depends_on to ensure
- # this is created after any other resources.
- ExtraConfig:
- type: OS::TripleO::NodeExtraConfigPost
- properties:
- servers: {get_param: servers}
-
diff --git a/os-apply-config/ceph-storage.yaml b/os-apply-config/ceph-storage.yaml
deleted file mode 100644
index fc321d88..00000000
--- a/os-apply-config/ceph-storage.yaml
+++ /dev/null
@@ -1,172 +0,0 @@
-heat_template_version: 2015-04-30
-description: 'Common Ceph Storage Configuration'
-parameters:
- Image:
- type: string
- default: overcloud-ceph-storage
- KeyName:
- default: default
- description: Name of an existing EC2 KeyPair to enable SSH access to the instances
- type: string
- Flavor:
- default: baremetal
- description: Flavor for block storage nodes to request when deploying.
- type: string
- CephClusterFSID:
- default: ''
- type: string
- description: The Ceph cluster FSID. Must be a UUID.
- CephMonKey:
- default: ''
- description: The Ceph monitors key. Can be created with ceph-authtool --gen-print-key.
- type: string
- hidden: true
- CephAdminKey:
- default: ''
- description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key.
- type: string
- hidden: true
- CephMonitors:
- default: ''
- description: The list of ip/names to use as Ceph monitors
- type: json
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry.
- type: json
- UpdateIdentifier:
- default: ''
- type: string
- description: >
- Setting to a previously unused value during stack-update will trigger
- package update on all nodes
- Hostname:
- type: string
- default: '' # Defaults to Heat created hostname
- ExtraConfig:
- default: {}
- description: |
- Additional configuration to inject into the cluster. Note
- that CephStorageExtraConfig takes precedence over ExtraConfig.
- type: json
- CephStorageExtraConfig:
- default: {}
- description: |
- Role specific additional configuration to inject into the cluster.
- type: json
-
-
-resources:
- CephStorage:
- type: OS::Nova::Server
- properties:
- image:
- {get_param: Image}
- flavor: {get_param: OvercloudCephStorageFlavor}
- key_name: {get_param: KeyName}
- networks:
- - network: ctlplane
- user_data_format: SOFTWARE_CONFIG
- user_data: {get_resource: NodeUserData}
- name: {get_param: Hostname}
-
- NodeUserData:
- type: OS::TripleO::NodeUserData
-
- StoragePort:
- type: OS::TripleO::CephStorage::Ports::StoragePort
- properties:
- ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]}
-
- StorageMgmtPort:
- type: OS::TripleO::CephStorage::Ports::StorageMgmtPort
- properties:
- ControlPlaneIP: {get_attr: [CephStorage, networks, ctlplane, 0]}
-
- NetworkConfig:
- type: OS::TripleO::CephStorage::Net::SoftwareConfig
- properties:
- ControlPlaneIp: {get_attr: [CephStorage, networks, ctlplane, 0]}
- StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
- StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
-
- NetworkDeployment:
- type: OS::TripleO::SoftwareDeployment
- properties:
- config: {get_resource: NetworkConfig}
- server: {get_resource: CephStorage}
-
- CephStorageDeployment:
- type: OS::Heat::StructuredDeployment
- properties:
- server: {get_resource: CephStorage}
- config: {get_resource: CephStorageConfig}
- signal_transport: NO_SIGNAL
- CephStorageConfig:
- type: OS::Heat::StructuredConfig
- properties:
- group: os-apply-config
- config:
- ceph:
- fsid: {get_param: CephClusterFSID}
- keyrings:
- admin:
- key: {get_param: CephAdminKey}
- mon_nodes: {get_param: CephMonitors}
- ControllerCephDeployment:
- type: OS::Heat::StructuredDeployment
- properties:
- server: {get_resource: Controller}
- config: {get_resource: ControllerCephConfig}
- signal_transport: NO_SIGNAL
- ControllerCephConfig:
- type: OS::Heat::StructuredConfig
- properties:
- group: os-apply-config
- config:
- cinder:
- include_ceph_backend: true
- ceph:
- fsid: {get_param: CephClusterFSID}
- keyrings:
- mon:
- key: {get_param: CephMonKey}
- admin:
- key: {get_param: CephAdminKey}
- mon_nodes: {get_param: CephMonitors}
- NovaComputeCephDeployment:
- depends_on: [ControllerCephDeployment]
- type: OS::Heat::StructuredDeployment
- properties:
- server: {get_resource: NovaCompute}
- config: {get_resource: NovaComputeCephConfig}
- signal_transport: NO_SIGNAL
- NovaComputeCephConfig:
- type: OS::Heat::StructuredConfig
- properties:
- group: os-apply-config
- config:
- ceph:
- fsid: {get_param: CephClusterFSID}
- keyrings:
- admin:
- key: {get_param: CephAdminKey}
- mon_nodes: {get_param: CephMonitors}
-outputs:
- hosts_entry:
- value:
- str_replace:
- template: "IP HOST"
- params:
- IP: {get_attr: [CephStorage, networks, ctlplane, 0]}
- HOST: {get_attr: [CephStorage, name]}
- storage_ip_address:
- description: IP address of the server in the storage network
- value: {get_attr: [StoragePort, ip_address]}
- storage_mgmt_ip_address:
- description: IP address of the server in the storage_mgmt network
- value: {get_attr: [StorageMgmtPort, ip_address]}
- config_identifier:
- description: identifier which changes if the node configuration may need re-applying
- value: "None - NO_SIGNAL"
diff --git a/os-apply-config/cinder-storage-post.yaml b/os-apply-config/cinder-storage-post.yaml
deleted file mode 100644
index ad4e0460..00000000
--- a/os-apply-config/cinder-storage-post.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-heat_template_version: 2015-04-30
-description: 'Common Block Storage Post Deployment'
-# NOTE: this is a noop for os-apply-config style deployments because
-# post deployment ordering is controlled by tripleo-image-elements
-
-parameters:
- servers:
- type: json
- NodeConfigIdentifiers:
- type: json
- description: Value which changes if the node configuration may need to be re-applied
-
-resources:
-
- # Note, this should come last, so use depends_on to ensure
- # this is created after any other resources.
- ExtraConfig:
- type: OS::TripleO::NodeExtraConfigPost
- properties:
- servers: {get_param: servers}
-
diff --git a/os-apply-config/cinder-storage.yaml b/os-apply-config/cinder-storage.yaml
deleted file mode 100644
index 7f1164c4..00000000
--- a/os-apply-config/cinder-storage.yaml
+++ /dev/null
@@ -1,234 +0,0 @@
-heat_template_version: 2015-04-30
-description: 'Common Block Storage Configuration'
-parameters:
- Image:
- default: overcloud-cinder-volume
- type: string
- CinderEnableIscsiBackend:
- default: true
- description: Whether to enable or not the Iscsi backend for Cinder
- type: boolean
- CinderISCSIHelper:
- default: tgtadm
- description: The iSCSI helper to use with cinder.
- type: string
- CinderLVMLoopDeviceSize:
- default: 5000
- description: The size of the loopback file used by the cinder LVM driver.
- type: number
- CinderPassword:
- default: unset
- description: The password for the cinder service and db account, used by cinder-api.
- type: string
- hidden: true
- VirtualIP:
- default: ''
- type: string
- ExtraConfig:
- default: {}
- description: |
- Additional configuration to inject into the cluster. The JSON should have
- the following structure:
- {"FILEKEY":
- {"config":
- [{"section": "SECTIONNAME",
- "values":
- [{"option": "OPTIONNAME",
- "value": "VALUENAME"
- }
- ]
- }
- ]
- }
- }
- For instance:
- {"nova":
- {"config":
- [{"section": "default",
- "values":
- [{"option": "force_config_drive",
- "value": "always"
- }
- ]
- },
- {"section": "cells",
- "values":
- [{"option": "driver",
- "value": "nova.cells.rpc_driver.CellsRPCDriver"
- }
- ]
- }
- ]
- }
- }
- type: json
- BlockStorageExtraConfig:
- default: {}
- description: |
- Role specific additional configuration to inject into the cluster.
- type: json
- Flavor:
- description: Flavor for block storage nodes to request when deploying.
- type: string
- constraints:
- - custom_constraint: nova.flavor
- GlancePort:
- default: "9292"
- description: Glance port.
- type: string
- GlanceProtocol:
- default: http
- description: Protocol to use when connecting to glance, set to https for SSL.
- type: string
- KeyName:
- default: default
- description: Name of an existing EC2 KeyPair to enable SSH access to the instances
- type: string
- RabbitPassword:
- default: 'guest'
- type: string
- hidden: true
- RabbitUserName:
- default: 'guest'
- type: string
- RabbitClientUseSSL:
- default: false
- description: >
- Rabbit client subscriber parameter to specify
- an SSL connection to the RabbitMQ host.
- type: string
- RabbitClientPort:
- default: 5672
- description: Set rabbit subscriber port, change this if using SSL
- type: number
- SnmpdReadonlyUserName:
- default: ro_snmp_user
- description: The user name for SNMPd with readonly rights running on all Overcloud nodes
- type: string
- SnmpdReadonlyUserPassword:
- default: unset
- description: The user password for SNMPd with readonly rights running on all Overcloud nodes
- type: string
- hidden: true
- UpdateIdentifier:
- default: ''
- type: string
- description: >
- Setting to a previously unused value during stack-update will trigger
- package update on all nodes
- Hostname:
- type: string
- default: '' # Defaults to Heat created hostname
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry.
- type: json
- GlanceApiVirtualIP:
- type: string
- default: ''
- MysqlVirtualIP:
- type: string
- default: ''
-
-resources:
- BlockStorage:
- type: OS::Nova::Server
- properties:
- image:
- {get_param: Image}
- flavor: {get_param: Flavor}
- key_name: {get_param: KeyName}
- networks:
- - network: ctlplane
- user_data_format: SOFTWARE_CONFIG
- user_data: {get_resource: NodeUserData}
- name: {get_param: Hostname}
-
- NodeUserData:
- type: OS::TripleO::NodeUserData
-
- InternalApiPort:
- type: OS::TripleO::BlockStorage::Ports::InternalApiPort
- properties:
- ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]}
-
- StoragePort:
- type: OS::TripleO::BlockStorage::Ports::StoragePort
- properties:
- ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]}
-
- StorageMgmtPort:
- type: OS::TripleO::BlockStorage::Ports::StorageMgmtPort
- properties:
- ControlPlaneIP: {get_attr: [BlockStorage, networks, ctlplane, 0]}
-
- NetworkConfig:
- type: OS::TripleO::BlockStorage::Net::SoftwareConfig
- properties:
- ControlPlaneIp: {get_attr: [BlockStorage, networks, ctlplane, 0]}
- InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
- StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
- StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
-
- NetworkDeployment:
- type: OS::TripleO::SoftwareDeployment
- properties:
- config: {get_resource: NetworkConfig}
- server: {get_resource: BlockStorage}
-
- BlockStorageDeployment:
- type: OS::Heat::StructuredDeployment
- properties:
- server: {get_resource: BlockStorage}
- config: {get_resource: BlockStorageConfig}
- input_values:
- controller_virtual_ip: {get_param: VirtualIP}
- cinder_dsn: {list_join: ['', ['mysql://cinder:', {get_param: CinderPassword}, '@', {get_param: VirtualIP} , '/cinder']]}
- snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
- snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
- signal_transport: NO_SIGNAL
- BlockStorageConfig:
- type: OS::Heat::StructuredConfig
- properties:
- group: os-apply-config
- config:
- keystone:
- host: {get_input: controller_virtual_ip}
- cinder:
- db: {get_input: cinder_dsn}
- volume_size_mb:
- get_param: CinderLVMLoopDeviceSize
- iscsi-helper:
- get_param: CinderISCSIHelper
- snmpd:
- export_MIB: UCD-SNMP-MIB
- readonly_user_name: {get_input: snmpd_readonly_user_name}
- readonly_user_password: {get_input: snmpd_readonly_user_password}
- rabbit:
- host: {get_input: controller_virtual_ip}
- username: {get_param: RabbitUserName}
- password: {get_param: RabbitPassword}
- glance:
- host: {get_input: controller_virtual_ip}
- port: {get_param: GlancePort}
-outputs:
- hosts_entry:
- value:
- str_replace:
- template: "IP HOST"
- params:
- IP: {get_attr: [BlockStorage, networks, ctlplane, 0]}
- HOST: {get_attr: [BlockStorage, name]}
- internal_api_ip_address:
- description: IP address of the server in the internal_api network
- value: {get_attr: [InternalApiPort, ip_address]}
- storage_ip_address:
- description: IP address of the server in the storage network
- value: {get_attr: [StoragePort, ip_address]}
- storage_mgmt_ip_address:
- description: IP address of the server in the storage_mgmt network
- value: {get_attr: [StorageMgmtPort, ip_address]}
- config_identifier:
- description: identifier which changes if the node configuration may need re-applying
- value: "None - NO_SIGNAL"
diff --git a/os-apply-config/compute-post.yaml b/os-apply-config/compute-post.yaml
deleted file mode 100644
index 695690d4..00000000
--- a/os-apply-config/compute-post.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
-heat_template_version: 2015-04-30
-description: 'Compute Post Deployment'
-# NOTE: this is a noop for os-apply-config style deployments because
-# post deployment ordering is controlled by tripleo-image-elements
-
-parameters:
- servers:
- type: json
- NodeConfigIdentifiers:
- type: json
- description: Value which changes if the node configuration may need to be re-applied
-
-resources:
-
-
- # Note, this should come last, so use depends_on to ensure
- # this is created after any other resources.
- ExtraConfig:
- type: OS::TripleO::NodeExtraConfigPost
- properties:
- servers: {get_param: servers}
-
diff --git a/os-apply-config/compute.yaml b/os-apply-config/compute.yaml
deleted file mode 100644
index c829248b..00000000
--- a/os-apply-config/compute.yaml
+++ /dev/null
@@ -1,569 +0,0 @@
-heat_template_version: 2015-04-30
-
-description: >
- OpenStack hypervisor node. Can be wrapped in a ResourceGroup for scaling.
-
-parameters:
- AdminPassword:
- default: unset
- description: The password for the keystone admin account, used for monitoring, querying neutron etc.
- type: string
- hidden: true
- CeilometerComputeAgent:
- description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
- type: string
- default: ''
- constraints:
- - allowed_values: ['', Present]
- CeilometerMeteringSecret:
- default: unset
- description: Secret shared by the ceilometer services.
- type: string
- hidden: true
- CeilometerPassword:
- default: unset
- description: The password for the ceilometer service account.
- type: string
- hidden: true
- CinderEnableNfsBackend:
- default: false
- description: Whether to enable or not the NFS backend for Cinder
- type: boolean
- CinderEnableRbdBackend:
- default: false
- description: Whether to enable or not the Rbd backend for Cinder
- type: boolean
- Debug:
- default: ''
- description: Set to True to enable debugging on all services.
- type: string
- ExtraConfig:
- default: {}
- description: |
- Additional configuration to inject into the cluster. The JSON should have
- the following structure:
- {"FILEKEY":
- {"config":
- [{"section": "SECTIONNAME",
- "values":
- [{"option": "OPTIONNAME",
- "value": "VALUENAME"
- }
- ]
- }
- ]
- }
- }
- For instance:
- {"nova":
- {"config":
- [{"section": "default",
- "values":
- [{"option": "force_config_drive",
- "value": "always"
- }
- ]
- },
- {"section": "cells",
- "values":
- [{"option": "driver",
- "value": "nova.cells.rpc_driver.CellsRPCDriver"
- }
- ]
- }
- ]
- }
- }
- type: json
- Flavor:
- description: Flavor for the nova compute node
- type: string
- constraints:
- - custom_constraint: nova.flavor
- GlanceHost:
- type: string
- default: '' # Has to be here because of the ignored empty value bug
- GlancePort:
- default: "9292"
- description: Glance port.
- type: string
- GlanceProtocol:
- default: http
- description: Protocol to use when connecting to glance, set to https for SSL.
- type: string
- Image:
- type: string
- default: overcloud-compute
- constraints:
- - custom_constraint: glance.image
- ImageUpdatePolicy:
- default: 'REBUILD_PRESERVE_EPHEMERAL'
- description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
- type: string
- KeyName:
- description: Name of an existing EC2 KeyPair to enable SSH access to the instances
- type: string
- default: default
- constraints:
- - custom_constraint: nova.keypair
- KeystoneAdminApiVirtualIP:
- type: string
- default: ''
- KeystonePublicApiVirtualIP:
- type: string
- default: ''
- NeutronBridgeMappings:
- description: >
- The OVS logical->physical bridge mappings to use. See the Neutron
- documentation for details. Defaults to mapping br-ex - the external
- bridge on hosts - to a physical name 'datacentre' which can be used
- to create provider networks (and we use this for the default floating
- network) - if changing this either use different post-install network
- scripts or be sure to keep 'datacentre' as a mapping network name.
- type: string
- default: "datacentre:br-ex"
- NeutronEnableTunnelling:
- type: string
- default: "True"
- NeutronEnableL2Pop:
- type: string
- description: >
- Enable/disable the L2 population feature in the Neutron agents.
- default: "False"
- NeutronFlatNetworks:
- type: string
- default: 'datacentre'
- description: >
- If set, flat networks to configure in neutron plugins.
- NeutronHost:
- type: string
- default: '' # Has to be here because of the ignored empty value bug
- NeutronNetworkType:
- type: string
- description: The tenant network type for Neutron, either gre or vxlan.
- default: 'vxlan'
- NeutronNetworkVLANRanges:
- default: 'datacentre'
- description: >
- The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
- Neutron documentation for permitted values. Defaults to permitting any
- VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
- type: comma_delimited_list
- NeutronPassword:
- default: unset
- description: The password for the neutron service account, used by neutron agents.
- type: string
- hidden: true
- NeutronPhysicalBridge:
- default: ''
- description: An OVS bridge to create for accessing external networks.
- type: string
- NeutronPublicInterface:
- default: nic1
- description: A port to add to the NeutronPhysicalBridge.
- type: string
- NeutronTunnelTypes:
- type: string
- description: |
- The tunnel types for the Neutron tenant network. To specify multiple
- values, use a comma separated string, like so: 'gre,vxlan'
- default: 'vxlan'
- NeutronTunnelIdRanges:
- description: |
- Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
- of GRE tunnel IDs that are available for tenant network allocation
- default: ["1:1000", ]
- type: comma_delimited_list
- NeutronVniRanges:
- description: |
- Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
- of VXLAN VNI IDs that are available for tenant network allocation
- default: ["1:1000", ]
- type: comma_delimited_list
- NeutronPublicInterfaceRawDevice:
- default: ''
- type: string
- NeutronDVR:
- default: 'False'
- type: string
- NeutronMetadataProxySharedSecret:
- default: 'unset'
- description: Shared secret to prevent spoofing
- type: string
- hidden: true
- NeutronCorePlugin:
- default: "ml2"
- description: |
- The core plugin for Neutron. The value should be the entrypoint to be loaded
- from neutron.core_plugins namespace.
- type: string
- NeutronServicePlugins:
- default: "router"
- description: |
- Comma-separated list of service plugin entrypoints to be loaded from the
- neutron.service_plugins namespace.
- type: comma_delimited_list
- NeutronTypeDrivers:
- default: "vxlan,vlan,flat,gre"
- description: |
- Comma-separated list of network type driver entrypoints to be loaded.
- type: comma_delimited_list
- NeutronMechanismDrivers:
- default: 'openvswitch'
- description: |
- The mechanism drivers for the Neutron tenant network. To specify multiple
- values, use a comma separated string, like so: 'openvswitch,l2_population'
- type: string
- # Not relevant for Computes, should be removed
- NeutronAllowL3AgentFailover:
- default: 'True'
- description: Allow automatic l3-agent failover
- type: string
- # Not relevant for Computes, should be removed
- NeutronL3HA:
- default: 'False'
- description: Whether to enable l3-agent HA
- type: string
- NeutronAgentMode:
- default: 'dvr_snat'
- description: Agent mode for the neutron-l3-agent on the controller hosts
- type: string
- NovaApiHost:
- type: string
- default: '' # Has to be here because of the ignored empty value bug
- NovaComputeDriver:
- type: string
- default: libvirt.LibvirtDriver
- NovaComputeExtraConfig:
- default: {}
- description: |
- NovaCompute specific configuration to inject into the cluster. Same
- structure as ExtraConfig.
- type: json
- NovaComputeLibvirtType:
- type: string
- default: ''
- NovaEnableRbdBackend:
- default: false
- description: Whether to enable or not the Rbd backend for Nova
- type: boolean
- NovaPassword:
- default: unset
- description: The password for the nova service account, used by nova-api.
- type: string
- hidden: true
- NovaPublicIP:
- type: string
- default: '' # Has to be here because of the ignored empty value bug
- NtpServer:
- type: string
- default: ''
- RabbitHost:
- type: string
- default: '' # Has to be here because of the ignored empty value bug
- RabbitPassword:
- default: guest
- description: The password for RabbitMQ
- type: string
- hidden: true
- RabbitUserName:
- default: guest
- description: The username for RabbitMQ
- type: string
- RabbitClientUseSSL:
- default: false
- description: >
- Rabbit client subscriber parameter to specify
- an SSL connection to the RabbitMQ host.
- type: string
- RabbitClientPort:
- default: 5672
- description: Set rabbit subscriber port, change this if using SSL
- type: number
- SnmpdReadonlyUserName:
- default: ro_snmp_user
- description: The user name for SNMPd with readonly rights running on all Overcloud nodes
- type: string
- SnmpdReadonlyUserPassword:
- default: unset
- description: The user password for SNMPd with readonly rights running on all Overcloud nodes
- type: string
- hidden: true
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry.
- type: json
- UpdateIdentifier:
- default: ''
- type: string
- description: >
- Setting to a previously unused value during stack-update will trigger
- package update on all nodes
- Hostname:
- type: string
- default: '' # Defaults to Heat created hostname
-
-resources:
-
- NovaCompute:
- type: OS::Nova::Server
- properties:
- image:
- {get_param: Image}
- image_update_policy:
- get_param: ImageUpdatePolicy
- flavor: {get_param: Flavor}
- key_name: {get_param: KeyName}
- networks:
- - network: ctlplane
- user_data_format: SOFTWARE_CONFIG
- user_data: {get_resource: NodeUserData}
- name: {get_param: Hostname}
-
- NodeUserData:
- type: OS::TripleO::NodeUserData
-
- InternalApiPort:
- type: OS::TripleO::Compute::Ports::InternalApiPort
- properties:
- ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
-
- StoragePort:
- type: OS::TripleO::Compute::Ports::StoragePort
- properties:
- ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
-
- TenantPort:
- type: OS::TripleO::Compute::Ports::TenantPort
- properties:
- ControlPlaneIP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
-
- NetworkConfig:
- type: OS::TripleO::Compute::Net::SoftwareConfig
- properties:
- ControlPlaneIp: {get_attr: [NovaCompute, networks, ctlplane, 0]}
- InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
- StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
- TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
-
- NetworkDeployment:
- type: OS::TripleO::SoftwareDeployment
- properties:
- signal_transport: NO_SIGNAL
- config: {get_resource: NetworkConfig}
- server: {get_resource: NovaCompute}
- input_values:
- bridge_name: {get_param: NeutronPhysicalBridge}
- interface_name: {get_param: NeutronPublicInterface}
-
- NovaComputeConfig:
- type: OS::Heat::StructuredConfig
- properties:
- group: os-apply-config
- config:
- nova:
- compute_driver: { get_input: nova_compute_driver }
- compute_libvirt_type: { get_input: nova_compute_libvirt_type }
- debug: {get_input: debug}
- host: {get_input: nova_api_host}
- public_ip: {get_input: nova_public_ip}
- service-password: {get_input: nova_password}
- ceilometer:
- debug: {get_input: debug}
- metering_secret: {get_input: ceilometer_metering_secret}
- service-password: {get_input: ceilometer_password}
- compute_agent: {get_input: ceilometer_compute_agent}
- snmpd:
- export_MIB: UCD-SNMP-MIB
- readonly_user_name: {get_input: snmpd_readonly_user_name}
- readonly_user_password: {get_input: snmpd_readonly_user_password}
- glance:
- debug: {get_input: debug}
- host: {get_input: glance_host}
- port: {get_input: glance_port}
- protocol: {get_input: glance_protocol}
- keystone:
- debug: {get_input: debug}
- host: {get_input: keystone_host}
- neutron:
- debug: {get_input: debug}
- flat-networks: {get_input: neutron_flat_networks}
- host: {get_input: neutron_host}
- router_distributed: {get_input: neutron_router_distributed}
- agent_mode: {get_input: neutron_agent_mode}
- ovs_db: {get_input: neutron_dsn}
- metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
- core_plugin: {get_input: neutron_core_plugin}
- service_plugins: {get_input: neutron_service_plugins}
- type_drivers: {get_input: neutron_type_drivers}
- mechanism_drivers: {get_input: neutron_mechanism_drivers}
- allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
- l3_ha: {get_input: neutron_l3_ha}
- ovs:
- local_ip: {get_input: neutron_local_ip}
- tenant_network_type: {get_input: neutron_tenant_network_type}
- tunnel_types: {get_input: neutron_tunnel_types}
- network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
- tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
- vni_ranges: {get_input: neutron_vni_ranges}
- bridge_mappings: {get_input: neutron_bridge_mappings}
- enable_tunneling: {get_input: neutron_enable_tunneling}
- l2_population: {get_input: neutron_enable_l2pop}
- physical_bridge: {get_input: neutron_physical_bridge}
- public_interface: {get_input: neutron_public_interface}
- public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
- service-password: {get_input: neutron_password}
- admin-password: {get_input: admin_password}
- rabbit:
- host: {get_input: rabbit_host}
- username: {get_input: rabbit_username}
- password: {get_input: rabbit_password}
- ntp:
- servers:
- - {server: {get_input: ntp_server}}
-
- NovaComputeDeployment:
- type: OS::TripleO::SoftwareDeployment
- properties:
- signal_transport: NO_SIGNAL
- config: {get_resource: NovaComputeConfig}
- server: {get_resource: NovaCompute}
- input_values:
- debug: {get_param: Debug}
- nova_compute_driver: {get_param: NovaComputeDriver}
- nova_compute_libvirt_type: {get_param: NovaComputeLibvirtType}
- nova_public_ip: {get_param: NovaPublicIP}
- nova_api_host: {get_param: NovaApiHost}
- nova_password: {get_param: NovaPassword}
- ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
- ceilometer_password: {get_param: CeilometerPassword}
- ceilometer_compute_agent: {get_param: CeilometerComputeAgent}
- snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
- snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
- glance_host: {get_param: GlanceHost}
- glance_port: {get_param: GlancePort}
- glance_protocol: {get_param: GlanceProtocol}
- keystone_host: {get_param: KeystonePublicApiVirtualIP}
- neutron_flat_networks: {get_param: NeutronFlatNetworks}
- neutron_host: {get_param: NeutronHost}
- neutron_local_ip: {get_attr: [NovaCompute, networks, ctlplane, 0]}
- neutron_tenant_network_type: {get_param: NeutronNetworkType}
- neutron_tunnel_types: {get_param: NeutronTunnelTypes}
- neutron_tunnel_id_ranges:
- str_replace:
- template: "['RANGES']"
- params:
- RANGES:
- list_join:
- - "','"
- - {get_param: NeutronTunnelIdRanges}
- neutron_vni_ranges:
- str_replace:
- template: "['RANGES']"
- params:
- RANGES:
- list_join:
- - "','"
- - {get_param: NeutronVniRanges}
- neutron_network_vlan_ranges: {get_param: NeutronNetworkVLANRanges}
- neutron_bridge_mappings: {get_param: NeutronBridgeMappings}
- neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
- neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
- neutron_physical_bridge: {get_param: NeutronPhysicalBridge}
- neutron_public_interface: {get_param: NeutronPublicInterface}
- neutron_password: {get_param: NeutronPassword}
- neutron_agent_mode: {get_param: NeutronAgentMode}
- neutron_router_distributed: {get_param: NeutronDVR}
- neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
- neutron_core_plugin: {get_param: NeutronCorePlugin}
- neutron_service_plugins:
- str_replace:
- template: "['PLUGINS']"
- params:
- PLUGINS:
- list_join:
- - "','"
- - {get_param: NeutronServicePlugins}
- neutron_type_drivers:
- str_replace:
- template: "['DRIVERS']"
- params:
- DRIVERS:
- list_join:
- - "','"
- - {get_param: NeutronTypeDrivers}
- neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers}
- neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
- neutron_l3_ha: {get_param: NeutronL3HA}
- neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
- admin_password: {get_param: AdminPassword}
- rabbit_host: {get_param: RabbitHost}
- rabbit_username: {get_param: RabbitUserName}
- rabbit_password: {get_param: RabbitPassword}
- ntp_server: {get_param: NtpServer}
-
- NovaComputePassthrough:
- type: OS::Heat::StructuredConfig
- properties:
- group: os-apply-config
- config: {get_input: passthrough_config}
-
- NovaComputePassthroughSpecific:
- type: OS::Heat::StructuredConfig
- properties:
- group: os-apply-config
- config: {get_input: passthrough_config_specific}
-
- NovaComputePassthroughDeployment:
- depends_on: [NovaComputeDeployment]
- type: OS::Heat::StructuredDeployment
- properties:
- config: {get_resource: NovaComputePassthrough}
- server: {get_resource: NovaCompute}
- signal_transport: NO_SIGNAL
- input_values:
- passthrough_config: {get_param: ExtraConfig}
-
- NovaComputePassthroughDeploymentSpecific:
- depends_on: [NovaComputePassthroughDeployment]
- type: OS::Heat::StructuredDeployment
- properties:
- config: {get_resource: NovaComputePassthroughSpecific}
- server: {get_resource: NovaCompute}
- signal_transport: NO_SIGNAL
- input_values:
- passthrough_config_specific: {get_param: NovaComputeExtraConfig}
-
-outputs:
- ip_address:
- description: IP address of the server in the ctlplane network
- value: {get_attr: [NovaCompute, networks, ctlplane, 0]}
- internal_api_ip_address:
- description: IP address of the server in the internal_api network
- value: {get_attr: [InternalApiPort, ip_address]}
- storage_ip_address:
- description: IP address of the server in the storage network
- value: {get_attr: [StoragePort, ip_address]}
- tenant_ip_address:
- description: IP address of the server in the tenant network
- value: {get_attr: [TenantPort, ip_address]}
- hostname:
- description: Hostname of the server
- value: {get_attr: [NovaCompute, name]}
- hosts_entry:
- description: >
- Server's IP address and hostname in the /etc/hosts format
- value:
- str_replace:
- template: "IP HOST"
- params:
- IP: {get_attr: [NovaCompute, networks, ctlplane, 0]}
- HOST: {get_attr: [NovaCompute, name]}
- nova_server_resource:
- description: Heat resource handle for the Nova compute server
- value:
- {get_resource: NovaCompute}
- config_identifier:
- description: identifier which changes if the node configuration may need re-applying
- value: "None - NO_SIGNAL"
diff --git a/os-apply-config/controller-post.yaml b/os-apply-config/controller-post.yaml
deleted file mode 100644
index aac96357..00000000
--- a/os-apply-config/controller-post.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-heat_template_version: 2015-04-30
-description: 'Controller Post Deployment'
-# NOTE: this is a noop for os-apply-config style deployments because
-# post deployment ordering is controlled by tripleo-image-elements
-
-parameters:
- servers:
- type: json
- NodeConfigIdentifiers:
- type: json
- description: Value which changes if the node configuration may need to be re-applied
-
-resources:
-
- # Note, this should come last, so use depends_on to ensure
- # this is created after any other resources.
- ExtraConfig:
- type: OS::TripleO::NodeExtraConfigPost
- properties:
- servers: {get_param: servers}
diff --git a/os-apply-config/controller.yaml b/os-apply-config/controller.yaml
deleted file mode 100644
index aed2367c..00000000
--- a/os-apply-config/controller.yaml
+++ /dev/null
@@ -1,1230 +0,0 @@
-heat_template_version: 2015-04-30
-
-description: >
- OpenStack control plane node. Can be wrapped in a ResourceGroup for scaling.
-
-parameters:
- AdminPassword:
- default: unset
- description: The password for the keystone admin account, used for monitoring, querying neutron etc.
- type: string
- hidden: true
- AdminToken:
- default: unset
- description: The keystone auth secret and db password.
- type: string
- hidden: true
- CeilometerBackend:
- default: 'mongodb'
- description: The ceilometer backend type.
- type: string
- CeilometerMeteringSecret:
- default: unset
- description: Secret shared by the ceilometer services.
- type: string
- hidden: true
- CeilometerPassword:
- default: unset
- description: The password for the ceilometer service and db account.
- type: string
- hidden: true
- CinderEnableNfsBackend:
- default: false
- description: Whether to enable or not the NFS backend for Cinder
- type: boolean
- CinderEnableIscsiBackend:
- default: true
- description: Whether to enable or not the Iscsi backend for Cinder
- type: boolean
- CinderEnableRbdBackend:
- default: false
- description: Whether to enable or not the Rbd backend for Cinder
- type: boolean
- CinderISCSIHelper:
- default: tgtadm
- description: The iSCSI helper to use with cinder.
- type: string
- CinderLVMLoopDeviceSize:
- default: 5000
- description: The size of the loopback file used by the cinder LVM driver.
- type: number
- CinderNfsMountOptions:
- default: ''
- description: >
- Mount options for NFS mounts used by Cinder NFS backend. Effective
- when CinderEnableNfsBackend is true.
- type: string
- CinderNfsServers:
- default: ''
- description: >
- NFS servers used by Cinder NFS backend. Effective when
- CinderEnableNfsBackend is true.
- type: comma_delimited_list
- CinderPassword:
- default: unset
- description: The password for the cinder service and db account, used by cinder-api.
- type: string
- hidden: true
- CloudName:
- default: ''
- description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
- type: string
- ControllerExtraConfig:
- default: {}
- description: |
- Controller specific configuration to inject into the cluster. Same
- structure as ExtraConfig.
- type: json
- ControlVirtualInterface:
- default: 'br-ex'
- description: Interface where virtual ip will be assigned.
- type: string
- Debug:
- default: ''
- description: Set to True to enable debugging on all services.
- type: string
- EnableFencing:
- default: false
- description: Whether to enable fencing in Pacemaker or not.
- type: boolean
- EnableGalera:
- default: true
- description: Whether to use Galera instead of regular MariaDB.
- type: boolean
- EnableCephStorage:
- default: false
- description: Whether to deploy Ceph Storage (OSD) on the Controller
- type: boolean
- EnableSwiftStorage:
- default: true
- description: Whether to enable Swift Storage on the Controller
- type: boolean
- ExtraConfig:
- default: {}
- description: |
- Additional configuration to inject into the cluster. The JSON should have
- the following structure:
- {"FILEKEY":
- {"config":
- [{"section": "SECTIONNAME",
- "values":
- [{"option": "OPTIONNAME",
- "value": "VALUENAME"
- }
- ]
- }
- ]
- }
- }
- For instance:
- {"nova":
- {"config":
- [{"section": "default",
- "values":
- [{"option": "compute_manager",
- "value": "ironic.nova.compute.manager.ClusterComputeManager"
- }
- ]
- },
- {"section": "cells",
- "values":
- [{"option": "driver",
- "value": "nova.cells.rpc_driver.CellsRPCDriver"
- }
- ]
- }
- ]
- }
- }
- type: json
- FencingConfig:
- default: {}
- description: |
- Pacemaker fencing configuration. The JSON should have
- the following structure:
- {
- "devices": [
- {
- "agent": "AGENT_NAME",
- "host_mac": "HOST_MAC_ADDRESS",
- "params": {"PARAM_NAME": "PARAM_VALUE"}
- }
- ]
- }
- For instance:
- {
- "devices": [
- {
- "agent": "fence_xvm",
- "host_mac": "52:54:00:aa:bb:cc",
- "params": {
- "multicast_address": "225.0.0.12",
- "port": "baremetal_0",
- "manage_fw": true,
- "manage_key_file": true,
- "key_file": "/etc/fence_xvm.key",
- "key_file_password": "abcdef"
- }
- }
- ]
- }
- type: json
- Flavor:
- description: Flavor for control nodes to request when deploying.
- type: string
- constraints:
- - custom_constraint: nova.flavor
- GlanceNotifierStrategy:
- description: Strategy to use for Glance notification queue
- type: string
- default: noop
- GlanceLogFile:
- description: The filepath of the file to use for logging messages from Glance.
- type: string
- default: ''
- GlancePassword:
- default: unset
- description: The password for the glance service and db account, used by the glance services.
- type: string
- hidden: true
- GlancePort:
- default: "9292"
- description: Glance port.
- type: string
- GlanceProtocol:
- default: http
- description: Protocol to use when connecting to glance, set to https for SSL.
- type: string
- GlanceBackend:
- default: swift
- description: The short name of the Glance backend to use. Should be one
- of swift, rbd, or file
- type: string
- constraints:
- - allowed_values: ['swift', 'file', 'rbd']
- HeatPassword:
- default: unset
- description: The password for the Heat service and db account, used by the Heat services.
- type: string
- hidden: true
- HeatStackDomainAdminPassword:
- description: Password for heat_domain_admin user.
- type: string
- default: ''
- hidden: true
- HeatAuthEncryptionKey:
- description: Auth encryption key for heat-engine
- type: string
- hidden: true
- HorizonSecret:
- description: Secret key for Django
- type: string
- hidden: true
- Image:
- type: string
- default: overcloud-control
- constraints:
- - custom_constraint: glance.image
- ImageUpdatePolicy:
- default: 'REBUILD_PRESERVE_EPHEMERAL'
- description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
- type: string
- KeyName:
- default: default
- description: Name of an existing EC2 KeyPair to enable SSH access to the instances
- type: string
- constraints:
- - custom_constraint: nova.keypair
- KeystoneCACertificate:
- default: ''
- description: Keystone self-signed certificate authority certificate.
- type: string
- KeystoneSigningCertificate:
- default: ''
- description: Keystone certificate for verifying token validity.
- type: string
- KeystoneSigningKey:
- default: ''
- description: Keystone key for signing tokens.
- type: string
- hidden: true
- KeystoneSSLCertificate:
- default: ''
- description: Keystone certificate for verifying token validity.
- type: string
- KeystoneSSLCertificateKey:
- default: ''
- description: Keystone key for signing tokens.
- type: string
- hidden: true
- KeystoneNotificationDriver:
- description: Comma-separated list of Oslo notification drivers used by Keystone
- default: ['messaging']
- type: comma_delimited_list
- KeystoneNotificationFormat:
- description: The Keystone notification format
- default: 'basic'
- type: string
- constraints:
- - allowed_values: [ 'basic', 'cadf' ]
- MysqlClusterUniquePart:
- description: A unique identifier of the MySQL cluster the controller is in.
- type: string
- default: 'unset' # Has to be here because of the ignored empty value bug
- # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446
- # constraints:
- # - length: {min: 4, max: 10}
- MysqlInnodbBufferPoolSize:
- description: >
- Specifies the size of the buffer pool in megabytes. Setting to
- zero should be interpreted as "no value" and will defer to the
- lower level default.
- type: number
- default: 0
- MysqlMaxConnections:
- description: Configures MySQL max_connections config setting
- type: number
- default: 4096
- MysqlRootPassword:
- type: string
- hidden: true
- default: '' # Has to be here because of the ignored empty value bug
- NeutronExternalNetworkBridge:
- description: Name of bridge used for external network traffic.
- type: string
- default: 'br-ex'
- NeutronBridgeMappings:
- description: >
- The OVS logical->physical bridge mappings to use. See the Neutron
- documentation for details. Defaults to mapping br-ex - the external
- bridge on hosts - to a physical name 'datacentre' which can be used
- to create provider networks (and we use this for the default floating
- network) - if changing this either use different post-install network
- scripts or be sure to keep 'datacentre' as a mapping network name.
- type: string
- default: "datacentre:br-ex"
- NeutronDnsmasqOptions:
- default: 'dhcp-option-force=26,1400'
- description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
- type: string
- NeutronAgentMode:
- default: 'dvr_snat'
- description: Agent mode for the neutron-l3-agent on the controller hosts
- type: string
- NeutronDVR:
- default: 'False'
- description: Whether to configure Neutron Distributed Virtual Routers
- type: string
- NeutronMetadataProxySharedSecret:
- default: 'unset'
- description: Shared secret to prevent spoofing
- type: string
- hidden: true
- NeutronCorePlugin:
- default: 'ml2'
- description: |
- The core plugin for Neutron. The value should be the entrypoint to be loaded
- from neutron.core_plugins namespace.
- type: string
- NeutronServicePlugins:
- default: "router"
- description: |
- Comma-separated list of service plugin entrypoints to be loaded from the
- neutron.service_plugins namespace.
- type: comma_delimited_list
- NeutronTypeDrivers:
- default: "vxlan,vlan,flat,gre"
- description: |
- Comma-separated list of network type driver entrypoints to be loaded.
- type: comma_delimited_list
- NeutronMechanismDrivers:
- default: 'openvswitch'
- description: |
- The mechanism drivers for the Neutron tenant network. To specify multiple
- values, use a comma separated string, like so: 'openvswitch,l2_population'
- type: string
- NeutronAllowL3AgentFailover:
- default: 'True'
- description: Allow automatic l3-agent failover
- type: string
- NeutronL3HA:
- default: 'False'
- description: Whether to enable l3-agent HA
- type: string
- NeutronDhcpAgentsPerNetwork:
- type: number
- default: 3
- description: The number of neutron dhcp agents to schedule per network
- NeutronEnableIsolatedMetadata:
- default: 'False'
- description: If True, DHCP provide metadata route to VM.
- type: string
- NeutronEnableTunnelling:
- type: string
- default: "True"
- NeutronEnableL2Pop:
- type: string
- description: >
- Enable/disable the L2 population feature in the Neutron agents.
- default: "False"
- NeutronFlatNetworks:
- type: string
- default: 'datacentre'
- description: If set, flat networks to configure in neutron plugins.
- NeutronNetworkType:
- default: 'vxlan'
- description: The tenant network type for Neutron, either gre or vxlan.
- type: string
- NeutronNetworkVLANRanges:
- default: 'datacentre'
- description: >
- The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
- Neutron documentation for permitted values. Defaults to permitting any
- VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
- type: comma_delimited_list
- NeutronPassword:
- default: unset
- description: The password for the neutron service and db account, used by neutron agents.
- type: string
- hidden: true
- NeutronPublicInterface:
- default: nic1
- description: What interface to bridge onto br-ex for network nodes.
- type: string
- NeutronPublicInterfaceTag:
- default: ''
- description: >
- VLAN tag for creating a public VLAN. The tag will be used to
- create an access port on the exterior bridge for each control plane node,
- and that port will be given the IP address returned by neutron from the
- public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
- overcloud.yaml to include the deployment of VLAN ports to the control
- plane.
- type: string
- NeutronPublicInterfaceDefaultRoute:
- default: ''
- description: A custom default route for the NeutronPublicInterface.
- type: string
- NeutronPublicInterfaceIP:
- default: ''
- description: A custom IP address to put onto the NeutronPublicInterface.
- type: string
- NeutronPublicInterfaceRawDevice:
- default: ''
- description: If set, the public interface is a vlan with this device as the raw device.
- type: string
- NeutronTunnelTypes:
- default: 'vxlan'
- description: |
- The tunnel types for the Neutron tenant network. To specify multiple
- values, use a comma separated string, like so: 'gre,vxlan'
- type: string
- NeutronTunnelIdRanges:
- description: |
- Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
- of GRE tunnel IDs that are available for tenant network allocation
- default: ["1:1000", ]
- type: comma_delimited_list
- NeutronVniRanges:
- description: |
- Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
- of VXLAN VNI IDs that are available for tenant network allocation
- default: ["1:1000", ]
- type: comma_delimited_list
- NovaPassword:
- default: unset
- description: The password for the nova service and db account, used by nova-api.
- type: string
- hidden: true
- MongoDbNoJournal:
- default: false
- description: Should MongoDb journaling be disabled
- type: boolean
- NtpServer:
- type: string
- default: ''
- PcsdPassword:
- type: string
- description: The password for the 'pcsd' user.
- hidden: true
- PublicVirtualInterface:
- default: 'br-ex'
- description: >
- Specifies the interface where the public-facing virtual ip will be assigned.
- This should be int_public when a VLAN is being used.
- type: string
- PublicVirtualIP:
- type: string
- default: '' # Has to be here because of the ignored empty value bug
- RabbitCookie:
- type: string
- default: '' # Has to be here because of the ignored empty value bug
- hidden: true
- RabbitPassword:
- default: guest
- description: The password for RabbitMQ
- type: string
- hidden: true
- RabbitUserName:
- default: guest
- description: The username for RabbitMQ
- type: string
- RabbitClientUseSSL:
- default: false
- description: >
- Rabbit client subscriber parameter to specify
- an SSL connection to the RabbitMQ host.
- type: string
- RabbitClientPort:
- default: 5672
- description: Set rabbit subscriber port, change this if using SSL
- type: number
- RabbitFDLimit:
- default: 16384
- description: Configures RabbitMQ FD limit
- type: string
- RedisVirtualIP:
- type: string
- default: '' # Has to be here because of the ignored empty value bug
- SnmpdReadonlyUserName:
- default: ro_snmp_user
- description: The user name for SNMPd with readonly rights running on all Overcloud nodes
- type: string
- SnmpdReadonlyUserPassword:
- default: unset
- description: The user password for SNMPd with readonly rights running on all Overcloud nodes
- type: string
- hidden: true
- SSLCACertificate:
- default: ''
- description: If set, the contents of an SSL certificate authority file.
- type: string
- SSLCertificate:
- default: ''
- description: If set, the contents of an SSL certificate .crt file for encrypting SSL endpoints.
- type: string
- hidden: true
- SSLKey:
- default: ''
- description: If set, the contents of an SSL certificate .key file for encrypting SSL endpoints.
- type: string
- hidden: true
- SwiftHashSuffix:
- default: unset
- description: A random string to be used as a salt when hashing to determine mappings
- in the ring.
- hidden: true
- type: string
- SwiftMountCheck:
- default: 'false'
- description: Value of mount_check in Swift account/container/object -server.conf
- type: boolean
- SwiftMinPartHours:
- type: number
- default: 1
- description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
- SwiftPartPower:
- default: 10
- description: Partition Power to use when building Swift rings
- type: number
- SwiftPassword:
- default: unset
- description: The password for the swift service account, used by the swift proxy
- services.
- hidden: true
- type: string
- SwiftReplicas:
- type: number
- default: 3
- description: How many replicas to use in the swift rings.
- VirtualIP:
- type: string
- default: '' # Has to be here because of the ignored empty value bug
- HeatApiVirtualIP:
- type: string
- default: ''
- GlanceApiVirtualIP:
- type: string
- default: ''
- MysqlVirtualIP:
- type: string
- default: ''
- KeystoneAdminApiVirtualIP:
- type: string
- default: ''
- KeystonePublicApiVirtualIP:
- type: string
- default: ''
- NeutronApiVirtualIP:
- type: string
- default: ''
- NovaApiVirtualIP:
- type: string
- default: ''
- ServiceNetMap:
- default: {}
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry.
- type: json
- UpdateIdentifier:
- default: ''
- type: string
- description: >
- Setting to a previously unused value during stack-update will trigger
- package update on all nodes
- Hostname:
- type: string
- default: '' # Defaults to Heat created hostname
-
-resources:
-
- Controller:
- type: OS::Nova::Server
- properties:
- image: {get_param: Image}
- image_update_policy: {get_param: ImageUpdatePolicy}
- flavor: {get_param: Flavor}
- key_name: {get_param: KeyName}
- networks:
- - network: ctlplane
- user_data_format: SOFTWARE_CONFIG
- user_data: {get_resource: NodeUserData}
- name: {get_param: Hostname}
-
- NodeUserData:
- type: OS::TripleO::NodeUserData
-
- ExternalPort:
- type: OS::TripleO::Controller::Ports::ExternalPort
- properties:
- ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
-
- InternalApiPort:
- type: OS::TripleO::Controller::Ports::InternalApiPort
- properties:
- ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
-
- StoragePort:
- type: OS::TripleO::Controller::Ports::StoragePort
- properties:
- ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
-
- StorageMgmtPort:
- type: OS::TripleO::Controller::Ports::StorageMgmtPort
- properties:
- ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
-
- TenantPort:
- type: OS::TripleO::Controller::Ports::TenantPort
- properties:
- ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]}
-
- NetworkConfig:
- type: OS::TripleO::Controller::Net::SoftwareConfig
- properties:
- ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
- ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
- InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
- StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
- StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
- TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
-
- NetworkDeployment:
- type: OS::TripleO::SoftwareDeployment
- properties:
- signal_transport: NO_SIGNAL
- config: {get_resource: NetworkConfig}
- server: {get_resource: Controller}
- input_values:
- bridge_name: br-ex
- interface_name: {get_param: NeutronPublicInterface}
-
- ControllerPassthroughConfig:
- type: OS::Heat::StructuredConfig
- properties:
- group: os-apply-config
- config: {get_input: passthrough_config}
-
- ControllerPassthroughConfigSpecific:
- type: OS::Heat::StructuredConfig
- properties:
- group: os-apply-config
- config: {get_input: passthrough_config_specific}
-
- ControllerConfig:
- type: OS::Heat::StructuredConfig
- properties:
- group: os-apply-config
- config:
- admin-password: {get_input: admin_password}
- admin-token: {get_input: admin_token}
- bootstack:
- public_interface_ip: {get_input: neutron_public_interface_ip}
- bootstrap_host:
- nodeid: {get_input: bootstack_nodeid}
- cinder:
- db: {get_input: cinder_dsn}
- debug: {get_input: debug}
- volume_size_mb: {get_input: cinder_lvm_loop_device_size}
- service-password: {get_input: cinder_password}
- iscsi-helper: {get_input: CinderISCSIHelper}
- controller-address: {get_input: controller_host}
- corosync:
- bindnetaddr: {get_input: controller_host}
- mcastport: 5577
- pacemaker:
- stonith_enabled : false
- recheck_interval : 5
- quorum_policy : ignore
- db-password: unset
- glance:
- registry:
- host: {get_input: controller_virtual_ip}
- backend: swift
- db: {get_input: glance_dsn}
- debug: {get_input: debug}
- host: {get_input: controller_virtual_ip}
- port: {get_input: glance_port}
- uri: {get_input: glance_uri}
- protocol: {get_input: glance_protocol}
- service-password: {get_input: glance_password}
- swift-store-user: service:glance
- swift-store-key: {get_input: glance_password}
- notifier-strategy: {get_input: glance_notifier_strategy}
- log-file: {get_input: glance_log_file}
- heat:
- admin_password: {get_input: heat_password}
- admin_tenant_name: service
- admin_user: heat
- auth_encryption_key: {get_input: heat_auth_encryption_key}
- db: {get_input: heat_dsn}
- debug: {get_input: debug}
- stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
- watch_server_url: {get_input: heat.watch_server_url}
- metadata_server_url: {get_input: heat.metadata_server_url}
- waitcondition_server_url: {get_input: heat.waitcondition_server_url}
- keystone:
- db: {get_input: keystone_dsn}
- debug: {get_input: debug}
- host: {get_input: controller_virtual_ip}
- ca_certificate: {get_input: keystone_ca_certificate}
- signing_key: {get_input: keystone_signing_key}
- signing_certificate: {get_input: keystone_signing_certificate}
- ssl:
- certificate: {get_input: keystone_ssl_certificate}
- certificate_key: {get_input: keystone_ssl_certificate_key}
- mysql:
- innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
- local_bind: true
- root-password: {get_input: mysql_root_password}
- cluster_name: {get_input: mysql_cluster_name}
- neutron:
- debug: {get_input: debug}
- flat-networks: {get_input: neutron_flat_networks}
- host: {get_input: controller_virtual_ip}
- metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
- agent_mode: {get_input: neutron_agent_mode}
- router_distributed: {get_input: neutron_router_distributed}
- core_plugin: {get_input: neutron_core_plugin}
- service_plugins: {get_input: neutron_service_plugins}
- type_drivers: {get_input: neutron_type_drivers}
- mechanism_drivers: {get_input: neutron_mechanism_drivers}
- allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
- l3_ha: {get_input: neutron_l3_ha}
- dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
- enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata}
- ovs:
- enable_tunneling: {get_input: neutron_enable_tunneling}
- l2_population: {get_input: neutron_enable_l2pop}
- local_ip: {get_input: controller_host}
- network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
- bridge_mappings: {get_input: neutron_bridge_mappings}
- public_interface: {get_input: neutron_public_interface}
- public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
- public_interface_route: {get_input: neutron_public_interface_default_route}
- public_interface_tag: {get_input: neutron_public_interface_tag}
- physical_bridge: br-ex
- tenant_network_type: {get_input: neutron_tenant_network_type}
- tunnel_types: {get_input: neutron_tunnel_types}
- tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
- vni_ranges: {get_input: neutron_vni_ranges}
- ovs_db: {get_input: neutron_dsn}
- service-password: {get_input: neutron_password}
- dnsmasq-options: {get_input: neutron_dnsmasq_options}
- ceilometer:
- db: {get_input: ceilometer_dsn}
- debug: {get_input: debug}
- metering_secret: {get_input: ceilometer_metering_secret}
- service-password: {get_input: ceilometer_password}
- snmpd:
- export_MIB: UCD-SNMP-MIB
- readonly_user_name: {get_input: snmpd_readonly_user_name}
- readonly_user_password: {get_input: snmpd_readonly_user_password}
- nova:
- compute_driver: libvirt.LibvirtDriver
- db: {get_input: nova_dsn}
- default_floating_pool:
- ext-net
- host: {get_input: controller_virtual_ip}
- metadata-proxy: true
- service-password: {get_input: nova_password}
- mongodb:
- nojournal: {get_input: mongodb_no_journal}
- rabbit:
- host: {get_input: controller_virtual_ip}
- username: {get_input: rabbit_username}
- password: {get_input: rabbit_password}
- cookie: {get_input: rabbit_cookie}
- rabbit_client_use_ssl: {get_input: rabbit_client_use_ssl}
- rabbit_port: {get_input: rabbit_client_port}
- ntp:
- servers:
- - {server: {get_input: ntp_server}}
- virtual_interfaces:
- instances:
- - vrrp_instance_name: VI_CONTROL
- virtual_router_id: 51
- keepalive_interface: {get_input: control_virtual_interface}
- priority: 101
- virtual_ips:
- - ip: {get_input: controller_virtual_ip}
- interface: {get_input: control_virtual_interface}
- - vrrp_instance_name: VI_PUBLIC
- virtual_router_id: 52
- keepalive_interface: {get_input: public_virtual_interface}
- priority: 101
- virtual_ips:
- - ip: {get_input: public_virtual_ip}
- interface: {get_input: public_virtual_interface}
- vrrp_sync_groups:
- - name: VG1
- members:
- - VI_CONTROL
- - VI_PUBLIC
- keepalived:
- keepalive_interface: {get_input: public_virtual_interface}
- priority: 101
- virtual_ips:
- -
- ip: {get_input: controller_virtual_ip}
- interface: {get_input: control_virtual_interface}
- -
- ip: {get_input: public_virtual_ip}
- interface: {get_input: public_virtual_interface}
- haproxy:
- net_binds:
- - ip: {get_input: controller_virtual_ip}
- options:
- - option httpchk GET /
- services:
- - name: keystone_admin
- port: 35357
- net_binds: &public_binds
- - ip: {get_input: controller_virtual_ip}
- - ip: {get_input: public_virtual_ip}
- - name: keystone_public
- port: 5000
- net_binds: *public_binds
- - name: horizon
- port: 80
- net_binds: *public_binds
- - name: neutron
- port: 9696
- net_binds: *public_binds
- - name: cinder
- port: 8776
- net_binds: *public_binds
- - name: glance_api
- port: 9292
- net_binds: *public_binds
- - name: glance_registry
- port: 9191
- net_binds: *public_binds
- options: # overwrite options as glace_reg needs auth for http req
- - name: heat_api
- port: 8004
- net_binds: *public_binds
- - name: heat_cloudwatch
- port: 8003
- net_binds: *public_binds
- - name: heat_cfn
- port: 8000
- net_binds: *public_binds
- - name: mysql
- port: 3306
- extra_server_params:
- - backup
- options:
- - timeout client 0
- - timeout server 0
- - name: nova_ec2
- port: 8773
- - name: nova_osapi
- port: 8774
- net_binds: *public_binds
- - name: nova_metadata
- port: 8775
- net_binds: *public_binds
- - name: nova_novncproxy
- port: 6080
- net_binds: *public_binds
- - name: ceilometer
- port: 8777
- net_binds: *public_binds
- options: # overwrite options as ceil needs auth for http req
- - name: swift_proxy_server
- port: 8080
- net_binds: *public_binds
- options:
- - option httpchk GET /info
- - name: rabbitmq
- port: 5672
- options:
- - timeout client 0
- - timeout server 0
- - maxconn 1500
-
- ControllerDeployment:
- type: OS::TripleO::SoftwareDeployment
- properties:
- signal_transport: NO_SIGNAL
- config: {get_resource: ControllerConfig}
- server: {get_resource: Controller}
- input_values:
- bootstack_nodeid: {get_attr: [Controller, name]}
- controller_host: {get_attr: [Controller, networks, ctlplane, 0]}
- controller_virtual_ip: {get_param: VirtualIP}
- neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
- neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
- neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
- heat.watch_server_url:
- list_join:
- - ''
- - - 'http://'
- - {get_param: VirtualIP}
- - ':8003'
- heat.metadata_server_url:
- list_join:
- - ''
- - - 'http://'
- - {get_param: VirtualIP}
- - ':8000'
- heat.waitcondition_server_url:
- list_join:
- - ''
- - - 'http://'
- - {get_param: VirtualIP}
- - ':8000/v1/waitcondition'
- admin_password: {get_param: AdminPassword}
- admin_token: {get_param: AdminToken}
- neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
- debug: {get_param: Debug}
- cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
- cinder_password: {get_param: CinderPassword}
- cinder_iscsi_helper: {get_param: CinderISCSIHelper}
- cinder_dsn:
- list_join:
- - ''
- - - 'mysql://cinder:'
- - {get_param: CinderPassword}
- - '@'
- - {get_param: VirtualIP}
- - '/cinder'
- glance_port: {get_param: GlancePort}
- glance_protocol: {get_param: GlanceProtocol}
- glance_password: {get_param: GlancePassword}
- glance_notifier_strategy: {get_param: GlanceNotifierStrategy}
- glance_log_file: {get_param: GlanceLogFile}
- glance_dsn:
- list_join:
- - ''
- - - 'mysql://glance:'
- - {get_param: GlancePassword}
- - '@'
- - {get_param: VirtualIP}
- - '/glance'
- heat_password: {get_param: HeatPassword}
- heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
- heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
- heat_dsn:
- list_join:
- - ''
- - - 'mysql://heat:'
- - {get_param: HeatPassword}
- - '@'
- - {get_param: VirtualIP}
- - '/heat'
- keystone_ca_certificate: {get_param: KeystoneCACertificate}
- keystone_signing_key: {get_param: KeystoneSigningKey}
- keystone_signing_certificate: {get_param: KeystoneSigningCertificate}
- keystone_ssl_certificate: {get_param: KeystoneSSLCertificate}
- keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey}
- keystone_dsn:
- list_join:
- - ''
- - - 'mysql://keystone:'
- - {get_param: AdminToken}
- - '@'
- - {get_param: VirtualIP}
- - '/keystone'
- mongodb_no_journal: {get_param: MongoDbNoJournal}
- mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
- mysql_root_password: {get_param: MysqlRootPassword}
- mysql_cluster_name:
- str_replace:
- template: tripleo-CLUSTER
- params:
- CLUSTER: {get_param: MysqlClusterUniquePart}
- neutron_flat_networks: {get_param: NeutronFlatNetworks}
- neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
- neutron_agent_mode: {get_param: NeutronAgentMode}
- neutron_router_distributed: {get_param: NeutronDVR}
- neutron_core_plugin: {get_param: NeutronCorePlugin}
- neutron_service_plugins:
- str_replace:
- template: "['PLUGINS']"
- params:
- PLUGINS:
- list_join:
- - "','"
- - {get_param: NeutronServicePlugins}
- neutron_type_drivers:
- str_replace:
- template: "['DRIVERS']"
- params:
- DRIVERS:
- list_join:
- - "','"
- - {get_param: NeutronTypeDrivers}
- neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers}
- neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
- neutron_l3_ha: {get_param: NeutronL3HA}
- neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
- neutron_network_vlan_ranges: {get_param: NeutronNetworkVLANRanges}
- neutron_bridge_mappings: {get_param: NeutronBridgeMappings}
- neutron_public_interface: {get_param: NeutronPublicInterface}
- neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
- neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
- neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
- neutron_tenant_network_type: {get_param: NeutronNetworkType}
- neutron_tunnel_types: {get_param: NeutronTunnelTypes}
- neutron_tunnel_id_ranges:
- str_replace:
- template: "['RANGES']"
- params:
- RANGES:
- list_join:
- - "','"
- - {get_param: NeutronTunnelIdRanges}
- neutron_vni_ranges:
- str_replace:
- template: "['RANGES']"
- params:
- RANGES:
- list_join:
- - "','"
- - {get_param: NeutronVniRanges}
- neutron_password: {get_param: NeutronPassword}
- neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
- neutron_dsn:
- list_join:
- - ''
- - - 'mysql://neutron:'
- - {get_param: NeutronPassword}
- - '@'
- - {get_param: VirtualIP}
- - '/ovs_neutron?charset=utf8'
- ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
- ceilometer_password: {get_param: CeilometerPassword}
- ceilometer_dsn:
- list_join:
- - ''
- - - 'mysql://ceilometer:'
- - {get_param: CeilometerPassword}
- - '@'
- - {get_param: VirtualIP}
- - '/ceilometer'
- snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
- snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
- nova_password: {get_param: NovaPassword}
- nova_dsn:
- list_join:
- - ''
- - - 'mysql://nova:'
- - {get_param: NovaPassword}
- - '@'
- - {get_param: VirtualIP}
- - '/nova'
- rabbit_username: {get_param: RabbitUserName}
- rabbit_password: {get_param: RabbitPassword}
- rabbit_cookie: {get_param: RabbitCookie}
- rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
- rabbit_client_port: {get_param: RabbitClientPort}
- ntp_server: {get_param: NtpServer}
- control_virtual_interface: {get_param: ControlVirtualInterface}
- public_virtual_interface: {get_param: PublicVirtualInterface}
- public_virtual_ip: {get_param: PublicVirtualIP}
-
- SSLConfig:
- type: OS::Heat::StructuredConfig
- properties:
- group: os-apply-config
- config:
- ssl:
- ca_certificate: {get_input: ssl_ca_certificate}
- stunnel:
- cert: {get_input: ssl_certificate}
- key: {get_input: ssl_key}
- cacert: {get_input: ssl_ca_certificate}
- ports:
- - name: 'ec2'
- accept: 13773
- connect: 8773
- connect_host: {get_input: controller_host}
- - name: 'image'
- accept: 13292
- connect: 9292
- connect_host: {get_input: controller_host}
- - name: 'identity'
- accept: 13000
- connect: 5000
- connect_host: {get_input: controller_host}
- - name: 'network'
- accept: 13696
- connect: 9696
- connect_host: {get_input: controller_host}
- - name: 'compute'
- accept: 13774
- connect: 8774
- connect_host: {get_input: controller_host}
- - name: 'swift-proxy'
- accept: 13080
- connect: 8080
- connect_host: {get_input: controller_host}
- - name: 'cinder'
- accept: 13776
- connect: 8776
- connect_host: {get_input: controller_host}
- - name: 'ceilometer'
- accept: 13777
- connect: 8777
- connect_host: {get_input: controller_host}
-
- ControllerSSLDeployment:
- type: OS::Heat::StructuredDeployment
- properties:
- config: {get_resource: SSLConfig}
- server: {get_resource: Controller}
- signal_transport: NO_SIGNAL
- input_values:
- controller_host: {get_attr: [Controller, networks, ctlplane, 0]}
- ssl_certificate: {get_param: SSLCertificate}
- ssl_key: {get_param: SSLKey}
- ssl_ca_certificate: {get_param: SSLCACertificate}
-
- ControllerPassthroughDeployment:
- type: OS::Heat::StructuredDeployment
- properties:
- config: {get_resource: ControllerPassthroughConfig}
- server: {get_resource: Controller}
- signal_transport: NO_SIGNAL
- input_values:
- passthrough_config: {get_param: ExtraConfig}
-
- ControllerPassthroughSpecificDeployment:
- depends_on: [ControllerPassthroughDeployment]
- type: OS::Heat::StructuredDeployment
- properties:
- config: {get_resource: ControllerPassthroughConfigSpecific}
- server: {get_resource: Controller}
- signal_transport: NO_SIGNAL
- input_values:
- passthrough_config_specific: {get_param: ControllerExtraConfig}
-
- SwiftConfig:
- type: OS::Heat::StructuredConfig
- properties:
- group: os-apply-config
- config:
- swift:
- hash: { get_input: swift_hash_suffix }
- part-power: { get_input: swift_part_power }
- mount-check: { get_input: swift_mount_check }
- min-part-hours: { get_input: swift_min_part_hours }
- replicas: {get_input: swift_replicas }
- service-password: { get_input: swift_password }
-
- SwiftStorageDeploy:
- type: OS::Heat::StructuredDeployment
- properties:
- server: {get_resource: Controller}
- config: {get_resource: SwiftConfig}
- signal_transport: NO_SIGNAL
- input_values:
- swift_hash_suffix: {get_param: SwiftHashSuffix}
- swift_mount_check: {get_param: SwiftMountCheck}
- swift_password: {get_param: SwiftPassword}
- swift_min_part_hours: {get_param: SwiftMinPartHours}
- swift_part_power: {get_param: SwiftPartPower}
- swift_replicas: { get_param: SwiftReplicas}
-
-outputs:
- ip_address:
- description: IP address of the server in the ctlplane network
- value: {get_attr: [Controller, networks, ctlplane, 0]}
- external_ip_address:
- description: IP address of the server in the external network
- value: {get_attr: [ExternalPort, ip_address]}
- internal_api_ip_address:
- description: IP address of the server in the internal_api network
- value: {get_attr: [InternalApiPort, ip_address]}
- storage_ip_address:
- description: IP address of the server in the storage network
- value: {get_attr: [StoragePort, ip_address]}
- storage_mgmt_ip_address:
- description: IP address of the server in the storage_mgmt network
- value: {get_attr: [StorageMgmtPort, ip_address]}
- tenant_ip_address:
- description: IP address of the server in the tenant network
- value: {get_attr: [TenantPort, ip_address]}
- hostname:
- description: Hostname of the server
- value: {get_attr: [Controller, name]}
- corosync_node:
- description: >
- Node object in the format {ip: ..., name: ...} format that the corosync
- element expects
- value:
- ip: {get_attr: [Controller, networks, ctlplane, 0]}
- name: {get_attr: [Controller, name]}
- hosts_entry:
- description: >
- Server's IP address and hostname in the /etc/hosts format
- value:
- str_replace:
- template: IP HOST CLOUDNAME
- params:
- IP: {get_attr: [Controller, networks, ctlplane, 0]}
- HOST: {get_attr: [Controller, name]}
- CLOUDNAME: {get_param: CloudName}
- nova_server_resource:
- description: Heat resource handle for the Nova compute server
- value:
- {get_resource: Controller}
- swift_device:
- description: Swift device formatted for swift-ring-builder
- value:
- str_replace:
- template: 'r1z1-IP:%PORT%/d1'
- params:
- IP: {get_attr: [Controller, networks, ctlplane, 0]}
- swift_proxy_memcache:
- description: Swift proxy-memcache value
- value:
- str_replace:
- template: "IP:11211"
- params:
- IP: {get_attr: [Controller, networks, ctlplane, 0]}
- config_identifier:
- description: identifier which changes if the node configuration may need re-applying
- value: "None - NO_SIGNAL"
diff --git a/os-apply-config/swift-devices-and-proxy-config.yaml b/os-apply-config/swift-devices-and-proxy-config.yaml
deleted file mode 100644
index 4f01dbea..00000000
--- a/os-apply-config/swift-devices-and-proxy-config.yaml
+++ /dev/null
@@ -1,38 +0,0 @@
-heat_template_version: 2015-04-30
-description: 'Swift Devices and Proxy Config'
-
-parameters:
- controller_swift_devices:
- type: comma_delimited_list
- object_store_swift_devices:
- type: comma_delimited_list
- controller_swift_proxy_memcaches:
- type: comma_delimited_list
-
-resources:
-
- SwiftDevicesAndProxyConfigImpl:
- type: OS::Heat::StructuredConfig
- properties:
- group: os-apply-config
- config:
- swift:
- devices:
- list_join:
- - ", "
- - - list_join:
- - ", "
- - {get_param: controller_swift_devices}
- - list_join:
- - ", "
- - {get_param: object_store_swift_devices}
- proxy-memcache:
- list_join:
- - ","
- - {get_param: controller_swift_proxy_memcaches}
-
-outputs:
- config_id:
- description: The ID of the SwiftDevicesAndProxyConfigImpl resource.
- value:
- {get_resource: SwiftDevicesAndProxyConfigImpl}
diff --git a/os-apply-config/swift-storage-post.yaml b/os-apply-config/swift-storage-post.yaml
deleted file mode 100644
index 1b1c406d..00000000
--- a/os-apply-config/swift-storage-post.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-heat_template_version: 2015-04-30
-description: 'Swift Storage Post Deployment'
-# NOTE: this is a noop for os-apply-config style deployments because
-# post deployment ordering is controlled by tripleo-image-elements
-
-parameters:
- servers:
- type: json
- NodeConfigIdentifiers:
- type: json
- description: Value which changes if the node configuration may need to be re-applied
-
-resources:
-
- # Note, this should come last, so use depends_on to ensure
- # this is created after any other resources.
- ExtraConfig:
- type: OS::TripleO::NodeExtraConfigPost
- properties:
- servers: {get_param: servers}
-
diff --git a/os-apply-config/swift-storage.yaml b/os-apply-config/swift-storage.yaml
deleted file mode 100644
index d62d7d1a..00000000
--- a/os-apply-config/swift-storage.yaml
+++ /dev/null
@@ -1,209 +0,0 @@
-heat_template_version: 2015-04-30
-description: 'Common Swift Storage Configuration'
-parameters:
- ExtraConfig:
- default: {}
- description: |
- Additional configuration to inject into the cluster. The JSON should have
- the following structure:
- {"FILEKEY":
- {"config":
- [{"section": "SECTIONNAME",
- "values":
- [{"option": "OPTIONNAME",
- "value": "VALUENAME"
- }
- ]
- }
- ]
- }
- }
- For instance:
- {"nova":
- {"config":
- [{"section": "default",
- "values":
- [{"option": "force_config_drive",
- "value": "always"
- }
- ]
- },
- {"section": "cells",
- "values":
- [{"option": "driver",
- "value": "nova.cells.rpc_driver.CellsRPCDriver"
- }
- ]
- }
- ]
- }
- }
- type: json
- ObjectStorageExtraConfig:
- default: {}
- description: |
- Role specific additional configuration to inject into the cluster.
- type: json
- Flavor:
- description: Flavor for Swift storage nodes to request when deploying.
- type: string
- constraints:
- - custom_constraint: nova.flavor
- HashSuffix:
- default: unset
- description: A random string to be used as a salt when hashing to determine mappings
- in the ring.
- hidden: true
- type: string
- Image:
- default: overcloud-swift-storage
- type: string
- KeyName:
- default: default
- description: Name of an existing EC2 KeyPair to enable SSH access to the instances
- type: string
- MountCheck:
- default: 'false'
- description: Value of mount_check in Swift account/container/object -server.conf
- type: boolean
- MinPartHours:
- type: number
- default: 1
- description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
- PartPower:
- default: 10
- description: Partition Power to use when building Swift rings
- type: number
- Replicas:
- type: number
- default: 3
- description: How many replicas to use in the swift rings.
- SnmpdReadonlyUserName:
- default: ro_snmp_user
- description: The user name for SNMPd with readonly rights running on all Overcloud nodes
- type: string
- SnmpdReadonlyUserPassword:
- default: unset
- description: The user password for SNMPd with readonly rights running on all Overcloud nodes
- type: string
- hidden: true
- UpdateIdentifier:
- default: ''
- type: string
- description: >
- Setting to a previously unused value during stack-update will trigger
- package update on all nodes
- Hostname:
- type: string
- default: '' # Defaults to Heat created hostname
-
-resources:
- SwiftConfig:
- type: OS::Heat::StructuredConfig
- properties:
- group: os-apply-config
- config:
- snmpd:
- export_MIB: UCD-SNMP-MIB
- readonly_user_name: {get_input: snmpd_readonly_user_name}
- readonly_user_password: {get_input: snmpd_readonly_user_password}
- swift:
- hash: { get_input: swift_hash_suffix }
- part-power: { get_input: swift_part_power }
- min-part-hours: { get_input: swift_min_part_hours }
- mount-check: { get_input: swift_mount_check }
- replicas: {get_input: swift_replicas }
- neutron:
- ovs:
- local_ip: { get_input: neutron_local_ip }
- SwiftStorage:
- type: OS::Nova::Server
- properties:
- image: {get_param: Image}
- flavor: {get_param: Flavor}
- key_name: {get_param: KeyName}
- networks:
- - network: ctlplane
- user_data_format: SOFTWARE_CONFIG
- user_data: {get_resource: NodeUserData}
- name: {get_param: Hostname}
-
- NodeUserData:
- type: OS::TripleO::NodeUserData
-
- InternalApiPort:
- type: OS::TripleO::SwiftStorage::Ports::InternalApiPort
- properties:
- ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
-
- StoragePort:
- type: OS::TripleO::SwiftStorage::Ports::StoragePort
- properties:
- ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
-
- StorageMgmtPort:
- type: OS::TripleO::SwiftStorage::Ports::StorageMgmtPort
- properties:
- ControlPlaneIP: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
-
- NetworkConfig:
- type: OS::TripleO::ObjectStorage::Net::SoftwareConfig
- properties:
- ControlPlaneIp: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
- InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
- StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
- StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
-
- NetworkDeployment:
- type: OS::TripleO::SoftwareDeployment
- properties:
- config: {get_resource: NetworkConfig}
- server: {get_resource: SwiftStorage}
-
- SwiftStorageDeploy:
- type: OS::Heat::StructuredDeployment
- properties:
- server: {get_resource: SwiftStorage}
- config: {get_resource: SwiftConfig}
- signal_transport: NO_SIGNAL
- input_values:
- neutron_local_ip: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
- snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
- snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
- swift_hash_suffix: {get_param: HashSuffix}
- swift_mount_check: {get_param: MountCheck}
- swift_min_part_hours: {get_param: MinPartHours}
- swift_part_power: {get_param: PartPower}
- swift_replicas: { get_param: Replicas}
-
-outputs:
- hosts_entry:
- value:
- str_replace:
- template: "IP HOST"
- params:
- IP: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
- HOST: {get_attr: [SwiftStorage, name]}
- nova_server_resource:
- description: Heat resource handle for the swift storage server
- value:
- {get_resource: SwiftStorage}
- swift_device:
- description: Swift device formatted for swift-ring-builder
- value:
- str_replace:
- template: 'r1z1-IP:%PORT%/d1'
- params:
- IP: {get_attr: [SwiftStorage, networks, ctlplane, 0]}
- internal_api_ip_address:
- description: IP address of the server in the internal_api network
- value: {get_attr: [InternalApiPort, ip_address]}
- storage_ip_address:
- description: IP address of the server in the storage network
- value: {get_attr: [StoragePort, ip_address]}
- storage_mgmt_ip_address:
- description: IP address of the server in the storage_mgmt network
- value: {get_attr: [StorageMgmtPort, ip_address]}
- config_identifier:
- description: identifier which changes if the node configuration may need re-applying
- value: "None - NO_SIGNAL"
diff --git a/os-apply-config/vip-config.yaml b/os-apply-config/vip-config.yaml
deleted file mode 100644
index 8f984ab7..00000000
--- a/os-apply-config/vip-config.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-heat_template_version: 2015-04-30
-
-description: >
- Configure hieradata for service -> virtual IP mappings.
-
-resources:
- VipConfigImpl:
- type: OS::Heat::StructuredConfig
- properties:
- group: os-apply-config
- # by default does nothing
-
-outputs:
- OS::stack_id:
- description: The VipConfigImpl resource.
- value: {get_resource: VipConfigImpl}
diff --git a/overcloud-without-mergepy.yaml b/overcloud-without-mergepy.yaml
index 67636182..23dc6464 100644..120000
--- a/overcloud-without-mergepy.yaml
+++ b/overcloud-without-mergepy.yaml
@@ -1,1498 +1 @@
-heat_template_version: 2015-04-30
-
-description: >
- Deploy an OpenStack environment, consisting of several node types (roles),
- Controller, Compute, BlockStorage, SwiftStorage and CephStorage. The Storage
- roles enable independent scaling of the storage components, but the minimal
- deployment is one Controller and one Compute node.
-
-
-# TODO(shadower): we should probably use the parameter groups to put
-# some order in here.
-parameters:
-
- # Common parameters (not specific to a role)
- AdminPassword:
- default: unset
- description: The password for the keystone admin account, used for monitoring, querying neutron etc.
- type: string
- hidden: true
- CeilometerBackend:
- default: 'mongodb'
- description: The ceilometer backend type.
- type: string
- CeilometerMeteringSecret:
- default: unset
- description: Secret shared by the ceilometer services.
- type: string
- hidden: true
- CeilometerPassword:
- default: unset
- description: The password for the ceilometer service account.
- type: string
- hidden: true
- # This has to be an UUID so for now we generate it outside the template
- CephClusterFSID:
- default: ''
- type: string
- description: The Ceph cluster FSID. Must be a UUID.
- CephMonKey:
- default: ''
- description: The Ceph monitors key. Can be created with ceph-authtool --gen-print-key.
- type: string
- hidden: true
- CephAdminKey:
- default: ''
- description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key.
- type: string
- hidden: true
- CinderEnableNfsBackend:
- default: false
- description: Whether to enable or not the NFS backend for Cinder
- type: boolean
- CephClientKey:
- default: ''
- description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. Currently only used for external Ceph deployments to create the openstack user keyring.
- type: string
- hidden: true
- CephExternalMonHost:
- default: ''
- type: string
- description: List of externally managed Ceph Mon Host IPs. Only used for external Ceph deployments.
- CinderEnableIscsiBackend:
- default: true
- description: Whether to enable or not the Iscsi backend for Cinder
- type: boolean
- CinderEnableRbdBackend:
- default: false
- description: Whether to enable or not the Rbd backend for Cinder
- type: boolean
- CloudName:
- default: ''
- description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
- type: string
- ControlFixedIPs:
- default: []
- description: Should be used for arbitrary ips.
- type: json
- Debug:
- default: ''
- description: Set to True to enable debugging on all services.
- type: string
- HAProxySyslogAddress:
- default: /dev/log
- description: Syslog address where HAproxy will send its log
- type: string
- HorizonAllowedHosts:
- default: '*'
- description: A list of IP/Hostname allowed to connect to horizon
- type: comma_delimited_list
- ImageUpdatePolicy:
- default: 'REBUILD_PRESERVE_EPHEMERAL'
- description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
- type: string
- KeyName:
- default: default
- description: Name of an existing EC2 KeyPair to enable SSH access to the instances
- type: string
- constraints:
- - custom_constraint: nova.keypair
- NeutronExternalNetworkBridge:
- description: Name of bridge used for external network traffic.
- type: string
- default: 'br-ex'
- NeutronBridgeMappings:
- description: >
- The OVS logical->physical bridge mappings to use. See the Neutron
- documentation for details. Defaults to mapping br-ex - the external
- bridge on hosts - to a physical name 'datacentre' which can be used
- to create provider networks (and we use this for the default floating
- network) - if changing this either use different post-install network
- scripts or be sure to keep 'datacentre' as a mapping network name.
- type: string
- default: "datacentre:br-ex"
- NeutronControlPlaneID:
- default: 'ctlplane'
- type: string
- description: Neutron ID or name for ctlplane network.
- NeutronEnableIsolatedMetadata:
- default: 'False'
- description: If True, DHCP provide metadata route to VM.
- type: string
- NeutronEnableTunnelling:
- type: string
- default: "True"
- NeutronEnableL2Pop:
- type: string
- description: >
- Enable/disable the L2 population feature in the Neutron agents.
- default: "False"
- NeutronFlatNetworks:
- type: string
- default: 'datacentre'
- description: >
- If set, flat networks to configure in neutron plugins. Defaults to
- 'datacentre' to permit external network creation.
- NeutronNetworkType:
- default: 'vxlan'
- description: The tenant network type for Neutron, either gre or vxlan.
- type: string
- NeutronPassword:
- default: unset
- description: The password for the neutron service account, used by neutron agents.
- type: string
- hidden: true
- NeutronPublicInterface:
- default: nic1
- description: What interface to bridge onto br-ex for network nodes.
- type: string
- NeutronPublicInterfaceTag:
- default: ''
- description: >
- VLAN tag for creating a public VLAN. The tag will be used to
- create an access port on the exterior bridge for each control plane node,
- and that port will be given the IP address returned by neutron from the
- public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
- overcloud.yaml to include the deployment of VLAN ports to the control
- plane.
- type: string
- NeutronComputeAgentMode:
- default: 'dvr'
- description: Agent mode for the neutron-l3-agent on the compute hosts
- type: string
- NeutronAgentMode:
- default: 'dvr_snat'
- description: Agent mode for the neutron-l3-agent on the controller hosts
- type: string
- NeutronDVR:
- default: 'False'
- description: Whether to configure Neutron Distributed Virtual Routers
- type: string
- NeutronMetadataProxySharedSecret:
- default: 'unset'
- description: Shared secret to prevent spoofing
- type: string
- hidden: true
- NeutronTunnelTypes:
- default: 'vxlan'
- description: |
- The tunnel types for the Neutron tenant network. To specify multiple
- values, use a comma separated string, like so: 'gre,vxlan'
- type: string
- NeutronTunnelIdRanges:
- description: |
- Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
- of GRE tunnel IDs that are available for tenant network allocation
- default: ["1:1000", ]
- type: comma_delimited_list
- NeutronVniRanges:
- description: |
- Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
- of VXLAN VNI IDs that are available for tenant network allocation
- default: ["1:1000", ]
- type: comma_delimited_list
- NeutronCorePlugin:
- default: 'ml2'
- description: |
- The core plugin for Neutron. The value should be the entrypoint to be loaded
- from neutron.core_plugins namespace.
- type: string
- NeutronServicePlugins:
- default: "router"
- description: |
- Comma-separated list of service plugin entrypoints to be loaded from the
- neutron.service_plugins namespace.
- type: comma_delimited_list
- NeutronTypeDrivers:
- default: "vxlan,vlan,flat,gre"
- description: |
- Comma-separated list of network type driver entrypoints to be loaded.
- type: comma_delimited_list
- NeutronMechanismDrivers:
- default: 'openvswitch'
- description: |
- The mechanism drivers for the Neutron tenant network. To specify multiple
- values, use a comma separated string, like so: 'openvswitch,l2_population'
- type: string
- NeutronAllowL3AgentFailover:
- default: 'False'
- description: Allow automatic l3-agent failover
- type: string
- NeutronL3HA:
- default: 'False'
- description: Whether to enable l3-agent HA
- type: string
- NeutronDhcpAgentsPerNetwork:
- type: number
- default: 1
- description: The number of neutron dhcp agents to schedule per network
- NovaPassword:
- default: unset
- description: The password for the nova service account, used by nova-api.
- type: string
- hidden: true
- NtpServer:
- default: ''
- description: Comma-separated list of ntp servers
- type: comma_delimited_list
- MongoDbNoJournal:
- default: false
- description: Should MongoDb journaling be disabled
- type: boolean
- PublicVirtualFixedIPs:
- default: []
- description: >
- Control the IP allocation for the PublicVirtualInterface port. E.g.
- [{'ip_address':'1.2.3.4'}]
- type: json
- RabbitCookieSalt:
- type: string
- default: unset
- description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change.
- # FIXME: 'guest' is provisioned in RabbitMQ by default, we should create a user if these are changed
- RabbitUserName:
- default: guest
- description: The username for RabbitMQ
- type: string
- RabbitPassword:
- default: guest
- description: The password for RabbitMQ
- type: string
- hidden: true
- RabbitClientUseSSL:
- default: false
- description: >
- Rabbit client subscriber parameter to specify
- an SSL connection to the RabbitMQ host.
- type: string
- RabbitClientPort:
- default: 5672
- description: Set rabbit subscriber port, change this if using SSL
- type: number
- # We need to set this as string because 'unlimited' is a valid setting
- RabbitFDLimit:
- default: 16384
- description: Configures RabbitMQ FD limit
- type: string
- SnmpdReadonlyUserName:
- default: ro_snmp_user
- description: The user name for SNMPd with readonly rights running on all Overcloud nodes
- type: string
- SnmpdReadonlyUserPassword:
- default: unset
- description: The user password for SNMPd with readonly rights running on all Overcloud nodes
- type: string
- hidden: true
- CloudDomain:
- default: 'localdomain'
- type: string
- description: >
- The DNS domain used for the hosts. This should match the dhcp_domain
- configured in the Undercloud neutron. Defaults to localdomain.
-
- # Controller-specific params
- AdminToken:
- default: unset
- description: The keystone auth secret.
- type: string
- hidden: true
- CinderLVMLoopDeviceSize:
- default: 5000
- description: The size of the loopback file used by the cinder LVM driver.
- type: number
- CinderNfsMountOptions:
- default: ''
- description: >
- Mount options for NFS mounts used by Cinder NFS backend. Effective
- when CinderEnableNfsBackend is true.
- type: string
- CinderNfsServers:
- default: ''
- description: >
- NFS servers used by Cinder NFS backend. Effective when
- CinderEnableNfsBackend is true.
- type: comma_delimited_list
- CinderPassword:
- default: unset
- description: The password for the cinder service account, used by cinder-api.
- type: string
- hidden: true
- CinderISCSIHelper:
- default: tgtadm
- description: The iSCSI helper to use with cinder.
- type: string
- ControllerCount:
- type: number
- default: 1
- constraints:
- - range: {min: 1}
- controllerExtraConfig:
- default: {}
- description: |
- Controller specific configuration to inject into the cluster. Same
- structure as ExtraConfig.
- type: json
- controllerImage:
- type: string
- default: overcloud-control
- constraints:
- - custom_constraint: glance.image
- OvercloudControlFlavor:
- description: Flavor for control nodes to request when deploying.
- type: string
- constraints:
- - custom_constraint: nova.flavor
- ControlVirtualInterface:
- default: 'br-ex'
- description: Interface where virtual ip will be assigned.
- type: string
- EnableFencing:
- default: false
- description: Whether to enable fencing in Pacemaker or not.
- type: boolean
- EnableGalera:
- default: true
- description: Whether to use Galera instead of regular MariaDB.
- type: boolean
- ControllerEnableCephStorage:
- default: false
- description: Whether to deploy Ceph Storage (OSD) on the Controller
- type: boolean
- ControllerEnableSwiftStorage:
- default: true
- description: Whether to enable Swift Storage on the Controller
- type: boolean
- ExtraConfig:
- default: {}
- description: |
- Additional configuration to inject into the cluster. The format required
- may be implementation specific, e.g puppet hieradata. Any role specific
- ExtraConfig, e.g controllerExtraConfig takes precedence over ExtraConfig.
- type: json
- FencingConfig:
- default: {}
- description: |
- Pacemaker fencing configuration. The JSON should have
- the following structure:
- {
- "devices": [
- {
- "agent": "AGENT_NAME",
- "host_mac": "HOST_MAC_ADDRESS",
- "params": {"PARAM_NAME": "PARAM_VALUE"}
- }
- ]
- }
- For instance:
- {
- "devices": [
- {
- "agent": "fence_xvm",
- "host_mac": "52:54:00:aa:bb:cc",
- "params": {
- "multicast_address": "225.0.0.12",
- "port": "baremetal_0",
- "manage_fw": true,
- "manage_key_file": true,
- "key_file": "/etc/fence_xvm.key",
- "key_file_password": "abcdef"
- }
- }
- ]
- }
- type: json
- GlanceLogFile:
- description: The filepath of the file to use for logging messages from Glance.
- type: string
- default: ''
- GlanceNotifierStrategy:
- description: Strategy to use for Glance notification queue
- type: string
- default: noop
- GlancePassword:
- default: unset
- description: The password for the glance service account, used by the glance services.
- type: string
- hidden: true
- GlanceBackend:
- default: swift
- description: The short name of the Glance backend to use. Should be one
- of swift, rbd or file
- type: string
- constraints:
- - allowed_values: ['swift', 'file', 'rbd']
- HeatPassword:
- default: unset
- description: The password for the Heat service account, used by the Heat services.
- type: string
- hidden: true
- HeatStackDomainAdminPassword:
- description: Password for heat_domain_admin user.
- type: string
- default: ''
- hidden: true
- KeystoneCACertificate:
- default: ''
- description: Keystone self-signed certificate authority certificate.
- type: string
- KeystoneSigningCertificate:
- default: ''
- description: Keystone certificate for verifying token validity.
- type: string
- KeystoneSigningKey:
- default: ''
- description: Keystone key for signing tokens.
- type: string
- hidden: true
- KeystoneSSLCertificate:
- default: ''
- description: Keystone certificate for verifying token validity.
- type: string
- KeystoneSSLCertificateKey:
- default: ''
- description: Keystone key for signing tokens.
- type: string
- hidden: true
- KeystoneNotificationDriver:
- description: Comma-separated list of Oslo notification drivers used by Keystone
- default: ['messaging']
- type: comma_delimited_list
- KeystoneNotificationFormat:
- description: The Keystone notification format
- default: 'basic'
- type: string
- constraints:
- - allowed_values: [ 'basic', 'cadf' ]
- ManageFirewall:
- default: false
- description: Whether to manage IPtables rules.
- type: boolean
- PurgeFirewallRules:
- default: false
- description: Whether IPtables rules should be purged before setting up the ones.
- type: boolean
- MysqlInnodbBufferPoolSize:
- description: >
- Specifies the size of the buffer pool in megabytes. Setting to
- zero should be interpreted as "no value" and will defer to the
- lower level default.
- type: number
- default: 0
- MysqlMaxConnections:
- description: Configures MySQL max_connections config setting
- type: number
- default: 4096
- NeutronDnsmasqOptions:
- default: 'dhcp-option-force=26,1400'
- description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the tunnel overhead.
- type: string
- NeutronPublicInterfaceDefaultRoute:
- default: ''
- description: A custom default route for the NeutronPublicInterface.
- type: string
- NeutronPublicInterfaceIP:
- default: ''
- description: A custom IP address to put onto the NeutronPublicInterface.
- type: string
- NeutronPublicInterfaceRawDevice:
- default: ''
- description: If set, the public interface is a vlan with this device as the raw device.
- type: string
- PublicVirtualInterface:
- default: 'br-ex'
- description: >
- Specifies the interface where the public-facing virtual ip will be assigned.
- This should be int_public when a VLAN is being used.
- type: string
- SwiftHashSuffix:
- default: unset
- description: A random string to be used as a salt when hashing to determine mappings in the ring.
- type: string
- hidden: true
- SwiftPassword:
- default: unset
- description: The password for the swift service account, used by the swift proxy services.
- type: string
- hidden: true
- SwiftMountCheck:
- default: 'false'
- description: Value of mount_check in Swift account/container/object -server.conf
- type: boolean
- SwiftMinPartHours:
- type: number
- default: 1
- description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
- SwiftPartPower:
- default: 10
- description: Partition Power to use when building Swift rings
- type: number
- SwiftReplicas:
- type: number
- default: 3
- description: How many replicas to use in the swift rings.
-
-# Compute-specific params
- CeilometerComputeAgent:
- description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
- type: string
- default: ''
- constraints:
- - allowed_values: ['', Present]
- ComputeCount:
- type: number
- default: 1
- HypervisorNeutronPhysicalBridge:
- default: 'br-ex'
- description: >
- An OVS bridge to create on each hypervisor. This defaults to br-ex the
- same as the control plane nodes, as we have a uniform configuration of
- the openvswitch agent. Typically should not need to be changed.
- type: string
- HypervisorNeutronPublicInterface:
- default: nic1
- description: What interface to add to the HypervisorNeutronPhysicalBridge.
- type: string
- NeutronNetworkVLANRanges:
- default: 'datacentre'
- description: >
- The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
- Neutron documentation for permitted values. Defaults to permitting any
- VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
- type: comma_delimited_list
- NovaComputeDriver:
- type: string
- default: libvirt.LibvirtDriver
- NovaComputeExtraConfig:
- default: {}
- description: |
- NovaCompute specific configuration to inject into the cluster. Same
- structure as ExtraConfig.
- type: json
- NovaComputeLibvirtType:
- default: ''
- type: string
- NovaComputeLibvirtVifDriver:
- default: ''
- description: Libvirt VIF driver configuration for the network
- type: string
- NovaEnableRbdBackend:
- default: false
- description: Whether to enable or not the Rbd backend for Nova
- type: boolean
- NovaImage:
- type: string
- default: overcloud-compute
- constraints:
- - custom_constraint: glance.image
- NovaOVSBridge:
- default: 'br-int'
- description: Name of integration bridge used by Open vSwitch
- type: string
- NovaSecurityGroupAPI:
- default: 'neutron'
- description: The full class name of the security API class
- type: string
- OvercloudComputeFlavor:
- description: Use this flavor
- type: string
- constraints:
- - custom_constraint: nova.flavor
- ServiceNetMap:
- default:
- NeutronTenantNetwork: tenant
- CeilometerApiNetwork: internal_api
- MongoDbNetwork: internal_api
- CinderApiNetwork: internal_api
- CinderIscsiNetwork: storage
- GlanceApiNetwork: storage
- GlanceRegistryNetwork: internal_api
- KeystoneAdminApiNetwork: ctlplane # allows undercloud to config endpoints
- KeystonePublicApiNetwork: internal_api
- NeutronApiNetwork: internal_api
- HeatApiNetwork: internal_api
- NovaApiNetwork: internal_api
- NovaMetadataNetwork: internal_api
- NovaVncProxyNetwork: internal_api
- SwiftMgmtNetwork: storage_mgmt
- SwiftProxyNetwork: storage
- HorizonNetwork: internal_api
- MemcachedNetwork: internal_api
- RabbitMqNetwork: internal_api
- RedisNetwork: internal_api
- MysqlNetwork: internal_api
- CephClusterNetwork: storage_mgmt
- CephPublicNetwork: storage
- ControllerHostnameResolveNetwork: internal_api
- ComputeHostnameResolveNetwork: internal_api
- BlockStorageHostnameResolveNetwork: internal_api
- ObjectStorageHostnameResolveNetwork: internal_api
- CephStorageHostnameResolveNetwork: storage
- description: Mapping of service_name -> network name. Typically set
- via parameter_defaults in the resource registry.
- type: json
-
-# Block storage specific parameters
- BlockStorageCount:
- type: number
- default: 0
- BlockStorageImage:
- default: overcloud-cinder-volume
- type: string
- OvercloudBlockStorageFlavor:
- description: Flavor for block storage nodes to request when deploying.
- type: string
- constraints:
- - custom_constraint: nova.flavor
- BlockStorageExtraConfig:
- default: {}
- description: |
- BlockStorage specific configuration to inject into the cluster. Same
- structure as ExtraConfig.
- type: json
-
-# Object storage specific parameters
- ObjectStorageCount:
- type: number
- default: 0
- OvercloudSwiftStorageFlavor:
- description: Flavor for Swift storage nodes to request when deploying.
- type: string
- constraints:
- - custom_constraint: nova.flavor
- SwiftStorageImage:
- default: overcloud-swift-storage
- type: string
- ObjectStorageExtraConfig:
- default: {}
- description: |
- ObjectStorage specific configuration to inject into the cluster. Same
- structure as ExtraConfig.
- type: json
-
-
-# Ceph storage specific parameters
- CephStorageCount:
- type: number
- default: 0
- CephStorageImage:
- default: overcloud-ceph-storage
- type: string
- OvercloudCephStorageFlavor:
- default: baremetal
- description: Flavor for Ceph storage nodes to request when deploying.
- type: string
- constraints:
- - custom_constraint: nova.flavor
- CephStorageExtraConfig:
- default: {}
- description: |
- CephStorage specific configuration to inject into the cluster. Same
- structure as ExtraConfig.
- type: json
-
- # Hostname format for each role
- # Note %index% is translated into the index of the node, e.g 0/1/2 etc
- # and %stackname% is replaced with OS::stack_name in the template below.
- # If you want to use the heat generated names, pass '' (empty string).
- ControllerHostnameFormat:
- type: string
- description: Format for Controller node hostnames
- default: '%stackname%-controller-%index%'
- ComputeHostnameFormat:
- type: string
- description: Format for Compute node hostnames
- default: '%stackname%-novacompute-%index%'
- BlockStorageHostnameFormat:
- type: string
- description: Format for BlockStorage node hostnames
- default: '%stackname%-blockstorage-%index%'
- ObjectStorageHostnameFormat:
- type: string
- description: Format for SwiftStorage node hostnames
- default: '%stackname%-objectstorage-%index%'
- CephStorageHostnameFormat:
- type: string
- description: Format for CephStorage node hostnames
- default: '%stackname%-cephstorage-%index%'
-
- # Identifiers to trigger tasks on nodes
- UpdateIdentifier:
- default: ''
- type: string
- description: >
- Setting to a previously unused value during stack-update will trigger
- package update on all nodes
- DeployIdentifier:
- default: ''
- type: string
- description: >
- Setting this to a unique value will re-run any deployment tasks which
- perform configuration on a Heat stack-update.
-
- # If you want to remove a specific node from a resource group, you can pass
- # the node name or id as a <Group>RemovalPolicies parameter, for example:
- # ComputeRemovalPolicies: [{'resource_list': ['0']}]
- ControllerRemovalPolicies:
- default: []
- type: json
- description: >
- List of resources to be removed from ControllerResourceGroup when
- doing an update which requires removal of specific resources.
- ComputeRemovalPolicies:
- default: []
- type: json
- description: >
- List of resources to be removed from ComputeResourceGroup when
- doing an update which requires removal of specific resources.
- BlockStorageRemovalPolicies:
- default: []
- type: json
- description: >
- List of resources to be removed from BlockStorageResourceGroup when
- doing an update which requires removal of specific resources.
- ObjectStorageRemovalPolicies:
- default: []
- type: json
- description: >
- List of resources to be removed from ObjectStorageResourceGroup when
- doing an update which requires removal of specific resources.
- CephStorageRemovalPolicies:
- default: []
- type: json
- description: >
- List of resources to be removed from CephStorageResourceGroup when
- doing an update which requires removal of specific resources.
-
-
-resources:
-
- HeatAuthEncryptionKey:
- type: OS::Heat::RandomString
-
- PcsdPassword:
- type: OS::Heat::RandomString
- properties:
- length: 16
-
- HorizonSecret:
- type: OS::Heat::RandomString
- properties:
- length: 10
-
- EndpointMap:
- type: OS::TripleO::EndpointMap
- properties:
- CloudName: {get_param: CloudName}
- CeilometerApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
- CinderApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
- GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
- GlanceRegistryVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
- HeatApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
- KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
- KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
- MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
- NeutronApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
- NovaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
- SwiftProxyVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
- PublicVirtualIP: {get_attr: [VipMap, net_ip_map, external]}
-
- Controller:
- type: OS::Heat::ResourceGroup
- depends_on: Networks
- properties:
- count: {get_param: ControllerCount}
- removal_policies: {get_param: ControllerRemovalPolicies}
- resource_def:
- type: OS::TripleO::Controller
- properties:
- AdminPassword: {get_param: AdminPassword}
- AdminToken: {get_param: AdminToken}
- CeilometerBackend: {get_param: CeilometerBackend}
- CeilometerMeteringSecret: {get_param: CeilometerMeteringSecret}
- CeilometerPassword: {get_param: CeilometerPassword}
- CinderLVMLoopDeviceSize: {get_param: CinderLVMLoopDeviceSize}
- CinderNfsMountOptions: {get_param: CinderNfsMountOptions}
- CinderNfsServers: {get_param: CinderNfsServers}
- CinderPassword: {get_param: CinderPassword}
- CinderISCSIHelper: {get_param: CinderISCSIHelper}
- CinderEnableNfsBackend: {get_param: CinderEnableNfsBackend}
- CinderEnableIscsiBackend: {get_param: CinderEnableIscsiBackend}
- CinderEnableRbdBackend: {get_param: CinderEnableRbdBackend}
- CloudName: {get_param: CloudName}
- CloudDomain: {get_param: CloudDomain}
- ControlVirtualInterface: {get_param: ControlVirtualInterface}
- ControllerExtraConfig: {get_param: controllerExtraConfig}
- Debug: {get_param: Debug}
- EnableFencing: {get_param: EnableFencing}
- ManageFirewall: {get_param: ManageFirewall}
- PurgeFirewallRules: {get_param: PurgeFirewallRules}
- EnableGalera: {get_param: EnableGalera}
- EnableCephStorage: {get_param: ControllerEnableCephStorage}
- EnableSwiftStorage: {get_param: ControllerEnableSwiftStorage}
- ExtraConfig: {get_param: ExtraConfig}
- FencingConfig: {get_param: FencingConfig}
- Flavor: {get_param: OvercloudControlFlavor}
- GlancePassword: {get_param: GlancePassword}
- GlanceBackend: {get_param: GlanceBackend}
- GlanceNotifierStrategy: {get_param: GlanceNotifierStrategy}
- GlanceLogFile: {get_param: GlanceLogFile}
- HAProxySyslogAddress: {get_param: HAProxySyslogAddress}
- HeatPassword: {get_param: HeatPassword}
- HeatStackDomainAdminPassword: {get_param: HeatStackDomainAdminPassword}
- HeatAuthEncryptionKey: {get_resource: HeatAuthEncryptionKey}
- HorizonAllowedHosts: {get_param: HorizonAllowedHosts}
- HorizonSecret: {get_resource: HorizonSecret}
- Image: {get_param: controllerImage}
- ImageUpdatePolicy: {get_param: ImageUpdatePolicy}
- KeyName: {get_param: KeyName}
- KeystoneCACertificate: {get_param: KeystoneCACertificate}
- KeystoneSigningCertificate: {get_param: KeystoneSigningCertificate}
- KeystoneSigningKey: {get_param: KeystoneSigningKey}
- KeystoneSSLCertificate: {get_param: KeystoneSSLCertificate}
- KeystoneSSLCertificateKey: {get_param: KeystoneSSLCertificateKey}
- KeystoneNotificationDriver: {get_param: KeystoneNotificationDriver}
- KeystoneNotificationFormat: {get_param: KeystoneNotificationFormat}
- MysqlClusterUniquePart: {get_attr: [MysqlClusterUniquePart, value]}
- MysqlInnodbBufferPoolSize: {get_param: MysqlInnodbBufferPoolSize}
- MysqlMaxConnections: {get_param: MysqlMaxConnections}
- MysqlRootPassword: {get_attr: [MysqlRootPassword, value]}
- NeutronPublicInterfaceIP: {get_param: NeutronPublicInterfaceIP}
- NeutronFlatNetworks: {get_param: NeutronFlatNetworks}
- NeutronBridgeMappings: {get_param: NeutronBridgeMappings}
- NeutronExternalNetworkBridge: {get_param: NeutronExternalNetworkBridge}
- NeutronEnableIsolatedMetadata: {get_param: NeutronEnableIsolatedMetadata}
- NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling}
- NeutronEnableL2Pop: {get_param: NeutronEnableL2Pop}
- NeutronNetworkVLANRanges: {get_param: NeutronNetworkVLANRanges}
- NeutronPublicInterface: {get_param: NeutronPublicInterface}
- NeutronPublicInterfaceDefaultRoute: {get_param: NeutronPublicInterfaceDefaultRoute}
- NeutronPublicInterfaceRawDevice: {get_param: NeutronPublicInterfaceRawDevice}
- NeutronPassword: {get_param: NeutronPassword}
- NeutronDnsmasqOptions: {get_param: NeutronDnsmasqOptions}
- NeutronDVR: {get_param: NeutronDVR}
- NeutronMetadataProxySharedSecret: {get_param: NeutronMetadataProxySharedSecret}
- NeutronAgentMode: {get_param: NeutronAgentMode}
- NeutronCorePlugin: {get_param: NeutronCorePlugin}
- NeutronServicePlugins: {get_param: NeutronServicePlugins}
- NeutronTypeDrivers: {get_param: NeutronTypeDrivers}
- NeutronMechanismDrivers: {get_param: NeutronMechanismDrivers}
- NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover}
- NeutronL3HA: {get_param: NeutronL3HA}
- NeutronDhcpAgentsPerNetwork: {get_param: NeutronDhcpAgentsPerNetwork}
- NeutronNetworkType: {get_param: NeutronNetworkType}
- NeutronTunnelTypes: {get_param: NeutronTunnelTypes}
- NovaPassword: {get_param: NovaPassword}
- NtpServer: {get_param: NtpServer}
- MongoDbNoJournal: {get_param: MongoDbNoJournal}
- PcsdPassword: {get_resource: PcsdPassword}
- PublicVirtualInterface: {get_param: PublicVirtualInterface}
- RabbitPassword: {get_param: RabbitPassword}
- RabbitUserName: {get_param: RabbitUserName}
- RabbitCookie: {get_attr: [RabbitCookie, value]}
- RabbitClientUseSSL: {get_param: RabbitClientUseSSL}
- RabbitClientPort: {get_param: RabbitClientPort}
- RabbitFDLimit: {get_param: RabbitFDLimit}
- SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
- SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
- RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]}
- SwiftHashSuffix: {get_param: SwiftHashSuffix}
- SwiftMountCheck: {get_param: SwiftMountCheck}
- SwiftMinPartHours: {get_param: SwiftMinPartHours}
- SwiftPartPower: {get_param: SwiftPartPower}
- SwiftPassword: {get_param: SwiftPassword}
- SwiftReplicas: { get_param: SwiftReplicas}
- VirtualIP: {get_attr: [VipMap, net_ip_map, ctlplane]} # deprecated. Use per service VIP settings instead now.
- PublicVirtualIP: {get_attr: [VipMap, net_ip_map, external]}
- ServiceNetMap: {get_param: ServiceNetMap}
- EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
- CeilometerApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
- CinderApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
- HeatApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
- GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
- GlanceRegistryVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
- NovaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
- SwiftProxyVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
- MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
- KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
- KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
- NeutronApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
- NovaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
- UpdateIdentifier: {get_param: UpdateIdentifier}
- Hostname:
- str_replace:
- template: {get_param: ControllerHostnameFormat}
- params:
- '%stackname%': {get_param: 'OS::stack_name'}
- NodeIndex: '%index%'
-
- Compute:
- type: OS::Heat::ResourceGroup
- depends_on: Networks
- properties:
- count: {get_param: ComputeCount}
- removal_policies: {get_param: ComputeRemovalPolicies}
- resource_def:
- type: OS::TripleO::Compute
- properties:
- AdminPassword: {get_param: AdminPassword}
- CeilometerComputeAgent: {get_param: CeilometerComputeAgent}
- CeilometerMeteringSecret: {get_param: CeilometerMeteringSecret}
- CeilometerPassword: {get_param: CeilometerPassword}
- CinderEnableNfsBackend: {get_param: CinderEnableNfsBackend}
- CinderEnableRbdBackend: {get_param: CinderEnableRbdBackend}
- Debug: {get_param: Debug}
- ExtraConfig: {get_param: ExtraConfig}
- Flavor: {get_param: OvercloudComputeFlavor}
- GlanceHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
- Image: {get_param: NovaImage}
- ImageUpdatePolicy: {get_param: ImageUpdatePolicy}
- KeyName: {get_param: KeyName}
- KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
- KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
- NeutronBridgeMappings: {get_param: NeutronBridgeMappings}
- NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling}
- NeutronEnableL2Pop : {get_param: NeutronEnableL2Pop}
- NeutronFlatNetworks: {get_param: NeutronFlatNetworks}
- NeutronHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
- NeutronNetworkType: {get_param: NeutronNetworkType}
- NeutronTunnelTypes: {get_param: NeutronTunnelTypes}
- NeutronNetworkVLANRanges: {get_param: NeutronNetworkVLANRanges}
- NeutronPassword: {get_param: NeutronPassword}
- NeutronPhysicalBridge: {get_param: HypervisorNeutronPhysicalBridge}
- NeutronPublicInterface: {get_param: HypervisorNeutronPublicInterface}
- NeutronDVR: {get_param: NeutronDVR}
- NeutronMetadataProxySharedSecret: {get_param: NeutronMetadataProxySharedSecret}
- NeutronAgentMode: {get_param: NeutronComputeAgentMode}
- NeutronPublicInterfaceRawDevice: {get_param: NeutronPublicInterfaceRawDevice}
- NeutronCorePlugin: {get_param: NeutronCorePlugin}
- NeutronServicePlugins: {get_param: NeutronServicePlugins}
- NeutronTypeDrivers: {get_param: NeutronTypeDrivers}
- NeutronMechanismDrivers: {get_param: NeutronMechanismDrivers}
- # L3 HA and Failover is not relevant for Computes, should be removed
- NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover}
- NeutronL3HA: {get_param: NeutronL3HA}
- NovaApiHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
- NovaComputeDriver: {get_param: NovaComputeDriver}
- NovaComputeExtraConfig: {get_param: NovaComputeExtraConfig}
- NovaComputeLibvirtType: {get_param: NovaComputeLibvirtType}
- NovaComputeLibvirtVifDriver: {get_param: NovaComputeLibvirtVifDriver}
- NovaEnableRbdBackend: {get_param: NovaEnableRbdBackend}
- NovaPublicIP: {get_attr: [VipMap, net_ip_map, external]}
- NovaPassword: {get_param: NovaPassword}
- NovaOVSBridge: {get_param: NovaOVSBridge}
- NovaSecurityGroupAPI: {get_param: NovaSecurityGroupAPI}
- NtpServer: {get_param: NtpServer}
- RabbitHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
- RabbitPassword: {get_param: RabbitPassword}
- RabbitUserName: {get_param: RabbitUserName}
- RabbitClientUseSSL: {get_param: RabbitClientUseSSL}
- RabbitClientPort: {get_param: RabbitClientPort}
- SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
- SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
- ServiceNetMap: {get_param: ServiceNetMap}
- EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
- UpdateIdentifier: {get_param: UpdateIdentifier}
- Hostname:
- str_replace:
- template: {get_param: ComputeHostnameFormat}
- params:
- '%stackname%': {get_param: 'OS::stack_name'}
- CloudDomain: {get_param: CloudDomain}
-
- BlockStorage:
- type: OS::Heat::ResourceGroup
- depends_on: Networks
- properties:
- count: {get_param: BlockStorageCount}
- removal_policies: {get_param: BlockStorageRemovalPolicies}
- resource_def:
- type: OS::TripleO::BlockStorage
- properties:
- Debug: {get_param: Debug}
- Image: {get_param: BlockStorageImage}
- CinderISCSIHelper: {get_param: CinderISCSIHelper}
- CinderLVMLoopDeviceSize: {get_param: CinderLVMLoopDeviceSize}
- # Purpose of the dedicated BlockStorage nodes should be to use their local LVM
- CinderEnableIscsiBackend: {get_param: CinderEnableIscsiBackend}
- CinderPassword: {get_param: CinderPassword}
- KeyName: {get_param: KeyName}
- Flavor: {get_param: OvercloudBlockStorageFlavor}
- VirtualIP: {get_attr: [VipMap, net_ip_map, ctlplane]}
- GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
- RabbitPassword: {get_param: RabbitPassword}
- RabbitUserName: {get_param: RabbitUserName}
- RabbitClientUseSSL: {get_param: RabbitClientUseSSL}
- RabbitClientPort: {get_param: RabbitClientPort}
- NtpServer: {get_param: NtpServer}
- UpdateIdentifier: {get_param: UpdateIdentifier}
- Hostname:
- str_replace:
- template: {get_param: BlockStorageHostnameFormat}
- params:
- '%stackname%': {get_param: 'OS::stack_name'}
- ServiceNetMap: {get_param: ServiceNetMap}
- EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
- MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
- ExtraConfig: {get_param: ExtraConfig}
- BlockStorageExtraConfig: {get_param: BlockStorageExtraConfig}
- CloudDomain: {get_param: CloudDomain}
-
- ObjectStorage:
- type: OS::Heat::ResourceGroup
- depends_on: Networks
- properties:
- count: {get_param: ObjectStorageCount}
- removal_policies: {get_param: ObjectStorageRemovalPolicies}
- resource_def:
- type: OS::TripleO::ObjectStorage
- properties:
- KeyName: {get_param: KeyName}
- Flavor: {get_param: OvercloudSwiftStorageFlavor}
- HashSuffix: {get_param: SwiftHashSuffix}
- MountCheck: {get_param: SwiftMountCheck}
- MinPartHours: {get_param: SwiftMinPartHours}
- PartPower: {get_param: SwiftPartPower}
- Image: {get_param: SwiftStorageImage}
- Replicas: { get_param: SwiftReplicas}
- NtpServer: {get_param: NtpServer}
- UpdateIdentifier: {get_param: UpdateIdentifier}
- ServiceNetMap: {get_param: ServiceNetMap}
- Hostname:
- str_replace:
- template: {get_param: ObjectStorageHostnameFormat}
- params:
- '%stackname%': {get_param: 'OS::stack_name'}
- ExtraConfig: {get_param: ExtraConfig}
- ObjectStorageExtraConfig: {get_param: ObjectStorageExtraConfig}
- CloudDomain: {get_param: CloudDomain}
-
- CephStorage:
- type: OS::Heat::ResourceGroup
- depends_on: Networks
- properties:
- count: {get_param: CephStorageCount}
- removal_policies: {get_param: CephStorageRemovalPolicies}
- resource_def:
- type: OS::TripleO::CephStorage
- properties:
- Image: {get_param: CephStorageImage}
- KeyName: {get_param: KeyName}
- Flavor: {get_param: OvercloudCephStorageFlavor}
- NtpServer: {get_param: NtpServer}
- ServiceNetMap: {get_param: ServiceNetMap}
- UpdateIdentifier: {get_param: UpdateIdentifier}
- Hostname:
- str_replace:
- template: {get_param: CephStorageHostnameFormat}
- params:
- '%stackname%': {get_param: 'OS::stack_name'}
- ExtraConfig: {get_param: ExtraConfig}
- CephStorageExtraConfig: {get_param: CephStorageExtraConfig}
- CloudDomain: {get_param: CloudDomain}
-
- ControllerIpListMap:
- type: OS::TripleO::Network::Ports::NetIpListMap
- properties:
- ControlPlaneIpList: {get_attr: [Controller, ip_address]}
- ExternalIpList: {get_attr: [Controller, external_ip_address]}
- InternalApiIpList: {get_attr: [Controller, internal_api_ip_address]}
- StorageIpList: {get_attr: [Controller, storage_ip_address]}
- StorageMgmtIpList: {get_attr: [Controller, storage_mgmt_ip_address]}
- TenantIpList: {get_attr: [Controller, tenant_ip_address]}
-
- allNodesConfig:
- type: OS::TripleO::AllNodes::SoftwareConfig
- properties:
- compute_hosts: {get_attr: [Compute, hosts_entry]}
- controller_hosts: {get_attr: [Controller, hosts_entry]}
- controller_ips: {get_attr: [Controller, ip_address]}
- block_storage_hosts: {get_attr: [BlockStorage, hosts_entry]}
- object_storage_hosts: {get_attr: [ObjectStorage, hosts_entry]}
- ceph_storage_hosts: {get_attr: [CephStorage, hosts_entry]}
- controller_names: {get_attr: [Controller, hostname]}
- rabbit_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
- mongo_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
- redis_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
- memcache_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
- mysql_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
- horizon_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
- heat_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
- swift_proxy_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
- ceilometer_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
- nova_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
- nova_metadata_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
- glance_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
- glance_registry_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
- cinder_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
- neutron_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
- keystone_public_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
- keystone_admin_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
-
- MysqlRootPassword:
- type: OS::Heat::RandomString
- properties:
- length: 10
-
- MysqlClusterUniquePart:
- type: OS::Heat::RandomString
- properties:
- length: 10
-
- RabbitCookie:
- type: OS::Heat::RandomString
- properties:
- length: 20
- salt: {get_param: RabbitCookieSalt}
-
- # creates the network architecture
- Networks:
- type: OS::TripleO::Network
-
- ControlVirtualIP:
- type: OS::Neutron::Port
- depends_on: Networks
- properties:
- name: control_virtual_ip
- network: {get_param: NeutronControlPlaneID}
- fixed_ips: {get_param: ControlFixedIPs}
- replacement_policy: AUTO
-
- RedisVirtualIP:
- depends_on: Networks
- type: OS::TripleO::Controller::Ports::RedisVipPort
- properties:
- ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
- ControlPlaneNetwork: {get_param: NeutronControlPlaneID}
- PortName: redis_virtual_ip
- NetworkName: {get_param: [ServiceNetMap, RedisNetwork]}
-
- # The public VIP is on the External net, falls back to ctlplane
- PublicVirtualIP:
- depends_on: Networks
- type: OS::TripleO::Controller::Ports::ExternalPort
- properties:
- ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
- ControlPlaneNetwork: {get_param: NeutronControlPlaneID}
- PortName: public_virtual_ip
- FixedIPs: {get_param: PublicVirtualFixedIPs}
-
- InternalApiVirtualIP:
- depends_on: Networks
- type: OS::TripleO::Controller::Ports::InternalApiPort
- properties:
- ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
- PortName: internal_api_virtual_ip
-
- StorageVirtualIP:
- depends_on: Networks
- type: OS::TripleO::Controller::Ports::StoragePort
- properties:
- ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
- PortName: storage_virtual_ip
-
- StorageMgmtVirtualIP:
- depends_on: Networks
- type: OS::TripleO::Controller::Ports::StorageMgmtPort
- properties:
- ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
- PortName: storage_management_virtual_ip
-
- VipMap:
- type: OS::TripleO::Network::Ports::NetVipMap
- properties:
- ControlPlaneIp: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
- ExternalIp: {get_attr: [PublicVirtualIP, ip_address]}
- InternalApiIp: {get_attr: [InternalApiVirtualIP, ip_address]}
- StorageIp: {get_attr: [StorageVirtualIP, ip_address]}
- StorageMgmtIp: {get_attr: [StorageMgmtVirtualIP, ip_address]}
- # No tenant VIP required
-
- VipConfig:
- type: OS::TripleO::VipConfig
-
- VipDeployment:
- type: OS::Heat::StructuredDeployments
- properties:
- config: {get_resource: VipConfig}
- servers: {get_attr: [Controller, attributes, nova_server_resource]}
- input_values:
- # service VIP mappings
- keystone_admin_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
- keystone_public_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
- neutron_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
- cinder_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
- glance_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
- glance_registry_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
- swift_proxy_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
- nova_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
- nova_metadata_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
- ceilometer_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
- heat_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
- horizon_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
- redis_vip: {get_attr: [RedisVirtualIP, ip_address]}
- mysql_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
- rabbit_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
- # direct configuration of Virtual IPs for each network
- control_virtual_ip: {get_attr: [VipMap, net_ip_map, ctlplane]}
- public_virtual_ip: {get_attr: [VipMap, net_ip_map, external]}
- internal_api_virtual_ip: {get_attr: [VipMap, net_ip_map, internal_api]}
- storage_virtual_ip: {get_attr: [VipMap, net_ip_map, storage]}
- storage_mgmt_virtual_ip: {get_attr: [VipMap, net_ip_map, storage_mgmt]}
-
- ControllerBootstrapNodeConfig:
- type: OS::TripleO::BootstrapNode::SoftwareConfig
- properties:
- bootstrap_nodeid: {get_attr: [Controller, resource.0.hostname]}
- bootstrap_nodeid_ip: {get_attr: [Controller, resource.0.ip_address]}
-
- ControllerBootstrapNodeDeployment:
- type: OS::Heat::StructuredDeployments
- properties:
- config: {get_attr: [ControllerBootstrapNodeConfig, config_id]}
- servers: {get_attr: [Controller, attributes, nova_server_resource]}
-
- ControllerSwiftDeployment:
- type: OS::Heat::StructuredDeployments
- properties:
- config: {get_attr: [SwiftDevicesAndProxyConfig, config_id]}
- servers: {get_attr: [Controller, attributes, nova_server_resource]}
-
- ObjectStorageSwiftDeployment:
- type: OS::Heat::StructuredDeployments
- properties:
- config: {get_attr: [SwiftDevicesAndProxyConfig, config_id]}
- servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
-
- SwiftDevicesAndProxyConfig:
- type: OS::TripleO::SwiftDevicesAndProxy::SoftwareConfig
- properties:
- controller_swift_devices: {get_attr: [Controller, swift_device]}
- object_store_swift_devices: {get_attr: [ObjectStorage, swift_device]}
- controller_swift_proxy_memcaches: {get_attr: [Controller, swift_proxy_memcache]}
-
- ComputeCephDeployment:
- type: OS::Heat::StructuredDeployments
- properties:
- config: {get_attr: [CephClusterConfig, config_id]}
- servers: {get_attr: [Compute, attributes, nova_server_resource]}
-
- ControllerCephDeployment:
- type: OS::Heat::StructuredDeployments
- properties:
- config: {get_attr: [CephClusterConfig, config_id]}
- servers: {get_attr: [Controller, attributes, nova_server_resource]}
-
- CephStorageCephDeployment:
- type: OS::Heat::StructuredDeployments
- properties:
- config: {get_attr: [CephClusterConfig, config_id]}
- servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
-
- CephClusterConfig:
- type: OS::TripleO::CephClusterConfig::SoftwareConfig
- properties:
- ceph_storage_count: {get_param: CephStorageCount}
- ceph_fsid: {get_param: CephClusterFSID}
- ceph_mon_key: {get_param: CephMonKey}
- ceph_admin_key: {get_param: CephAdminKey}
- ceph_client_key: {get_param: CephClientKey}
- ceph_external_mon_ips: {get_param: CephExternalMonHost}
- ceph_mon_names: {get_attr: [Controller, hostname]}
- ceph_mon_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
-
- ControllerClusterConfig:
- type: OS::Heat::StructuredConfig
- properties:
- group: os-apply-config
- config:
- corosync:
- nodes: {get_attr: [Controller, corosync_node]}
- horizon:
- caches:
- memcached:
- nodes: {get_attr: [Controller, hostname]}
- mysql:
- nodes: {get_attr: [Controller, corosync_node]}
- haproxy:
- nodes: {get_attr: [Controller, corosync_node]}
-
- ControllerClusterDeployment:
- type: OS::Heat::StructuredDeployments
- properties:
- config: {get_resource: ControllerClusterConfig}
- servers: {get_attr: [Controller, attributes, nova_server_resource]}
-
- ControllerAllNodesDeployment:
- type: OS::Heat::StructuredDeployments
- properties:
- config: {get_attr: [allNodesConfig, config_id]}
- servers: {get_attr: [Controller, attributes, nova_server_resource]}
-
- ComputeAllNodesDeployment:
- type: OS::Heat::StructuredDeployments
- properties:
- config: {get_attr: [allNodesConfig, config_id]}
- servers: {get_attr: [Compute, attributes, nova_server_resource]}
-
- BlockStorageAllNodesDeployment:
- type: OS::Heat::StructuredDeployments
- properties:
- config: {get_attr: [allNodesConfig, config_id]}
- servers: {get_attr: [BlockStorage, attributes, nova_server_resource]}
-
- ObjectStorageAllNodesDeployment:
- type: OS::Heat::StructuredDeployments
- properties:
- config: {get_attr: [allNodesConfig, config_id]}
- servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
-
- CephStorageAllNodesDeployment:
- type: OS::Heat::StructuredDeployments
- properties:
- config: {get_attr: [allNodesConfig, config_id]}
- servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
-
- # All Nodes Validations
- AllNodesValidationConfig:
- type: OS::TripleO::AllNodes::Validation
- properties:
- PingTestIps:
- list_join:
- - ' '
- - - {get_attr: [Controller, resource.0.external_ip_address]}
- - {get_attr: [Controller, resource.0.internal_api_ip_address]}
- - {get_attr: [Controller, resource.0.storage_ip_address]}
- - {get_attr: [Controller, resource.0.storage_mgmt_ip_address]}
- - {get_attr: [Controller, resource.0.tenant_ip_address]}
-
- ControllerAllNodesValidationDeployment:
- type: OS::Heat::StructuredDeployments
- depends_on: ControllerAllNodesDeployment
- properties:
- config: {get_resource: AllNodesValidationConfig}
- servers: {get_attr: [Controller, attributes, nova_server_resource]}
-
- ComputeAllNodesValidationDeployment:
- type: OS::Heat::StructuredDeployments
- depends_on: ComputeAllNodesDeployment
- properties:
- config: {get_resource: AllNodesValidationConfig}
- servers: {get_attr: [Compute, attributes, nova_server_resource]}
-
- BlockStorageAllNodesValidationDeployment:
- type: OS::Heat::StructuredDeployments
- depends_on: BlockStorageAllNodesDeployment
- properties:
- config: {get_resource: AllNodesValidationConfig}
- servers: {get_attr: [BlockStorage, attributes, nova_server_resource]}
-
- ObjectStorageAllNodesValidationDeployment:
- type: OS::Heat::StructuredDeployments
- depends_on: ObjectStorageAllNodesDeployment
- properties:
- config: {get_resource: AllNodesValidationConfig}
- servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
-
- CephStorageAllNodesValidationDeployment:
- type: OS::Heat::StructuredDeployments
- depends_on: CephStorageAllNodesDeployment
- properties:
- config: {get_resource: AllNodesValidationConfig}
- servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
-
- # Optional ExtraConfig for all nodes - all roles are passed in here, but
- # the nested template may configure each role differently (or not at all)
- AllNodesExtraConfig:
- type: OS::TripleO::AllNodesExtraConfig
- properties:
- controller_servers: {get_attr: [Controller, attributes, nova_server_resource]}
- compute_servers: {get_attr: [Compute, attributes, nova_server_resource]}
- blockstorage_servers: {get_attr: [BlockStorage, attributes, nova_server_resource]}
- objectstorage_servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
- cephstorage_servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
-
- # Nested stack deployment runs after all other controller deployments
- ControllerNodesPostDeployment:
- type: OS::TripleO::ControllerPostDeployment
- depends_on: [ControllerBootstrapNodeDeployment, ControllerAllNodesDeployment, ControllerSwiftDeployment, ControllerCephDeployment]
- properties:
- servers: {get_attr: [Controller, attributes, nova_server_resource]}
- NodeConfigIdentifiers:
- allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]}
- controller_config: {get_attr: [Controller, attributes, config_identifier]}
- deployment_identifier: {get_param: DeployIdentifier}
-
- ComputeNodesPostDeployment:
- type: OS::TripleO::ComputePostDeployment
- depends_on: [ComputeAllNodesDeployment, ComputeCephDeployment]
- properties:
- servers: {get_attr: [Compute, attributes, nova_server_resource]}
- NodeConfigIdentifiers:
- allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]}
- compute_config: {get_attr: [Compute, attributes, config_identifier]}
- deployment_identifier: {get_param: DeployIdentifier}
-
- ObjectStorageNodesPostDeployment:
- type: OS::TripleO::ObjectStoragePostDeployment
- depends_on: [ObjectStorageSwiftDeployment, ObjectStorageAllNodesDeployment]
- properties:
- servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
- NodeConfigIdentifiers:
- allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]}
- objectstorage_config: {get_attr: [ObjectStorage, attributes, config_identifier]}
- deployment_identifier: {get_param: DeployIdentifier}
-
- BlockStorageNodesPostDeployment:
- type: OS::TripleO::BlockStoragePostDeployment
- depends_on: [ControllerNodesPostDeployment, BlockStorageAllNodesDeployment]
- properties:
- servers: {get_attr: [BlockStorage, attributes, nova_server_resource]}
- NodeConfigIdentifiers:
- allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]}
- blockstorage_config: {get_attr: [BlockStorage, attributes, config_identifier]}
- deployment_identifier: {get_param: DeployIdentifier}
-
- CephStorageNodesPostDeployment:
- type: OS::TripleO::CephStoragePostDeployment
- depends_on: [ControllerNodesPostDeployment, CephStorageCephDeployment, CephStorageAllNodesDeployment]
- properties:
- servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
- NodeConfigIdentifiers:
- allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]}
- cephstorage_config: {get_attr: [CephStorage, attributes, config_identifier]}
- deployment_identifier: {get_param: DeployIdentifier}
-
-outputs:
- KeystoneURL:
- description: URL for the Overcloud Keystone service
- value: {get_attr: [EndpointMap, endpoint_map, KeystonePublic, uri]}
- KeystoneAdminVip:
- description: Keystone Admin VIP endpoint
- value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
- PublicVip:
- description: Controller VIP for public API endpoints
- value: {get_attr: [VipMap, net_ip_map, external]}
- CeilometerInternalVip:
- description: VIP for Ceilometer API internal endpoint
- value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
- CinderInternalVip:
- description: VIP for Cinder API internal endpoint
- value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
- GlanceInternalVip:
- description: VIP for Glance API internal endpoint
- value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
- HeatInternalVip:
- description: VIP for Heat API internal endpoint
- value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
- KeystoneInternalVip:
- description: VIP for Keystone API internal endpoint
- value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
- NeutronInternalVip:
- description: VIP for Neutron API internal endpoint
- value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
- NovaInternalVip:
- description: VIP for Nova API internal endpoint
- value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
- SwiftInternalVip:
- description: VIP for Swift Proxy internal endpoint
- value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
+overcloud.yaml \ No newline at end of file
diff --git a/overcloud.yaml b/overcloud.yaml
new file mode 100644
index 00000000..faec16dd
--- /dev/null
+++ b/overcloud.yaml
@@ -0,0 +1,1514 @@
+heat_template_version: 2015-04-30
+
+description: >
+ Deploy an OpenStack environment, consisting of several node types (roles),
+ Controller, Compute, BlockStorage, SwiftStorage and CephStorage. The Storage
+ roles enable independent scaling of the storage components, but the minimal
+ deployment is one Controller and one Compute node.
+
+
+# TODO(shadower): we should probably use the parameter groups to put
+# some order in here.
+parameters:
+
+ # Common parameters (not specific to a role)
+ AdminPassword:
+ default: unset
+ description: The password for the keystone admin account, used for monitoring, querying neutron etc.
+ type: string
+ hidden: true
+ CeilometerBackend:
+ default: 'mongodb'
+ description: The ceilometer backend type.
+ type: string
+ CeilometerMeteringSecret:
+ default: unset
+ description: Secret shared by the ceilometer services.
+ type: string
+ hidden: true
+ CeilometerPassword:
+ default: unset
+ description: The password for the ceilometer service account.
+ type: string
+ hidden: true
+ # This has to be an UUID so for now we generate it outside the template
+ CephClusterFSID:
+ default: ''
+ type: string
+ description: The Ceph cluster FSID. Must be a UUID.
+ CephMonKey:
+ default: ''
+ description: The Ceph monitors key. Can be created with ceph-authtool --gen-print-key.
+ type: string
+ hidden: true
+ CephAdminKey:
+ default: ''
+ description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key.
+ type: string
+ hidden: true
+ CinderEnableNfsBackend:
+ default: false
+ description: Whether to enable or not the NFS backend for Cinder
+ type: boolean
+ CephClientKey:
+ default: ''
+ description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. Currently only used for external Ceph deployments to create the openstack user keyring.
+ type: string
+ hidden: true
+ CephExternalMonHost:
+ default: ''
+ type: string
+ description: List of externally managed Ceph Mon Host IPs. Only used for external Ceph deployments.
+ CinderEnableIscsiBackend:
+ default: true
+ description: Whether to enable or not the Iscsi backend for Cinder
+ type: boolean
+ CinderEnableRbdBackend:
+ default: false
+ description: Whether to enable or not the Rbd backend for Cinder
+ type: boolean
+ CloudName:
+ default: ''
+ description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
+ type: string
+ ControlFixedIPs:
+ default: []
+ description: Should be used for arbitrary ips.
+ type: json
+ Debug:
+ default: ''
+ description: Set to True to enable debugging on all services.
+ type: string
+ HAProxySyslogAddress:
+ default: /dev/log
+ description: Syslog address where HAproxy will send its log
+ type: string
+ HorizonAllowedHosts:
+ default: '*'
+ description: A list of IP/Hostname allowed to connect to horizon
+ type: comma_delimited_list
+ ImageUpdatePolicy:
+ default: 'REBUILD_PRESERVE_EPHEMERAL'
+ description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
+ type: string
+ KeyName:
+ default: default
+ description: Name of an existing EC2 KeyPair to enable SSH access to the instances
+ type: string
+ constraints:
+ - custom_constraint: nova.keypair
+ NeutronExternalNetworkBridge:
+ description: Name of bridge used for external network traffic.
+ type: string
+ default: 'br-ex'
+ NeutronBridgeMappings:
+ description: >
+ The OVS logical->physical bridge mappings to use. See the Neutron
+ documentation for details. Defaults to mapping br-ex - the external
+ bridge on hosts - to a physical name 'datacentre' which can be used
+ to create provider networks (and we use this for the default floating
+ network) - if changing this either use different post-install network
+ scripts or be sure to keep 'datacentre' as a mapping network name.
+ type: string
+ default: "datacentre:br-ex"
+ NeutronControlPlaneID:
+ default: 'ctlplane'
+ type: string
+ description: Neutron ID or name for ctlplane network.
+ NeutronEnableIsolatedMetadata:
+ default: 'False'
+ description: If True, DHCP provide metadata route to VM.
+ type: string
+ NeutronEnableTunnelling:
+ type: string
+ default: "True"
+ NeutronEnableL2Pop:
+ type: string
+ description: >
+ Enable/disable the L2 population feature in the Neutron agents.
+ default: "False"
+ NeutronFlatNetworks:
+ type: string
+ default: 'datacentre'
+ description: >
+ If set, flat networks to configure in neutron plugins. Defaults to
+ 'datacentre' to permit external network creation.
+ NeutronNetworkType:
+ default: 'vxlan'
+ description: The tenant network type for Neutron, either gre or vxlan.
+ type: string
+ NeutronPassword:
+ default: unset
+ description: The password for the neutron service account, used by neutron agents.
+ type: string
+ hidden: true
+ NeutronPublicInterface:
+ default: nic1
+ description: What interface to bridge onto br-ex for network nodes.
+ type: string
+ NeutronPublicInterfaceTag:
+ default: ''
+ description: >
+ VLAN tag for creating a public VLAN. The tag will be used to
+ create an access port on the exterior bridge for each control plane node,
+ and that port will be given the IP address returned by neutron from the
+ public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
+ overcloud.yaml to include the deployment of VLAN ports to the control
+ plane.
+ type: string
+ NeutronComputeAgentMode:
+ default: 'dvr'
+ description: Agent mode for the neutron-l3-agent on the compute hosts
+ type: string
+ NeutronAgentMode:
+ default: 'dvr_snat'
+ description: Agent mode for the neutron-l3-agent on the controller hosts
+ type: string
+ NeutronDVR:
+ default: 'False'
+ description: Whether to configure Neutron Distributed Virtual Routers
+ type: string
+ NeutronMetadataProxySharedSecret:
+ default: 'unset'
+ description: Shared secret to prevent spoofing
+ type: string
+ hidden: true
+ NeutronTunnelTypes:
+ default: 'vxlan'
+ description: |
+ The tunnel types for the Neutron tenant network. To specify multiple
+ values, use a comma separated string, like so: 'gre,vxlan'
+ type: string
+ NeutronTunnelIdRanges:
+ description: |
+ Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
+ of GRE tunnel IDs that are available for tenant network allocation
+ default: ["1:1000", ]
+ type: comma_delimited_list
+ NeutronVniRanges:
+ description: |
+ Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
+ of VXLAN VNI IDs that are available for tenant network allocation
+ default: ["1:1000", ]
+ type: comma_delimited_list
+ NeutronCorePlugin:
+ default: 'ml2'
+ description: |
+ The core plugin for Neutron. The value should be the entrypoint to be loaded
+ from neutron.core_plugins namespace.
+ type: string
+ NeutronServicePlugins:
+ default: "router"
+ description: |
+ Comma-separated list of service plugin entrypoints to be loaded from the
+ neutron.service_plugins namespace.
+ type: comma_delimited_list
+ NeutronTypeDrivers:
+ default: "vxlan,vlan,flat,gre"
+ description: |
+ Comma-separated list of network type driver entrypoints to be loaded.
+ type: comma_delimited_list
+ NeutronMechanismDrivers:
+ default: 'openvswitch'
+ description: |
+ The mechanism drivers for the Neutron tenant network. To specify multiple
+ values, use a comma separated string, like so: 'openvswitch,l2_population'
+ type: string
+ NeutronAllowL3AgentFailover:
+ default: 'False'
+ description: Allow automatic l3-agent failover
+ type: string
+ NeutronL3HA:
+ default: 'False'
+ description: Whether to enable l3-agent HA
+ type: string
+ NeutronDhcpAgentsPerNetwork:
+ type: number
+ default: 1
+ description: The number of neutron dhcp agents to schedule per network
+ NovaPassword:
+ default: unset
+ description: The password for the nova service account, used by nova-api.
+ type: string
+ hidden: true
+ NtpServer:
+ default: ''
+ description: Comma-separated list of ntp servers
+ type: comma_delimited_list
+ MongoDbNoJournal:
+ default: false
+ description: Should MongoDb journaling be disabled
+ type: boolean
+ PublicVirtualFixedIPs:
+ default: []
+ description: >
+ Control the IP allocation for the PublicVirtualInterface port. E.g.
+ [{'ip_address':'1.2.3.4'}]
+ type: json
+ RabbitCookieSalt:
+ type: string
+ default: unset
+ description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change.
+ # FIXME: 'guest' is provisioned in RabbitMQ by default, we should create a user if these are changed
+ RabbitUserName:
+ default: guest
+ description: The username for RabbitMQ
+ type: string
+ RabbitPassword:
+ default: guest
+ description: The password for RabbitMQ
+ type: string
+ hidden: true
+ RabbitClientUseSSL:
+ default: false
+ description: >
+ Rabbit client subscriber parameter to specify
+ an SSL connection to the RabbitMQ host.
+ type: string
+ RabbitClientPort:
+ default: 5672
+ description: Set rabbit subscriber port, change this if using SSL
+ type: number
+ # We need to set this as string because 'unlimited' is a valid setting
+ RabbitFDLimit:
+ default: 16384
+ description: Configures RabbitMQ FD limit
+ type: string
+ SnmpdReadonlyUserName:
+ default: ro_snmp_user
+ description: The user name for SNMPd with readonly rights running on all Overcloud nodes
+ type: string
+ SnmpdReadonlyUserPassword:
+ default: unset
+ description: The user password for SNMPd with readonly rights running on all Overcloud nodes
+ type: string
+ hidden: true
+ CloudDomain:
+ default: 'localdomain'
+ type: string
+ description: >
+ The DNS domain used for the hosts. This should match the dhcp_domain
+ configured in the Undercloud neutron. Defaults to localdomain.
+ ServerMetadata:
+ default: {}
+ description: >
+ Extra properties or metadata passed to Nova for the created nodes in
+ the overcloud. It's accessible via the Nova metadata API.
+ type: json
+
+ # Controller-specific params
+ AdminToken:
+ default: unset
+ description: The keystone auth secret.
+ type: string
+ hidden: true
+ CinderLVMLoopDeviceSize:
+ default: 5000
+ description: The size of the loopback file used by the cinder LVM driver.
+ type: number
+ CinderNfsMountOptions:
+ default: ''
+ description: >
+ Mount options for NFS mounts used by Cinder NFS backend. Effective
+ when CinderEnableNfsBackend is true.
+ type: string
+ CinderNfsServers:
+ default: ''
+ description: >
+ NFS servers used by Cinder NFS backend. Effective when
+ CinderEnableNfsBackend is true.
+ type: comma_delimited_list
+ CinderPassword:
+ default: unset
+ description: The password for the cinder service account, used by cinder-api.
+ type: string
+ hidden: true
+ CinderISCSIHelper:
+ default: tgtadm
+ description: The iSCSI helper to use with cinder.
+ type: string
+ ControllerCount:
+ type: number
+ default: 1
+ constraints:
+ - range: {min: 1}
+ controllerExtraConfig:
+ default: {}
+ description: |
+ Controller specific configuration to inject into the cluster. Same
+ structure as ExtraConfig.
+ type: json
+ controllerImage:
+ type: string
+ default: overcloud-control
+ constraints:
+ - custom_constraint: glance.image
+ OvercloudControlFlavor:
+ description: Flavor for control nodes to request when deploying.
+ type: string
+ constraints:
+ - custom_constraint: nova.flavor
+ ControlVirtualInterface:
+ default: 'br-ex'
+ description: Interface where virtual ip will be assigned.
+ type: string
+ EnableFencing:
+ default: false
+ description: Whether to enable fencing in Pacemaker or not.
+ type: boolean
+ EnableGalera:
+ default: true
+ description: Whether to use Galera instead of regular MariaDB.
+ type: boolean
+ ControllerEnableCephStorage:
+ default: false
+ description: Whether to deploy Ceph Storage (OSD) on the Controller
+ type: boolean
+ ControllerEnableSwiftStorage:
+ default: true
+ description: Whether to enable Swift Storage on the Controller
+ type: boolean
+ ExtraConfig:
+ default: {}
+ description: |
+ Additional configuration to inject into the cluster. The format required
+ may be implementation specific, e.g puppet hieradata. Any role specific
+ ExtraConfig, e.g controllerExtraConfig takes precedence over ExtraConfig.
+ type: json
+ FencingConfig:
+ default: {}
+ description: |
+ Pacemaker fencing configuration. The JSON should have
+ the following structure:
+ {
+ "devices": [
+ {
+ "agent": "AGENT_NAME",
+ "host_mac": "HOST_MAC_ADDRESS",
+ "params": {"PARAM_NAME": "PARAM_VALUE"}
+ }
+ ]
+ }
+ For instance:
+ {
+ "devices": [
+ {
+ "agent": "fence_xvm",
+ "host_mac": "52:54:00:aa:bb:cc",
+ "params": {
+ "multicast_address": "225.0.0.12",
+ "port": "baremetal_0",
+ "manage_fw": true,
+ "manage_key_file": true,
+ "key_file": "/etc/fence_xvm.key",
+ "key_file_password": "abcdef"
+ }
+ }
+ ]
+ }
+ type: json
+ GlanceLogFile:
+ description: The filepath of the file to use for logging messages from Glance.
+ type: string
+ default: ''
+ GlanceNotifierStrategy:
+ description: Strategy to use for Glance notification queue
+ type: string
+ default: noop
+ GlancePassword:
+ default: unset
+ description: The password for the glance service account, used by the glance services.
+ type: string
+ hidden: true
+ GlanceBackend:
+ default: swift
+ description: The short name of the Glance backend to use. Should be one
+ of swift, rbd or file
+ type: string
+ constraints:
+ - allowed_values: ['swift', 'file', 'rbd']
+ HeatPassword:
+ default: unset
+ description: The password for the Heat service account, used by the Heat services.
+ type: string
+ hidden: true
+ HeatStackDomainAdminPassword:
+ description: Password for heat_domain_admin user.
+ type: string
+ default: ''
+ hidden: true
+ InstanceNameTemplate:
+ default: 'instance-%08x'
+ description: Template string to be used to generate instance names
+ type: string
+ KeystoneCACertificate:
+ default: ''
+ description: Keystone self-signed certificate authority certificate.
+ type: string
+ KeystoneSigningCertificate:
+ default: ''
+ description: Keystone certificate for verifying token validity.
+ type: string
+ KeystoneSigningKey:
+ default: ''
+ description: Keystone key for signing tokens.
+ type: string
+ hidden: true
+ KeystoneSSLCertificate:
+ default: ''
+ description: Keystone certificate for verifying token validity.
+ type: string
+ KeystoneSSLCertificateKey:
+ default: ''
+ description: Keystone key for signing tokens.
+ type: string
+ hidden: true
+ KeystoneNotificationDriver:
+ description: Comma-separated list of Oslo notification drivers used by Keystone
+ default: ['messaging']
+ type: comma_delimited_list
+ KeystoneNotificationFormat:
+ description: The Keystone notification format
+ default: 'basic'
+ type: string
+ constraints:
+ - allowed_values: [ 'basic', 'cadf' ]
+ ManageFirewall:
+ default: false
+ description: Whether to manage IPtables rules.
+ type: boolean
+ PurgeFirewallRules:
+ default: false
+ description: Whether IPtables rules should be purged before setting up the ones.
+ type: boolean
+ MysqlInnodbBufferPoolSize:
+ description: >
+ Specifies the size of the buffer pool in megabytes. Setting to
+ zero should be interpreted as "no value" and will defer to the
+ lower level default.
+ type: number
+ default: 0
+ MysqlMaxConnections:
+ description: Configures MySQL max_connections config setting
+ type: number
+ default: 4096
+ NeutronDnsmasqOptions:
+ default: 'dhcp-option-force=26,1400'
+ description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the tunnel overhead.
+ type: string
+ NeutronPublicInterfaceDefaultRoute:
+ default: ''
+ description: A custom default route for the NeutronPublicInterface.
+ type: string
+ NeutronPublicInterfaceIP:
+ default: ''
+ description: A custom IP address to put onto the NeutronPublicInterface.
+ type: string
+ NeutronPublicInterfaceRawDevice:
+ default: ''
+ description: If set, the public interface is a vlan with this device as the raw device.
+ type: string
+ PublicVirtualInterface:
+ default: 'br-ex'
+ description: >
+ Specifies the interface where the public-facing virtual ip will be assigned.
+ This should be int_public when a VLAN is being used.
+ type: string
+ SwiftHashSuffix:
+ default: unset
+ description: A random string to be used as a salt when hashing to determine mappings in the ring.
+ type: string
+ hidden: true
+ SwiftPassword:
+ default: unset
+ description: The password for the swift service account, used by the swift proxy services.
+ type: string
+ hidden: true
+ SwiftMountCheck:
+ default: 'false'
+ description: Value of mount_check in Swift account/container/object -server.conf
+ type: boolean
+ SwiftMinPartHours:
+ type: number
+ default: 1
+ description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
+ SwiftPartPower:
+ default: 10
+ description: Partition Power to use when building Swift rings
+ type: number
+ SwiftReplicas:
+ type: number
+ default: 3
+ description: How many replicas to use in the swift rings.
+
+# Compute-specific params
+ CeilometerComputeAgent:
+ description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
+ type: string
+ default: ''
+ constraints:
+ - allowed_values: ['', Present]
+ ComputeCount:
+ type: number
+ default: 1
+ HypervisorNeutronPhysicalBridge:
+ default: 'br-ex'
+ description: >
+ An OVS bridge to create on each hypervisor. This defaults to br-ex the
+ same as the control plane nodes, as we have a uniform configuration of
+ the openvswitch agent. Typically should not need to be changed.
+ type: string
+ HypervisorNeutronPublicInterface:
+ default: nic1
+ description: What interface to add to the HypervisorNeutronPhysicalBridge.
+ type: string
+ NeutronNetworkVLANRanges:
+ default: 'datacentre'
+ description: >
+ The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
+ Neutron documentation for permitted values. Defaults to permitting any
+ VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
+ type: comma_delimited_list
+ NovaComputeDriver:
+ type: string
+ default: libvirt.LibvirtDriver
+ NovaComputeExtraConfig:
+ default: {}
+ description: |
+ NovaCompute specific configuration to inject into the cluster. Same
+ structure as ExtraConfig.
+ type: json
+ NovaComputeLibvirtType:
+ default: ''
+ type: string
+ NovaComputeLibvirtVifDriver:
+ default: ''
+ description: Libvirt VIF driver configuration for the network
+ type: string
+ NovaEnableRbdBackend:
+ default: false
+ description: Whether to enable or not the Rbd backend for Nova
+ type: boolean
+ NovaImage:
+ type: string
+ default: overcloud-compute
+ constraints:
+ - custom_constraint: glance.image
+ NovaOVSBridge:
+ default: 'br-int'
+ description: Name of integration bridge used by Open vSwitch
+ type: string
+ NovaSecurityGroupAPI:
+ default: 'neutron'
+ description: The full class name of the security API class
+ type: string
+ OvercloudComputeFlavor:
+ description: Use this flavor
+ type: string
+ constraints:
+ - custom_constraint: nova.flavor
+ ServiceNetMap:
+ default:
+ NeutronTenantNetwork: tenant
+ CeilometerApiNetwork: internal_api
+ MongoDbNetwork: internal_api
+ CinderApiNetwork: internal_api
+ CinderIscsiNetwork: storage
+ GlanceApiNetwork: storage
+ GlanceRegistryNetwork: internal_api
+ KeystoneAdminApiNetwork: ctlplane # allows undercloud to config endpoints
+ KeystonePublicApiNetwork: internal_api
+ NeutronApiNetwork: internal_api
+ HeatApiNetwork: internal_api
+ NovaApiNetwork: internal_api
+ NovaMetadataNetwork: internal_api
+ NovaVncProxyNetwork: internal_api
+ SwiftMgmtNetwork: storage_mgmt
+ SwiftProxyNetwork: storage
+ HorizonNetwork: internal_api
+ MemcachedNetwork: internal_api
+ RabbitMqNetwork: internal_api
+ RedisNetwork: internal_api
+ MysqlNetwork: internal_api
+ CephClusterNetwork: storage_mgmt
+ CephPublicNetwork: storage
+ ControllerHostnameResolveNetwork: internal_api
+ ComputeHostnameResolveNetwork: internal_api
+ BlockStorageHostnameResolveNetwork: internal_api
+ ObjectStorageHostnameResolveNetwork: internal_api
+ CephStorageHostnameResolveNetwork: storage
+ description: Mapping of service_name -> network name. Typically set
+ via parameter_defaults in the resource registry.
+ type: json
+
+# Block storage specific parameters
+ BlockStorageCount:
+ type: number
+ default: 0
+ BlockStorageImage:
+ default: overcloud-cinder-volume
+ type: string
+ OvercloudBlockStorageFlavor:
+ description: Flavor for block storage nodes to request when deploying.
+ type: string
+ constraints:
+ - custom_constraint: nova.flavor
+ BlockStorageExtraConfig:
+ default: {}
+ description: |
+ BlockStorage specific configuration to inject into the cluster. Same
+ structure as ExtraConfig.
+ type: json
+
+# Object storage specific parameters
+ ObjectStorageCount:
+ type: number
+ default: 0
+ OvercloudSwiftStorageFlavor:
+ description: Flavor for Swift storage nodes to request when deploying.
+ type: string
+ constraints:
+ - custom_constraint: nova.flavor
+ SwiftStorageImage:
+ default: overcloud-swift-storage
+ type: string
+ ObjectStorageExtraConfig:
+ default: {}
+ description: |
+ ObjectStorage specific configuration to inject into the cluster. Same
+ structure as ExtraConfig.
+ type: json
+
+
+# Ceph storage specific parameters
+ CephStorageCount:
+ type: number
+ default: 0
+ CephStorageImage:
+ default: overcloud-ceph-storage
+ type: string
+ OvercloudCephStorageFlavor:
+ default: baremetal
+ description: Flavor for Ceph storage nodes to request when deploying.
+ type: string
+ constraints:
+ - custom_constraint: nova.flavor
+ CephStorageExtraConfig:
+ default: {}
+ description: |
+ CephStorage specific configuration to inject into the cluster. Same
+ structure as ExtraConfig.
+ type: json
+
+ # Hostname format for each role
+ # Note %index% is translated into the index of the node, e.g 0/1/2 etc
+ # and %stackname% is replaced with OS::stack_name in the template below.
+ # If you want to use the heat generated names, pass '' (empty string).
+ ControllerHostnameFormat:
+ type: string
+ description: Format for Controller node hostnames
+ default: '%stackname%-controller-%index%'
+ ComputeHostnameFormat:
+ type: string
+ description: Format for Compute node hostnames
+ default: '%stackname%-novacompute-%index%'
+ BlockStorageHostnameFormat:
+ type: string
+ description: Format for BlockStorage node hostnames
+ default: '%stackname%-blockstorage-%index%'
+ ObjectStorageHostnameFormat:
+ type: string
+ description: Format for SwiftStorage node hostnames
+ default: '%stackname%-objectstorage-%index%'
+ CephStorageHostnameFormat:
+ type: string
+ description: Format for CephStorage node hostnames
+ default: '%stackname%-cephstorage-%index%'
+
+ # Identifiers to trigger tasks on nodes
+ UpdateIdentifier:
+ default: ''
+ type: string
+ description: >
+ Setting to a previously unused value during stack-update will trigger
+ package update on all nodes
+ DeployIdentifier:
+ default: ''
+ type: string
+ description: >
+ Setting this to a unique value will re-run any deployment tasks which
+ perform configuration on a Heat stack-update.
+
+ # If you want to remove a specific node from a resource group, you can pass
+ # the node name or id as a <Group>RemovalPolicies parameter, for example:
+ # ComputeRemovalPolicies: [{'resource_list': ['0']}]
+ ControllerRemovalPolicies:
+ default: []
+ type: json
+ description: >
+ List of resources to be removed from ControllerResourceGroup when
+ doing an update which requires removal of specific resources.
+ ComputeRemovalPolicies:
+ default: []
+ type: json
+ description: >
+ List of resources to be removed from ComputeResourceGroup when
+ doing an update which requires removal of specific resources.
+ BlockStorageRemovalPolicies:
+ default: []
+ type: json
+ description: >
+ List of resources to be removed from BlockStorageResourceGroup when
+ doing an update which requires removal of specific resources.
+ ObjectStorageRemovalPolicies:
+ default: []
+ type: json
+ description: >
+ List of resources to be removed from ObjectStorageResourceGroup when
+ doing an update which requires removal of specific resources.
+ CephStorageRemovalPolicies:
+ default: []
+ type: json
+ description: >
+ List of resources to be removed from CephStorageResourceGroup when
+ doing an update which requires removal of specific resources.
+
+
+resources:
+
+ HeatAuthEncryptionKey:
+ type: OS::Heat::RandomString
+
+ PcsdPassword:
+ type: OS::Heat::RandomString
+ properties:
+ length: 16
+
+ HorizonSecret:
+ type: OS::Heat::RandomString
+ properties:
+ length: 10
+
+ EndpointMap:
+ type: OS::TripleO::EndpointMap
+ properties:
+ CloudName: {get_param: CloudName}
+ CeilometerApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
+ CinderApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
+ GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
+ GlanceRegistryVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
+ HeatApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
+ KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
+ KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
+ MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
+ NeutronApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
+ NovaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
+ SwiftProxyVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
+ PublicVirtualIP: {get_attr: [VipMap, net_ip_map, external]}
+
+ Controller:
+ type: OS::Heat::ResourceGroup
+ depends_on: Networks
+ properties:
+ count: {get_param: ControllerCount}
+ removal_policies: {get_param: ControllerRemovalPolicies}
+ resource_def:
+ type: OS::TripleO::Controller
+ properties:
+ AdminPassword: {get_param: AdminPassword}
+ AdminToken: {get_param: AdminToken}
+ CeilometerBackend: {get_param: CeilometerBackend}
+ CeilometerMeteringSecret: {get_param: CeilometerMeteringSecret}
+ CeilometerPassword: {get_param: CeilometerPassword}
+ CinderLVMLoopDeviceSize: {get_param: CinderLVMLoopDeviceSize}
+ CinderNfsMountOptions: {get_param: CinderNfsMountOptions}
+ CinderNfsServers: {get_param: CinderNfsServers}
+ CinderPassword: {get_param: CinderPassword}
+ CinderISCSIHelper: {get_param: CinderISCSIHelper}
+ CinderEnableNfsBackend: {get_param: CinderEnableNfsBackend}
+ CinderEnableIscsiBackend: {get_param: CinderEnableIscsiBackend}
+ CinderEnableRbdBackend: {get_param: CinderEnableRbdBackend}
+ CloudName: {get_param: CloudName}
+ CloudDomain: {get_param: CloudDomain}
+ ControlVirtualInterface: {get_param: ControlVirtualInterface}
+ ControllerExtraConfig: {get_param: controllerExtraConfig}
+ Debug: {get_param: Debug}
+ EnableFencing: {get_param: EnableFencing}
+ ManageFirewall: {get_param: ManageFirewall}
+ PurgeFirewallRules: {get_param: PurgeFirewallRules}
+ EnableGalera: {get_param: EnableGalera}
+ EnableCephStorage: {get_param: ControllerEnableCephStorage}
+ EnableSwiftStorage: {get_param: ControllerEnableSwiftStorage}
+ ExtraConfig: {get_param: ExtraConfig}
+ FencingConfig: {get_param: FencingConfig}
+ Flavor: {get_param: OvercloudControlFlavor}
+ GlancePassword: {get_param: GlancePassword}
+ GlanceBackend: {get_param: GlanceBackend}
+ GlanceNotifierStrategy: {get_param: GlanceNotifierStrategy}
+ GlanceLogFile: {get_param: GlanceLogFile}
+ HAProxySyslogAddress: {get_param: HAProxySyslogAddress}
+ HeatPassword: {get_param: HeatPassword}
+ HeatStackDomainAdminPassword: {get_param: HeatStackDomainAdminPassword}
+ HeatAuthEncryptionKey: {get_resource: HeatAuthEncryptionKey}
+ HorizonAllowedHosts: {get_param: HorizonAllowedHosts}
+ HorizonSecret: {get_resource: HorizonSecret}
+ Image: {get_param: controllerImage}
+ ImageUpdatePolicy: {get_param: ImageUpdatePolicy}
+ InstanceNameTemplate: {get_param: InstanceNameTemplate}
+ KeyName: {get_param: KeyName}
+ KeystoneCACertificate: {get_param: KeystoneCACertificate}
+ KeystoneSigningCertificate: {get_param: KeystoneSigningCertificate}
+ KeystoneSigningKey: {get_param: KeystoneSigningKey}
+ KeystoneSSLCertificate: {get_param: KeystoneSSLCertificate}
+ KeystoneSSLCertificateKey: {get_param: KeystoneSSLCertificateKey}
+ KeystoneNotificationDriver: {get_param: KeystoneNotificationDriver}
+ KeystoneNotificationFormat: {get_param: KeystoneNotificationFormat}
+ MysqlClusterUniquePart: {get_attr: [MysqlClusterUniquePart, value]}
+ MysqlInnodbBufferPoolSize: {get_param: MysqlInnodbBufferPoolSize}
+ MysqlMaxConnections: {get_param: MysqlMaxConnections}
+ MysqlRootPassword: {get_attr: [MysqlRootPassword, value]}
+ NeutronPublicInterfaceIP: {get_param: NeutronPublicInterfaceIP}
+ NeutronFlatNetworks: {get_param: NeutronFlatNetworks}
+ NeutronBridgeMappings: {get_param: NeutronBridgeMappings}
+ NeutronExternalNetworkBridge: {get_param: NeutronExternalNetworkBridge}
+ NeutronEnableIsolatedMetadata: {get_param: NeutronEnableIsolatedMetadata}
+ NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling}
+ NeutronEnableL2Pop: {get_param: NeutronEnableL2Pop}
+ NeutronNetworkVLANRanges: {get_param: NeutronNetworkVLANRanges}
+ NeutronPublicInterface: {get_param: NeutronPublicInterface}
+ NeutronPublicInterfaceDefaultRoute: {get_param: NeutronPublicInterfaceDefaultRoute}
+ NeutronPublicInterfaceRawDevice: {get_param: NeutronPublicInterfaceRawDevice}
+ NeutronPassword: {get_param: NeutronPassword}
+ NeutronDnsmasqOptions: {get_param: NeutronDnsmasqOptions}
+ NeutronDVR: {get_param: NeutronDVR}
+ NeutronMetadataProxySharedSecret: {get_param: NeutronMetadataProxySharedSecret}
+ NeutronAgentMode: {get_param: NeutronAgentMode}
+ NeutronCorePlugin: {get_param: NeutronCorePlugin}
+ NeutronServicePlugins: {get_param: NeutronServicePlugins}
+ NeutronTypeDrivers: {get_param: NeutronTypeDrivers}
+ NeutronMechanismDrivers: {get_param: NeutronMechanismDrivers}
+ NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover}
+ NeutronL3HA: {get_param: NeutronL3HA}
+ NeutronDhcpAgentsPerNetwork: {get_param: NeutronDhcpAgentsPerNetwork}
+ NeutronNetworkType: {get_param: NeutronNetworkType}
+ NeutronTunnelTypes: {get_param: NeutronTunnelTypes}
+ NovaPassword: {get_param: NovaPassword}
+ NtpServer: {get_param: NtpServer}
+ MongoDbNoJournal: {get_param: MongoDbNoJournal}
+ PcsdPassword: {get_resource: PcsdPassword}
+ PublicVirtualInterface: {get_param: PublicVirtualInterface}
+ RabbitPassword: {get_param: RabbitPassword}
+ RabbitUserName: {get_param: RabbitUserName}
+ RabbitCookie: {get_attr: [RabbitCookie, value]}
+ RabbitClientUseSSL: {get_param: RabbitClientUseSSL}
+ RabbitClientPort: {get_param: RabbitClientPort}
+ RabbitFDLimit: {get_param: RabbitFDLimit}
+ SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
+ SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
+ RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]}
+ SwiftHashSuffix: {get_param: SwiftHashSuffix}
+ SwiftMountCheck: {get_param: SwiftMountCheck}
+ SwiftMinPartHours: {get_param: SwiftMinPartHours}
+ SwiftPartPower: {get_param: SwiftPartPower}
+ SwiftPassword: {get_param: SwiftPassword}
+ SwiftReplicas: { get_param: SwiftReplicas}
+ VirtualIP: {get_attr: [VipMap, net_ip_map, ctlplane]} # deprecated. Use per service VIP settings instead now.
+ PublicVirtualIP: {get_attr: [VipMap, net_ip_map, external]}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
+ CeilometerApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
+ CinderApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
+ HeatApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
+ GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
+ GlanceRegistryVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
+ NovaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
+ SwiftProxyVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
+ MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
+ KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
+ KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
+ NeutronApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
+ NovaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
+ UpdateIdentifier: {get_param: UpdateIdentifier}
+ Hostname:
+ str_replace:
+ template: {get_param: ControllerHostnameFormat}
+ params:
+ '%stackname%': {get_param: 'OS::stack_name'}
+ NodeIndex: '%index%'
+ ServerMetadata: {get_param: ServerMetadata}
+
+ Compute:
+ type: OS::Heat::ResourceGroup
+ depends_on: Networks
+ properties:
+ count: {get_param: ComputeCount}
+ removal_policies: {get_param: ComputeRemovalPolicies}
+ resource_def:
+ type: OS::TripleO::Compute
+ properties:
+ AdminPassword: {get_param: AdminPassword}
+ CeilometerComputeAgent: {get_param: CeilometerComputeAgent}
+ CeilometerMeteringSecret: {get_param: CeilometerMeteringSecret}
+ CeilometerPassword: {get_param: CeilometerPassword}
+ CinderEnableNfsBackend: {get_param: CinderEnableNfsBackend}
+ CinderEnableRbdBackend: {get_param: CinderEnableRbdBackend}
+ Debug: {get_param: Debug}
+ ExtraConfig: {get_param: ExtraConfig}
+ Flavor: {get_param: OvercloudComputeFlavor}
+ GlanceHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
+ Image: {get_param: NovaImage}
+ ImageUpdatePolicy: {get_param: ImageUpdatePolicy}
+ KeyName: {get_param: KeyName}
+ KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
+ KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
+ NeutronBridgeMappings: {get_param: NeutronBridgeMappings}
+ NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling}
+ NeutronEnableL2Pop : {get_param: NeutronEnableL2Pop}
+ NeutronFlatNetworks: {get_param: NeutronFlatNetworks}
+ NeutronHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
+ NeutronNetworkType: {get_param: NeutronNetworkType}
+ NeutronTunnelTypes: {get_param: NeutronTunnelTypes}
+ NeutronNetworkVLANRanges: {get_param: NeutronNetworkVLANRanges}
+ NeutronPassword: {get_param: NeutronPassword}
+ NeutronPhysicalBridge: {get_param: HypervisorNeutronPhysicalBridge}
+ NeutronPublicInterface: {get_param: HypervisorNeutronPublicInterface}
+ NeutronDVR: {get_param: NeutronDVR}
+ NeutronMetadataProxySharedSecret: {get_param: NeutronMetadataProxySharedSecret}
+ NeutronAgentMode: {get_param: NeutronComputeAgentMode}
+ NeutronPublicInterfaceRawDevice: {get_param: NeutronPublicInterfaceRawDevice}
+ NeutronCorePlugin: {get_param: NeutronCorePlugin}
+ NeutronServicePlugins: {get_param: NeutronServicePlugins}
+ NeutronTypeDrivers: {get_param: NeutronTypeDrivers}
+ NeutronMechanismDrivers: {get_param: NeutronMechanismDrivers}
+ # L3 HA and Failover is not relevant for Computes, should be removed
+ NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover}
+ NeutronL3HA: {get_param: NeutronL3HA}
+ NovaApiHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
+ NovaComputeDriver: {get_param: NovaComputeDriver}
+ NovaComputeExtraConfig: {get_param: NovaComputeExtraConfig}
+ NovaComputeLibvirtType: {get_param: NovaComputeLibvirtType}
+ NovaComputeLibvirtVifDriver: {get_param: NovaComputeLibvirtVifDriver}
+ NovaEnableRbdBackend: {get_param: NovaEnableRbdBackend}
+ NovaPublicIP: {get_attr: [VipMap, net_ip_map, external]}
+ NovaPassword: {get_param: NovaPassword}
+ NovaOVSBridge: {get_param: NovaOVSBridge}
+ NovaSecurityGroupAPI: {get_param: NovaSecurityGroupAPI}
+ NtpServer: {get_param: NtpServer}
+ RabbitHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
+ RabbitPassword: {get_param: RabbitPassword}
+ RabbitUserName: {get_param: RabbitUserName}
+ RabbitClientUseSSL: {get_param: RabbitClientUseSSL}
+ RabbitClientPort: {get_param: RabbitClientPort}
+ SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
+ SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
+ UpdateIdentifier: {get_param: UpdateIdentifier}
+ Hostname:
+ str_replace:
+ template: {get_param: ComputeHostnameFormat}
+ params:
+ '%stackname%': {get_param: 'OS::stack_name'}
+ CloudDomain: {get_param: CloudDomain}
+ ServerMetadata: {get_param: ServerMetadata}
+
+ BlockStorage:
+ type: OS::Heat::ResourceGroup
+ depends_on: Networks
+ properties:
+ count: {get_param: BlockStorageCount}
+ removal_policies: {get_param: BlockStorageRemovalPolicies}
+ resource_def:
+ type: OS::TripleO::BlockStorage
+ properties:
+ Debug: {get_param: Debug}
+ Image: {get_param: BlockStorageImage}
+ CinderISCSIHelper: {get_param: CinderISCSIHelper}
+ CinderLVMLoopDeviceSize: {get_param: CinderLVMLoopDeviceSize}
+ # Purpose of the dedicated BlockStorage nodes should be to use their local LVM
+ CinderEnableIscsiBackend: {get_param: CinderEnableIscsiBackend}
+ CinderPassword: {get_param: CinderPassword}
+ KeyName: {get_param: KeyName}
+ Flavor: {get_param: OvercloudBlockStorageFlavor}
+ VirtualIP: {get_attr: [VipMap, net_ip_map, ctlplane]}
+ GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
+ RabbitPassword: {get_param: RabbitPassword}
+ RabbitUserName: {get_param: RabbitUserName}
+ RabbitClientUseSSL: {get_param: RabbitClientUseSSL}
+ RabbitClientPort: {get_param: RabbitClientPort}
+ NtpServer: {get_param: NtpServer}
+ UpdateIdentifier: {get_param: UpdateIdentifier}
+ Hostname:
+ str_replace:
+ template: {get_param: BlockStorageHostnameFormat}
+ params:
+ '%stackname%': {get_param: 'OS::stack_name'}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
+ MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
+ ExtraConfig: {get_param: ExtraConfig}
+ BlockStorageExtraConfig: {get_param: BlockStorageExtraConfig}
+ CloudDomain: {get_param: CloudDomain}
+ ServerMetadata: {get_param: ServerMetadata}
+
+ ObjectStorage:
+ type: OS::Heat::ResourceGroup
+ depends_on: Networks
+ properties:
+ count: {get_param: ObjectStorageCount}
+ removal_policies: {get_param: ObjectStorageRemovalPolicies}
+ resource_def:
+ type: OS::TripleO::ObjectStorage
+ properties:
+ KeyName: {get_param: KeyName}
+ Flavor: {get_param: OvercloudSwiftStorageFlavor}
+ HashSuffix: {get_param: SwiftHashSuffix}
+ MountCheck: {get_param: SwiftMountCheck}
+ MinPartHours: {get_param: SwiftMinPartHours}
+ PartPower: {get_param: SwiftPartPower}
+ Image: {get_param: SwiftStorageImage}
+ Replicas: { get_param: SwiftReplicas}
+ NtpServer: {get_param: NtpServer}
+ UpdateIdentifier: {get_param: UpdateIdentifier}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ Hostname:
+ str_replace:
+ template: {get_param: ObjectStorageHostnameFormat}
+ params:
+ '%stackname%': {get_param: 'OS::stack_name'}
+ ExtraConfig: {get_param: ExtraConfig}
+ ObjectStorageExtraConfig: {get_param: ObjectStorageExtraConfig}
+ CloudDomain: {get_param: CloudDomain}
+ ServerMetadata: {get_param: ServerMetadata}
+
+ CephStorage:
+ type: OS::Heat::ResourceGroup
+ depends_on: Networks
+ properties:
+ count: {get_param: CephStorageCount}
+ removal_policies: {get_param: CephStorageRemovalPolicies}
+ resource_def:
+ type: OS::TripleO::CephStorage
+ properties:
+ Image: {get_param: CephStorageImage}
+ KeyName: {get_param: KeyName}
+ Flavor: {get_param: OvercloudCephStorageFlavor}
+ NtpServer: {get_param: NtpServer}
+ ServiceNetMap: {get_param: ServiceNetMap}
+ UpdateIdentifier: {get_param: UpdateIdentifier}
+ Hostname:
+ str_replace:
+ template: {get_param: CephStorageHostnameFormat}
+ params:
+ '%stackname%': {get_param: 'OS::stack_name'}
+ ExtraConfig: {get_param: ExtraConfig}
+ CephStorageExtraConfig: {get_param: CephStorageExtraConfig}
+ CloudDomain: {get_param: CloudDomain}
+ ServerMetadata: {get_param: ServerMetadata}
+
+ ControllerIpListMap:
+ type: OS::TripleO::Network::Ports::NetIpListMap
+ properties:
+ ControlPlaneIpList: {get_attr: [Controller, ip_address]}
+ ExternalIpList: {get_attr: [Controller, external_ip_address]}
+ InternalApiIpList: {get_attr: [Controller, internal_api_ip_address]}
+ StorageIpList: {get_attr: [Controller, storage_ip_address]}
+ StorageMgmtIpList: {get_attr: [Controller, storage_mgmt_ip_address]}
+ TenantIpList: {get_attr: [Controller, tenant_ip_address]}
+
+ allNodesConfig:
+ type: OS::TripleO::AllNodes::SoftwareConfig
+ properties:
+ compute_hosts: {get_attr: [Compute, hosts_entry]}
+ controller_hosts: {get_attr: [Controller, hosts_entry]}
+ controller_ips: {get_attr: [Controller, ip_address]}
+ block_storage_hosts: {get_attr: [BlockStorage, hosts_entry]}
+ object_storage_hosts: {get_attr: [ObjectStorage, hosts_entry]}
+ ceph_storage_hosts: {get_attr: [CephStorage, hosts_entry]}
+ controller_names: {get_attr: [Controller, hostname]}
+ rabbit_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
+ mongo_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
+ redis_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
+ memcache_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
+ mysql_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
+ horizon_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
+ heat_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
+ swift_proxy_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
+ ceilometer_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
+ nova_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
+ nova_metadata_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
+ glance_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
+ glance_registry_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
+ cinder_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
+ neutron_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
+ keystone_public_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
+ keystone_admin_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
+
+ MysqlRootPassword:
+ type: OS::Heat::RandomString
+ properties:
+ length: 10
+
+ MysqlClusterUniquePart:
+ type: OS::Heat::RandomString
+ properties:
+ length: 10
+
+ RabbitCookie:
+ type: OS::Heat::RandomString
+ properties:
+ length: 20
+ salt: {get_param: RabbitCookieSalt}
+
+ # creates the network architecture
+ Networks:
+ type: OS::TripleO::Network
+
+ ControlVirtualIP:
+ type: OS::Neutron::Port
+ depends_on: Networks
+ properties:
+ name: control_virtual_ip
+ network: {get_param: NeutronControlPlaneID}
+ fixed_ips: {get_param: ControlFixedIPs}
+ replacement_policy: AUTO
+
+ RedisVirtualIP:
+ depends_on: Networks
+ type: OS::TripleO::Controller::Ports::RedisVipPort
+ properties:
+ ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+ ControlPlaneNetwork: {get_param: NeutronControlPlaneID}
+ PortName: redis_virtual_ip
+ NetworkName: {get_param: [ServiceNetMap, RedisNetwork]}
+
+ # The public VIP is on the External net, falls back to ctlplane
+ PublicVirtualIP:
+ depends_on: Networks
+ type: OS::TripleO::Controller::Ports::ExternalPort
+ properties:
+ ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+ ControlPlaneNetwork: {get_param: NeutronControlPlaneID}
+ PortName: public_virtual_ip
+ FixedIPs: {get_param: PublicVirtualFixedIPs}
+
+ InternalApiVirtualIP:
+ depends_on: Networks
+ type: OS::TripleO::Controller::Ports::InternalApiPort
+ properties:
+ ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+ PortName: internal_api_virtual_ip
+
+ StorageVirtualIP:
+ depends_on: Networks
+ type: OS::TripleO::Controller::Ports::StoragePort
+ properties:
+ ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+ PortName: storage_virtual_ip
+
+ StorageMgmtVirtualIP:
+ depends_on: Networks
+ type: OS::TripleO::Controller::Ports::StorageMgmtPort
+ properties:
+ ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+ PortName: storage_management_virtual_ip
+
+ VipMap:
+ type: OS::TripleO::Network::Ports::NetVipMap
+ properties:
+ ControlPlaneIp: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
+ ExternalIp: {get_attr: [PublicVirtualIP, ip_address]}
+ InternalApiIp: {get_attr: [InternalApiVirtualIP, ip_address]}
+ StorageIp: {get_attr: [StorageVirtualIP, ip_address]}
+ StorageMgmtIp: {get_attr: [StorageMgmtVirtualIP, ip_address]}
+ # No tenant VIP required
+
+ VipConfig:
+ type: OS::TripleO::VipConfig
+
+ VipDeployment:
+ type: OS::Heat::StructuredDeployments
+ properties:
+ config: {get_resource: VipConfig}
+ servers: {get_attr: [Controller, attributes, nova_server_resource]}
+ input_values:
+ # service VIP mappings
+ keystone_admin_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
+ keystone_public_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
+ neutron_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
+ cinder_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
+ glance_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
+ glance_registry_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
+ swift_proxy_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
+ nova_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
+ nova_metadata_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
+ ceilometer_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
+ heat_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
+ horizon_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
+ redis_vip: {get_attr: [RedisVirtualIP, ip_address]}
+ mysql_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
+ rabbit_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
+ # direct configuration of Virtual IPs for each network
+ control_virtual_ip: {get_attr: [VipMap, net_ip_map, ctlplane]}
+ public_virtual_ip: {get_attr: [VipMap, net_ip_map, external]}
+ internal_api_virtual_ip: {get_attr: [VipMap, net_ip_map, internal_api]}
+ storage_virtual_ip: {get_attr: [VipMap, net_ip_map, storage]}
+ storage_mgmt_virtual_ip: {get_attr: [VipMap, net_ip_map, storage_mgmt]}
+
+ ControllerBootstrapNodeConfig:
+ type: OS::TripleO::BootstrapNode::SoftwareConfig
+ properties:
+ bootstrap_nodeid: {get_attr: [Controller, resource.0.hostname]}
+ bootstrap_nodeid_ip: {get_attr: [Controller, resource.0.ip_address]}
+
+ ControllerBootstrapNodeDeployment:
+ type: OS::Heat::StructuredDeployments
+ properties:
+ config: {get_attr: [ControllerBootstrapNodeConfig, config_id]}
+ servers: {get_attr: [Controller, attributes, nova_server_resource]}
+
+ ControllerSwiftDeployment:
+ type: OS::Heat::StructuredDeployments
+ properties:
+ config: {get_attr: [SwiftDevicesAndProxyConfig, config_id]}
+ servers: {get_attr: [Controller, attributes, nova_server_resource]}
+
+ ObjectStorageSwiftDeployment:
+ type: OS::Heat::StructuredDeployments
+ properties:
+ config: {get_attr: [SwiftDevicesAndProxyConfig, config_id]}
+ servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
+
+ SwiftDevicesAndProxyConfig:
+ type: OS::TripleO::SwiftDevicesAndProxy::SoftwareConfig
+ properties:
+ controller_swift_devices: {get_attr: [Controller, swift_device]}
+ object_store_swift_devices: {get_attr: [ObjectStorage, swift_device]}
+ controller_swift_proxy_memcaches: {get_attr: [Controller, swift_proxy_memcache]}
+
+ ComputeCephDeployment:
+ type: OS::Heat::StructuredDeployments
+ properties:
+ config: {get_attr: [CephClusterConfig, config_id]}
+ servers: {get_attr: [Compute, attributes, nova_server_resource]}
+
+ ControllerCephDeployment:
+ type: OS::Heat::StructuredDeployments
+ properties:
+ config: {get_attr: [CephClusterConfig, config_id]}
+ servers: {get_attr: [Controller, attributes, nova_server_resource]}
+
+ CephStorageCephDeployment:
+ type: OS::Heat::StructuredDeployments
+ properties:
+ config: {get_attr: [CephClusterConfig, config_id]}
+ servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
+
+ CephClusterConfig:
+ type: OS::TripleO::CephClusterConfig::SoftwareConfig
+ properties:
+ ceph_storage_count: {get_param: CephStorageCount}
+ ceph_fsid: {get_param: CephClusterFSID}
+ ceph_mon_key: {get_param: CephMonKey}
+ ceph_admin_key: {get_param: CephAdminKey}
+ ceph_client_key: {get_param: CephClientKey}
+ ceph_external_mon_ips: {get_param: CephExternalMonHost}
+ ceph_mon_names: {get_attr: [Controller, hostname]}
+ ceph_mon_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
+
+ ControllerClusterConfig:
+ type: OS::Heat::StructuredConfig
+ properties:
+ group: os-apply-config
+ config:
+ corosync:
+ nodes: {get_attr: [Controller, corosync_node]}
+ horizon:
+ caches:
+ memcached:
+ nodes: {get_attr: [Controller, hostname]}
+ mysql:
+ nodes: {get_attr: [Controller, corosync_node]}
+ haproxy:
+ nodes: {get_attr: [Controller, corosync_node]}
+
+ ControllerClusterDeployment:
+ type: OS::Heat::StructuredDeployments
+ properties:
+ config: {get_resource: ControllerClusterConfig}
+ servers: {get_attr: [Controller, attributes, nova_server_resource]}
+
+ ControllerAllNodesDeployment:
+ type: OS::Heat::StructuredDeployments
+ properties:
+ config: {get_attr: [allNodesConfig, config_id]}
+ servers: {get_attr: [Controller, attributes, nova_server_resource]}
+
+ ComputeAllNodesDeployment:
+ type: OS::Heat::StructuredDeployments
+ properties:
+ config: {get_attr: [allNodesConfig, config_id]}
+ servers: {get_attr: [Compute, attributes, nova_server_resource]}
+
+ BlockStorageAllNodesDeployment:
+ type: OS::Heat::StructuredDeployments
+ properties:
+ config: {get_attr: [allNodesConfig, config_id]}
+ servers: {get_attr: [BlockStorage, attributes, nova_server_resource]}
+
+ ObjectStorageAllNodesDeployment:
+ type: OS::Heat::StructuredDeployments
+ properties:
+ config: {get_attr: [allNodesConfig, config_id]}
+ servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
+
+ CephStorageAllNodesDeployment:
+ type: OS::Heat::StructuredDeployments
+ properties:
+ config: {get_attr: [allNodesConfig, config_id]}
+ servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
+
+ # All Nodes Validations
+ AllNodesValidationConfig:
+ type: OS::TripleO::AllNodes::Validation
+ properties:
+ PingTestIps:
+ list_join:
+ - ' '
+ - - {get_attr: [Controller, resource.0.external_ip_address]}
+ - {get_attr: [Controller, resource.0.internal_api_ip_address]}
+ - {get_attr: [Controller, resource.0.storage_ip_address]}
+ - {get_attr: [Controller, resource.0.storage_mgmt_ip_address]}
+ - {get_attr: [Controller, resource.0.tenant_ip_address]}
+
+ ControllerAllNodesValidationDeployment:
+ type: OS::Heat::StructuredDeployments
+ depends_on: ControllerAllNodesDeployment
+ properties:
+ config: {get_resource: AllNodesValidationConfig}
+ servers: {get_attr: [Controller, attributes, nova_server_resource]}
+
+ ComputeAllNodesValidationDeployment:
+ type: OS::Heat::StructuredDeployments
+ depends_on: ComputeAllNodesDeployment
+ properties:
+ config: {get_resource: AllNodesValidationConfig}
+ servers: {get_attr: [Compute, attributes, nova_server_resource]}
+
+ BlockStorageAllNodesValidationDeployment:
+ type: OS::Heat::StructuredDeployments
+ depends_on: BlockStorageAllNodesDeployment
+ properties:
+ config: {get_resource: AllNodesValidationConfig}
+ servers: {get_attr: [BlockStorage, attributes, nova_server_resource]}
+
+ ObjectStorageAllNodesValidationDeployment:
+ type: OS::Heat::StructuredDeployments
+ depends_on: ObjectStorageAllNodesDeployment
+ properties:
+ config: {get_resource: AllNodesValidationConfig}
+ servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
+
+ CephStorageAllNodesValidationDeployment:
+ type: OS::Heat::StructuredDeployments
+ depends_on: CephStorageAllNodesDeployment
+ properties:
+ config: {get_resource: AllNodesValidationConfig}
+ servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
+
+ # Optional ExtraConfig for all nodes - all roles are passed in here, but
+ # the nested template may configure each role differently (or not at all)
+ AllNodesExtraConfig:
+ type: OS::TripleO::AllNodesExtraConfig
+ properties:
+ controller_servers: {get_attr: [Controller, attributes, nova_server_resource]}
+ compute_servers: {get_attr: [Compute, attributes, nova_server_resource]}
+ blockstorage_servers: {get_attr: [BlockStorage, attributes, nova_server_resource]}
+ objectstorage_servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
+ cephstorage_servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
+
+ # Nested stack deployment runs after all other controller deployments
+ ControllerNodesPostDeployment:
+ type: OS::TripleO::ControllerPostDeployment
+ depends_on: [ControllerBootstrapNodeDeployment, ControllerAllNodesDeployment, ControllerSwiftDeployment, ControllerCephDeployment]
+ properties:
+ servers: {get_attr: [Controller, attributes, nova_server_resource]}
+ NodeConfigIdentifiers:
+ allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]}
+ controller_config: {get_attr: [Controller, attributes, config_identifier]}
+ deployment_identifier: {get_param: DeployIdentifier}
+
+ ComputeNodesPostDeployment:
+ type: OS::TripleO::ComputePostDeployment
+ depends_on: [ComputeAllNodesDeployment, ComputeCephDeployment]
+ properties:
+ servers: {get_attr: [Compute, attributes, nova_server_resource]}
+ NodeConfigIdentifiers:
+ allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]}
+ compute_config: {get_attr: [Compute, attributes, config_identifier]}
+ deployment_identifier: {get_param: DeployIdentifier}
+
+ ObjectStorageNodesPostDeployment:
+ type: OS::TripleO::ObjectStoragePostDeployment
+ depends_on: [ObjectStorageSwiftDeployment, ObjectStorageAllNodesDeployment]
+ properties:
+ servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
+ NodeConfigIdentifiers:
+ allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]}
+ objectstorage_config: {get_attr: [ObjectStorage, attributes, config_identifier]}
+ deployment_identifier: {get_param: DeployIdentifier}
+
+ BlockStorageNodesPostDeployment:
+ type: OS::TripleO::BlockStoragePostDeployment
+ depends_on: [ControllerNodesPostDeployment, BlockStorageAllNodesDeployment]
+ properties:
+ servers: {get_attr: [BlockStorage, attributes, nova_server_resource]}
+ NodeConfigIdentifiers:
+ allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]}
+ blockstorage_config: {get_attr: [BlockStorage, attributes, config_identifier]}
+ deployment_identifier: {get_param: DeployIdentifier}
+
+ CephStorageNodesPostDeployment:
+ type: OS::TripleO::CephStoragePostDeployment
+ depends_on: [ControllerNodesPostDeployment, CephStorageCephDeployment, CephStorageAllNodesDeployment]
+ properties:
+ servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
+ NodeConfigIdentifiers:
+ allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]}
+ cephstorage_config: {get_attr: [CephStorage, attributes, config_identifier]}
+ deployment_identifier: {get_param: DeployIdentifier}
+
+outputs:
+ KeystoneURL:
+ description: URL for the Overcloud Keystone service
+ value: {get_attr: [EndpointMap, endpoint_map, KeystonePublic, uri]}
+ KeystoneAdminVip:
+ description: Keystone Admin VIP endpoint
+ value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
+ PublicVip:
+ description: Controller VIP for public API endpoints
+ value: {get_attr: [VipMap, net_ip_map, external]}
+ CeilometerInternalVip:
+ description: VIP for Ceilometer API internal endpoint
+ value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
+ CinderInternalVip:
+ description: VIP for Cinder API internal endpoint
+ value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
+ GlanceInternalVip:
+ description: VIP for Glance API internal endpoint
+ value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
+ HeatInternalVip:
+ description: VIP for Heat API internal endpoint
+ value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
+ KeystoneInternalVip:
+ description: VIP for Keystone API internal endpoint
+ value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
+ NeutronInternalVip:
+ description: VIP for Neutron API internal endpoint
+ value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
+ NovaInternalVip:
+ description: VIP for Nova API internal endpoint
+ value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
+ SwiftInternalVip:
+ description: VIP for Swift Proxy internal endpoint
+ value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
diff --git a/puppet/ceph-storage.yaml b/puppet/ceph-storage.yaml
index 1dc20a50..b34d2c02 100644
--- a/puppet/ceph-storage.yaml
+++ b/puppet/ceph-storage.yaml
@@ -65,6 +65,12 @@ parameters:
description: >
The DNS domain used for the hosts. This should match the dhcp_domain
configured in the Undercloud neutron. Defaults to localdomain.
+ ServerMetadata:
+ default: {}
+ description: >
+ Extra properties or metadata passed to Nova for the created nodes in
+ the overcloud. It's accessible via the Nova metadata API.
+ type: json
resources:
@@ -80,6 +86,7 @@ resources:
user_data_format: SOFTWARE_CONFIG
user_data: {get_resource: UserData}
name: {get_param: Hostname}
+ metadata: {get_param: ServerMetadata}
# Combine the NodeAdminUserData and NodeUserData mime archives
UserData:
diff --git a/puppet/cinder-storage.yaml b/puppet/cinder-storage.yaml
index f1d25e78..82c0e814 100644
--- a/puppet/cinder-storage.yaml
+++ b/puppet/cinder-storage.yaml
@@ -118,6 +118,12 @@ parameters:
description: >
The DNS domain used for the hosts. This should match the dhcp_domain
configured in the Undercloud neutron. Defaults to localdomain.
+ ServerMetadata:
+ default: {}
+ description: >
+ Extra properties or metadata passed to Nova for the created nodes in
+ the overcloud. It's accessible via the Nova metadata API.
+ type: json
resources:
@@ -133,6 +139,7 @@ resources:
user_data_format: SOFTWARE_CONFIG
user_data: {get_resource: UserData}
name: {get_param: Hostname}
+ metadata: {get_param: ServerMetadata}
# Combine the NodeAdminUserData and NodeUserData mime archives
UserData:
diff --git a/puppet/compute.yaml b/puppet/compute.yaml
index c33373d1..42c6e276 100644
--- a/puppet/compute.yaml
+++ b/puppet/compute.yaml
@@ -297,6 +297,12 @@ parameters:
The DNS domain used for the hosts. This should match the dhcp_domain
configured in the Undercloud neutron. Defaults to localdomain.
+ ServerMetadata:
+ default: {}
+ description: >
+ Extra properties or metadata passed to Nova for the created nodes in
+ the overcloud. It's accessible via the Nova metadata API.
+ type: json
resources:
@@ -314,6 +320,7 @@ resources:
user_data_format: SOFTWARE_CONFIG
user_data: {get_resource: UserData}
name: {get_param: Hostname}
+ metadata: {get_param: ServerMetadata}
# Combine the NodeAdminUserData and NodeUserData mime archives
UserData:
@@ -466,6 +473,7 @@ resources:
neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
neutron_mechanism_drivers: {get_input: neutron_mechanism_drivers}
neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
+ keystone_public_api_virtual_ip: {get_input: keystone_vip}
admin_password: {get_input: admin_password}
ntp::servers: {get_input: ntp_servers}
tripleo::packages::enable_install: {get_input: enable_package_install}
@@ -557,6 +565,7 @@ resources:
neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
neutron_internal_url: {get_param: [EndpointMap, NeutronInternal, uri]}
neutron_admin_auth_url: {get_param: [EndpointMap, KeystoneAdmin, uri]}
+ keystone_vip: {get_param: KeystonePublicApiVirtualIP}
admin_password: {get_param: AdminPassword}
rabbit_username: {get_param: RabbitUserName}
rabbit_password: {get_param: RabbitPassword}
diff --git a/puppet/controller.yaml b/puppet/controller.yaml
index 2c1c18a3..97b5456b 100644
--- a/puppet/controller.yaml
+++ b/puppet/controller.yaml
@@ -240,6 +240,10 @@ parameters:
default: 'REBUILD_PRESERVE_EPHEMERAL'
description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
type: string
+ InstanceNameTemplate:
+ default: 'instance-%08x'
+ description: Template string to be used to generate instance names
+ type: string
KeyName:
default: default
description: Name of an existing EC2 KeyPair to enable SSH access to the instances
@@ -634,6 +638,12 @@ parameters:
description: >
The DNS domain used for the hosts. This should match the dhcp_domain
configured in the Undercloud neutron. Defaults to localdomain.
+ ServerMetadata:
+ default: {}
+ description: >
+ Extra properties or metadata passed to Nova for the created nodes in
+ the overcloud. It's accessible via the Nova metadata API.
+ type: json
resources:
@@ -649,6 +659,7 @@ resources:
user_data_format: SOFTWARE_CONFIG
user_data: {get_resource: UserData}
name: {get_param: Hostname}
+ metadata: {get_param: ServerMetadata}
# Combine the NodeAdminUserData and NodeUserData mime archives
UserData:
@@ -978,6 +989,7 @@ resources:
- '@'
- {get_param: MysqlVirtualIP}
- '/nova'
+ instance_name_template: {get_param: InstanceNameTemplate}
fencing_config: {get_param: FencingConfig}
pcsd_password: {get_param: PcsdPassword}
rabbit_username: {get_param: RabbitUserName}
@@ -1308,6 +1320,7 @@ resources:
nova::database_connection: {get_input: nova_dsn}
nova::glance_api_servers: {get_input: glance_api_servers}
nova::api::neutron_metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
+ nova::api::instance_name_template: {get_input: instance_name_template}
nova::network::neutron::neutron_admin_password: {get_input: neutron_password}
nova::network::neutron::neutron_url: {get_input: neutron_internal_url}
nova::network::neutron::neutron_admin_auth_url: {get_input: neutron_admin_auth_url}
diff --git a/puppet/hieradata/common.yaml b/puppet/hieradata/common.yaml
index 95f5ccb8..b4b51abf 100644
--- a/puppet/hieradata/common.yaml
+++ b/puppet/hieradata/common.yaml
@@ -7,6 +7,7 @@ ceilometer::agent::auth::auth_region: 'regionOne'
# changes in the tripleo-incubator keystone role setup
ceilometer::agent::auth::auth_tenant_name: 'admin'
+nova::api::admin_tenant_name: 'service'
nova::network::neutron::neutron_admin_tenant_name: 'service'
nova::network::neutron::neutron_admin_username: 'neutron'
nova::network::neutron::dhcp_domain: ''
diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml
index f42ddf6c..b0e6ae96 100644
--- a/puppet/hieradata/controller.yaml
+++ b/puppet/hieradata/controller.yaml
@@ -30,7 +30,6 @@ redis::sentinel::redis_host: "%{hiera('bootstrap_nodeid_ip')}"
redis::sentinel::notification_script: '/usr/local/bin/redis-notifications.sh'
# service tenant
-nova::api::admin_tenant_name: 'service'
glance::api::keystone_tenant: 'service'
glance::registry::keystone_tenant: 'service'
neutron::server::auth_tenant: 'service'
diff --git a/puppet/manifests/overcloud_controller_pacemaker.pp b/puppet/manifests/overcloud_controller_pacemaker.pp
index 1a66c5ea..8459f1a3 100644
--- a/puppet/manifests/overcloud_controller_pacemaker.pp
+++ b/puppet/manifests/overcloud_controller_pacemaker.pp
@@ -534,11 +534,12 @@ if hiera('step') >= 3 {
$glance_store = concat($http_store, $backend_store)
if $glance_backend == 'file' and hiera('glance_file_pcmk_manage', false) {
+ $secontext = 'context="system_u:object_r:glance_var_lib_t:s0"'
pacemaker::resource::filesystem { 'glance-fs':
device => hiera('glance_file_pcmk_device'),
directory => hiera('glance_file_pcmk_directory'),
fstype => hiera('glance_file_pcmk_fstype'),
- fsoptions => hiera('glance_file_pcmk_options', ''),
+ fsoptions => join([$secontext, hiera('glance_file_pcmk_options', '')],','),
clone_params => '',
}
}
diff --git a/puppet/swift-storage.yaml b/puppet/swift-storage.yaml
index fbb2b878..a8183f76 100644
--- a/puppet/swift-storage.yaml
+++ b/puppet/swift-storage.yaml
@@ -88,6 +88,12 @@ parameters:
description: >
The DNS domain used for the hosts. This should match the dhcp_domain
configured in the Undercloud neutron. Defaults to localdomain.
+ ServerMetadata:
+ default: {}
+ description: >
+ Extra properties or metadata passed to Nova for the created nodes in
+ the overcloud. It's accessible via the Nova metadata API.
+ type: json
resources:
@@ -103,6 +109,7 @@ resources:
user_data_format: SOFTWARE_CONFIG
user_data: {get_resource: UserData}
name: {get_param: Hostname}
+ metadata: {get_param: ServerMetadata}
# Combine the NodeAdminUserData and NodeUserData mime archives
UserData: