diff options
Diffstat (limited to 'os-apply-config/controller.yaml')
-rw-r--r-- | os-apply-config/controller.yaml | 1213 |
1 files changed, 0 insertions, 1213 deletions
diff --git a/os-apply-config/controller.yaml b/os-apply-config/controller.yaml deleted file mode 100644 index f289d9b5..00000000 --- a/os-apply-config/controller.yaml +++ /dev/null @@ -1,1213 +0,0 @@ -heat_template_version: 2015-04-30 - -description: > - OpenStack control plane node. Can be wrapped in a ResourceGroup for scaling. - -parameters: - AdminPassword: - default: unset - description: The password for the keystone admin account, used for monitoring, querying neutron etc. - type: string - hidden: true - AdminToken: - default: unset - description: The keystone auth secret and db password. - type: string - hidden: true - CeilometerBackend: - default: 'mongodb' - description: The ceilometer backend type. - type: string - CeilometerMeteringSecret: - default: unset - description: Secret shared by the ceilometer services. - type: string - hidden: true - CeilometerPassword: - default: unset - description: The password for the ceilometer service and db account. - type: string - hidden: true - CinderEnableNfsBackend: - default: false - description: Whether to enable or not the NFS backend for Cinder - type: boolean - CinderEnableIscsiBackend: - default: true - description: Whether to enable or not the Iscsi backend for Cinder - type: boolean - CinderEnableRbdBackend: - default: false - description: Whether to enable or not the Rbd backend for Cinder - type: boolean - CinderISCSIHelper: - default: tgtadm - description: The iSCSI helper to use with cinder. - type: string - CinderLVMLoopDeviceSize: - default: 5000 - description: The size of the loopback file used by the cinder LVM driver. - type: number - CinderNfsMountOptions: - default: '' - description: > - Mount options for NFS mounts used by Cinder NFS backend. Effective - when CinderEnableNfsBackend is true. - type: string - CinderNfsServers: - default: '' - description: > - NFS servers used by Cinder NFS backend. Effective when - CinderEnableNfsBackend is true. - type: comma_delimited_list - CinderPassword: - default: unset - description: The password for the cinder service and db account, used by cinder-api. - type: string - hidden: true - CloudName: - default: '' - description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org - type: string - ControllerExtraConfig: - default: {} - description: | - Controller specific configuration to inject into the cluster. Same - structure as ExtraConfig. - type: json - ControlVirtualInterface: - default: 'br-ex' - description: Interface where virtual ip will be assigned. - type: string - Debug: - default: '' - description: Set to True to enable debugging on all services. - type: string - EnableFencing: - default: false - description: Whether to enable fencing in Pacemaker or not. - type: boolean - EnableGalera: - default: true - description: Whether to use Galera instead of regular MariaDB. - type: boolean - EnableCephStorage: - default: false - description: Whether to deploy Ceph Storage (OSD) on the Controller - type: boolean - EnableSwiftStorage: - default: true - description: Whether to enable Swift Storage on the Controller - type: boolean - ExtraConfig: - default: {} - description: | - Additional configuration to inject into the cluster. The JSON should have - the following structure: - {"FILEKEY": - {"config": - [{"section": "SECTIONNAME", - "values": - [{"option": "OPTIONNAME", - "value": "VALUENAME" - } - ] - } - ] - } - } - For instance: - {"nova": - {"config": - [{"section": "default", - "values": - [{"option": "compute_manager", - "value": "ironic.nova.compute.manager.ClusterComputeManager" - } - ] - }, - {"section": "cells", - "values": - [{"option": "driver", - "value": "nova.cells.rpc_driver.CellsRPCDriver" - } - ] - } - ] - } - } - type: json - FencingConfig: - default: {} - description: | - Pacemaker fencing configuration. The JSON should have - the following structure: - { - "devices": [ - { - "agent": "AGENT_NAME", - "host_mac": "HOST_MAC_ADDRESS", - "params": {"PARAM_NAME": "PARAM_VALUE"} - } - ] - } - For instance: - { - "devices": [ - { - "agent": "fence_xvm", - "host_mac": "52:54:00:aa:bb:cc", - "params": { - "multicast_address": "225.0.0.12", - "port": "baremetal_0", - "manage_fw": true, - "manage_key_file": true, - "key_file": "/etc/fence_xvm.key", - "key_file_password": "abcdef" - } - } - ] - } - type: json - Flavor: - description: Flavor for control nodes to request when deploying. - type: string - constraints: - - custom_constraint: nova.flavor - GlanceNotifierStrategy: - description: Strategy to use for Glance notification queue - type: string - default: noop - GlanceLogFile: - description: The filepath of the file to use for logging messages from Glance. - type: string - default: '' - GlancePassword: - default: unset - description: The password for the glance service and db account, used by the glance services. - type: string - hidden: true - GlancePort: - default: "9292" - description: Glance port. - type: string - GlanceProtocol: - default: http - description: Protocol to use when connecting to glance, set to https for SSL. - type: string - GlanceBackend: - default: swift - description: The short name of the Glance backend to use. Should be one - of swift, rbd, or file - type: string - constraints: - - allowed_values: ['swift', 'file', 'rbd'] - HeatPassword: - default: unset - description: The password for the Heat service and db account, used by the Heat services. - type: string - hidden: true - HeatStackDomainAdminPassword: - description: Password for heat_domain_admin user. - type: string - default: '' - hidden: true - HeatAuthEncryptionKey: - description: Auth encryption key for heat-engine - type: string - hidden: true - HorizonSecret: - description: Secret key for Django - type: string - hidden: true - Image: - type: string - default: overcloud-control - constraints: - - custom_constraint: glance.image - ImageUpdatePolicy: - default: 'REBUILD_PRESERVE_EPHEMERAL' - description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt. - type: string - KeyName: - default: default - description: Name of an existing EC2 KeyPair to enable SSH access to the instances - type: string - constraints: - - custom_constraint: nova.keypair - KeystoneCACertificate: - default: '' - description: Keystone self-signed certificate authority certificate. - type: string - KeystoneSigningCertificate: - default: '' - description: Keystone certificate for verifying token validity. - type: string - KeystoneSigningKey: - default: '' - description: Keystone key for signing tokens. - type: string - hidden: true - KeystoneSSLCertificate: - default: '' - description: Keystone certificate for verifying token validity. - type: string - KeystoneSSLCertificateKey: - default: '' - description: Keystone key for signing tokens. - type: string - hidden: true - KeystoneNotificationDriver: - description: Comma-separated list of Oslo notification drivers used by Keystone - default: ['messaging'] - type: comma_delimited_list - KeystoneNotificationFormat: - description: The Keystone notification format - default: 'basic' - type: string - constraints: - - allowed_values: [ 'basic', 'cadf' ] - MysqlClusterUniquePart: - description: A unique identifier of the MySQL cluster the controller is in. - type: string - default: 'unset' # Has to be here because of the ignored empty value bug - # Drop the validation: https://bugs.launchpad.net/tripleo/+bug/1405446 - # constraints: - # - length: {min: 4, max: 10} - MysqlInnodbBufferPoolSize: - description: > - Specifies the size of the buffer pool in megabytes. Setting to - zero should be interpreted as "no value" and will defer to the - lower level default. - type: number - default: 0 - MysqlMaxConnections: - description: Configures MySQL max_connections config setting - type: number - default: 4096 - MysqlRootPassword: - type: string - hidden: true - default: '' # Has to be here because of the ignored empty value bug - NeutronExternalNetworkBridge: - description: Name of bridge used for external network traffic. - type: string - default: 'br-ex' - NeutronBridgeMappings: - description: > - The OVS logical->physical bridge mappings to use. See the Neutron - documentation for details. Defaults to mapping br-ex - the external - bridge on hosts - to a physical name 'datacentre' which can be used - to create provider networks (and we use this for the default floating - network) - if changing this either use different post-install network - scripts or be sure to keep 'datacentre' as a mapping network name. - type: string - default: "datacentre:br-ex" - NeutronDnsmasqOptions: - default: 'dhcp-option-force=26,1400' - description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead. - type: string - NeutronAgentMode: - default: 'dvr_snat' - description: Agent mode for the neutron-l3-agent on the controller hosts - type: string - NeutronDVR: - default: 'False' - description: Whether to configure Neutron Distributed Virtual Routers - type: string - NeutronMetadataProxySharedSecret: - default: 'unset' - description: Shared secret to prevent spoofing - type: string - hidden: true - NeutronCorePlugin: - default: 'ml2' - description: | - The core plugin for Neutron. The value should be the entrypoint to be loaded - from neutron.core_plugins namespace. - type: string - NeutronServicePlugins: - default: "router" - description: | - Comma-separated list of service plugin entrypoints to be loaded from the - neutron.service_plugins namespace. - type: comma_delimited_list - NeutronTypeDrivers: - default: "vxlan,vlan,flat,gre" - description: | - Comma-separated list of network type driver entrypoints to be loaded. - type: comma_delimited_list - NeutronMechanismDrivers: - default: 'openvswitch' - description: | - The mechanism drivers for the Neutron tenant network. To specify multiple - values, use a comma separated string, like so: 'openvswitch,l2_population' - type: string - NeutronAllowL3AgentFailover: - default: 'True' - description: Allow automatic l3-agent failover - type: string - NeutronL3HA: - default: 'False' - description: Whether to enable l3-agent HA - type: string - NeutronDhcpAgentsPerNetwork: - type: number - default: 3 - description: The number of neutron dhcp agents to schedule per network - NeutronEnableTunnelling: - type: string - default: "True" - NeutronFlatNetworks: - type: string - default: 'datacentre' - description: If set, flat networks to configure in neutron plugins. - NeutronNetworkType: - default: 'vxlan' - description: The tenant network type for Neutron, either gre or vxlan. - type: string - NeutronNetworkVLANRanges: - default: 'datacentre' - description: > - The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the - Neutron documentation for permitted values. Defaults to permitting any - VLAN on the 'datacentre' physical network (See NeutronBridgeMappings). - type: comma_delimited_list - NeutronPassword: - default: unset - description: The password for the neutron service and db account, used by neutron agents. - type: string - hidden: true - NeutronPublicInterface: - default: nic1 - description: What interface to bridge onto br-ex for network nodes. - type: string - NeutronPublicInterfaceTag: - default: '' - description: > - VLAN tag for creating a public VLAN. The tag will be used to - create an access port on the exterior bridge for each control plane node, - and that port will be given the IP address returned by neutron from the - public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling - overcloud.yaml to include the deployment of VLAN ports to the control - plane. - type: string - NeutronPublicInterfaceDefaultRoute: - default: '' - description: A custom default route for the NeutronPublicInterface. - type: string - NeutronPublicInterfaceIP: - default: '' - description: A custom IP address to put onto the NeutronPublicInterface. - type: string - NeutronPublicInterfaceRawDevice: - default: '' - description: If set, the public interface is a vlan with this device as the raw device. - type: string - NeutronTunnelTypes: - default: 'vxlan' - description: | - The tunnel types for the Neutron tenant network. To specify multiple - values, use a comma separated string, like so: 'gre,vxlan' - type: string - NeutronTunnelIdRanges: - description: | - Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges - of GRE tunnel IDs that are available for tenant network allocation - default: ["1:1000", ] - type: comma_delimited_list - NeutronVniRanges: - description: | - Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges - of VXLAN VNI IDs that are available for tenant network allocation - default: ["1:1000", ] - type: comma_delimited_list - NovaPassword: - default: unset - description: The password for the nova service and db account, used by nova-api. - type: string - hidden: true - MongoDbNoJournal: - default: false - description: Should MongoDb journaling be disabled - type: boolean - NtpServer: - type: string - default: '' - PcsdPassword: - type: string - description: The password for the 'pcsd' user. - hidden: true - PublicVirtualInterface: - default: 'br-ex' - description: > - Specifies the interface where the public-facing virtual ip will be assigned. - This should be int_public when a VLAN is being used. - type: string - PublicVirtualIP: - type: string - default: '' # Has to be here because of the ignored empty value bug - RabbitCookie: - type: string - default: '' # Has to be here because of the ignored empty value bug - hidden: true - RabbitPassword: - default: guest - description: The password for RabbitMQ - type: string - hidden: true - RabbitUserName: - default: guest - description: The username for RabbitMQ - type: string - RabbitClientUseSSL: - default: false - description: > - Rabbit client subscriber parameter to specify - an SSL connection to the RabbitMQ host. - type: string - RabbitClientPort: - default: 5672 - description: Set rabbit subscriber port, change this if using SSL - type: number - RabbitFDLimit: - default: 16384 - description: Configures RabbitMQ FD limit - type: string - RedisVirtualIP: - type: string - default: '' # Has to be here because of the ignored empty value bug - SnmpdReadonlyUserName: - default: ro_snmp_user - description: The user name for SNMPd with readonly rights running on all Overcloud nodes - type: string - SnmpdReadonlyUserPassword: - default: unset - description: The user password for SNMPd with readonly rights running on all Overcloud nodes - type: string - hidden: true - SSLCACertificate: - default: '' - description: If set, the contents of an SSL certificate authority file. - type: string - SSLCertificate: - default: '' - description: If set, the contents of an SSL certificate .crt file for encrypting SSL endpoints. - type: string - hidden: true - SSLKey: - default: '' - description: If set, the contents of an SSL certificate .key file for encrypting SSL endpoints. - type: string - hidden: true - SwiftHashSuffix: - default: unset - description: A random string to be used as a salt when hashing to determine mappings - in the ring. - hidden: true - type: string - SwiftMountCheck: - default: 'false' - description: Value of mount_check in Swift account/container/object -server.conf - type: boolean - SwiftMinPartHours: - type: number - default: 1 - description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance. - SwiftPartPower: - default: 10 - description: Partition Power to use when building Swift rings - type: number - SwiftPassword: - default: unset - description: The password for the swift service account, used by the swift proxy - services. - hidden: true - type: string - SwiftReplicas: - type: number - default: 3 - description: How many replicas to use in the swift rings. - VirtualIP: - type: string - default: '' # Has to be here because of the ignored empty value bug - HeatApiVirtualIP: - type: string - default: '' - GlanceApiVirtualIP: - type: string - default: '' - MysqlVirtualIP: - type: string - default: '' - KeystoneAdminApiVirtualIP: - type: string - default: '' - KeystonePublicApiVirtualIP: - type: string - default: '' - NeutronApiVirtualIP: - type: string - default: '' - ServiceNetMap: - default: {} - description: Mapping of service_name -> network name. Typically set - via parameter_defaults in the resource registry. - type: json - UpdateIdentifier: - default: '' - type: string - description: > - Setting to a previously unused value during stack-update will trigger - package update on all nodes - Hostname: - type: string - default: '' # Defaults to Heat created hostname - -resources: - - Controller: - type: OS::Nova::Server - properties: - image: {get_param: Image} - image_update_policy: {get_param: ImageUpdatePolicy} - flavor: {get_param: Flavor} - key_name: {get_param: KeyName} - networks: - - network: ctlplane - user_data_format: SOFTWARE_CONFIG - user_data: {get_resource: NodeUserData} - name: {get_param: Hostname} - - NodeUserData: - type: OS::TripleO::NodeUserData - - ExternalPort: - type: OS::TripleO::Controller::Ports::ExternalPort - properties: - ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} - - InternalApiPort: - type: OS::TripleO::Controller::Ports::InternalApiPort - properties: - ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} - - StoragePort: - type: OS::TripleO::Controller::Ports::StoragePort - properties: - ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} - - StorageMgmtPort: - type: OS::TripleO::Controller::Ports::StorageMgmtPort - properties: - ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} - - TenantPort: - type: OS::TripleO::Controller::Ports::TenantPort - properties: - ControlPlaneIP: {get_attr: [Controller, networks, ctlplane, 0]} - - NetworkConfig: - type: OS::TripleO::Controller::Net::SoftwareConfig - properties: - ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]} - ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]} - InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]} - StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]} - StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]} - TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]} - - NetworkDeployment: - type: OS::TripleO::SoftwareDeployment - properties: - signal_transport: NO_SIGNAL - config: {get_resource: NetworkConfig} - server: {get_resource: Controller} - input_values: - bridge_name: br-ex - interface_name: {get_param: NeutronPublicInterface} - - ControllerPassthroughConfig: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: {get_input: passthrough_config} - - ControllerPassthroughConfigSpecific: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: {get_input: passthrough_config_specific} - - ControllerConfig: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: - admin-password: {get_input: admin_password} - admin-token: {get_input: admin_token} - bootstack: - public_interface_ip: {get_input: neutron_public_interface_ip} - bootstrap_host: - nodeid: {get_input: bootstack_nodeid} - cinder: - db: {get_input: cinder_dsn} - debug: {get_input: debug} - volume_size_mb: {get_input: cinder_lvm_loop_device_size} - service-password: {get_input: cinder_password} - iscsi-helper: {get_input: CinderISCSIHelper} - controller-address: {get_input: controller_host} - corosync: - bindnetaddr: {get_input: controller_host} - mcastport: 5577 - pacemaker: - stonith_enabled : false - recheck_interval : 5 - quorum_policy : ignore - db-password: unset - glance: - registry: - host: {get_input: controller_virtual_ip} - backend: swift - db: {get_input: glance_dsn} - debug: {get_input: debug} - host: {get_input: controller_virtual_ip} - port: {get_input: glance_port} - protocol: {get_input: glance_protocol} - service-password: {get_input: glance_password} - swift-store-user: service:glance - swift-store-key: {get_input: glance_password} - notifier-strategy: {get_input: glance_notifier_strategy} - log-file: {get_input: glance_log_file} - heat: - admin_password: {get_input: heat_password} - admin_tenant_name: service - admin_user: heat - auth_encryption_key: {get_input: heat_auth_encryption_key} - db: {get_input: heat_dsn} - debug: {get_input: debug} - stack_domain_admin_password: {get_input: heat_stack_domain_admin_password} - watch_server_url: {get_input: heat.watch_server_url} - metadata_server_url: {get_input: heat.metadata_server_url} - waitcondition_server_url: {get_input: heat.waitcondition_server_url} - keystone: - db: {get_input: keystone_dsn} - debug: {get_input: debug} - host: {get_input: controller_virtual_ip} - ca_certificate: {get_input: keystone_ca_certificate} - signing_key: {get_input: keystone_signing_key} - signing_certificate: {get_input: keystone_signing_certificate} - ssl: - certificate: {get_input: keystone_ssl_certificate} - certificate_key: {get_input: keystone_ssl_certificate_key} - mysql: - innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size} - local_bind: true - root-password: {get_input: mysql_root_password} - cluster_name: {get_input: mysql_cluster_name} - neutron: - debug: {get_input: debug} - flat-networks: {get_input: neutron_flat_networks} - host: {get_input: controller_virtual_ip} - metadata_proxy_shared_secret: {get_input: neutron_metadata_proxy_shared_secret} - agent_mode: {get_input: neutron_agent_mode} - router_distributed: {get_input: neutron_router_distributed} - core_plugin: {get_input: neutron_core_plugin} - service_plugins: {get_input: neutron_service_plugins} - type_drivers: {get_input: neutron_type_drivers} - mechanism_drivers: {get_input: neutron_mechanism_drivers} - allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover} - l3_ha: {get_input: neutron_l3_ha} - dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network} - ovs: - enable_tunneling: {get_input: neutron_enable_tunneling} - local_ip: {get_input: controller_host} - network_vlan_ranges: {get_input: neutron_network_vlan_ranges} - bridge_mappings: {get_input: neutron_bridge_mappings} - public_interface: {get_input: neutron_public_interface} - public_interface_raw_device: {get_input: neutron_public_interface_raw_device} - public_interface_route: {get_input: neutron_public_interface_default_route} - public_interface_tag: {get_input: neutron_public_interface_tag} - physical_bridge: br-ex - tenant_network_type: {get_input: neutron_tenant_network_type} - tunnel_types: {get_input: neutron_tunnel_types} - tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges} - vni_ranges: {get_input: neutron_vni_ranges} - ovs_db: {get_input: neutron_dsn} - service-password: {get_input: neutron_password} - dnsmasq-options: {get_input: neutron_dnsmasq_options} - ceilometer: - db: {get_input: ceilometer_dsn} - debug: {get_input: debug} - metering_secret: {get_input: ceilometer_metering_secret} - service-password: {get_input: ceilometer_password} - snmpd: - export_MIB: UCD-SNMP-MIB - readonly_user_name: {get_input: snmpd_readonly_user_name} - readonly_user_password: {get_input: snmpd_readonly_user_password} - nova: - compute_driver: libvirt.LibvirtDriver - db: {get_input: nova_dsn} - default_floating_pool: - ext-net - host: {get_input: controller_virtual_ip} - metadata-proxy: true - service-password: {get_input: nova_password} - mongodb: - nojournal: {get_input: mongodb_no_journal} - rabbit: - host: {get_input: controller_virtual_ip} - username: {get_input: rabbit_username} - password: {get_input: rabbit_password} - cookie: {get_input: rabbit_cookie} - rabbit_client_use_ssl: {get_input: rabbit_client_use_ssl} - rabbit_port: {get_input: rabbit_client_port} - ntp: - servers: - - {server: {get_input: ntp_server}} - virtual_interfaces: - instances: - - vrrp_instance_name: VI_CONTROL - virtual_router_id: 51 - keepalive_interface: {get_input: control_virtual_interface} - priority: 101 - virtual_ips: - - ip: {get_input: controller_virtual_ip} - interface: {get_input: control_virtual_interface} - - vrrp_instance_name: VI_PUBLIC - virtual_router_id: 52 - keepalive_interface: {get_input: public_virtual_interface} - priority: 101 - virtual_ips: - - ip: {get_input: public_virtual_ip} - interface: {get_input: public_virtual_interface} - vrrp_sync_groups: - - name: VG1 - members: - - VI_CONTROL - - VI_PUBLIC - keepalived: - keepalive_interface: {get_input: public_virtual_interface} - priority: 101 - virtual_ips: - - - ip: {get_input: controller_virtual_ip} - interface: {get_input: control_virtual_interface} - - - ip: {get_input: public_virtual_ip} - interface: {get_input: public_virtual_interface} - haproxy: - net_binds: - - ip: {get_input: controller_virtual_ip} - options: - - option httpchk GET / - services: - - name: keystone_admin - port: 35357 - net_binds: &public_binds - - ip: {get_input: controller_virtual_ip} - - ip: {get_input: public_virtual_ip} - - name: keystone_public - port: 5000 - net_binds: *public_binds - - name: horizon - port: 80 - net_binds: *public_binds - - name: neutron - port: 9696 - net_binds: *public_binds - - name: cinder - port: 8776 - net_binds: *public_binds - - name: glance_api - port: 9292 - net_binds: *public_binds - - name: glance_registry - port: 9191 - net_binds: *public_binds - options: # overwrite options as glace_reg needs auth for http req - - name: heat_api - port: 8004 - net_binds: *public_binds - - name: heat_cloudwatch - port: 8003 - net_binds: *public_binds - - name: heat_cfn - port: 8000 - net_binds: *public_binds - - name: mysql - port: 3306 - extra_server_params: - - backup - options: - - timeout client 0 - - timeout server 0 - - name: nova_ec2 - port: 8773 - - name: nova_osapi - port: 8774 - net_binds: *public_binds - - name: nova_metadata - port: 8775 - net_binds: *public_binds - - name: nova_novncproxy - port: 6080 - net_binds: *public_binds - - name: ceilometer - port: 8777 - net_binds: *public_binds - options: # overwrite options as ceil needs auth for http req - - name: swift_proxy_server - port: 8080 - net_binds: *public_binds - options: - - option httpchk GET /info - - name: rabbitmq - port: 5672 - options: - - timeout client 0 - - timeout server 0 - - maxconn 1500 - - ControllerDeployment: - type: OS::TripleO::SoftwareDeployment - properties: - signal_transport: NO_SIGNAL - config: {get_resource: ControllerConfig} - server: {get_resource: Controller} - input_values: - bootstack_nodeid: {get_attr: [Controller, name]} - controller_host: {get_attr: [Controller, networks, ctlplane, 0]} - controller_virtual_ip: {get_param: VirtualIP} - neutron_enable_tunneling: {get_param: NeutronEnableTunnelling} - heat.watch_server_url: - list_join: - - '' - - - 'http://' - - {get_param: VirtualIP} - - ':8003' - heat.metadata_server_url: - list_join: - - '' - - - 'http://' - - {get_param: VirtualIP} - - ':8000' - heat.waitcondition_server_url: - list_join: - - '' - - - 'http://' - - {get_param: VirtualIP} - - ':8000/v1/waitcondition' - admin_password: {get_param: AdminPassword} - admin_token: {get_param: AdminToken} - neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP} - debug: {get_param: Debug} - cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize} - cinder_password: {get_param: CinderPassword} - cinder_iscsi_helper: {get_param: CinderISCSIHelper} - cinder_dsn: - list_join: - - '' - - - 'mysql://cinder:' - - {get_param: CinderPassword} - - '@' - - {get_param: VirtualIP} - - '/cinder' - glance_port: {get_param: GlancePort} - glance_protocol: {get_param: GlanceProtocol} - glance_password: {get_param: GlancePassword} - glance_notifier_strategy: {get_param: GlanceNotifierStrategy} - glance_log_file: {get_param: GlanceLogFile} - glance_dsn: - list_join: - - '' - - - 'mysql://glance:' - - {get_param: GlancePassword} - - '@' - - {get_param: VirtualIP} - - '/glance' - heat_password: {get_param: HeatPassword} - heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword} - heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey} - heat_dsn: - list_join: - - '' - - - 'mysql://heat:' - - {get_param: HeatPassword} - - '@' - - {get_param: VirtualIP} - - '/heat' - keystone_ca_certificate: {get_param: KeystoneCACertificate} - keystone_signing_key: {get_param: KeystoneSigningKey} - keystone_signing_certificate: {get_param: KeystoneSigningCertificate} - keystone_ssl_certificate: {get_param: KeystoneSSLCertificate} - keystone_ssl_certificate_key: {get_param: KeystoneSSLCertificateKey} - keystone_dsn: - list_join: - - '' - - - 'mysql://keystone:' - - {get_param: AdminToken} - - '@' - - {get_param: VirtualIP} - - '/keystone' - mongodb_no_journal: {get_param: MongoDbNoJournal} - mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize} - mysql_root_password: {get_param: MysqlRootPassword} - mysql_cluster_name: - str_replace: - template: tripleo-CLUSTER - params: - CLUSTER: {get_param: MysqlClusterUniquePart} - neutron_flat_networks: {get_param: NeutronFlatNetworks} - neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret} - neutron_agent_mode: {get_param: NeutronAgentMode} - neutron_router_distributed: {get_param: NeutronDVR} - neutron_core_plugin: {get_param: NeutronCorePlugin} - neutron_service_plugins: - str_replace: - template: "['PLUGINS']" - params: - PLUGINS: - list_join: - - "','" - - {get_param: NeutronServicePlugins} - neutron_type_drivers: - str_replace: - template: "['DRIVERS']" - params: - DRIVERS: - list_join: - - "','" - - {get_param: NeutronTypeDrivers} - neutron_mechanism_drivers: {get_param: NeutronMechanismDrivers} - neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover} - neutron_l3_ha: {get_param: NeutronL3HA} - neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork} - neutron_network_vlan_ranges: {get_param: NeutronNetworkVLANRanges} - neutron_bridge_mappings: {get_param: NeutronBridgeMappings} - neutron_public_interface: {get_param: NeutronPublicInterface} - neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice} - neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute} - neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag} - neutron_tenant_network_type: {get_param: NeutronNetworkType} - neutron_tunnel_types: {get_param: NeutronTunnelTypes} - neutron_tunnel_id_ranges: - str_replace: - template: "['RANGES']" - params: - RANGES: - list_join: - - "','" - - {get_param: NeutronTunnelIdRanges} - neutron_vni_ranges: - str_replace: - template: "['RANGES']" - params: - RANGES: - list_join: - - "','" - - {get_param: NeutronVniRanges} - neutron_password: {get_param: NeutronPassword} - neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions} - neutron_dsn: - list_join: - - '' - - - 'mysql://neutron:' - - {get_param: NeutronPassword} - - '@' - - {get_param: VirtualIP} - - '/ovs_neutron?charset=utf8' - ceilometer_metering_secret: {get_param: CeilometerMeteringSecret} - ceilometer_password: {get_param: CeilometerPassword} - ceilometer_dsn: - list_join: - - '' - - - 'mysql://ceilometer:' - - {get_param: CeilometerPassword} - - '@' - - {get_param: VirtualIP} - - '/ceilometer' - snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName} - snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword} - nova_password: {get_param: NovaPassword} - nova_dsn: - list_join: - - '' - - - 'mysql://nova:' - - {get_param: NovaPassword} - - '@' - - {get_param: VirtualIP} - - '/nova' - rabbit_username: {get_param: RabbitUserName} - rabbit_password: {get_param: RabbitPassword} - rabbit_cookie: {get_param: RabbitCookie} - rabbit_client_use_ssl: {get_param: RabbitClientUseSSL} - rabbit_client_port: {get_param: RabbitClientPort} - ntp_server: {get_param: NtpServer} - control_virtual_interface: {get_param: ControlVirtualInterface} - public_virtual_interface: {get_param: PublicVirtualInterface} - public_virtual_ip: {get_param: PublicVirtualIP} - - SSLConfig: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: - ssl: - ca_certificate: {get_input: ssl_ca_certificate} - stunnel: - cert: {get_input: ssl_certificate} - key: {get_input: ssl_key} - cacert: {get_input: ssl_ca_certificate} - ports: - - name: 'ec2' - accept: 13773 - connect: 8773 - connect_host: {get_input: controller_host} - - name: 'image' - accept: 13292 - connect: 9292 - connect_host: {get_input: controller_host} - - name: 'identity' - accept: 13000 - connect: 5000 - connect_host: {get_input: controller_host} - - name: 'network' - accept: 13696 - connect: 9696 - connect_host: {get_input: controller_host} - - name: 'compute' - accept: 13774 - connect: 8774 - connect_host: {get_input: controller_host} - - name: 'swift-proxy' - accept: 13080 - connect: 8080 - connect_host: {get_input: controller_host} - - name: 'cinder' - accept: 13776 - connect: 8776 - connect_host: {get_input: controller_host} - - name: 'ceilometer' - accept: 13777 - connect: 8777 - connect_host: {get_input: controller_host} - - ControllerSSLDeployment: - type: OS::Heat::StructuredDeployment - properties: - config: {get_resource: SSLConfig} - server: {get_resource: Controller} - signal_transport: NO_SIGNAL - input_values: - controller_host: {get_attr: [Controller, networks, ctlplane, 0]} - ssl_certificate: {get_param: SSLCertificate} - ssl_key: {get_param: SSLKey} - ssl_ca_certificate: {get_param: SSLCACertificate} - - ControllerPassthroughDeployment: - type: OS::Heat::StructuredDeployment - properties: - config: {get_resource: ControllerPassthroughConfig} - server: {get_resource: Controller} - signal_transport: NO_SIGNAL - input_values: - passthrough_config: {get_param: ExtraConfig} - - ControllerPassthroughSpecificDeployment: - depends_on: [ControllerPassthroughDeployment] - type: OS::Heat::StructuredDeployment - properties: - config: {get_resource: ControllerPassthroughConfigSpecific} - server: {get_resource: Controller} - signal_transport: NO_SIGNAL - input_values: - passthrough_config_specific: {get_param: ControllerExtraConfig} - - SwiftConfig: - type: OS::Heat::StructuredConfig - properties: - group: os-apply-config - config: - swift: - hash: { get_input: swift_hash_suffix } - part-power: { get_input: swift_part_power } - mount-check: { get_input: swift_mount_check } - min-part-hours: { get_input: swift_min_part_hours } - replicas: {get_input: swift_replicas } - service-password: { get_input: swift_password } - - SwiftStorageDeploy: - type: OS::Heat::StructuredDeployment - properties: - server: {get_resource: Controller} - config: {get_resource: SwiftConfig} - signal_transport: NO_SIGNAL - input_values: - swift_hash_suffix: {get_param: SwiftHashSuffix} - swift_mount_check: {get_param: SwiftMountCheck} - swift_password: {get_param: SwiftPassword} - swift_min_part_hours: {get_param: SwiftMinPartHours} - swift_part_power: {get_param: SwiftPartPower} - swift_replicas: { get_param: SwiftReplicas} - -outputs: - ip_address: - description: IP address of the server in the ctlplane network - value: {get_attr: [Controller, networks, ctlplane, 0]} - external_ip_address: - description: IP address of the server in the external network - value: {get_attr: [ExternalPort, ip_address]} - internal_api_ip_address: - description: IP address of the server in the internal_api network - value: {get_attr: [InternalApiPort, ip_address]} - storage_ip_address: - description: IP address of the server in the storage network - value: {get_attr: [StoragePort, ip_address]} - storage_mgmt_ip_address: - description: IP address of the server in the storage_mgmt network - value: {get_attr: [StorageMgmtPort, ip_address]} - tenant_ip_address: - description: IP address of the server in the tenant network - value: {get_attr: [TenantPort, ip_address]} - hostname: - description: Hostname of the server - value: {get_attr: [Controller, name]} - corosync_node: - description: > - Node object in the format {ip: ..., name: ...} format that the corosync - element expects - value: - ip: {get_attr: [Controller, networks, ctlplane, 0]} - name: {get_attr: [Controller, name]} - hosts_entry: - description: > - Server's IP address and hostname in the /etc/hosts format - value: - str_replace: - template: IP HOST CLOUDNAME - params: - IP: {get_attr: [Controller, networks, ctlplane, 0]} - HOST: {get_attr: [Controller, name]} - CLOUDNAME: {get_param: CloudName} - nova_server_resource: - description: Heat resource handle for the Nova compute server - value: - {get_resource: Controller} - swift_device: - description: Swift device formatted for swift-ring-builder - value: - str_replace: - template: 'r1z1-IP:%PORT%/d1' - params: - IP: {get_attr: [Controller, networks, ctlplane, 0]} - swift_proxy_memcache: - description: Swift proxy-memcache value - value: - str_replace: - template: "IP:11211" - params: - IP: {get_attr: [Controller, networks, ctlplane, 0]} - config_identifier: - description: identifier which changes if the node configuration may need re-applying - value: "None - NO_SIGNAL" |