1 files changed, 68 insertions, 8 deletions

diff --git a/overcloud-without-mergepy.yaml b/overcloud-without-mergepy.yaml
index 8cb041b7..094332e2 100644
--- a/overcloud-without-mergepy.yaml
+++ b/overcloud-without-mergepy.yaml
@@ -107,12 +107,38 @@ parameters:
       overcloud.yaml to include the deployment of VLAN ports to the control
       plane.
     type: string
+  NeutronComputeAgentMode:
+    default: 'dvr'
+    description: Agent mode for the neutron-l3-agent on the compute hosts
+    type: string
+  NeutronAgentMode:
+    default: 'dvr_snat'
+    description: Agent mode for the neutron-l3-agent on the controller hosts
+    type: string
+  NeutronDVR:
+    default: 'False'
+    description: Whether to configure Neutron Distributed Virtual Routers
+    type: string
+  NeutronMetadataProxySharedSecret:
+    default: 'unset'
+    description: Shared secret to prevent spoofing
+    type: string
   NeutronTunnelTypes:
     default: 'gre'
     description: |
         The tunnel types for the Neutron tenant network. To specify multiple
         values, use a comma separated string, like so: 'gre,vxlan'
     type: string
+  NeutronMechanismDrivers:
+    default: 'openvswitch'
+    description: |
+        The mechanism drivers for the Neutron tenant network. To specify multiple
+        values, use a comma separated string, like so: 'openvswitch,l2_population'
+    type: string
+  NeutronAllowL3AgentFailover:
+    default: 'True'
+    description: Allow automatic l3-agent failover
+    type: string
   NovaPassword:
     default: unset
     description: The password for the nova service account, used by nova-api.
@@ -145,6 +171,16 @@ parameters:
     description: The password for RabbitMQ
     type: string
     hidden: true
+  RabbitClientUseSSL:
+    default: false
+    description: >
+        Rabbit client subscriber parameter to specify
+        an SSL connection to the RabbitMQ host.
+    type: string
+  RabbitClientPort:
+    default: 5672
+    description: Set rabbit subscriber port, change this if using SSL
+    type: number
   SnmpdReadonlyUserName:
     default: ro_snmp_user
     description: The user name for SNMPd with readonly rights running on all Overcloud nodes
@@ -190,7 +226,6 @@ parameters:
     constraints:
       - custom_constraint: glance.image
   OvercloudControlFlavor:
-    default: baremetal
     description: Flavor for control nodes to request when deploying.
     type: string
     constraints:
@@ -273,6 +308,15 @@ parameters:
     description: Keystone key for signing tokens.
     type: string
     hidden: true
+  KeystoneSSLCertificate:
+    default: ''
+    description: Keystone certificate for verifying token validity.
+    type: string
+  KeystoneSSLCertificateKey:
+    default: ''
+    description: Keystone key for signing tokens.
+    type: string
+    hidden: true
   MysqlInnodbBufferPoolSize:
     description: >
         Specifies the size of the buffer pool in megabytes. Setting to
@@ -383,7 +427,6 @@ parameters:
   OvercloudComputeFlavor:
     description: Use this flavor
     type: string
-    default: baremetal
     constraints:
       - custom_constraint: nova.flavor
 
@@ -395,18 +438,20 @@ parameters:
     default: overcloud-cinder-volume
     type: string
   OvercloudBlockStorageFlavor:
-    default: baremetal
     description: Flavor for block storage nodes to request when deploying.
     type: string
+    constraints:
+      - custom_constraint: nova.flavor
 
 # Object storage specific parameters
   ObjectStorageCount:
     type: number
     default: 0
   OvercloudSwiftStorageFlavor:
-    default: baremetal
     description: Flavor for Swift storage nodes to request when deploying.
     type: string
+    constraints:
+      - custom_constraint: nova.flavor
   SwiftStorageImage:
     default: overcloud-swift-storage
     type: string
@@ -445,6 +490,8 @@ resources:
           KeystoneCACertificate: {get_param: KeystoneCACertificate}
           KeystoneSigningCertificate: {get_param: KeystoneSigningCertificate}
           KeystoneSigningKey: {get_param: KeystoneSigningKey}
+          KeystoneSSLCertificate: {get_param: KeystoneSSLCertificate}
+          KeystoneSSLCertificateKey: {get_param: KeystoneSSLCertificateKey}
           MysqlClusterUniquePart: {get_attr: [MysqlClusterUniquePart, value]}
           MysqlInnodbBufferPoolSize: {get_param: MysqlInnodbBufferPoolSize}
           MysqlRootPassword: {get_attr: [MysqlRootPassword, value]}
@@ -457,12 +504,19 @@ resources:
           NeutronPublicInterfaceRawDevice: {get_param: NeutronPublicInterfaceRawDevice}
           NeutronPassword: {get_param: NeutronPassword}
           NeutronDnsmasqOptions: {get_param: NeutronDnsmasqOptions}
+          NeutronDVR: {get_param: NeutronDVR}
+          NeutronMetadataProxySharedSecret: {get_param: NeutronMetadataProxySharedSecret}
+          NeutronAgentMode: {get_param: NeutronAgentMode}
+          NeutronMechanismDrivers: {get_param: NeutronMechanismDrivers}
+          NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover}
           NovaPassword: {get_param: NovaPassword}
           NtpServer: {get_param: NtpServer}
           PublicVirtualInterface: {get_param: PublicVirtualInterface}
           RabbitUserName: {get_param: RabbitUserName}
           RabbitPassword: {get_param: RabbitPassword}
           RabbitCookie: {get_attr: [RabbitCookie, value]}
+          RabbitClientUseSSL: {get_param: RabbitClientUseSSL}
+          RabbitClientPort: {get_param: RabbitClientPort}
           SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
           SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
           SSLCertificate: {get_param: SSLCertificate}
@@ -505,6 +559,12 @@ resources:
           NeutronPassword: {get_param: NeutronPassword}
           NeutronPhysicalBridge: {get_param: HypervisorNeutronPhysicalBridge}
           NeutronPublicInterface: {get_param: HypervisorNeutronPublicInterface}
+          NeutronDVR: {get_param: NeutronDVR}
+          NeutronMetadataProxySharedSecret: {get_param: NeutronMetadataProxySharedSecret}
+          NeutronAgentMode: {get_param: NeutronComputeAgentMode}
+          NeutronPublicInterfaceRawDevice: {get_param: NeutronPublicInterfaceRawDevice}
+          NeutronMechanismDrivers: {get_param: NeutronMechanismDrivers}
+          NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover}
           NovaApiHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
           NovaComputeDriver: {get_param: NovaComputeDriver}
           NovaComputeExtraConfig: {get_param: NovaComputeExtraConfig}
@@ -550,10 +610,6 @@ resources:
           CinderPassword: {get_param: CinderPassword}
           VirtualIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
           KeyName: {get_param: KeyName}
-          NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling}
-          NeutronNetworkType: {get_param: NeutronNetworkType}
-          NeutronPassword: {get_param: NeutronPassword}
-          NeutronPublicInterface: {get_param: NeutronPublicInterface}
           Flavor: {get_param: OvercloudBlockStorageFlavor}
           RabbitPassword: {get_param: RabbitPassword}
           RabbitUserName: {get_param: RabbitUserName}
@@ -602,6 +658,10 @@ resources:
             list_join:
             - ','
             - {get_attr: [Controller, hostname]}
+        sysctl:
+          net.ipv4.tcp_keepalive_time: 5
+          net.ipv4.tcp_keepalive_probes: 5
+          net.ipv4.tcp_keepalive_intvl: 1
 
   MysqlRootPassword:
     type: OS::Heat::RandomString