summaryrefslogtreecommitdiffstats
path: root/puppet/controller.yaml
diff options
context:
space:
mode:
Diffstat (limited to 'puppet/controller.yaml')
-rw-r--r--puppet/controller.yaml867
1 files changed, 105 insertions, 762 deletions
diff --git a/puppet/controller.yaml b/puppet/controller.yaml
index bf196d24..65238eb5 100644
--- a/puppet/controller.yaml
+++ b/puppet/controller.yaml
@@ -8,95 +8,10 @@ parameters:
description: The password for the keystone admin account, used for monitoring, querying neutron etc.
type: string
hidden: true
- AodhApiVirtualIP:
- type: string
- default: ''
AodhPassword:
description: The password for the aodh services.
type: string
hidden: true
- CeilometerApiVirtualIP:
- type: string
- default: ''
- CeilometerBackend:
- default: 'mongodb'
- description: The ceilometer backend type.
- type: string
- CeilometerMeteringSecret:
- description: Secret shared by the ceilometer services.
- type: string
- hidden: true
- CeilometerPassword:
- description: The password for the ceilometer service and db account.
- type: string
- hidden: true
- CeilometerStoreEvents:
- default: false
- description: Whether to store events in ceilometer.
- type: boolean
- CeilometerMeterDispatcher:
- default: 'database'
- description: Dispatcher to process meter data
- type: string
- constraints:
- - allowed_values: ['gnocchi', 'database']
- CinderApiVirtualIP:
- type: string
- default: ''
- CeilometerWorkers:
- default: 0
- description: Number of workers for Ceilometer service.
- type: number
- CinderEnableDBPurge:
- default: true
- description: |
- Whether to create cron job for purging soft deleted rows in Cinder database.
- type: boolean
- CinderEnableNfsBackend:
- default: false
- description: Whether to enable or not the NFS backend for Cinder
- type: boolean
- CinderEnableIscsiBackend:
- default: true
- description: Whether to enable or not the Iscsi backend for Cinder
- type: boolean
- CinderEnableRbdBackend:
- default: false
- description: Whether to enable or not the Rbd backend for Cinder
- type: boolean
- CinderISCSIHelper:
- default: lioadm
- description: The iSCSI helper to use with cinder.
- type: string
- CinderLVMLoopDeviceSize:
- default: 10280
- description: The size of the loopback file used by the cinder LVM driver.
- type: number
- CinderNfsMountOptions:
- default: ''
- description: >
- Mount options for NFS mounts used by Cinder NFS backend. Effective
- when CinderEnableNfsBackend is true.
- type: string
- CinderNfsServers:
- default: ''
- description: >
- NFS servers used by Cinder NFS backend. Effective when
- CinderEnableNfsBackend is true.
- type: comma_delimited_list
- CinderPassword:
- description: The password for the cinder service and db account, used by cinder-api.
- type: string
- hidden: true
- CinderBackendConfig:
- default: {}
- description: Contains parameters to configure Cinder backends. Typically
- set via parameter_defaults in the resource registry.
- type: json
- CinderWorkers:
- default: 0
- description: Number of workers for Cinder service.
- type: number
controllerExtraConfig:
default: {}
description: |
@@ -140,14 +55,6 @@ parameters:
default: true
description: Whether to deploy a LoadBalancer on the Controller
type: boolean
- EnableCephStorage:
- default: false
- description: Whether to deploy Ceph Storage (OSD) on the Controller
- type: boolean
- EnableSwiftStorage:
- default: true
- description: Whether to enable Swift Storage on the Controller
- type: boolean
ExtraConfig:
default: {}
description: |
@@ -202,9 +109,6 @@ parameters:
default: 'mysql'
description: The short name of the Gnocchi indexer backend to use.
type: string
- GnocchiApiVirtualIP:
- type: string
- default: ''
GnocchiPassword:
description: The password for the gnocchi service and db account.
type: string
@@ -220,14 +124,6 @@ parameters:
default: /dev/log
description: Syslog address where HAproxy will send its log
type: string
- HeatPassword:
- description: The password for the Heat service and db account, used by the Heat services.
- type: string
- hidden: true
- HeatStackDomainAdminPassword:
- description: Password for heat_stack_domain_admin user.
- type: string
- hidden: true
HeatAuthEncryptionKey:
description: Auth encryption key for heat-engine
type: string
@@ -236,15 +132,6 @@ parameters:
default: '*'
description: A list of IP/Hostname allowed to connect to horizon
type: comma_delimited_list
- HeatWorkers:
- default: 0
- description: Number of workers for Heat service.
- type: number
- HeatEnableDBPurge:
- type: boolean
- default: true
- description: |
- Whether to create cron job for purging soft deleted rows in the Heat database.
HorizonSecret:
description: Secret key for Django
type: string
@@ -284,14 +171,6 @@ parameters:
default: false
description: Whether IPtables rules should be purged before setting up the new ones.
type: boolean
- SaharaApiVirtualIP:
- type: string
- default: ''
- SaharaPassword:
- default: unset
- description: The password for the sahara service account, used by sahara-api.
- type: string
- hidden: true
MysqlClusterUniquePart:
description: A unique identifier of the MySQL cluster the controller is in.
type: string
@@ -310,121 +189,17 @@ parameters:
description: Configures MySQL max_connections config setting
type: number
default: 4096
+ MysqlClustercheckPassword:
+ type: string
+ hidden: true
MysqlRootPassword:
type: string
hidden: true
default: '' # Has to be here because of the ignored empty value bug
- NeutronExternalNetworkBridge:
- description: Name of bridge used for external network traffic.
- type: string
- default: 'br-ex'
- NeutronBridgeMappings:
- description: >
- The OVS logical->physical bridge mappings to use. See the Neutron
- documentation for details. Defaults to mapping br-ex - the external
- bridge on hosts - to a physical name 'datacentre' which can be used
- to create provider networks (and we use this for the default floating
- network) - if changing this either use different post-install network
- scripts or be sure to keep 'datacentre' as a mapping network name.
- type: comma_delimited_list
- default: "datacentre:br-ex"
- NeutronDnsmasqOptions:
- default: 'dhcp-option-force=26,1400'
- description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
- type: string
- NeutronEnableDHCPAgent:
- description: Knob to enable/disable DHCP Agent
- type: boolean
- default: true
- NeutronEnableL3Agent:
- description: Knob to enable/disable L3 agent
- type: boolean
- default: true
- NeutronEnableMetadataAgent:
- description: Knob to enable/disable Metadata agent
- type: boolean
- default: true
- NeutronEnableOVSAgent:
- description: Knob to enable/disable OVS Agent
- type: boolean
- default: true
- NeutronAgentMode:
- default: 'dvr_snat'
- description: Agent mode for the neutron-l3-agent on the controller hosts
- type: string
- NeutronL3HA:
- default: 'False'
- description: Whether to enable l3-agent HA
- type: string
- NeutronDhcpAgentsPerNetwork:
- type: number
- default: 3
- description: The number of neutron dhcp agents to schedule per network
- NeutronDVR:
- default: 'False'
- description: Whether to configure Neutron Distributed Virtual Routers
- type: string
NeutronMetadataProxySharedSecret:
description: Shared secret to prevent spoofing
type: string
hidden: true
- NeutronCorePlugin:
- default: 'ml2'
- description: |
- The core plugin for Neutron. The value should be the entrypoint to be loaded
- from neutron.core_plugins namespace.
- type: string
- NeutronServicePlugins:
- default: "router,qos"
- description: |
- Comma-separated list of service plugin entrypoints to be loaded from the
- neutron.service_plugins namespace.
- type: comma_delimited_list
- NeutronTypeDrivers:
- default: "vxlan,vlan,flat,gre"
- description: |
- Comma-separated list of network type driver entrypoints to be loaded.
- type: comma_delimited_list
- NeutronMechanismDrivers:
- default: 'openvswitch'
- description: |
- The mechanism drivers for the Neutron tenant network.
- type: comma_delimited_list
- NeutronAllowL3AgentFailover:
- default: 'True'
- description: Allow automatic l3-agent failover
- type: string
- NeutronEnableIsolatedMetadata:
- default: 'False'
- description: If True, DHCP provide metadata route to VM.
- type: string
- NeutronEnableTunnelling:
- type: string
- default: "True"
- NeutronEnableL2Pop:
- type: string
- description: >
- Enable/disable the L2 population feature in the Neutron agents.
- default: "False"
- NeutronFlatNetworks:
- type: comma_delimited_list
- default: 'datacentre'
- description: If set, flat networks to configure in neutron plugins.
- NeutronL3HA:
- default: 'False'
- description: Whether to enable l3-agent HA
- type: string
- NeutronNetworkType:
- default: 'vxlan'
- description: The tenant network type for Neutron.
- type: comma_delimited_list
- NeutronNetworkVLANRanges:
- default: 'datacentre:1:1000'
- description: >
- The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
- Neutron documentation for permitted values. Defaults to permitting any
- VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
- type: comma_delimited_list
NeutronPassword:
description: The password for the neutron service and db account, used by neutron agents.
type: string
@@ -433,71 +208,6 @@ parameters:
default: nic1
description: What interface to bridge onto br-ex for network nodes.
type: string
- NeutronPublicInterfaceTag:
- default: ''
- description: >
- VLAN tag for creating a public VLAN. The tag will be used to
- create an access port on the exterior bridge for each control plane node,
- and that port will be given the IP address returned by neutron from the
- public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
- overcloud.yaml to include the deployment of VLAN ports to the control
- plane.
- type: string
- NeutronPublicInterfaceDefaultRoute:
- default: ''
- description: A custom default route for the NeutronPublicInterface.
- type: string
- NeutronPublicInterfaceIP:
- default: ''
- description: A custom IP address to put onto the NeutronPublicInterface.
- type: string
- NeutronPublicInterfaceRawDevice:
- default: ''
- description: If set, the public interface is a vlan with this device as the raw device.
- type: string
- NeutronTenantMtu:
- description: >
- The default MTU for tenant networks. For VXLAN/GRE tunneling, this should
- be at least 50 bytes smaller than the MTU on the physical network. This
- value will be used to set the MTU on the virtual Ethernet device.
- This number is related to the value of NeutronDnsmasqOptions, since that
- will determine the MTU that is assigned to the VM host through DHCP.
- default: 1400
- type: number
- NeutronTunnelTypes:
- default: 'vxlan'
- description: |
- The tunnel types for the Neutron tenant network.
- type: comma_delimited_list
- NeutronTunnelIdRanges:
- description: |
- Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges
- of GRE tunnel IDs that are available for tenant network allocation
- default: ["1:4094", ]
- type: comma_delimited_list
- NeutronVniRanges:
- description: |
- Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges
- of VXLAN VNI IDs that are available for tenant network allocation
- default: ["1:4094", ]
- type: comma_delimited_list
- NeutronPluginExtensions:
- default: "qos,port_security"
- description: |
- Comma-separated list of extensions enabled for the Neutron plugin.
- type: comma_delimited_list
- NeutronAgentExtensions:
- default: "qos"
- description: |
- Comma-separated list of extensions enabled for the Neutron agents.
- type: comma_delimited_list
- NovaApiVirtualIP:
- type: string
- default: ''
- NeutronWorkers:
- default: 0
- description: Number of workers for Neutron service.
- type: number
NovaEnableDBPurge:
default: true
description: |
@@ -511,22 +221,6 @@ parameters:
description: The password for the nova service and db account, used by nova-api.
type: string
hidden: true
- NovaWorkers:
- default: 0
- description: Number of workers for Nova service.
- type: number
- MongoDbNoJournal:
- default: false
- description: Should MongoDb journaling be disabled
- type: boolean
- MongoDbIPv6:
- default: false
- description: Enable IPv6 if Mongo DB VIP is IPv6
- type: boolean
- NtpServer:
- default: ''
- description: Comma-separated list of ntp servers
- type: comma_delimited_list
PcsdPassword:
type: string
description: The password for the 'pcsd' user.
@@ -537,9 +231,6 @@ parameters:
Specifies the interface where the public-facing virtual ip will be assigned.
This should be int_public when a VLAN is being used.
type: string
- PublicVirtualIP:
- type: string
- default: '' # Has to be here because of the ignored empty value bug
RabbitCookie:
type: string
default: '' # Has to be here because of the ignored empty value bug
@@ -562,17 +253,9 @@ parameters:
default: 5672
description: Set rabbit subscriber port, change this if using SSL
type: number
- RabbitFDLimit:
- default: 16384
- description: Configures RabbitMQ FD limit
- type: string
- RabbitIPv6:
- default: false
- description: Enable IPv6 in RabbitMQ
- type: boolean
RedisPassword:
+ description: The password for Redis
type: string
- description: The password to access the Redis service
hidden: true
RedisVirtualIP:
type: string
@@ -581,23 +264,11 @@ parameters:
type: string
default: '' # Has to be here because of the ignored empty value bug
description: An IP address which is wrapped in brackets in case of IPv6
- SnmpdReadonlyUserName:
- default: ro_snmp_user
- description: The user name for SNMPd with readonly rights running on all Overcloud nodes
- type: string
- SnmpdReadonlyUserPassword:
- description: The user password for SNMPd with readonly rights running on all Overcloud nodes
- type: string
- hidden: true
SwiftHashSuffix:
description: A random string to be used as a salt when hashing to determine mappings
in the ring.
hidden: true
type: string
- SwiftMountCheck:
- default: 'false'
- description: Value of mount_check in Swift account/container/object -server.conf
- type: boolean
SwiftMinPartHours:
type: number
default: 1
@@ -610,48 +281,17 @@ parameters:
default: true
description: Whether to manage Swift rings or not
type: boolean
- SwiftPassword:
- description: The password for the swift service account, used by the swift proxy
- services.
- hidden: true
- type: string
- SwiftProxyVirtualIP:
- type: string
- default: ''
SwiftReplicas:
type: number
default: 3
description: How many replicas to use in the swift rings.
- SwiftWorkers:
- default: 0
- description: Number of workers for Swift service.
- type: number
- TimeZone:
- default: 'UTC'
- description: The timezone to be set on controller nodes.
- type: string
UpgradeLevelNovaCompute:
type: string
description: Nova Compute upgrade level
default: ''
- VirtualIP: # DEPRECATED: use per service settings instead
- type: string
- default: '' # Has to be here because of the ignored empty value bug
- HeatApiVirtualIP:
- type: string
- default: ''
- HeatApiVirtualIPUri:
- type: string
- default: ''
MysqlVirtualIP:
type: string
default: ''
- MysqlVirtualIPUri:
- type: string
- default: ''
- NeutronApiVirtualIP:
- type: string
- default: ''
EnablePackageInstall:
default: 'false'
description: Set to true to enable package installation via Puppet
@@ -713,6 +353,10 @@ parameters:
ServiceConfigSettings:
type: json
default: {}
+ ConfigCommand:
+ type: string
+ description: Command which will be run whenever configuration data changes
+ default: os-refresh-config --timeout 14400
parameter_groups:
- label: deprecated
@@ -724,6 +368,9 @@ resources:
Controller:
type: OS::Nova::Server
+ metadata:
+ os-collect-config:
+ command: {get_param: ConfigCommand}
properties:
image: {get_param: Image}
image_update_policy: {get_param: ImageUpdatePolicy}
@@ -808,28 +455,23 @@ resources:
properties:
ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
ExternalIp: {get_attr: [ExternalPort, ip_address]}
+ ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
ExternalIpUri: {get_attr: [ExternalPort, ip_address_uri]}
InternalApiIp: {get_attr: [InternalApiPort, ip_address]}
+ InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
InternalApiIpUri: {get_attr: [InternalApiPort, ip_address_uri]}
StorageIp: {get_attr: [StoragePort, ip_address]}
+ StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
StorageIpUri: {get_attr: [StoragePort, ip_address_uri]}
StorageMgmtIp: {get_attr: [StorageMgmtPort, ip_address]}
+ StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
StorageMgmtIpUri: {get_attr: [StorageMgmtPort, ip_address_uri]}
TenantIp: {get_attr: [TenantPort, ip_address]}
+ TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
TenantIpUri: {get_attr: [TenantPort, ip_address_uri]}
ManagementIp: {get_attr: [ManagementPort, ip_address]}
- ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
-
- NetIpSubnetMap:
- type: OS::TripleO::Network::Ports::NetIpSubnetMap
- properties:
- ControlPlaneIp: {get_attr: [Controller, networks, ctlplane, 0]}
- ExternalIpSubnet: {get_attr: [ExternalPort, ip_subnet]}
- InternalApiIpSubnet: {get_attr: [InternalApiPort, ip_subnet]}
- StorageIpSubnet: {get_attr: [StoragePort, ip_subnet]}
- StorageMgmtIpSubnet: {get_attr: [StorageMgmtPort, ip_subnet]}
- TenantIpSubnet: {get_attr: [TenantPort, ip_subnet]}
ManagementIpSubnet: {get_attr: [ManagementPort, ip_subnet]}
+ ManagementIpUri: {get_attr: [ManagementPort, ip_address_uri]}
NetworkConfig:
type: OS::TripleO::Controller::Net::SoftwareConfig
@@ -878,191 +520,48 @@ resources:
server: {get_resource: Controller}
input_values:
bootstack_nodeid: {get_attr: [Controller, name]}
- ceilometer_workers: {get_param: CeilometerWorkers}
- cinder_workers: {get_param: CinderWorkers}
- heat_workers: {get_param: HeatWorkers}
- nova_workers: {get_param: NovaWorkers}
- neutron_workers: {get_param: NeutronWorkers}
- swift_workers: {get_param: SwiftWorkers}
- neutron_enable_tunneling: {get_param: NeutronEnableTunnelling}
- neutron_enable_l2pop: {get_param: NeutronEnableL2Pop}
- neutron_enable_isolated_metadata: {get_param: NeutronEnableIsolatedMetadata}
haproxy_log_address: {get_param: HAProxySyslogAddress}
haproxy_stats_password: {get_param: HAProxyStatsPassword}
haproxy_stats_user: {get_param: HAProxyStatsUser}
- heat.watch_server_url:
- list_join:
- - ''
- - - 'http://'
- - {get_param: HeatApiVirtualIPUri}
- - ':8003'
- heat.metadata_server_url:
- list_join:
- - ''
- - - 'http://'
- - {get_param: HeatApiVirtualIPUri}
- - ':8000'
- heat.waitcondition_server_url:
- list_join:
- - ''
- - - 'http://'
- - {get_param: HeatApiVirtualIPUri}
- - ':8000/v1/waitcondition'
heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
- heat_enable_db_purge: {get_param: HeatEnableDBPurge}
horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
horizon_secret: {get_param: HorizonSecret}
admin_password: {get_param: AdminPassword}
- neutron_public_interface_ip: {get_param: NeutronPublicInterfaceIP}
debug: {get_param: Debug}
- cinder_enable_db_purge: {get_param: CinderEnableDBPurge}
- cinder_enable_nfs_backend: {get_param: CinderEnableNfsBackend}
- cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
- cinder_nfs_mount_options: {get_param: CinderNfsMountOptions}
- cinder_nfs_servers:
- str_replace:
- template: SERVERS
- params:
- SERVERS: {get_param: CinderNfsServers}
- cinder_lvm_loop_device_size: {get_param: CinderLVMLoopDeviceSize}
- cinder_password: {get_param: CinderPassword}
- cinder_enable_iscsi_backend: {get_param: CinderEnableIscsiBackend}
- cinder_iscsi_helper: {get_param: CinderISCSIHelper}
- cinder_backend_config: {get_param: CinderBackendConfig}
- cinder_dsn:
- list_join:
- - ''
- - - 'mysql+pymysql://cinder:'
- - {get_param: CinderPassword}
- - '@'
- - {get_param: MysqlVirtualIPUri}
- - '/cinder'
- heat_password: {get_param: HeatPassword}
- heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
- heat_dsn:
- list_join:
- - ''
- - - 'mysql+pymysql://heat:'
- - {get_param: HeatPassword}
- - '@'
- - {get_param: MysqlVirtualIPUri}
- - '/heat'
+ cinder_public_url: {get_param: [EndpointMap, CinderPublic, uri]}
+ cinder_internal_url: {get_param: [EndpointMap, CinderInternal, uri]}
+ cinder_admin_url: {get_param: [EndpointMap, CinderAdmin, uri]}
+ cinder_public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]}
+ cinder_internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]}
+ cinder_admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]}
keystone_identity_uri: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix] }
keystone_auth_uri: {get_param: [EndpointMap, KeystoneInternal, uri] }
keystone_ec2_uri: { get_param: [EndpointMap, KeystoneEC2, uri] }
enable_fencing: {get_param: EnableFencing}
enable_galera: {get_param: EnableGalera}
enable_load_balancer: {get_param: EnableLoadBalancer}
- enable_ceph_storage: {get_param: EnableCephStorage}
- enable_swift_storage: {get_param: EnableSwiftStorage}
manage_firewall: {get_param: ManageFirewall}
purge_firewall_rules: {get_param: PurgeFirewallRules}
mysql_innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
mysql_max_connections: {get_param: MysqlMaxConnections}
mysql_root_password: {get_param: MysqlRootPassword}
+ mysql_clustercheck_password: {get_param: MysqlClustercheckPassword}
mysql_cluster_name:
str_replace:
template: tripleo-CLUSTER
params:
CLUSTER: {get_param: MysqlClusterUniquePart}
- neutron_flat_networks:
- str_replace:
- template: NETWORKS
- params:
- NETWORKS: {get_param: NeutronFlatNetworks}
neutron_metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
- neutron_agent_mode: {get_param: NeutronAgentMode}
- neutron_router_distributed: {get_param: NeutronDVR}
- neutron_core_plugin: {get_param: NeutronCorePlugin}
- neutron_service_plugins:
- str_replace:
- template: PLUGINS
- params:
- PLUGINS: {get_param: NeutronServicePlugins}
- neutron_type_drivers:
- str_replace:
- template: DRIVERS
- params:
- DRIVERS: {get_param: NeutronTypeDrivers}
- neutron_enable_dhcp_agent: {get_param: NeutronEnableDHCPAgent}
- neutron_enable_l3_agent: {get_param: NeutronEnableL3Agent}
- neutron_enable_metadata_agent: {get_param: NeutronEnableMetadataAgent}
- neutron_enable_ovs_agent: {get_param: NeutronEnableOVSAgent}
- neutron_mechanism_drivers:
- str_replace:
- template: MECHANISMS
- params:
- MECHANISMS: {get_param: NeutronMechanismDrivers}
- neutron_allow_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
- neutron_l3_ha: {get_param: NeutronL3HA}
- neutron_dhcp_agents_per_network: {get_param: NeutronDhcpAgentsPerNetwork}
- neutron_network_vlan_ranges:
- str_replace:
- template: RANGES
- params:
- RANGES: {get_param: NeutronNetworkVLANRanges}
- neutron_bridge_mappings:
- str_replace:
- template: MAPPINGS
- params:
- MAPPINGS: {get_param: NeutronBridgeMappings}
- neutron_external_network_bridge: {get_param: NeutronExternalNetworkBridge}
- neutron_public_interface: {get_param: NeutronPublicInterface}
- neutron_public_interface_raw_device: {get_param: NeutronPublicInterfaceRawDevice}
- neutron_public_interface_default_route: {get_param: NeutronPublicInterfaceDefaultRoute}
- neutron_public_interface_tag: {get_param: NeutronPublicInterfaceTag}
- neutron_tunnel_id_ranges:
- str_replace:
- template: RANGES
- params:
- RANGES: {get_param: NeutronTunnelIdRanges}
- neutron_vni_ranges:
- str_replace:
- template: RANGES
- params:
- RANGES: {get_param: NeutronVniRanges}
- neutron_tenant_network_types:
- str_replace:
- template: TYPES
- params:
- TYPES: {get_param: NeutronNetworkType}
- neutron_tunnel_types:
- str_replace:
- template: TYPES
- params:
- TYPES: {get_param: NeutronTunnelTypes}
- neutron_plugin_extensions:
- str_replace:
- template: PLUGIN_EXTENSIONS
- params:
- PLUGIN_EXTENSIONS: {get_param: NeutronPluginExtensions}
- neutron_agent_extensions:
- str_replace:
- template: AGENT_EXTENSIONS
- params:
- AGENT_EXTENSIONS: {get_param: NeutronAgentExtensions}
neutron_password: {get_param: NeutronPassword}
- neutron_tenant_mtu: {get_param: NeutronTenantMtu}
- neutron_dnsmasq_options: {get_param: NeutronDnsmasqOptions}
- neutron_dsn:
- list_join:
- - ''
- - - 'mysql+pymysql://neutron:'
- - {get_param: NeutronPassword}
- - '@'
- - {get_param: MysqlVirtualIPUri}
- - '/ovs_neutron?charset=utf8'
neutron_internal_url: { get_param: [ EndpointMap, NeutronInternal, uri ] }
neutron_public_url: { get_param: [ EndpointMap, NeutronPublic, uri ] }
neutron_admin_url: { get_param: [ EndpointMap, NeutronAdmin, uri ] }
neutron_auth_url: { get_param: [ EndpointMap, KeystoneV3Admin, uri ] }
nova_internal_url: { get_param: [ EndpointMap, NovaInternal, uri ] }
- ceilometer_backend: {get_param: CeilometerBackend}
- ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}
- ceilometer_password: {get_param: CeilometerPassword}
- ceilometer_store_events: {get_param: CeilometerStoreEvents}
aodh_password: {get_param: AodhPassword}
- ceilometer_meter_dispatcher: {get_param: CeilometerMeterDispatcher}
+ aodh_internal_url: { get_param: [ EndpointMap, AodhInternal, uri ] }
+ aodh_public_url: { get_param: [ EndpointMap, AodhPublic, uri ] }
+ aodh_admin_url: { get_param: [ EndpointMap, AodhAdmin, uri ] }
gnocchi_password: {get_param: GnocchiPassword}
gnocchi_backend: {get_param: GnocchiBackend}
gnocchi_indexer_backend: {get_param: GnocchiIndexerBackend}
@@ -1074,25 +573,27 @@ resources:
- '@'
- {get_param: RedisVirtualIPUri}
- ':6379/'
- ceilometer_dsn:
- list_join:
- - ''
- - - 'mysql+pymysql://ceilometer:'
- - {get_param: CeilometerPassword}
- - '@'
- - {get_param: MysqlVirtualIPUri}
- - '/ceilometer'
gnocchi_dsn:
list_join:
- ''
- - - 'mysql+pymysql://gnocchi:'
+ - - {get_param: [EndpointMap, MysqlInternal, protocol]}
+ - '://gnocchi:'
- {get_param: GnocchiPassword}
- '@'
- - {get_param: MysqlVirtualIPUri}
+ - {get_param: [EndpointMap, MysqlInternal, host]}
- '/gnocchi'
+ aodh_dsn:
+ list_join:
+ - ''
+ - - {get_param: [EndpointMap, MysqlInternal, protocol]}
+ - '://aodh:'
+ - {get_param: AodhPassword}
+ - '@'
+ - {get_param: [EndpointMap, MysqlInternal, host]}
+ - '/aodh'
gnocchi_internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]}
- snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
- snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
+ gnocchi_public_url: { get_param: [ EndpointMap, GnocchiPublic, uri ] }
+ gnocchi_admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] }
nova_enable_db_purge: {get_param: NovaEnableDBPurge}
nova_ipv6: {get_param: NovaIPv6}
corosync_ipv6: {get_param: CorosyncIPv6}
@@ -1101,21 +602,26 @@ resources:
nova_dsn:
list_join:
- ''
- - - 'mysql+pymysql://nova:'
+ - - {get_param: [EndpointMap, MysqlInternal, protocol]}
+ - '://nova:'
- {get_param: NovaPassword}
- '@'
- - {get_param: MysqlVirtualIPUri}
+ - {get_param: [EndpointMap, MysqlInternal, host]}
- '/nova'
nova_api_dsn:
list_join:
- ''
- - - 'mysql+pymysql://nova_api:'
+ - - {get_param: [EndpointMap, MysqlInternal, protocol]}
+ - '://nova_api:'
- {get_param: NovaPassword}
- '@'
- - {get_param: MysqlVirtualIPUri}
+ - {get_param: [EndpointMap, MysqlInternal, host]}
- '/nova_api'
upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
instance_name_template: {get_param: InstanceNameTemplate}
+ nova_public_url: {get_param: [EndpointMap, NovaPublic, uri]}
+ nova_internal_url: {get_param: [EndpointMap, NovaInternal, uri]}
+ nova_admin_url: {get_param: [EndpointMap, NovaAdmin, uri]}
fencing_config: {get_param: FencingConfig}
pcsd_password: {get_param: PcsdPassword}
rabbit_username: {get_param: RabbitUserName}
@@ -1123,32 +629,15 @@ resources:
rabbit_cookie: {get_param: RabbitCookie}
rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
rabbit_client_port: {get_param: RabbitClientPort}
- rabbit_ipv6: {get_param: RabbitIPv6}
- rabbit_fd_limit: {get_param: RabbitFDLimit}
- mongodb_no_journal: {get_param: MongoDbNoJournal}
- mongodb_ipv6: {get_param: MongoDbIPv6}
- ntp_servers: {get_param: NtpServer}
- timezone: {get_param: TimeZone}
control_virtual_interface: {get_param: ControlVirtualInterface}
public_virtual_interface: {get_param: PublicVirtualInterface}
swift_hash_suffix: {get_param: SwiftHashSuffix}
- swift_password: {get_param: SwiftPassword}
swift_part_power: {get_param: SwiftPartPower}
swift_ring_build: {get_param: SwiftRingBuild}
swift_replicas: {get_param: SwiftReplicas}
swift_min_part_hours: {get_param: SwiftMinPartHours}
- swift_mount_check: {get_param: SwiftMountCheck}
enable_package_install: {get_param: EnablePackageInstall}
enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
- sahara_password: {get_param: SaharaPassword}
- sahara_dsn:
- list_join:
- - ''
- - - 'mysql://sahara:'
- - {get_param: SaharaPassword}
- - '@'
- - {get_param: MysqlVirtualIPUri}
- - '/sahara'
swift_proxy_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
swift_management_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SwiftMgmtNetwork]}]}
cinder_iscsi_network:
@@ -1177,18 +666,18 @@ resources:
str_replace:
template: "['SUBNET']"
params:
- SUBNET: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
+ SUBNET: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
rabbitmq_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
redis_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
- redis_password: {get_param: RedisPassword}
redis_vip: {get_param: RedisVirtualIP}
sahara_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
memcached_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
mysql_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
mysql_virtual_ip: {get_param: MysqlVirtualIP}
- ceph_cluster_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
- ceph_public_network: {get_attr: [NetIpSubnetMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
+ ceph_cluster_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephClusterNetwork]}]}
+ ceph_public_network: {get_attr: [NetIpMap, net_ip_subnet_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
ceph_public_ip: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
+ ironic_api_network: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, IronicApiNetwork]}]}
# Map heat metadata into hiera datafiles
ControllerConfig:
@@ -1214,16 +703,14 @@ resources:
- vip_data # provided by vip-config
- '"%{::osfamily}"'
- common
+ - network
- cinder_dellsc_data # Optionally provided by ControllerExtraConfigPre
- cinder_netapp_data # Optionally provided by ControllerExtraConfigPre
- cinder_eqlx_data # Optionally provided by ControllerExtraConfigPre
- neutron_bigswitch_data # Optionally provided by ControllerExtraConfigPre
- neutron_cisco_data # Optionally provided by ControllerExtraConfigPre
- cisco_n1kv_data # Optionally provided by ControllerExtraConfigPre
- - neutron_nuage_data # Optionally provided by ControllerExtraConfigPre
- midonet_data #Optionally provided by AllNodesExtraConfig
- - neutron_opencontrail_data # Optionally provided by ControllerExtraConfigPre
- - neutron_plumgrid_data # Optionally provided by ControllerExtraConfigPre
merge_behavior: deeper
datafiles:
service_configs:
@@ -1237,6 +724,11 @@ resources:
mapped_data: {get_param: ExtraConfig}
common:
raw_data: {get_file: hieradata/common.yaml}
+ network:
+ mapped_data:
+ net_ip_map: {get_attr: [NetIpMap, net_ip_map]}
+ net_ip_subnet_map: {get_attr: [NetIpMap, net_ip_subnet_map]}
+ net_ip_uri_map: {get_attr: [NetIpMap, net_ip_uri_map]}
ceph:
raw_data: {get_file: hieradata/ceph.yaml}
mapped_data:
@@ -1260,183 +752,75 @@ resources:
tripleo::fencing::config: {get_input: fencing_config}
# Swift
+ # FIXME: need to move proxy_local_net_ip into swift-proxy.yaml
swift::proxy::proxy_local_net_ip: {get_input: swift_proxy_network}
- swift::proxy::authtoken::auth_uri: {get_input: keystone_auth_uri}
- swift::proxy::authtoken::identity_uri: {get_input: keystone_identity_uri}
swift::storage::all::storage_local_net_ip: {get_input: swift_management_network}
- swift::swift_hash_suffix: {get_input: swift_hash_suffix}
- swift::proxy::authtoken::admin_password: {get_input: swift_password}
- swift::proxy::workers: {get_input: swift_workers}
+ swift::swift_hash_path_suffix: {get_input: swift_hash_suffix}
tripleo::ringbuilder::build_ring: { get_input: swift_ring_build }
tripleo::ringbuilder::part_power: {get_input: swift_part_power}
tripleo::ringbuilder::replicas: {get_input: swift_replicas}
tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
- swift_mount_check: {get_input: swift_mount_check}
# Cinder
- cinder_enable_db_purge: {get_input: cinder_enable_db_purge}
- cinder_enable_nfs_backend: {get_input: cinder_enable_nfs_backend}
- cinder_enable_rbd_backend: {get_input: cinder_enable_rbd_backend}
- cinder_nfs_mount_options: {get_input: cinder_nfs_mount_options}
- cinder_nfs_servers: {get_input: cinder_nfs_servers}
- cinder_lvm_loop_device_size: {get_input: cinder_lvm_loop_device_size}
- cinder_iscsi_helper: {get_input: cinder_iscsi_helper}
- cinder_iscsi_ip_address: {get_input: cinder_iscsi_network}
- cinder::database_connection: {get_input: cinder_dsn}
- cinder::api::keystone_password: {get_input: cinder_password}
- cinder::api::auth_uri: {get_input: keystone_auth_uri}
- cinder::api::identity_uri: {get_input: keystone_identity_uri}
+ tripleo::profile::base::cinder::volume::iscsi::cinder_iscsi_address: {get_input: cinder_iscsi_network}
cinder::api::bind_host: {get_input: cinder_api_network}
- cinder::rabbit_userid: {get_input: rabbit_username}
- cinder::rabbit_password: {get_input: rabbit_password}
- cinder::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
- cinder::rabbit_port: {get_input: rabbit_client_port}
- cinder::debug: {get_input: debug}
- cinder_enable_iscsi_backend: {get_input: cinder_enable_iscsi_backend}
- cinder::glance::glance_api_servers: {get_input: glance_api_servers}
- cinder_backend_config: {get_input: CinderBackendConfig}
- cinder::db::mysql::password: {get_input: cinder_password}
+ cinder::keystone::auth::public_url: {get_input: cinder_public_url }
+ cinder::keystone::auth::internal_url: {get_input: cinder_internal_url }
+ cinder::keystone::auth::admin_url: {get_input: cinder_admin_url }
+ cinder::keystone::auth::public_url_v2: {get_input: cinder_public_url_v2 }
+ cinder::keystone::auth::internal_url_v2: {get_input: cinder_internal_url_v2 }
+ cinder::keystone::auth::admin_url_v2: {get_input: cinder_admin_url_v2 }
+ cinder::keystone::auth::password: {get_input: cinder_password }
+ cinder::keystone::auth::region: {get_input: keystone_region}
# Glance
glance::api::bind_host: {get_input: glance_api_network}
glance::registry::bind_host: {get_input: glance_registry_network}
+ glance::keystone::auth::region: {get_input: keystone_region}
+
# Heat
- heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
- heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
- heat::engine::heat_metadata_server_url: {get_input: heat.metadata_server_url}
- heat::engine::heat_waitcondition_server_url: {get_input: heat.waitcondition_server_url}
- heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
- heat::rabbit_userid: {get_input: rabbit_username}
- heat::rabbit_password: {get_input: rabbit_password}
- heat::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
- heat::rabbit_port: {get_input: rabbit_client_port}
- heat::auth_uri: {get_input: keystone_auth_uri}
- heat::keystone_ec2_uri: {get_input: keystone_ec2_uri}
- heat::identity_uri: {get_input: keystone_identity_uri}
- heat::keystone_password: {get_input: heat_password}
heat::api::bind_host: {get_input: heat_api_network}
- heat::api::workers: {get_input: heat_workers}
heat::api_cloudwatch::bind_host: {get_input: heat_api_network}
- heat::api_cloudwatch::workers: {get_input: heat_workers}
heat::api_cfn::bind_host: {get_input: heat_api_network}
- heat::api_cfn::workers: {get_input: heat_workers}
- heat::engine::num_engine_workers: {get_input: heat_workers}
- heat::database_connection: {get_input: heat_dsn}
- heat::debug: {get_input: debug}
- heat::db::mysql::password: {get_input: heat_password}
- heat_enable_db_purge: {get_input: heat_enable_db_purge}
- heat::keystone::domain::domain_password: {get_input: heat_stack_domain_admin_password}
+ heat::engine::auth_encryption_key: {get_input: heat_auth_encryption_key}
+
# Keystone
keystone::admin_bind_host: {get_input: keystone_admin_api_network}
keystone::public_bind_host: {get_input: keystone_public_api_network}
keystone::wsgi::apache::bind_host: {get_input: keystone_public_api_network}
keystone::wsgi::apache::admin_bind_host: {get_input: keystone_admin_api_network}
+
# MongoDB
mongodb::server::bind_ip: {get_input: mongo_db_network}
- mongodb::server::nojournal: {get_input: mongodb_no_journal}
- mongodb::server::ipv6: {get_input: mongodb_ipv6}
+
# MySQL
admin_password: {get_input: admin_password}
enable_galera: {get_input: enable_galera}
- enable_ceph_storage: {get_input: enable_ceph_storage}
- enable_swift_storage: {get_input: enable_swift_storage}
mysql_innodb_buffer_pool_size: {get_input: mysql_innodb_buffer_pool_size}
mysql_max_connections: {get_input: mysql_max_connections}
mysql::server::root_password: {get_input: mysql_root_password}
+ mysql_clustercheck_password: {get_input: mysql_clustercheck_password}
mysql_cluster_name: {get_input: mysql_cluster_name}
mysql_bind_host: {get_input: mysql_network}
mysql_virtual_ip: {get_input: mysql_virtual_ip}
# Neutron
neutron::bind_host: {get_input: neutron_api_network}
- neutron::rabbit_password: {get_input: rabbit_password}
- neutron::rabbit_user: {get_input: rabbit_username}
- neutron::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
- neutron::rabbit_port: {get_input: rabbit_client_port}
- neutron::debug: {get_input: debug}
- neutron::server::auth_uri: {get_input: keystone_auth_uri}
- neutron::server::identity_uri: {get_input: keystone_identity_uri}
- neutron::server::database_connection: {get_input: neutron_dsn}
- neutron::server::api_workers: {get_input: neutron_workers}
- neutron::agents::l3::external_network_bridge: {get_input: neutron_external_network_bridge}
- neutron::network_device_mtu: {get_input: neutron_tenant_mtu}
- neutron::agents::ml2::ovs::enable_tunneling: {get_input: neutron_enable_tunneling}
- neutron::agents::ml2::ovs::l2_population: {get_input: neutron_enable_l2pop}
- neutron::agents::dhcp::enable_isolated_metadata: {get_input: neutron_enable_isolated_metadata}
neutron::agents::ml2::ovs::local_ip: {get_input: neutron_local_ip}
- neutron::plugins::ml2::flat_networks: {get_input: neutron_flat_networks}
- neutron::agents::metadata::shared_secret: {get_input: neutron_metadata_proxy_shared_secret}
neutron::agents::metadata::metadata_ip: {get_input: neutron_api_network}
- neutron::agents::metadata::metadata_workers: {get_input: neutron_workers}
- neutron_agent_mode: {get_input: neutron_agent_mode}
- neutron_router_distributed: {get_input: neutron_router_distributed}
- neutron::core_plugin: {get_input: neutron_core_plugin}
- neutron::service_plugins: {get_input: neutron_service_plugins}
- neutron::enable_dhcp_agent: {get_input: neutron_enable_dhcp_agent}
- neutron::enable_l3_agent: {get_input: neutron_enable_l3_agent}
- neutron::enable_metadata_agent: {get_input: neutron_enable_metadata_agent}
- neutron::enable_ovs_agent: {get_input: neutron_enable_ovs_agent}
- neutron::plugins::ml2::type_drivers: {get_input: neutron_type_drivers}
- neutron::plugins::ml2::mechanism_drivers: {get_input: neutron_mechanism_drivers}
- neutron::plugins::ml2::extension_drivers: {get_input: neutron_plugin_extensions}
- neutron::server::allow_automatic_l3agent_failover: {get_input: neutron_allow_l3agent_failover}
- neutron::server::l3_ha: {get_input: neutron_l3_ha}
- neutron::dhcp_agents_per_network: {get_input: neutron_dhcp_agents_per_network}
- neutron::plugins::ml2::network_vlan_ranges: {get_input: neutron_network_vlan_ranges}
- neutron::plugins::ml2::tunnel_id_ranges: {get_input: neutron_tunnel_id_ranges}
- neutron::plugins::ml2::vni_ranges: {get_input: neutron_vni_ranges}
- neutron::agents::ml2::ovs::bridge_mappings: {get_input: neutron_bridge_mappings}
- neutron_public_interface: {get_input: neutron_public_interface}
- neutron_public_interface_raw_device: {get_input: neutron_public_interface_raw_device}
- neutron_public_interface_default_route: {get_input: neutron_public_interface_default_route}
- neutron_public_interface_tag: {get_input: neutron_public_interface_tag}
- neutron::plugins::ml2::tenant_network_types: {get_input: neutron_tenant_network_types}
- neutron::agents::ml2::ovs::tunnel_types: {get_input: neutron_tunnel_types}
- neutron::agents::ml2::ovs::extensions: {get_input: neutron_agent_extensions}
- neutron::server::auth_password: {get_input: neutron_password}
- neutron::agents::metadata::auth_password: {get_input: neutron_password}
- neutron_dnsmasq_options: {get_input: neutron_dnsmasq_options}
- neutron_dsn: {get_input: neutron_dsn}
- neutron::agents::metadata::auth_url: {get_input: keystone_identity_uri}
- neutron::db::mysql::password: {get_input: neutron_password}
neutron::keystone::auth::public_url: {get_input: neutron_public_url }
neutron::keystone::auth::internal_url: {get_input: neutron_internal_url }
neutron::keystone::auth::admin_url: {get_input: neutron_admin_url }
neutron::keystone::auth::password: {get_input: neutron_password }
neutron::keystone::auth::region: {get_input: keystone_region}
- neutron::server::notifications::nova_url: {get_input: nova_internal_url}
- neutron::server::notifications::auth_url: {get_input: neutron_auth_url}
- neutron::server::notifications::tenant_name: 'service'
- neutron::server::notifications::project_name: 'service'
- neutron::server::notifications::password: {get_input: nova_password}
# Ceilometer
- ceilometer_backend: {get_input: ceilometer_backend}
- ceilometer_mysql_conn_string: {get_input: ceilometer_dsn}
- ceilometer::metering_secret: {get_input: ceilometer_metering_secret}
- ceilometer::rabbit_userid: {get_input: rabbit_username}
- ceilometer::rabbit_password: {get_input: rabbit_password}
- ceilometer::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
- ceilometer::rabbit_port: {get_input: rabbit_client_port}
- ceilometer::debug: {get_input: debug}
ceilometer::api::host: {get_input: ceilometer_api_network}
- ceilometer::api::keystone_password: {get_input: ceilometer_password}
- ceilometer::api::keystone_auth_uri: {get_input: keystone_auth_uri}
- ceilometer::api::keystone_identity_uri: {get_input: keystone_identity_uri}
- ceilometer::agent::auth::auth_password: {get_input: ceilometer_password}
- ceilometer::agent::auth::auth_url: {get_input: keystone_auth_uri}
- ceilometer::agent::central::coordination_url: {get_input: ceilometer_coordination_url}
- ceilometer::agent::notification::store_events: {get_input: ceilometer_store_events}
- ceilometer::db::mysql::password: {get_input: ceilometer_password}
- ceilometer::collector::meter_dispatcher: {get_input: ceilometer_meter_dispatcher}
- ceilometer::dispatcher::gnocchi::url: {get_input: gnocchi_internal_url }
- ceilometer::dispatcher::gnocchi::filter_project: 'service'
- ceilometer::dispatcher::gnocchi::archive_policy: 'low'
- ceilometer::dispatcher::gnocchi::resources_definition_file: 'gnocchi_resources.yaml'
snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
# Aodh
+ aodh_mysql_conn_string: {get_input: aodh_dsn}
aodh::rabbit_userid: {get_input: rabbit_username}
aodh::rabbit_password: {get_input: rabbit_password}
aodh::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
@@ -1449,10 +833,16 @@ resources:
aodh::api::keystone_password: {get_input: aodh_password}
aodh::api::keystone_auth_uri: {get_input: keystone_auth_uri}
aodh::api::keystone_identity_uri: {get_input: keystone_identity_uri}
+ aodh::auth::auth_url: {get_input: keystone_auth_uri}
aodh::auth::auth_password: {get_input: aodh_password}
aodh::db::mysql::password: {get_input: aodh_password}
# for a migration path from ceilometer-alarm to aodh, we use the same database & coordination
aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url}
+ aodh::keystone::auth::public_url: {get_input: aodh_public_url }
+ aodh::keystone::auth::internal_url: {get_input: aodh_internal_url }
+ aodh::keystone::auth::admin_url: {get_input: aodh_admin_url }
+ aodh::keystone::auth::password: {get_input: aodh_password }
+ aodh::keystone::auth::region: {get_input: keystone_region}
# Gnocchi
gnocchi_backend: {get_input: gnocchi_backend}
@@ -1469,24 +859,20 @@ resources:
gnocchi::db::mysql::password: {get_input: gnocchi_password}
gnocchi::storage::swift::swift_authurl: {get_input: keystone_auth_uri}
gnocchi::storage::swift::swift_key: {get_input: gnocchi_password}
+ gnocchi::keystone::auth::public_url: {get_input: gnocchi_public_url }
+ gnocchi::keystone::auth::internal_url: {get_input: gnocchi_internal_url }
+ gnocchi::keystone::auth::admin_url: {get_input: gnocchi_admin_url }
+ gnocchi::keystone::auth::password: {get_input: gnocchi_password }
+ gnocchi::keystone::auth::region: {get_input: keystone_region}
# Nova
- nova::rabbit_userid: {get_input: rabbit_username}
- nova::rabbit_password: {get_input: rabbit_password}
- nova::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
- nova::rabbit_port: {get_input: rabbit_client_port}
nova::upgrade_level_compute: {get_input: upgrade_level_nova_compute}
- nova::debug: {get_input: debug}
nova::use_ipv6: {get_input: nova_ipv6}
nova::api::auth_uri: {get_input: keystone_auth_uri}
nova::api::identity_uri: {get_input: keystone_identity_uri}
nova::api::api_bind_address: {get_input: nova_api_network}
nova::api::metadata_listen: {get_input: nova_metadata_network}
nova::api::admin_password: {get_input: nova_password}
- nova::api::osapi_compute_workers: {get_input: nova_workers}
- nova::api::ec2_workers: {get_input: nova_workers}
- nova::api::metadata_workers: {get_input: nova_workers}
- nova::compute::network_device_mtu: {get_input: neutron_tenant_mtu}
nova::database_connection: {get_input: nova_dsn}
nova::api_database_connection: {get_input: nova_api_dsn}
nova::glance_api_servers: {get_input: glance_api_servers}
@@ -1499,6 +885,11 @@ resources:
nova::db::mysql::password: {get_input: nova_password}
nova::db::mysql_api::password: {get_input: nova_password}
nova_enable_db_purge: {get_input: nova_enable_db_purge}
+ nova::keystone::auth::public_url: {get_input: nova_public_url}
+ nova::keystone::auth::internal_url: {get_input: nova_internal_url}
+ nova::keystone::auth::admin_url: {get_input: nova_admin_url}
+ nova::keystone::auth::password: {get_input: nova_password }
+ nova::keystone::auth::region: {get_input: keystone_region}
# Horizon
apache::mod::remoteip::proxy_ips: {get_input: horizon_subnet}
@@ -1509,41 +900,11 @@ resources:
horizon::bind_address: {get_input: horizon_network}
horizon::keystone_url: {get_input: keystone_auth_uri}
- # Sahara
- sahara::host: {get_input: sahara_api_network}
- sahara::plugins:
- - cdh
- - hdp
- - mapr
- - vanilla
- - spark
- - storm
- sahara::admin_password: {get_input: sahara_password}
- sahara::auth_uri: {get_input: keystone_auth_uri}
- sahara::admin_user: sahara
- sahara::identity_uri: {get_input: keystone_identity_uri}
- sahara::use_neutron: true
- sahara::database_connection: {get_input: sahara_dsn}
- sahara::debug: {get_input: debug}
- sahara::rpc_backend: rabbit
- sahara::rabbit_userid: {get_input: rabbit_username}
- sahara::rabbit_password: {get_input: rabbit_password}
- sahara::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
- sahara::rabbit_port: {get_input: rabbit_client_port}
- sahara::db::mysql::password: {get_input: sahara_password}
-
- # Rabbit
+ # RabbitMQ
rabbitmq::node_ip_address: {get_input: rabbitmq_network}
rabbitmq::erlang_cookie: {get_input: rabbit_cookie}
- rabbitmq::file_limit: {get_input: rabbit_fd_limit}
- rabbitmq::default_user: {get_input: rabbit_username}
- rabbitmq::default_pass: {get_input: rabbit_password}
- rabbit_ipv6: {get_input: rabbit_ipv6}
# Redis
redis::bind: {get_input: redis_network}
- redis::requirepass: {get_input: redis_password}
- redis::masterauth: {get_input: redis_password}
- redis::sentinel_auth_pass: {get_input: redis_password}
redis_vip: {get_input: redis_vip}
# Firewall
tripleo::firewall::manage_firewall: {get_input: manage_firewall}
@@ -1551,18 +912,17 @@ resources:
# Misc
memcached_ipv6: {get_input: memcached_ipv6}
memcached::listen_ip: {get_input: memcached_network}
- neutron_public_interface_ip: {get_input: neutron_public_interface_ip}
- ntp::servers: {get_input: ntp_servers}
- timezone::timezone: {get_input: timezone}
control_virtual_interface: {get_input: control_virtual_interface}
public_virtual_interface: {get_input: public_virtual_interface}
- tripleo::loadbalancer::control_virtual_interface: {get_input: control_virtual_interface}
- tripleo::loadbalancer::public_virtual_interface: {get_input: public_virtual_interface}
- tripleo::loadbalancer::haproxy_log_address: {get_input: haproxy_log_address}
- tripleo::loadbalancer::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
- tripleo::loadbalancer::haproxy_stats_user: {get_input: haproxy_stats_user}
- tripleo::loadbalancer::haproxy_stats_password: {get_input: haproxy_stats_password}
- tripleo::loadbalancer::redis_password: {get_input: redis_password}
+ tripleo::keepalived::control_virtual_interface: {get_input: control_virtual_interface}
+ tripleo::keepalived::public_virtual_interface: {get_input: public_virtual_interface}
+ tripleo::haproxy::control_virtual_interface: {get_input: control_virtual_interface}
+ tripleo::haproxy::public_virtual_interface: {get_input: public_virtual_interface}
+ tripleo::haproxy::haproxy_log_address: {get_input: haproxy_log_address}
+ tripleo::haproxy::service_certificate: {get_attr: [NodeTLSData, deployed_ssl_certificate_path]}
+ tripleo::haproxy::haproxy_stats_user: {get_input: haproxy_stats_user}
+ tripleo::haproxy::haproxy_stats_password: {get_input: haproxy_stats_password}
+ tripleo::haproxy::redis_password: {get_input: redis_password}
tripleo::packages::enable_install: {get_input: enable_package_install}
tripleo::packages::enable_upgrade: {get_input: enable_package_upgrade}
@@ -1619,13 +979,6 @@ outputs:
hostname:
description: Hostname of the server
value: {get_attr: [Controller, name]}
- corosync_node:
- description: >
- Node object in the format {ip: ..., name: ...} format that the corosync
- element expects
- value:
- ip: {get_attr: [Controller, networks, ctlplane, 0]}
- name: {get_attr: [Controller, name]}
hosts_entry:
description: >
Server's IP address and hostname in the /etc/hosts format
@@ -1697,16 +1050,6 @@ outputs:
template: "IP:11211"
params:
IP: {get_attr: [NetIpMap, net_ip_uri_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
- config_identifier:
- description: identifier which changes if the controller configuration may need re-applying
- value:
- list_join:
- - ','
- - - {get_attr: [ControllerDeployment, deploy_stdout]}
- - {get_attr: [NodeTLSCAData, deploy_stdout]}
- - {get_attr: [NodeTLSData, deploy_stdout]}
- - {get_attr: [ControllerExtraConfigPre, deploy_stdout]}
- - {get_param: UpdateIdentifier}
tls_key_modulus_md5:
description: MD5 checksum of the TLS Key Modulus
value: {get_attr: [NodeTLSData, key_modulus_md5]}