Description: Nova API,Keystone,Heat Engine and API,Glance,Neutron,Dedicated MySQL
  server,Dedicated RabbitMQ Server
HeatTemplateFormatVersion: '2012-12-12'
Parameters:
  AdminToken:
    Type: String
  BootstrapDumpPassword:
    Default: ''
    Description: Password to use for mysqldump from Bootstrap Host
    Type: String
    NoEcho: true
  BootstrapHost:
    Default: ''
    Description: Load mysqldump from this Host
    Type: String
  BootstrapRootPassword:
    Default: ''
    Description: Root password for localhost access after bootstrap
    Type: String
    NoEcho: true
  BootstrapSlavePassword:
    Default: ''
    Description: Password to use with BootstrapSlaveUser
    Type: String
    NoEcho: true
  BootstrapSlaveUser:
    Default: ''
    Description: User to use for replication from bootstrap host
    Type: String
  GlanceDBPassword:
    Description: Password for connecting to glance database
    Type: String
    NoEcho: true
  GlanceNotifierStrategy:
    Description: Strategy to use for Glance notification queue
    Type: String
    Default: noop
  GlanceLogFile:
    Description: The filepath of the file to use for logging messages from Glance.
    Type: String
    Default: ''
  HeatDBPassword:
    Description: Password for accessing Heat database.
    Type: String
    NoEcho: true
  InstanceType:
    Default: baremetal
    Description: Use this flavor
    Type: String
  KeyName:
    Default: default
    Description: Name of an existing EC2 KeyPair to enable SSH access to the instances
    Type: String
  KeystoneDBPassword:
    Description: Password for connecting to keystone
    Type: String
    NoEcho: true
  NovaDBPassword:
    Description: Password for connecting to nova database
    Type: String
    NoEcho: true
  NovaInterfaces:
    Default: eth0
    Type: String
  NeutronDBPassword:
    Description: Password for connecting to neutron database
    Type: String
    NoEcho: true
  NeutronInterfaces:
    Default: eth0
    Type: String
  RabbitMQPassword:
    Description: Password for RabbitMQ
    Type: String
    NoEcho: true
  RabbitUserName:
    Type: String
  RabbitPassword:
    Type: String
    NoEcho: true
  ServicePassword:
    Description: admin_password for setting up auth in nova.
    Type: String
    NoEcho: true
  controllerImage:
    Type: String
  HeatStackDomainAdminPassword:
    Description: Password for heat_domain_admin user.
    Type: String
    Default: ''
    NoEcho: true
Resources:
  AccessPolicy:
    Properties:
      AllowedResources:
      - controller0
    Type: OS::Heat::AccessPolicy
  controller0Key:
    Properties:
      UserName:
        Ref: User
    Type: AWS::IAM::AccessKey
  User:
    Properties:
      Policies:
      - Ref: AccessPolicy
    Type: AWS::IAM::User
  controller0:
    Metadata:
      OpenStack::ImageBuilder::Elements:
      - nova-api
      - keystone
      - heat-api
      - heat-engine
      - glance
      - mysql-migration
      - rabbitmq-server
      admin-password:
        Ref: ServicePassword
      admin-token:
        Ref: AdminToken
      mysql:
        create-users:
          - database: keystone
            username: keystone
            password: {Ref: KeystoneDBPassword}
          - database: heat
            username: heat
            password: {Ref: HeatDBPassword}
          - database: glance
            username: glance
            password: {Ref: GlanceDBPassword}
          - database: nova
            username: nova
            password: {Ref: NovaDBPassword}
          - database: neutron
            username: neutron
            password: {Ref: NeutronDBPassword}
      glance:
        db:
          Fn::Join:
            - ''
            - - 'mysql://glance:'
              - {Ref: GlanceDBPassword}
              - '@127.0.0.1/glance'
          notifier-strategy:
            Ref: GlanceNotifierStrategy
          log-file:
            Ref: GlanceLogFile
      heat:
        db:
          Fn::Join:
            - ''
            - - 'mysql://heat:'
              - {Ref: HeatDBPassword}
              - '@127.0.0.1/heat'
        access_key_id:
          Ref: controller0Key
        refresh:
        - resource: controller0
        secret_key:
          Fn::GetAtt:
          - controller0Key
          - SecretAccessKey
        stack:
          name:
            Ref: AWS::StackName
          region:
            Ref: AWS::Region
        auth_encryption_key: unset
        stack_domain_admin_password: {Ref: HeatStackDomainAdminPassword}
      interfaces:
        control:
          Ref: NovaInterfaces
      keystone:
        host:
          '127.0.0.1'
        db:
          Fn::Join:
            - ''
            - - 'mysql://keystone:'
              - {Ref: KeystoneDBPassword}
              - '@127.0.0.1/keystone'
      nova:
        db:
          Fn::Join:
            - ''
            - - 'mysql://nova:'
              - {Ref: NovaDBPassword}
              - '@127.0.0.1/nova'
      neutron:
        host:
          '127.0.0.1'
        ovs_db:
          Fn::Join:
            - ''
            - - 'mysql://neutron:'
              - {Ref: NeutronDBPassword}
              - '@127.0.0.1/ovs_neutron'
      rabbit:
        host:
          '127.0.0.1'
        username:
          Ref: RabbitUserName
        password:
          Ref: RabbitPassword
        users:
          username:
            Ref: RabbitUserName
          password:
            Ref: RabbitPassword
        cookie:
          Fn::GetAtt:
          - RabbitCookie
          - value
      service-password:
        Ref: ServicePassword
    Properties:
      ImageId:
        Ref: controllerImage
      InstanceType:
        Ref: InstanceType
      KeyName:
        Ref: KeyName
    Type: AWS::EC2::Instance