description: All-in-one baremetal OpenStack and all dependencies. heat_template_version: 2013-05-23 parameters: AdminPassword: default: unset description: The password for the keystone admin account, used for monitoring, querying neutron etc. type: string hidden: true AdminToken: default: unset description: The keystone auth secret. type: string hidden: true BaremetalArch: default: i386 description: The architecture to use in Nova-BM - i386 or amd64. type: string CeilometerMeteringSecret: default: unset description: Secret shared by the ceilometer services. type: string hidden: true CeilometerPassword: default: unset description: The password for the ceilometer service account. type: string hidden: true Debug: default: '' description: Set to True to enable debugging on all services. type: string DefaultSignalTransport: default: CFN_SIGNAL description: Transport to use for software-config signals. type: string constraints: - allowed_values: [ CFN_SIGNAL, HEAT_SIGNAL, NO_SIGNAL ] ExtraConfig: default: {} description: | Additional configuration to inject into the cluster. The JSON should have the following structure: {"FILEKEY": {"config: [{"section": "SECTIONNAME", "values": [{"option": "OPTIONNAME", "value": "VALUENAME" } ] } ] } } For instance: {"nova": {"config": [{"section": "default", "values": [{"option": "compute_manager", "value": "ironic.nova.compute.manager.ClusterComputeManager" } ] }, {"section": "cells", "values": [{"option": "driver", "value": "nova.cells.rpc_driver.CellsRPCDriver" } ] } ] } } type: json Flavor: description: Flavor to request when deploying. type: string constraints: - custom_constraint: nova.flavor GlanceLogFile: description: The filepath of the file to use for logging messages from Glance. type: string default: '' GlancePassword: default: unset description: The password for the glance service account, used by the glance services. type: string hidden: true GlancePort: default: 9292 description: Glance port. type: string GlanceProtocol: default: http description: Protocol to use when connecting to glance, set to https for SSL. type: string GlanceNotifierStrategy: description: Strategy to use for Glance notification queue type: string default: noop KeyName: default: default description: Name of an existing EC2 KeyPair to enable SSH access to the instances type: string KeystoneCACertificate: default: '' description: Keystone self-signed certificate authority certificate. type: string KeystoneSigningCertificate: default: '' description: Keystone certificate for verifying token validity. type: string KeystoneSigningKey: default: '' description: Keystone key for signing tokens. type: string hidden: true KeystoneSSLCertificate: default: '' description: Keystone certificate for verifying token validity. type: string KeystoneSSLCertificateKey: default: '' description: Keystone key for signing tokens. type: string hidden: true HeatPassword: default: unset description: The password for the Heat service account, used by the Heat services. type: string hidden: true HeatStackDomainAdminPassword: description: Password for heat_domain_admin user. type: string default: '' hidden: true ImageUpdatePolicy: default: REBUILD_PRESERVE_EPHEMERAL description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt. type: string MysqlInnodbBufferPoolSize: description: > Specifies the size of the buffer pool in megabytes. Setting to zero should be interpreted as "no value" and will defer to the lower level default. type: number default: 0 NeutronPassword: default: unset description: The password for the neutron service account, used by neutron agents. type: string hidden: true NeutronPublicInterfaceDefaultRoute: default: '' description: A custom default route for the NeutronPublicInterface. type: string NeutronPublicInterfaceIP: default: '' description: > A custom IP address to put onto the NeutronPublicInterface bridge. See also NeutronPublicInterfaceTagIP for adding a VLAN tagging IP. NeutronPublicInterfaceIP is deprecated in the context of deploying underclouds - its only needed for the seed bootstrap process. type: string NeutronPublicInterfaceRawDevice: default: '' description: If set, the public interface is a vlan with this device as the raw device. type: string NeutronPublicInterfaceTag: default: '' description: > VLAN tag for creating a public VLAN. The tag will be used to create an access port on the exterior bridge, and that port will be given the IP address returned by neutron from the public network. type: string NovaPassword: default: unset description: The password for the nova service account, used by nova-api. type: string hidden: true NeutronDVR: default: 'False' type: string NtpServer: type: string default: '' RabbitCookieSalt: type: string default: unset description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change. RabbitUserName: default: guest description: The username for RabbitMQ type: string RabbitPassword: default: guest description: The password for RabbitMQ type: string hidden: true SnmpdReadonlyUserName: default: ro_snmp_user description: The user name for SNMPd with readonly rights running on all Overcloud nodes type: string SnmpdReadonlyUserPassword: default: unset description: The user password for SNMPd with readonly rights running on all Overcloud nodes type: string hidden: true undercloudImage: default: undercloud type: string resources: RabbitCookie: type: OS::Heat::RandomString properties: length: 20 salt: get_param: RabbitCookieSalt MysqlRootPassword: type: OS::Heat::RandomString properties: length: 10 undercloudConfig: type: OS::Heat::StructuredConfig properties: config: completion-signal: {get_input: deploy_signal_id} admin-password: get_param: AdminPassword admin-token: get_param: AdminToken bootstrap_host: bootstrap_nodeid: Fn::Select: - 0 - Fn::Select: - 0 - Merge::Map: undercloud: - get_attr: - undercloud - name nodeid: {get_input: bootstack_nodeid} bootstack: public_interface_ip: get_param: NeutronPublicInterfaceIP controller-address: get_input: controller_host corosync: bindnetaddr: {get_input: controller_host} mcastport: 5577 nodes: Merge::Map: controller0: ip: {get_attr: [undercloud, networks, ctlplane, 0]} pacemaker: stonith_enabled : false recheck_interval : 5 quorum_policy : ignore ceilometer: db: {list_join: ['', ['mysql://ceilometer:', {get_param: CeilometerPassword}, '@localhost/ceilometer']]} debug: {get_param: Debug} metering_secret: {get_param: CeilometerMeteringSecret} snmpd_readonly_user_name: get_param: SnmpdReadonlyUserName snmpd_readonly_user_password: get_param: SnmpdReadonlyUserPassword service-password: get_param: CeilometerPassword db-password: unset glance: backend: file db: {list_join: ['', ['mysql://glance:', {get_param: GlancePassword}, '@localhost/glance']]} debug: {get_param: Debug} host: 127.0.0.1 port: get_param: GlancePort protocol: get_param: GlanceProtocol service-password: get_param: GlancePassword notifier-strategy: get_param: GlanceNotifierStrategy log-file: get_param: GlanceLogFile heat: admin_password: get_param: HeatPassword admin_tenant_name: service admin_user: heat auth_encryption_key: unset___________ db: {list_join: ['', ['mysql://heat:', {get_param: HeatPassword}, '@localhost/heat']]} debug: {get_param: Debug} stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword} watch_server_url: {get_input: heat.watch_server_url} metadata_server_url: {get_input: heat.metadata_server_url} waitcondition_server_url: {get_input: heat.waitcondition_server_url} keystone: db: {list_join: ['', ['mysql://keystone:', {get_param: AdminToken}, '@localhost/keystone']]} debug: {get_param: Debug} host: 127.0.0.1 ca_certificate: {get_param: KeystoneCACertificate} signing_key: {get_param: KeystoneSigningKey} signing_certificate: {get_param: KeystoneSigningCertificate} ssl: certificate: {get_param: KeystoneSSLCertificate} certificate_key: {get_param: KeystoneSSLCertificateKey} mysql: innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize} root-password: {get_resource: MysqlRootPassword} bind_address: 127.0.0.1 neutron: debug: {get_param: Debug} host: 127.0.0.1 ovs_db: {list_join: ['', ['mysql://neutron:', {get_param: NeutronPassword}, '@localhost/ovs_neutron?charset=utf8']]} ovs: local_ip: get_input: controller_host public_interface: get_param: NeutronPublicInterface public_interface_raw_device: get_param: NeutronPublicInterfaceRawDevice public_interface_route: get_param: NeutronPublicInterfaceDefaultRoute public_interface_tag: get_param: NeutronPublicInterfaceTag physical_bridge: br-ctlplane physical_network: ctlplane network_vlan_ranges: ctlplane bridge_mappings: ctlplane:br-ctlplane tenant_network_type: vlan enable_tunneling: 'False' service-password: get_param: NeutronPassword rabbit: host: 127.0.0.1 username: get_param: RabbitUserName password: get_param: RabbitPassword cookie: get_attr: - RabbitCookie - value ntp: servers: - {server: {get_param: NtpServer}} undercloudPassthroughConfig: type: OS::Heat::StructuredConfig properties: config: {get_input: passthrough_config} undercloud: type: OS::Nova::Server properties: image: get_param: undercloudImage flavor: get_param: Flavor key_name: get_param: KeyName image_update_policy: get_param: ImageUpdatePolicy networks: - network: ctlplane user_data_format: SOFTWARE_CONFIG undercloudDeployment: depends_on: [undercloudPassthroughDeployment] type: OS::Heat::StructuredDeployment properties: config: {get_resource: undercloudConfig} server: {get_resource: undercloud} signal_transport: {get_param: DefaultSignalTransport} input_values: bootstack_nodeid: get_attr: - undercloud - name controller_host: get_attr: - undercloud - networks - ctlplane - 0 heat.watch_server_url: Fn::Join: - '' - - 'http://' - get_attr: [undercloud, networks, ctlplane, 0] - ':8003' heat.metadata_server_url: Fn::Join: - '' - - 'http://' - {get_attr: [undercloud, networks, ctlplane, 0]} - ':8000' heat.waitcondition_server_url: Fn::Join: - '' - - 'http://' - {get_attr: [undercloud, networks, ctlplane, 0]} - ':8000/v1/waitcondition' undercloudPassthroughDeployment: depends_on: [undercloudNovaDeployment] type: OS::Heat::StructuredDeployment properties: config: {get_resource: undercloudPassthroughConfig} server: {get_resource: undercloud} signal_transport: NO_SIGNAL input_values: passthrough_config: {get_param: ExtraConfig}