4f4d8e3d16
This change will allow for the enablement of Neutron routers HA via the new NeutronL3HA parameter. Change-Id: Ia5f7c0b4e89159456482e840c50d166ec5f25d4c Implements: blueprint tripleo-icehouse-ha-production-configuration
967 lines
32 KiB
YAML
967 lines
32 KiB
YAML
description: Nova API,Keystone,Heat Engine and API,Glance,Neutron,Dedicated MySQL
|
|
server,Dedicated RabbitMQ Server,Group of Nova Computes
|
|
heat_template_version: 2013-05-23
|
|
parameters:
|
|
AdminPassword:
|
|
default: unset
|
|
description: The password for the keystone admin account, used for monitoring, querying neutron etc.
|
|
type: string
|
|
hidden: true
|
|
AdminToken:
|
|
default: unset
|
|
description: The keystone auth secret.
|
|
type: string
|
|
hidden: true
|
|
CeilometerComputeAgent:
|
|
description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
|
|
type: string
|
|
default: ''
|
|
constraints:
|
|
- allowed_values: ['', Present]
|
|
CeilometerMeteringSecret:
|
|
default: unset
|
|
description: Secret shared by the ceilometer services.
|
|
type: string
|
|
hidden: true
|
|
CeilometerPassword:
|
|
default: unset
|
|
description: The password for the ceilometer service account.
|
|
type: string
|
|
hidden: true
|
|
CinderISCSIHelper:
|
|
default: tgtadm
|
|
description: The iSCSI helper to use with cinder.
|
|
type: string
|
|
CinderLVMLoopDeviceSize:
|
|
default: 5000
|
|
description: The size of the loopback file used by the cinder LVM driver.
|
|
type: number
|
|
CinderPassword:
|
|
default: unset
|
|
description: The password for the cinder service account, used by cinder-api.
|
|
type: string
|
|
hidden: true
|
|
CloudName:
|
|
default: ''
|
|
description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
|
|
type: string
|
|
ControlFixedIPs:
|
|
default: []
|
|
description: Should be used for arbitrary ips.
|
|
type: json
|
|
controllerExtraConfig:
|
|
default: {}
|
|
description: |
|
|
Controller specific configuration to inject into the cluster. Same
|
|
structure as ExtraConfig.
|
|
type: json
|
|
controllerImage:
|
|
type: string
|
|
default: overcloud-control
|
|
constraints:
|
|
- custom_constraint: glance.image
|
|
ControlVirtualInterface:
|
|
default: 'br-ex'
|
|
description: Interface where virtual ip will be assigned.
|
|
type: string
|
|
Debug:
|
|
default: ''
|
|
description: Set to True to enable debugging on all services.
|
|
type: string
|
|
DefaultSignalTransport:
|
|
default: CFN_SIGNAL
|
|
description: Transport to use for software-config signals.
|
|
type: string
|
|
constraints:
|
|
- allowed_values: [ CFN_SIGNAL, HEAT_SIGNAL, NO_SIGNAL ]
|
|
ExtraConfig:
|
|
default: {}
|
|
description: |
|
|
Additional configuration to inject into the cluster. The JSON should have
|
|
the following structure:
|
|
{"FILEKEY":
|
|
{"config":
|
|
[{"section": "SECTIONNAME",
|
|
"values":
|
|
[{"option": "OPTIONNAME",
|
|
"value": "VALUENAME"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
}
|
|
For instance:
|
|
{"nova":
|
|
{"config":
|
|
[{"section": "default",
|
|
"values":
|
|
[{"option": "force_config_drive",
|
|
"value": "always"
|
|
}
|
|
]
|
|
},
|
|
{"section": "cells",
|
|
"values":
|
|
[{"option": "driver",
|
|
"value": "nova.cells.rpc_driver.CellsRPCDriver"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
}
|
|
type: json
|
|
GlanceLogFile:
|
|
description: The filepath of the file to use for logging messages from Glance.
|
|
type: string
|
|
default: ''
|
|
HorizonPort:
|
|
type: number
|
|
default: 80
|
|
description: Horizon web server port.
|
|
GlancePassword:
|
|
default: unset
|
|
description: The password for the glance service account, used by the glance services.
|
|
type: string
|
|
hidden: true
|
|
GlancePort:
|
|
default: 9292
|
|
description: Glance port.
|
|
type: string
|
|
GlanceProtocol:
|
|
default: http
|
|
description: Protocol to use when connecting to glance, set to https for SSL.
|
|
type: string
|
|
GlanceNotifierStrategy:
|
|
description: Strategy to use for Glance notification queue
|
|
type: string
|
|
default: noop
|
|
HeatPassword:
|
|
default: unset
|
|
description: The password for the Heat service account, used by the Heat services.
|
|
type: string
|
|
hidden: true
|
|
HeatStackDomainAdminPassword:
|
|
description: Password for heat_domain_admin user.
|
|
type: string
|
|
default: ''
|
|
hidden: true
|
|
HypervisorNeutronPhysicalBridge:
|
|
default: 'br-ex'
|
|
description: >
|
|
An OVS bridge to create on each hypervisor. This defaults to br-ex the
|
|
same as the control plane nodes, as we have a uniform configuration of
|
|
the openvswitch agent. Typically should not need to be changed.
|
|
type: string
|
|
HypervisorNeutronPublicInterface:
|
|
default: nic1
|
|
description: What interface to add to the HypervisorNeutronPhysicalBridge.
|
|
type: string
|
|
ImageUpdatePolicy:
|
|
default: 'REBUILD_PRESERVE_EPHEMERAL'
|
|
description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
|
|
type: string
|
|
KeyName:
|
|
default: default
|
|
description: Name of an existing EC2 KeyPair to enable SSH access to the instances
|
|
type: string
|
|
constraints:
|
|
- custom_constraint: nova.keypair
|
|
KeystoneCACertificate:
|
|
default: ''
|
|
description: Keystone self-signed certificate authority certificate.
|
|
type: string
|
|
KeystoneSigningCertificate:
|
|
default: ''
|
|
description: Keystone certificate for verifying token validity.
|
|
type: string
|
|
KeystoneSigningKey:
|
|
default: ''
|
|
description: Keystone key for signing tokens.
|
|
type: string
|
|
hidden: true
|
|
KeystoneSSLCertificate:
|
|
default: ''
|
|
description: Keystone certificate for verifying token validity.
|
|
type: string
|
|
KeystoneSSLCertificateKey:
|
|
default: ''
|
|
description: Keystone key for signing tokens.
|
|
type: string
|
|
hidden: true
|
|
MysqlInnodbBufferPoolSize:
|
|
description: >
|
|
Specifies the size of the buffer pool in megabytes. Setting to
|
|
zero should be interpreted as "no value" and will defer to the
|
|
lower level default.
|
|
type: number
|
|
default: 0
|
|
NeutronBridgeMappings:
|
|
description: >
|
|
The OVS logical->physical bridge mappings to use. See the Neutron
|
|
documentation for details. Defaults to mapping br-ex - the external
|
|
bridge on hosts - to a physical name 'datacentre' which can be used
|
|
to create provider networks (and we use this for the default floating
|
|
network) - if changing this either use different post-install network
|
|
scripts or be sure to keep 'datacentre' as a mapping network name.
|
|
type: string
|
|
default: "datacentre:br-ex"
|
|
NeutronControlPlaneID:
|
|
default: ''
|
|
type: string
|
|
description: Neutron ID for ctlplane network.
|
|
NeutronDnsmasqOptions:
|
|
default: 'dhcp-option-force=26,1400'
|
|
description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the tunnel overhead.
|
|
type: string
|
|
NeutronFlatNetworks:
|
|
type: string
|
|
default: 'datacentre'
|
|
description: >
|
|
If set, flat networks to configure in neutron plugins. Defaults to
|
|
'datacentre' to permit external network creation.
|
|
NeutronNetworkType:
|
|
default: 'gre'
|
|
description: The tenant network type for Neutron, either gre or vxlan.
|
|
type: string
|
|
NeutronNetworkVLANRanges:
|
|
default: 'datacentre'
|
|
description: >
|
|
The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
|
|
Neutron documentation for permitted values. Defaults to permitting any
|
|
VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
|
|
type: string
|
|
NeutronPassword:
|
|
default: unset
|
|
description: The password for the neutron service account, used by neutron agents.
|
|
type: string
|
|
hidden: true
|
|
NeutronPublicInterface:
|
|
default: nic1
|
|
description: What interface to bridge onto br-ex for network nodes.
|
|
type: string
|
|
NeutronPublicInterfaceDefaultRoute:
|
|
default: ''
|
|
description: A custom default route for the NeutronPublicInterface.
|
|
type: string
|
|
NeutronPublicInterfaceIP:
|
|
default: ''
|
|
description: A custom IP address to put onto the NeutronPublicInterface.
|
|
type: string
|
|
NeutronPublicInterfaceRawDevice:
|
|
default: ''
|
|
description: If set, the public interface is a vlan with this device as the raw device.
|
|
type: string
|
|
NeutronPublicInterfaceTag:
|
|
default: ''
|
|
description: >
|
|
VLAN tag for creating a public VLAN. The tag will be used to
|
|
create an access port on the exterior bridge for each control plane node,
|
|
and that port will be given the IP address returned by neutron from the
|
|
public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
|
|
overcloud.yaml to include the deployment of VLAN ports to the control
|
|
plane.
|
|
type: string
|
|
NeutronComputeAgentMode:
|
|
default: 'dvr'
|
|
description: Agent mode for the neutron-l3-agent on the compute hosts
|
|
type: string
|
|
NeutronAgentMode:
|
|
default: 'dvr_snat'
|
|
description: Agent mode for the neutron-l3-agent on the controller hosts
|
|
type: string
|
|
NeutronDVR:
|
|
default: 'False'
|
|
description: Whether to configure Neutron Distributed Virtual Routers
|
|
type: string
|
|
NeutronMetadataProxySharedSecret:
|
|
default: 'unset'
|
|
description: Shared secret to prevent spoofing
|
|
type: string
|
|
NeutronTunnelTypes:
|
|
default: 'gre'
|
|
description: |
|
|
The tunnel types for the Neutron tenant network. To specify multiple
|
|
values, use a comma separated string, like so: 'gre,vxlan'
|
|
type: string
|
|
NeutronMechanismDrivers:
|
|
default: 'openvswitch'
|
|
description: |
|
|
The mechanism drivers for the Neutron tenant network. To specify multiple
|
|
values, use a comma separated string, like so: 'openvswitch,l2_population'
|
|
type: string
|
|
NeutronAllowL3AgentFailover:
|
|
default: 'True'
|
|
description: Allow automatic l3-agent failover
|
|
type: string
|
|
NeutronL3HA:
|
|
default: 'False'
|
|
description: Whether to enable l3-agent HA
|
|
type: string
|
|
NovaComputeDriver:
|
|
default: libvirt.LibvirtDriver
|
|
type: string
|
|
NovaComputeExtraConfig:
|
|
default: {}
|
|
description: |
|
|
NovaCompute specific configuration to inject into the cluster. Same
|
|
structure as ExtraConfig.
|
|
type: json
|
|
NovaComputeLibvirtType:
|
|
default: ''
|
|
type: string
|
|
NovaImage:
|
|
type: string
|
|
default: overcloud-compute
|
|
constraints:
|
|
- custom_constraint: glance.image
|
|
NovaPassword:
|
|
default: unset
|
|
description: The password for the nova service account, used by nova-api.
|
|
type: string
|
|
hidden: true
|
|
NtpServer:
|
|
type: string
|
|
default: ''
|
|
OvercloudComputeFlavor:
|
|
description: Flavor for compute nodes to request when deploying.
|
|
type: string
|
|
constraints:
|
|
- custom_constraint: nova.flavor
|
|
OvercloudControlFlavor:
|
|
description: Flavor for control nodes to request when deploying.
|
|
type: string
|
|
constraints:
|
|
- custom_constraint: nova.flavor
|
|
PublicVirtualFixedIPs:
|
|
default: []
|
|
description: >
|
|
Control the IP allocation for the PublicVirtualInterface port. E.g.
|
|
[{'ip_address':'1.2.3.4'}]
|
|
type: json
|
|
PublicVirtualInterface:
|
|
default: 'br-ex'
|
|
description: >
|
|
Specifies the interface where the public-facing virtual ip will be assigned.
|
|
This should be int_public when a VLAN is being used.
|
|
type: string
|
|
PublicVirtualNetwork:
|
|
default: 'ctlplane'
|
|
type: string
|
|
description: >
|
|
Neutron network to allocate public virtual IP port on.
|
|
RabbitCookieSalt:
|
|
type: string
|
|
default: unset
|
|
description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change.
|
|
RabbitPassword:
|
|
default: guest
|
|
description: The password for RabbitMQ
|
|
type: string
|
|
hidden: true
|
|
RabbitUserName:
|
|
default: guest
|
|
description: The username for RabbitMQ
|
|
type: string
|
|
RabbitClientUseSSL:
|
|
default: false
|
|
description: >
|
|
Rabbit client subscriber parameter to specify
|
|
an SSL connection to the RabbitMQ host.
|
|
type: string
|
|
RabbitClientPort:
|
|
default: 5672
|
|
description: Set rabbit subscriber port, change this if using SSL
|
|
type: number
|
|
SnmpdReadonlyUserName:
|
|
default: ro_snmp_user
|
|
description: The user name for SNMPd with readonly rights running on all Overcloud nodes
|
|
type: string
|
|
SnmpdReadonlyUserPassword:
|
|
default: unset
|
|
description: The user password for SNMPd with readonly rights running on all Overcloud nodes
|
|
type: string
|
|
hidden: true
|
|
resources:
|
|
ControlVirtualIP:
|
|
type: OS::Neutron::Port
|
|
properties:
|
|
name: control_virtual_ip
|
|
network_id: {get_param: NeutronControlPlaneID}
|
|
fixed_ips:
|
|
get_param: ControlFixedIPs
|
|
replacement_policy: AUTO
|
|
MysqlClusterUniquePart:
|
|
type: OS::Heat::RandomString
|
|
properties:
|
|
length: 10
|
|
MysqlRootPassword:
|
|
type: OS::Heat::RandomString
|
|
properties:
|
|
length: 10
|
|
PublicVirtualIP:
|
|
type: OS::Neutron::Port
|
|
properties:
|
|
name: public_virtual_ip
|
|
network: {get_param: PublicVirtualNetwork}
|
|
fixed_ips:
|
|
get_param: PublicVirtualFixedIPs
|
|
replacement_policy: AUTO
|
|
RabbitCookie:
|
|
type: OS::Heat::RandomString
|
|
properties:
|
|
length: 20
|
|
salt:
|
|
get_param: RabbitCookieSalt
|
|
NovaCompute0Deployment:
|
|
type: FileInclude
|
|
Path: nova-compute-instance.yaml
|
|
SubKey: resources.NovaCompute0Deployment
|
|
parameters:
|
|
DefaultSignalTransport:
|
|
get_param: DefaultSignalTransport
|
|
NovaApiHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
|
|
KeystoneHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
|
|
NeutronHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
|
|
GlanceHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
|
|
RabbitHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
|
|
NovaPublicIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
|
|
NeutronNetworkType:
|
|
get_param: NeutronNetworkType
|
|
NeutronTunnelTypes:
|
|
get_param: NeutronTunnelTypes
|
|
NeutronEnableTunnelling: "True"
|
|
NeutronFlatNetworks:
|
|
get_param: NeutronFlatNetworks
|
|
NeutronNetworkVLANRanges:
|
|
get_param: NeutronNetworkVLANRanges
|
|
NeutronPhysicalBridge:
|
|
get_param: HypervisorNeutronPhysicalBridge
|
|
NeutronPublicInterface:
|
|
get_param: HypervisorNeutronPublicInterface
|
|
NeutronBridgeMappings:
|
|
get_param: NeutronBridgeMappings
|
|
NeutronDVR:
|
|
get_param: NeutronDVR
|
|
NeutronAgentMode:
|
|
get_param: NeutronComputeAgentMode
|
|
NeutronPublicInterfaceRawDevice:
|
|
get_param: NeutronPublicInterfaceRawDevice
|
|
NeutronMechanismDrivers:
|
|
get_param: NeutronMechanismDrivers
|
|
NeutronAllowL3AgentFailover:
|
|
get_param: NeutronAllowL3AgentFailover
|
|
NeutronL3HA:
|
|
get_param: NeutronL3HA
|
|
NovaCompute0AllNodesDeployment:
|
|
type: FileInclude
|
|
Path: nova-compute-instance.yaml
|
|
SubKey: resources.NovaCompute0AllNodesDeployment
|
|
parameters:
|
|
AllNodesConfig: {get_resource: allNodesConfig}
|
|
NovaCompute0:
|
|
type: FileInclude
|
|
Path: nova-compute-instance.yaml
|
|
SubKey: resources.NovaCompute0
|
|
NovaCompute0Passthrough:
|
|
type: FileInclude
|
|
Path: nova-compute-instance.yaml
|
|
SubKey: resources.NovaCompute0Passthrough
|
|
parameters:
|
|
passthrough_config: {get_param: ExtraConfig}
|
|
NovaCompute0PassthroughSpecific:
|
|
type: FileInclude
|
|
Path: nova-compute-instance.yaml
|
|
SubKey: resources.NovaCompute0PassthroughSpecific
|
|
parameters:
|
|
passthrough_config_specific: {get_param: NovaComputeExtraConfig}
|
|
controllerConfig:
|
|
type: OS::Heat::StructuredConfig
|
|
properties:
|
|
group: os-apply-config
|
|
config:
|
|
admin-password:
|
|
get_param: AdminPassword
|
|
admin-token:
|
|
get_param: AdminToken
|
|
bootstack:
|
|
public_interface_ip:
|
|
get_param: NeutronPublicInterfaceIP
|
|
bootstrap_host:
|
|
bootstrap_nodeid:
|
|
Fn::Select:
|
|
- 0
|
|
- Fn::Select:
|
|
- 0
|
|
- Merge::Map:
|
|
controller0:
|
|
- get_attr:
|
|
- controller0
|
|
- name
|
|
nodeid: {get_input: bootstack_nodeid}
|
|
database:
|
|
host: &database_host
|
|
{get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
|
|
cinder:
|
|
db:
|
|
Fn::Join:
|
|
- ''
|
|
- - mysql://cinder:unset@
|
|
- *database_host
|
|
- /cinder
|
|
debug: {get_param: Debug}
|
|
volume_size_mb:
|
|
get_param: CinderLVMLoopDeviceSize
|
|
service-password:
|
|
get_param: CinderPassword
|
|
iscsi-helper:
|
|
get_param: CinderISCSIHelper
|
|
controller-address:
|
|
get_input: controller_host
|
|
corosync:
|
|
bindnetaddr: {get_input: controller_host}
|
|
mcastport: 5577
|
|
nodes:
|
|
Merge::Map:
|
|
controller0:
|
|
ip: {get_attr: [controller0, networks, ctlplane, 0]}
|
|
pacemaker:
|
|
stonith_enabled : false
|
|
recheck_interval : 5
|
|
quorum_policy : ignore
|
|
db-password: unset
|
|
glance:
|
|
registry:
|
|
host: {get_input: controller_virtual_ip}
|
|
backend: swift
|
|
db:
|
|
Fn::Join:
|
|
- ''
|
|
- - mysql://glance:unset@
|
|
- *database_host
|
|
- /glance
|
|
debug: {get_param: Debug}
|
|
host:
|
|
get_input: controller_virtual_ip
|
|
port:
|
|
get_param: GlancePort
|
|
protocol:
|
|
get_param: GlanceProtocol
|
|
service-password:
|
|
get_param: GlancePassword
|
|
swift-store-user: service:glance
|
|
swift-store-key:
|
|
get_param: GlancePassword
|
|
notifier-strategy:
|
|
get_param: GlanceNotifierStrategy
|
|
log-file:
|
|
get_param: GlanceLogFile
|
|
heat:
|
|
admin_password:
|
|
get_param: HeatPassword
|
|
admin_tenant_name: service
|
|
admin_user: heat
|
|
auth_encryption_key: unset___________
|
|
db:
|
|
Fn::Join:
|
|
- ''
|
|
- - mysql://heat:unset@
|
|
- *database_host
|
|
- /heat
|
|
debug: {get_param: Debug}
|
|
stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
|
|
watch_server_url: {get_input: heat.watch_server_url}
|
|
metadata_server_url: {get_input: heat.metadata_server_url}
|
|
waitcondition_server_url: {get_input: heat.waitcondition_server_url}
|
|
horizon:
|
|
port: {get_param: HorizonPort}
|
|
caches:
|
|
memcached:
|
|
nodes:
|
|
Merge::Map:
|
|
controller0:
|
|
{get_attr: [controller0, name]}
|
|
keystone:
|
|
db:
|
|
Fn::Join:
|
|
- ''
|
|
- - mysql://keystone:unset@
|
|
- *database_host
|
|
- /keystone
|
|
debug: {get_param: Debug}
|
|
host:
|
|
get_input: controller_virtual_ip
|
|
ca_certificate: {get_param: KeystoneCACertificate}
|
|
signing_key: {get_param: KeystoneSigningKey}
|
|
signing_certificate: {get_param: KeystoneSigningCertificate}
|
|
ssl:
|
|
certificate: {get_param: KeystoneSSLCertificate}
|
|
certificate_key: {get_param: KeystoneSSLCertificateKey}
|
|
mysql:
|
|
innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
|
|
local_bind: true
|
|
root-password: {get_resource: MysqlRootPassword}
|
|
nodes:
|
|
Merge::Map:
|
|
controller0:
|
|
ip: {get_attr: [controller0, networks, ctlplane, 0]}
|
|
cluster_name:
|
|
Fn::Join:
|
|
- '-'
|
|
- - 'tripleo'
|
|
- {get_resource: MysqlClusterUniquePart}
|
|
neutron:
|
|
debug: {get_param: Debug}
|
|
flat-networks: {get_param: NeutronFlatNetworks}
|
|
host: {get_input: controller_virtual_ip}
|
|
metadata_proxy_shared_secret: {get_param: NeutronMetadataProxySharedSecret}
|
|
agent_mode: {get_param: NeutronAgentMode}
|
|
router_distributed: {get_param: NeutronDVR}
|
|
mechanism_drivers: {get_param: NeutronMechanismDrivers}
|
|
allow_automatic_l3agent_failover: {get_param: NeutronAllowL3AgentFailover}
|
|
l3_ha: {get_param: NeutronL3HA}
|
|
ovs:
|
|
enable_tunneling: 'True'
|
|
local_ip:
|
|
get_input: controller_host
|
|
network_vlan_ranges: {get_param: NeutronNetworkVLANRanges}
|
|
bridge_mappings: {get_param: NeutronBridgeMappings}
|
|
public_interface:
|
|
get_param: NeutronPublicInterface
|
|
public_interface_raw_device:
|
|
get_param: NeutronPublicInterfaceRawDevice
|
|
public_interface_route:
|
|
get_param: NeutronPublicInterfaceDefaultRoute
|
|
public_interface_tag:
|
|
get_param: NeutronPublicInterfaceTag
|
|
physical_bridge: br-ex
|
|
tenant_network_type:
|
|
get_param: NeutronNetworkType
|
|
tunnel_types:
|
|
get_param: NeutronTunnelTypes
|
|
ovs_db:
|
|
Fn::Join:
|
|
- ''
|
|
- - mysql://neutron:unset@
|
|
- *database_host
|
|
- /ovs_neutron?charset=utf8
|
|
service-password:
|
|
get_param: NeutronPassword
|
|
dnsmasq-options:
|
|
get_param: NeutronDnsmasqOptions
|
|
ceilometer:
|
|
db:
|
|
Fn::Join:
|
|
- ''
|
|
- - mysql://ceilometer:unset@
|
|
- *database_host
|
|
- /ceilometer
|
|
debug: {get_param: Debug}
|
|
metering_secret: {get_param: CeilometerMeteringSecret}
|
|
service-password:
|
|
get_param: CeilometerPassword
|
|
snmpd:
|
|
export_MIB: UCD-SNMP-MIB
|
|
readonly_user_name:
|
|
get_param: SnmpdReadonlyUserName
|
|
readonly_user_password:
|
|
get_param: SnmpdReadonlyUserPassword
|
|
nova:
|
|
compute_driver: libvirt.LibvirtDriver
|
|
db:
|
|
Fn::Join:
|
|
- ''
|
|
- - mysql://nova:unset@
|
|
- *database_host
|
|
- /nova
|
|
default_floating_pool:
|
|
ext-net
|
|
host: {get_input: controller_virtual_ip}
|
|
metadata-proxy: true
|
|
service-password:
|
|
get_param: NovaPassword
|
|
rabbit:
|
|
host: {get_input: controller_virtual_ip}
|
|
username:
|
|
get_param: RabbitUserName
|
|
password:
|
|
get_param: RabbitPassword
|
|
cookie:
|
|
get_attr:
|
|
- RabbitCookie
|
|
- value
|
|
rabbit_client_use_ssl: {get_param: RabbitClientUseSSL}
|
|
rabbit_port: {get_param: RabbitClientPort}
|
|
ntp:
|
|
servers:
|
|
- {server: {get_param: NtpServer}, fudge: "stratum 0"}
|
|
virtual_interfaces:
|
|
instances:
|
|
- vrrp_instance_name: VI_CONTROL
|
|
virtual_router_id: 51
|
|
keepalive_interface:
|
|
get_param: ControlVirtualInterface
|
|
priority: 101
|
|
virtual_ips:
|
|
- ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
|
|
interface:
|
|
get_param: ControlVirtualInterface
|
|
- vrrp_instance_name: VI_PUBLIC
|
|
virtual_router_id: 52
|
|
keepalive_interface:
|
|
get_param: PublicVirtualInterface
|
|
priority: 101
|
|
virtual_ips:
|
|
- ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
|
|
interface:
|
|
get_param: PublicVirtualInterface
|
|
vrrp_sync_groups:
|
|
- name: VG1
|
|
members:
|
|
- VI_CONTROL
|
|
- VI_PUBLIC
|
|
keepalived:
|
|
keepalive_interface:
|
|
get_param: PublicVirtualInterface
|
|
priority: 101
|
|
virtual_ips:
|
|
-
|
|
ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
|
|
interface:
|
|
get_param: ControlVirtualInterface
|
|
-
|
|
ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
|
|
interface:
|
|
get_param: PublicVirtualInterface
|
|
haproxy:
|
|
nodes:
|
|
Merge::Map:
|
|
controller0:
|
|
ip: {get_attr: [controller0, networks, ctlplane, 0]}
|
|
name: {get_attr: [controller0, name]}
|
|
net_binds:
|
|
- &control_vip {ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}}
|
|
- &public_vip {ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}}
|
|
options:
|
|
- option httpchk GET /
|
|
services:
|
|
- name: keystone_admin
|
|
port: 35357
|
|
- name: keystone_public
|
|
port: 5000
|
|
- name: horizon
|
|
port: 80
|
|
- name: neutron
|
|
port: 9696
|
|
- name: cinder
|
|
port: 8776
|
|
- name: glance_api
|
|
port: 9292
|
|
- name: glance_registry
|
|
port: 9191
|
|
options: # overwrite options as glace_reg needs auth for http req
|
|
- name: heat_api
|
|
port: 8004
|
|
- name: heat_cloudwatch
|
|
port: 8003
|
|
- name: heat_cfn
|
|
port: 8000
|
|
- name: mysql
|
|
port: 3306
|
|
net_binds:
|
|
- *control_vip
|
|
extra_server_params:
|
|
- backup
|
|
options:
|
|
- timeout client 0
|
|
- timeout server 0
|
|
- name: nova_ec2
|
|
port: 8773
|
|
- name: nova_osapi
|
|
port: 8774
|
|
- name: nova_metadata
|
|
port: 8775
|
|
- name: nova_novncproxy
|
|
port: 6080
|
|
- name: ceilometer
|
|
port: 8777
|
|
options: # overwrite options as ceil needs auth for http req
|
|
- name: swift_proxy_server
|
|
port: 8080
|
|
options:
|
|
- option httpchk GET /info
|
|
- name: rabbitmq
|
|
port: 5672
|
|
net_binds:
|
|
- *control_vip
|
|
options:
|
|
- timeout client 0
|
|
- timeout server 0
|
|
- maxconn 1500
|
|
controllerPassthrough:
|
|
type: OS::Heat::StructuredConfig
|
|
properties:
|
|
group: os-apply-config
|
|
config: {get_input: passthrough_config}
|
|
controllerPassthroughSpecific:
|
|
type: OS::Heat::StructuredConfig
|
|
properties:
|
|
group: os-apply-config
|
|
config: {get_input: passthrough_config_specific}
|
|
controller0:
|
|
type: OS::Nova::Server
|
|
properties:
|
|
image:
|
|
get_param: controllerImage
|
|
image_update_policy:
|
|
get_param: ImageUpdatePolicy
|
|
flavor:
|
|
get_param: OvercloudControlFlavor
|
|
key_name:
|
|
get_param: KeyName
|
|
networks:
|
|
- network: ctlplane
|
|
user_data_format: SOFTWARE_CONFIG
|
|
controller0AllNodesDeployment:
|
|
depends_on: [controller0Deployment,controller0SSLDeployment,controller0Swift,controller0PassthroughSpecific]
|
|
type: OS::Heat::StructuredDeployment
|
|
properties:
|
|
signal_transport: {get_param: DefaultSignalTransport}
|
|
config: {get_resource: allNodesConfig}
|
|
server: {get_resource: controller0}
|
|
controller0Deployment:
|
|
type: OS::Heat::StructuredDeployment
|
|
properties:
|
|
signal_transport: NO_SIGNAL
|
|
config: {get_resource: controllerConfig}
|
|
server: {get_resource: controller0}
|
|
input_values:
|
|
bootstack_nodeid: {get_attr: [controller0, name]}
|
|
controller_host: {get_attr: [controller0, networks, ctlplane, 0]}
|
|
controller_virtual_ip:
|
|
{get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
|
|
heat.watch_server_url:
|
|
Fn::Join:
|
|
- ''
|
|
- - 'http://'
|
|
- {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
|
|
- ':8003'
|
|
heat.metadata_server_url:
|
|
Fn::Join:
|
|
- ''
|
|
- - 'http://'
|
|
- {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
|
|
- ':8000'
|
|
heat.waitcondition_server_url:
|
|
Fn::Join:
|
|
- ''
|
|
- - 'http://'
|
|
- {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
|
|
- ':8000/v1/waitcondition'
|
|
allNodesConfig:
|
|
type: OS::Heat::StructuredConfig
|
|
properties:
|
|
config:
|
|
completion-signal: {get_input: deploy_signal_id}
|
|
hosts:
|
|
Fn::Join:
|
|
- "\n"
|
|
- - Fn::Join:
|
|
- "\n"
|
|
- Merge::Map:
|
|
NovaCompute0:
|
|
Fn::Join:
|
|
- ' '
|
|
- - {get_attr: [NovaCompute0, networks, ctlplane, 0]}
|
|
- {get_attr: [NovaCompute0, name]}
|
|
- Fn::Join:
|
|
- '.'
|
|
- - {get_attr: [NovaCompute0, name]}
|
|
- 'novalocal'
|
|
- Fn::Join:
|
|
- "\n"
|
|
- Merge::Map:
|
|
BlockStorage0:
|
|
Fn::Join:
|
|
- ' '
|
|
- - {get_attr: [BlockStorage0, networks, ctlplane, 0]}
|
|
- {get_attr: [BlockStorage0, name]}
|
|
- Fn::Join:
|
|
- '.'
|
|
- - {get_attr: [BlockStorage0, name]}
|
|
- 'novalocal'
|
|
- Fn::Join:
|
|
- "\n"
|
|
- Merge::Map:
|
|
SwiftStorage0:
|
|
Fn::Join:
|
|
- ' '
|
|
- - {get_attr: [SwiftStorage0, networks, ctlplane, 0]}
|
|
- {get_attr: [SwiftStorage0, name]}
|
|
- Fn::Join:
|
|
- '.'
|
|
- - {get_attr: [SwiftStorage0, name]}
|
|
- 'novalocal'
|
|
- Fn::Join:
|
|
- "\n"
|
|
- Merge::Map:
|
|
controller0:
|
|
Fn::Join:
|
|
- ' '
|
|
- - {get_attr: [controller0, networks, ctlplane, 0]}
|
|
- {get_attr: [controller0, name]}
|
|
- Fn::Join:
|
|
- '.'
|
|
- - {get_attr: [controller0, name]}
|
|
- 'novalocal'
|
|
- {get_param: CloudName}
|
|
rabbit:
|
|
nodes:
|
|
Fn::Join:
|
|
- ','
|
|
- Merge::Map:
|
|
controller0:
|
|
{get_attr: [controller0, name]}
|
|
sysctl:
|
|
net.ipv4.tcp_keepalive_time: 5
|
|
net.ipv4.tcp_keepalive_probes: 5
|
|
net.ipv4.tcp_keepalive_intvl: 1
|
|
controller0SSLDeployment:
|
|
type: OS::Heat::StructuredDeployment
|
|
properties:
|
|
config: {get_resource: SSLConfig}
|
|
server: {get_resource: controller0}
|
|
signal_transport: NO_SIGNAL
|
|
input_values:
|
|
controller_host: {get_attr: [controller0, networks, ctlplane, 0]}
|
|
ssl_certificate: {get_param: SSLCertificate}
|
|
ssl_key: {get_param: SSLKey}
|
|
ssl_ca_certificate: {get_param: SSLCACertificate}
|
|
controller0Passthrough:
|
|
type: OS::Heat::StructuredDeployment
|
|
properties:
|
|
config: {get_resource: controllerPassthrough}
|
|
server: {get_resource: controller0}
|
|
signal_transport: NO_SIGNAL
|
|
input_values:
|
|
passthrough_config: {get_param: ExtraConfig}
|
|
controller0PassthroughSpecific:
|
|
depends_on: [controller0Passthrough]
|
|
type: OS::Heat::StructuredDeployment
|
|
properties:
|
|
config: {get_resource: controllerPassthroughSpecific}
|
|
server: {get_resource: controller0}
|
|
signal_transport: NO_SIGNAL
|
|
input_values:
|
|
passthrough_config_specific: {get_param: controllerExtraConfig}
|
|
outputs:
|
|
KeystoneURL:
|
|
description: URL for the Overcloud Keystone service
|
|
value:
|
|
Fn::Join:
|
|
- ''
|
|
- - http://
|
|
- {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
|
|
- :5000/v2.0/
|