679ed909ce
This makes it possible to have SSL connections to APIs from compute hosts with no DNS or external connectivity - something the ci-overcloud has. Change-Id: I089ef8fdfb4a59279f09bf3cd2a4474000e4bfa6
433 lines
13 KiB
YAML
433 lines
13 KiB
YAML
Description: Nova API,Keystone,Heat Engine and API,Glance,Neutron,Dedicated MySQL
|
|
server,Dedicated RabbitMQ Server,Group of Nova Computes
|
|
HeatTemplateFormatVersion: '2012-12-12'
|
|
Parameters:
|
|
AdminPassword:
|
|
Default: unset
|
|
Description: The password for the keystone admin account, used for monitoring, querying neutron etc.
|
|
Type: String
|
|
NoEcho: true
|
|
AdminToken:
|
|
Default: unset
|
|
Description: The keystone auth secret.
|
|
Type: String
|
|
NoEcho: true
|
|
CinderPassword:
|
|
Default: unset
|
|
Description: The password for the cinder service account, used by cinder-api.
|
|
Type: String
|
|
NoEcho: true
|
|
Flavor:
|
|
Default: baremetal
|
|
Description: Flavor to request when deploying.
|
|
Type: String
|
|
GlancePassword:
|
|
Default: unset
|
|
Description: The password for the glance service account, used by the glance services.
|
|
Type: String
|
|
NoEcho: true
|
|
HeatPassword:
|
|
Default: unset
|
|
Description: The password for the Heat service account, used by the Heat services.
|
|
Type: String
|
|
NoEcho: true
|
|
ImageUpdatePolicy:
|
|
Default: 'REPLACE'
|
|
Description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
|
|
Type: String
|
|
KeyName:
|
|
Default: default
|
|
Description: Name of an existing EC2 KeyPair to enable SSH access to the instances
|
|
Type: String
|
|
NeutronBridgeMappings:
|
|
Description: The OVS logical->physical bridge mappings to use.
|
|
Type: String
|
|
Default: ''
|
|
NeutronPassword:
|
|
Default: unset
|
|
Description: The password for the neutron service account, used by neutron agents.
|
|
Type: String
|
|
NoEcho: true
|
|
CeilometerComputeAgent:
|
|
Description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
|
|
Type: String
|
|
Default: ''
|
|
AllowedValues: ['', Present]
|
|
CeilometerMeteringSecret:
|
|
Default: unset
|
|
Description: Secret shared by the ceilometer services.
|
|
Type: String
|
|
NoEcho: true
|
|
CeilometerPassword:
|
|
Default: unset
|
|
Description: The password for the ceilometer service account.
|
|
Type: String
|
|
NoEcho: true
|
|
CloudName:
|
|
Default: ''
|
|
Description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
|
|
Type: String
|
|
NovaComputeDriver:
|
|
Default: libvirt.LibvirtDriver
|
|
Type: String
|
|
NovaComputeLibvirtType:
|
|
Default: ''
|
|
Type: String
|
|
NovaImage:
|
|
Type: String
|
|
Default: overcloud-compute
|
|
NovaPassword:
|
|
Default: unset
|
|
Description: The password for the nova service account, used by nova-api.
|
|
Type: String
|
|
NoEcho: true
|
|
NeutronFlatNetworks:
|
|
Type: String
|
|
Default: ''
|
|
Description: If set, flat networks to configure in neutron plugins.
|
|
HypervisorNeutronPhysicalBridge:
|
|
Default: ''
|
|
Description: An OVS bridge to create on each hypervisor.
|
|
Type: String
|
|
HypervisorNeutronPublicInterface:
|
|
Default: ''
|
|
Description: What interface to add to the HypervisorNeutronPhysicalBridge.
|
|
Type: String
|
|
NeutronPublicInterface:
|
|
Default: eth0
|
|
Description: What interface to bridge onto br-ex for network nodes.
|
|
Type: String
|
|
NeutronPublicInterfaceDefaultRoute:
|
|
Default: ''
|
|
Description: A custom default route for the NeutronPublicInterface.
|
|
Type: String
|
|
NeutronPublicInterfaceIP:
|
|
Default: ''
|
|
Description: A custom IP address to put onto the NeutronPublicInterface.
|
|
Type: String
|
|
NeutronPublicInterfaceRawDevice:
|
|
Default: ''
|
|
Description: If set, the public interface is a vlan with this device as the raw device.
|
|
Type: String
|
|
notcomputeImage:
|
|
Type: String
|
|
Default: overcloud-control
|
|
NtpServer:
|
|
Type: String
|
|
Default: ''
|
|
StaticHosts:
|
|
Default:
|
|
Fn::Join:
|
|
- ' '
|
|
- - Fn::Select:
|
|
- 0
|
|
- Fn::Select:
|
|
- ctlplane
|
|
- Fn::GetAtt:
|
|
- notCompute0
|
|
- networks
|
|
- {Ref: CloudName}
|
|
Description: Static content to append to /etc/hosts
|
|
Type: String
|
|
Resources:
|
|
AccessPolicy:
|
|
Properties:
|
|
AllowedResources:
|
|
- notCompute0
|
|
- notCompute0Config
|
|
Type: OS::Heat::AccessPolicy
|
|
ComputeAccessPolicy:
|
|
Properties:
|
|
AllowedResources:
|
|
- NovaCompute0
|
|
- NovaCompute0Config
|
|
Type: OS::Heat::AccessPolicy
|
|
notCompute0Key:
|
|
Properties:
|
|
UserName:
|
|
Ref: User
|
|
Type: AWS::IAM::AccessKey
|
|
notCompute0CompletionCondition:
|
|
Type: AWS::CloudFormation::WaitCondition
|
|
DependsOn: notCompute0
|
|
Properties:
|
|
Handle: {Ref: notCompute0CompletionHandle}
|
|
Count: '1'
|
|
Timeout: '1800'
|
|
notCompute0CompletionHandle:
|
|
Type: OS::Heat::UpdateWaitConditionHandle
|
|
NovaCompute0Key:
|
|
Type: FileInclude
|
|
Path: nova-compute-instance.yaml
|
|
SubKey: Resources.NovaCompute0Key
|
|
NovaCompute0CompletionCondition:
|
|
Type: FileInclude
|
|
Path: nova-compute-instance.yaml
|
|
SubKey: Resources.NovaCompute0CompletionCondition
|
|
NovaCompute0CompletionHandle:
|
|
Type: FileInclude
|
|
Path: nova-compute-instance.yaml
|
|
SubKey: Resources.NovaCompute0CompletionHandle
|
|
ComputeUser:
|
|
Properties:
|
|
Policies:
|
|
- Ref: ComputeAccessPolicy
|
|
Type: AWS::IAM::User
|
|
NovaCompute0Config:
|
|
Type: FileInclude
|
|
Path: nova-compute-instance.yaml
|
|
SubKey: Resources.NovaCompute0Config
|
|
Parameters:
|
|
NovaApiHost: {"Fn::Select": [ 0, {"Fn::Select": [ "ctlplane", {"Fn::GetAtt": [notCompute0, networks]} ]} ] }
|
|
KeystoneHost: {"Fn::Select": [ 0, {"Fn::Select": [ "ctlplane", {"Fn::GetAtt": [notCompute0, networks]} ]} ] }
|
|
RabbitHost: {"Fn::Select": [ 0, {"Fn::Select": [ "ctlplane", {"Fn::GetAtt": [notCompute0, networks]} ]} ] }
|
|
NeutronHost: {"Fn::Select": [ 0, {"Fn::Select": [ "ctlplane", {"Fn::GetAtt": [notCompute0, networks]} ]} ] }
|
|
GlanceHost: {"Fn::Select": [ 0, {"Fn::Select": [ "ctlplane", {"Fn::GetAtt": [notCompute0, networks]} ]} ] }
|
|
NovaDSN: {"Fn::Join": ['', ['mysql://nova:unset@', {"Fn::Select": [ 0, {"Fn::Select": [ "ctlplane", {"Fn::GetAtt": [notCompute0, networks]} ]} ]}, '/nova']]}
|
|
CeilometerDSN: {"Fn::Join": ['', ['mysql://ceilometer:unset@', {"Fn::Select": [ 0, {"Fn::Select": [ "ctlplane", {"Fn::GetAtt": [notCompute0, networks]} ]} ]}, '/ceilometer']]}
|
|
NeutronDSN: {"Fn::Join": ['', ['mysql://neutron:unset@', {"Fn::Select": [ 0, {"Fn::Select": [ "ctlplane", {"Fn::GetAtt": [notCompute0, networks]} ]} ]}, '/neutron']]}
|
|
NeutronNetworkType: "gre"
|
|
NeutronEnableTunnelling: "True"
|
|
NeutronFlatNetworks:
|
|
Ref: NeutronFlatNetworks
|
|
NeutronNetworkVLANRanges: ""
|
|
NeutronPhysicalBridge:
|
|
Ref: HypervisorNeutronPhysicalBridge
|
|
NeutronPublicInterface:
|
|
Ref: HypervisorNeutronPublicInterface
|
|
NeutronBridgeMappings:
|
|
Ref: NeutronBridgeMappings
|
|
RabbitPassword: "guest"
|
|
StaticHosts:
|
|
Ref: StaticHosts
|
|
NovaCompute0:
|
|
Type: FileInclude
|
|
Path: nova-compute-instance.yaml
|
|
SubKey: Resources.NovaCompute0
|
|
User:
|
|
Properties:
|
|
Policies:
|
|
- Ref: AccessPolicy
|
|
Type: AWS::IAM::User
|
|
notCompute0Config:
|
|
Type: AWS::AutoScaling::LaunchConfiguration
|
|
Properties:
|
|
ImageId: '0'
|
|
InstanceType: '0'
|
|
Metadata:
|
|
OpenStack::Heat::Stack: {}
|
|
OpenStack::ImageBuilder::Elements:
|
|
- boot-stack
|
|
- heat-cfntools
|
|
- heat-localip
|
|
- neutron-network-node
|
|
admin-password:
|
|
Ref: AdminPassword
|
|
admin-token:
|
|
Ref: AdminToken
|
|
bootstack:
|
|
public_interface_ip:
|
|
Ref: NeutronPublicInterfaceIP
|
|
cinder:
|
|
db: mysql://cinder:unset@localhost/cinder
|
|
volume_size_mb: '5000'
|
|
service-password:
|
|
Ref: CinderPassword
|
|
completion-handle:
|
|
Ref: notCompute0CompletionHandle
|
|
controller-address:
|
|
Fn::Select:
|
|
- 0
|
|
- Fn::Select:
|
|
- 'ctlplane'
|
|
- Fn::GetAtt:
|
|
- notCompute0
|
|
- networks
|
|
db-password: unset
|
|
glance:
|
|
backend: swift
|
|
db: mysql://glance:unset@localhost/glance
|
|
host:
|
|
Fn::Select:
|
|
- 0
|
|
- Fn::Select:
|
|
- 'ctlplane'
|
|
- Fn::GetAtt:
|
|
- notCompute0
|
|
- networks
|
|
service-password:
|
|
Ref: GlancePassword
|
|
swift-store-user: service:glance
|
|
swift-store-key:
|
|
Ref: GlancePassword
|
|
heat:
|
|
admin_password:
|
|
Ref: HeatPassword
|
|
admin_tenant_name: service
|
|
admin_user: heat
|
|
auth_encryption_key: unset___________
|
|
db: mysql://heat:unset@localhost/heat
|
|
watch_server_url:
|
|
Fn::Join:
|
|
- ''
|
|
- - 'http://'
|
|
- Fn::Select:
|
|
- 0
|
|
- Fn::Select:
|
|
- 'ctlplane'
|
|
- Fn::GetAtt:
|
|
- notCompute0
|
|
- networks
|
|
- ':8003'
|
|
metadata_server_url:
|
|
Fn::Join:
|
|
- ''
|
|
- - 'http://'
|
|
- Fn::Select:
|
|
- 0
|
|
- Fn::Select:
|
|
- 'ctlplane'
|
|
- Fn::GetAtt:
|
|
- notCompute0
|
|
- networks
|
|
- ':8000'
|
|
waitcondition_server_url:
|
|
Fn::Join:
|
|
- ''
|
|
- - 'http://'
|
|
- Fn::Select:
|
|
- 0
|
|
- Fn::Select:
|
|
- 'ctlplane'
|
|
- Fn::GetAtt:
|
|
- notCompute0
|
|
- networks
|
|
- ':8000/v1/waitcondition'
|
|
hosts: {Ref: StaticHosts}
|
|
keystone:
|
|
db: mysql://keystone:unset@localhost/keystone
|
|
host:
|
|
Fn::Select:
|
|
- 0
|
|
- Fn::Select:
|
|
- 'ctlplane'
|
|
- Fn::GetAtt:
|
|
- notCompute0
|
|
- networks
|
|
neutron:
|
|
flat-networks: {Ref: NeutronFlatNetworks}
|
|
host:
|
|
Fn::Select:
|
|
- 0
|
|
- Fn::Select:
|
|
- ctlplane
|
|
- Fn::GetAtt:
|
|
- notCompute0
|
|
- networks
|
|
metadata_proxy_shared_secret: unset
|
|
ovs:
|
|
enable_tunneling: 'True'
|
|
local_ip:
|
|
Fn::Select:
|
|
- 0
|
|
- Fn::Select:
|
|
- ctlplane
|
|
- Fn::GetAtt:
|
|
- notCompute0
|
|
- networks
|
|
bridge_mappings: {Ref: NeutronBridgeMappings}
|
|
public_interface:
|
|
Ref: NeutronPublicInterface
|
|
public_interface_raw_device:
|
|
Ref: NeutronPublicInterfaceRawDevice
|
|
public_interface_route:
|
|
Ref: NeutronPublicInterfaceDefaultRoute
|
|
physical_bridge: br-ex
|
|
tenant_network_type: gre
|
|
ovs_db: mysql://neutron:unset@localhost/ovs_neutron?charset=utf8
|
|
service-password:
|
|
Ref: NeutronPassword
|
|
ceilometer:
|
|
db: mysql://ceilometer:unset@localhost/ceilometer
|
|
metering_secret: {Ref: CeilometerMeteringSecret}
|
|
service-password:
|
|
Ref: CeilometerPassword
|
|
nova:
|
|
compute_driver: libvirt.LibvirtDriver
|
|
db: mysql://nova:unset@localhost/nova
|
|
default_floating_pool:
|
|
ext-net
|
|
host:
|
|
Fn::Select:
|
|
- 0
|
|
- Fn::Select:
|
|
- 'ctlplane'
|
|
- Fn::GetAtt:
|
|
- notCompute0
|
|
- networks
|
|
metadata-proxy: true
|
|
service-password:
|
|
Ref: NovaPassword
|
|
os-collect-config:
|
|
cfn:
|
|
access_key_id:
|
|
Ref: notCompute0Key
|
|
path: notCompute0Config.Metadata
|
|
secret_access_key:
|
|
Fn::GetAtt:
|
|
- notCompute0Key
|
|
- SecretAccessKey
|
|
stack_name:
|
|
Ref: AWS::StackName
|
|
rabbit:
|
|
host:
|
|
Fn::Select:
|
|
- 0
|
|
- Fn::Select:
|
|
- ctlplane
|
|
- Fn::GetAtt:
|
|
- notCompute0
|
|
- networks
|
|
password: guest
|
|
ntp:
|
|
servers:
|
|
- {server: {Ref: NtpServer}, fudge: "stratum 0"}
|
|
notCompute0:
|
|
Type: OS::Nova::Server
|
|
Properties:
|
|
image:
|
|
Ref: notcomputeImage
|
|
image_update_policy:
|
|
Ref: ImageUpdatePolicy
|
|
flavor:
|
|
Ref: Flavor
|
|
key_name:
|
|
Ref: KeyName
|
|
Metadata:
|
|
os-collect-config:
|
|
cfn:
|
|
access_key_id:
|
|
Ref: notCompute0Key
|
|
path: notCompute0Config.Metadata
|
|
secret_access_key:
|
|
Fn::GetAtt:
|
|
- notCompute0Key
|
|
- SecretAccessKey
|
|
stack_name:
|
|
Ref: AWS::StackName
|
|
Outputs:
|
|
KeystoneURL:
|
|
Description: URL for the Overcloud Keystone service
|
|
Value:
|
|
Fn::Join:
|
|
- ''
|
|
- - http://
|
|
- Fn::Select:
|
|
- 0
|
|
- Fn::Select:
|
|
- ctlplane
|
|
- Fn::GetAtt:
|
|
- notCompute0
|
|
- networks
|
|
- :5000/v2.0/
|