openstack/tripleo-heat-templates
Code Issues Proposed changes
80da8e3968
tripleo-heat-templates/notcompute.yaml
Steve Baker 73fbe1e121 Set NoEcho: true for parameters containing secrets 
This prevents secret values being returned for stack-show.

Change-Id: I82eff26fda31511b66c6371f6ded2a5fb559f3fb
Fixes-Bug: #1226730
2013-09-17 15:18:10 -07:00

199 lines
4.8 KiB
YAML
Raw Blame History

Description: Nova API,Keystone,Heat Engine and API,Glance,Neutron,Dedicated MySQL
server,Dedicated RabbitMQ Server
HeatTemplateFormatVersion: '2012-12-12'
Parameters:
AdminToken:
Type: String
BootstrapDumpPassword:
Default: ''
Description: Password to use for mysqldump from Bootstrap Host
Type: String
NoEcho: true
BootstrapHost:
Default: ''
Description: Load mysqldump from this Host
Type: String
BootstrapRootPassword:
Default: ''
Description: Root password for localhost access after bootstrap
Type: String
NoEcho: true
BootstrapSlavePassword:
Default: ''
Description: Password to use with BootstrapSlaveUser
Type: String
NoEcho: true
BootstrapSlaveUser:
Default: ''
Description: User to use for replication from bootstrap host
Type: String
GlanceDBPassword:
Description: Password for connecting to glance database
Type: String
NoEcho: true
HeatDBPassword:
Description: Password for accessing Heat database.
Type: String
NoEcho: true
InstanceType:
Default: baremetal
Description: Use this flavor
Type: String
KeyName:
Default: default
Description: Name of an existing EC2 KeyPair to enable SSH access to the instances
Type: String
KeystoneDBPassword:
Description: Password for connecting to keystone
Type: String
NoEcho: true
NovaDBPassword:
Description: Password for connecting to nova database
Type: String
NoEcho: true
NovaInterfaces:
Default: eth0
Type: String
NeutronDBPassword:
Description: Password for connecting to neutron database
Type: String
NoEcho: true
NeutronInterfaces:
Default: eth0
Type: String
RabbitMQPassword:
Description: Password for RabbitMQ
Type: String
NoEcho: true
RabbitPassword:
Type: String
NoEcho: true
ServicePassword:
Description: admin_password for setting up auth in nova.
Type: String
NoEcho: true
notcomputeImage:
Type: String
Resources:
AccessPolicy:
Properties:
AllowedResources:
- notcompute
Type: OS::Heat::AccessPolicy
Key:
Properties:
UserName:
Ref: User
Type: AWS::IAM::AccessKey
User:
Properties:
Policies:
- Ref: AccessPolicy
Type: AWS::IAM::User
notcompute:
Metadata:
OpenStack::ImageBuilder::Elements:
- nova-api
- keystone
- heat-api
- heat-engine
- glance
- mysql-migration
- rabbitmq-server
admin-password:
Ref: ServicePassword
admin-token:
Ref: AdminToken
mysql:
create-users:
- database: keystone
username: keystone
password: {Ref: KeystoneDBPassword}
- database: heat
username: heat
password: {Ref: HeatDBPassword}
- database: glance
username: glance
password: {Ref: GlanceDBPassword}
- database: nova
username: nova
password: {Ref: NovaDBPassword}
- database: neutron
username: neutron
password: {Ref: NeutronDBPassword}
glance:
db:
Fn::Join:
- ''
- - 'mysql://glance:'
- {Ref: GlanceDBPassword}
- '@127.0.0.1/glance'
heat:
db:
Fn::Join:
- ''
- - 'mysql://heat:'
- {Ref: HeatDBPassword}
- '@127.0.0.1/heat'
access_key_id:
Ref: Key
refresh:
- resource: notcompute
secret_key:
Fn::GetAtt:
- Key
- SecretAccessKey
stack:
name:
Ref: AWS::StackName
region:
Ref: AWS::Region
auth_encryption_key: unset
interfaces:
control:
Ref: NovaInterfaces
keystone:
host:
'127.0.0.1'
db:
Fn::Join:
- ''
- - 'mysql://keystone:'
- {Ref: KeystoneDBPassword}
- '@127.0.0.1/keystone'
nova:
db:
Fn::Join:
- ''
- - 'mysql://nova:'
- {Ref: NovaDBPassword}
- '@127.0.0.1/nova'
neutron:
host:
'127.0.0.1'
ovs_db:
Fn::Join:
- ''
- - 'mysql://neutron:'
- {Ref: NeutronDBPassword}
- '@127.0.0.1/ovs_neutron'
rabbit:
host:
'127.0.0.1'
password:
Ref: RabbitPassword
users:
username: guest
password:
Ref: RabbitPassword
service-password:
Ref: ServicePassword
Properties:
ImageId:
Ref: notcomputeImage
InstanceType:
Ref: InstanceType
KeyName:
Ref: KeyName
Type: AWS::EC2::Instance
View Git Blame Copy Permalink