tripleo-heat-templates/overcloud.yaml
Ben Nemec 73c76b867d Enable firewall by default on the overcloud
We firewall the undercloud, which is only listening on the
provisioning network anyway, but our default settings leave the
overcloud, which needs to be publicly accessible (for a
deployment-specific definition of "public"), wide open.  This
seems like a bad default.

Anyone who is deploying additional services can either open the
firewall ports themselves as part of the deployment or can set the
ManageFirewall param to false.

Change-Id: I3731a0a7bc4be94c8e7a289c90d304599634e928
2016-06-20 13:01:57 -05:00

1580 lines
66 KiB
YAML

heat_template_version: 2016-04-08
description: >
Deploy an OpenStack environment, consisting of several node types (roles),
Controller, Compute, BlockStorage, SwiftStorage and CephStorage. The Storage
roles enable independent scaling of the storage components, but the minimal
deployment is one Controller and one Compute node.
# TODO(shadower): we should probably use the parameter groups to put
# some order in here.
parameters:
# Common parameters (not specific to a role)
AdminPassword:
description: The password for the keystone admin account, used for monitoring, querying neutron etc.
type: string
hidden: true
AodhPassword:
description: The password for the aodh services.
type: string
hidden: true
CeilometerBackend:
default: 'mongodb'
description: The ceilometer backend type.
type: string
CeilometerMeteringSecret:
description: Secret shared by the ceilometer services.
type: string
hidden: true
CeilometerPassword:
description: The password for the ceilometer service account.
type: string
hidden: true
CeilometerMeterDispatcher:
default: 'database'
description: Dispatcher to process meter data
type: string
constraints:
- allowed_values: ['gnocchi', 'database']
# This has to be an UUID so for now we generate it outside the template
CephClusterFSID:
default: ''
type: string
description: The Ceph cluster FSID. Must be a UUID.
CephMonKey:
default: ''
description: The Ceph monitors key. Can be created with ceph-authtool --gen-print-key.
type: string
hidden: true
CephAdminKey:
default: ''
description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key.
type: string
hidden: true
CinderEnableNfsBackend:
default: false
description: Whether to enable or not the NFS backend for Cinder
type: boolean
CephClientKey:
default: ''
description: The Ceph client key. Can be created with ceph-authtool --gen-print-key. Currently only used for external Ceph deployments to create the openstack user keyring.
type: string
hidden: true
CephExternalMonHost:
default: ''
type: string
description: List of externally managed Ceph Mon Host IPs. Only used for external Ceph deployments.
CinderEnableIscsiBackend:
default: true
description: Whether to enable or not the Iscsi backend for Cinder
type: boolean
CinderEnableRbdBackend:
default: false
description: Whether to enable or not the Rbd backend for Cinder
type: boolean
CloudName:
default: overcloud
description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
type: string
ControlFixedIPs:
default: []
description: Should be used for arbitrary ips.
type: json
CorosyncIPv6:
default: false
description: Enable IPv6 in Corosync
type: boolean
Debug:
default: ''
description: Set to True to enable debugging on all services.
type: string
HAProxySyslogAddress:
default: /dev/log
description: Syslog address where HAproxy will send its log
type: string
HorizonAllowedHosts:
default: '*'
description: A list of IP/Hostname allowed to connect to horizon
type: comma_delimited_list
ImageUpdatePolicy:
default: 'REBUILD_PRESERVE_EPHEMERAL'
description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
type: string
InternalApiVirtualFixedIPs:
default: []
description: >
Control the IP allocation for the InternalApiVirtualInterface port. E.g.
[{'ip_address':'1.2.3.4'}]
type: json
KeyName:
default: default
description: Name of an existing Nova key pair to enable SSH access to the instances
type: string
constraints:
- custom_constraint: nova.keypair
MemcachedIPv6:
default: false
description: Enable IPv6 features in Memcached.
type: boolean
NeutronBridgeMappings:
description: >
The OVS logical->physical bridge mappings to use. See the Neutron
documentation for details. Defaults to mapping br-ex - the external
bridge on hosts - to a physical name 'datacentre' which can be used
to create provider networks (and we use this for the default floating
network) - if changing this either use different post-install network
scripts or be sure to keep 'datacentre' as a mapping network name.
type: comma_delimited_list
default: "datacentre:br-ex"
NeutronControlPlaneID:
default: 'ctlplane'
type: string
description: Neutron ID or name for ctlplane network.
NeutronEnableTunnelling:
type: string
default: "True"
NeutronEnableL2Pop:
type: string
description: >
Enable/disable the L2 population feature in the Neutron agents.
default: "False"
NeutronFlatNetworks:
type: comma_delimited_list
default: 'datacentre'
description: >
If set, flat networks to configure in neutron plugins. Defaults to
'datacentre' to permit external network creation.
NeutronNetworkType:
default: 'vxlan'
description: The tenant network type for Neutron.
type: comma_delimited_list
NeutronPassword:
description: The password for the neutron service account, used by neutron agents.
type: string
hidden: true
NeutronPublicInterface:
default: nic1
description: What interface to bridge onto br-ex for network nodes.
type: string
NeutronMetadataProxySharedSecret:
description: Shared secret to prevent spoofing
type: string
hidden: true
NeutronTenantMtu:
description: >
The default MTU for tenant networks. For VXLAN/GRE tunneling, this should
be at least 50 bytes smaller than the MTU on the physical network. This
value will be used to set the MTU on the virtual Ethernet device.
This value will be used to construct the NeutronDnsmasqOptions, since that
will determine the MTU that is assigned to the VM host through DHCP.
default: "1400"
type: string
NeutronTunnelTypes:
default: 'vxlan'
description: |
The tunnel types for the Neutron tenant network.
type: comma_delimited_list
type: comma_delimited_list
NeutronCorePlugin:
default: 'ml2'
description: |
The core plugin for Neutron. The value should be the entrypoint to be loaded
from neutron.core_plugins namespace.
type: string
NeutronServicePlugins:
default: "router,qos"
description: |
Comma-separated list of service plugin entrypoints to be loaded from the
neutron.service_plugins namespace.
type: comma_delimited_list
NeutronTypeDrivers:
default: "vxlan,vlan,flat,gre"
description: |
Comma-separated list of network type driver entrypoints to be loaded.
type: comma_delimited_list
NeutronMechanismDrivers:
default: 'openvswitch'
description: |
The mechanism drivers for the Neutron tenant network.
type: comma_delimited_list
type: comma_delimited_list
NeutronAgentExtensions:
default: "qos"
description: |
Comma-separated list of extensions enabled for the Neutron agents.
type: comma_delimited_list
NeutronAllowL3AgentFailover:
default: 'False'
description: Allow automatic l3-agent failover
type: string
NeutronL3HA:
default: 'False'
description: Whether to enable l3-agent HA
type: string
NovaIPv6:
default: false
description: Enable IPv6 features in Nova
type: boolean
NovaPassword:
description: The password for the nova service account, used by nova-api.
type: string
hidden: true
NtpServer:
default: ''
description: Comma-separated list of ntp servers
type: comma_delimited_list
PublicVirtualFixedIPs:
default: []
description: >
Control the IP allocation for the PublicVirtualInterface port. E.g.
[{'ip_address':'1.2.3.4'}]
type: json
RabbitCookieSalt:
type: string
default: unset
description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change.
RabbitUserName:
default: guest
description: The username for RabbitMQ
type: string
RabbitPassword:
description: The password for RabbitMQ
type: string
hidden: true
RabbitClientUseSSL:
default: false
description: >
Rabbit client subscriber parameter to specify
an SSL connection to the RabbitMQ host.
type: string
RabbitClientPort:
default: 5672
description: Set rabbit subscriber port, change this if using SSL
type: number
RedisPassword:
description: The password for Redis
type: string
hidden: true
SnmpdReadonlyUserName:
default: ro_snmp_user
description: The user name for SNMPd with readonly rights running on all Overcloud nodes
type: string
SnmpdReadonlyUserPassword:
description: The user password for SNMPd with readonly rights running on all Overcloud nodes
type: string
hidden: true
StorageVirtualFixedIPs:
default: []
description: >
Control the IP allocation for the StorageVirtualInterface port. E.g.
[{'ip_address':'1.2.3.4'}]
type: json
StorageMgmtVirtualFixedIPs:
default: []
description: >
Control the IP allocation for the StorageMgmgVirtualInterface port. E.g.
[{'ip_address':'1.2.3.4'}]
type: json
TimeZone:
default: 'UTC'
description: The timezone to be set on nodes.
type: string
CloudDomain:
default: 'localdomain'
type: string
description: >
The DNS domain used for the hosts. This should match the dhcp_domain
configured in the Undercloud neutron. Defaults to localdomain.
ServerMetadata:
default: {}
description: >
Extra properties or metadata passed to Nova for the created nodes in
the overcloud. It's accessible via the Nova metadata API.
type: json
# Controller-specific params
CinderLVMLoopDeviceSize:
default: 10280
description: The size of the loopback file used by the cinder LVM driver.
type: number
CinderPassword:
description: The password for the cinder service account, used by cinder-api.
type: string
hidden: true
CinderISCSIHelper:
default: lioadm
description: The iSCSI helper to use with cinder.
type: string
ControllerCount:
type: number
default: 1
constraints:
- range: {min: 1}
controllerExtraConfig:
default: {}
description: |
Deprecated. Use ControllerExtraConfig via parameter_defaults instead.
type: json
controllerImage:
type: string
default: overcloud-full
constraints:
- custom_constraint: glance.image
OvercloudControlFlavor:
description: Flavor for control nodes to request when deploying.
default: baremetal
type: string
constraints:
- custom_constraint: nova.flavor
ControlVirtualInterface:
default: 'br-ex'
description: Interface where virtual ip will be assigned.
type: string
EnableFencing:
default: false
description: Whether to enable fencing in Pacemaker or not.
type: boolean
EnableGalera:
default: true
description: Whether to use Galera instead of regular MariaDB.
type: boolean
ControllerEnableCephStorage:
default: false
description: Whether to deploy Ceph Storage (OSD) on the Controller
type: boolean
ControllerEnableSwiftStorage:
default: true
description: Whether to enable Swift Storage on the Controller
type: boolean
ControllerSchedulerHints:
type: json
description: Optional scheduler hints to pass to nova
default: {}
ExtraConfig:
default: {}
description: |
Additional configuration to inject into the cluster. The format required
may be implementation specific, e.g puppet hieradata. Any role specific
ExtraConfig, e.g controllerExtraConfig takes precedence over ExtraConfig.
type: json
FencingConfig:
default: {}
description: |
Pacemaker fencing configuration. The JSON should have
the following structure:
{
"devices": [
{
"agent": "AGENT_NAME",
"host_mac": "HOST_MAC_ADDRESS",
"params": {"PARAM_NAME": "PARAM_VALUE"}
}
]
}
For instance:
{
"devices": [
{
"agent": "fence_xvm",
"host_mac": "52:54:00:aa:bb:cc",
"params": {
"multicast_address": "225.0.0.12",
"port": "baremetal_0",
"manage_fw": true,
"manage_key_file": true,
"key_file": "/etc/fence_xvm.key",
"key_file_password": "abcdef"
}
}
]
}
type: json
GnocchiBackend:
default: file
description: The short name of the Gnocchi backend to use. Should be one
of swift, rbd or file
type: string
constraints:
- allowed_values: ['swift', 'file', 'rbd']
GnocchiIndexerBackend:
default: 'mysql'
description: The short name of the Gnocchi indexer backend to use.
type: string
GnocchiPassword:
description: The password for the gnocchi service account.
type: string
hidden: true
InstanceNameTemplate:
default: 'instance-%08x'
description: Template string to be used to generate instance names
type: string
ManageFirewall:
default: true
description: Whether to manage IPtables rules.
type: boolean
PurgeFirewallRules:
default: false
description: Whether IPtables rules should be purged before setting up the ones.
type: boolean
MysqlInnodbBufferPoolSize:
description: >
Specifies the size of the buffer pool in megabytes. Setting to
zero should be interpreted as "no value" and will defer to the
lower level default.
type: number
default: 0
MysqlMaxConnections:
description: Configures MySQL max_connections config setting
type: number
default: 4096
PublicVirtualInterface:
default: 'br-ex'
description: >
Specifies the interface where the public-facing virtual ip will be assigned.
This should be int_public when a VLAN is being used.
type: string
SwiftHashSuffix:
description: A random string to be used as a salt when hashing to determine mappings in the ring.
type: string
hidden: true
SwiftMountCheck:
default: 'false'
description: Value of mount_check in Swift account/container/object -server.conf
type: boolean
SwiftMinPartHours:
type: number
default: 1
description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
SwiftPartPower:
default: 10
description: Partition Power to use when building Swift rings
type: number
SwiftReplicas:
type: number
default: 3
description: How many replicas to use in the swift rings.
# Compute-specific params
CeilometerComputeAgent:
description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
type: string
default: ''
constraints:
- allowed_values: ['', Present]
ComputeCount:
type: number
default: 1
HypervisorNeutronPhysicalBridge:
default: 'br-ex'
description: >
An OVS bridge to create on each hypervisor. This defaults to br-ex the
same as the control plane nodes, as we have a uniform configuration of
the openvswitch agent. Typically should not need to be changed.
type: string
HypervisorNeutronPublicInterface:
default: nic1
description: What interface to add to the HypervisorNeutronPhysicalBridge.
type: string
NeutronNetworkVLANRanges:
default: 'datacentre:1:1000'
description: >
The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
Neutron documentation for permitted values. Defaults to permitting any
VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
type: comma_delimited_list
NovaComputeDriver:
type: string
default: libvirt.LibvirtDriver
NovaComputeExtraConfig:
default: {}
description: |
NovaCompute specific configuration to inject into the cluster. Same
structure as ExtraConfig.
type: json
NovaComputeLibvirtType:
default: kvm
type: string
NovaComputeLibvirtVifDriver:
default: ''
description: Libvirt VIF driver configuration for the network
type: string
NovaComputeSchedulerHints:
type: json
description: Optional scheduler hints to pass to nova
default: {}
NovaEnableRbdBackend:
default: false
description: Whether to enable or not the Rbd backend for Nova
type: boolean
NovaImage:
type: string
default: overcloud-full
constraints:
- custom_constraint: glance.image
NovaOVSBridge:
default: 'br-int'
description: Name of integration bridge used by Open vSwitch
type: string
NovaSecurityGroupAPI:
default: 'neutron'
description: The full class name of the security API class
type: string
OvercloudComputeFlavor:
description: Use this flavor
default: baremetal
type: string
constraints:
- custom_constraint: nova.flavor
ServiceNetMap:
default:
NeutronTenantNetwork: tenant
CeilometerApiNetwork: internal_api
AodhApiNetwork: internal_api
GnocchiApiNetwork: internal_api
MongoDbNetwork: internal_api
CinderApiNetwork: internal_api
CinderIscsiNetwork: storage
GlanceApiNetwork: storage
GlanceRegistryNetwork: internal_api
KeystoneAdminApiNetwork: ctlplane # allows undercloud to config endpoints
KeystonePublicApiNetwork: internal_api
NeutronApiNetwork: internal_api
HeatApiNetwork: internal_api
NovaApiNetwork: internal_api
NovaMetadataNetwork: internal_api
NovaVncProxyNetwork: internal_api
SwiftMgmtNetwork: storage_mgmt
SwiftProxyNetwork: storage
SaharaApiNetwork: internal_api
HorizonNetwork: internal_api
MemcachedNetwork: internal_api
RabbitMqNetwork: internal_api
RedisNetwork: internal_api
MysqlNetwork: internal_api
CephClusterNetwork: storage_mgmt
CephPublicNetwork: storage
ControllerHostnameResolveNetwork: internal_api
ComputeHostnameResolveNetwork: internal_api
BlockStorageHostnameResolveNetwork: internal_api
ObjectStorageHostnameResolveNetwork: internal_api
CephStorageHostnameResolveNetwork: storage
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry.
type: json
ControllerServices:
default:
- OS::TripleO::Services::CinderApi
- OS::TripleO::Services::CinderScheduler
- OS::TripleO::Services::CinderVolume
- OS::TripleO::Services::Keystone
- OS::TripleO::Services::GlanceApi
- OS::TripleO::Services::GlanceRegistry
- OS::TripleO::Services::HeatApi
- OS::TripleO::Services::HeatApiCfn
- OS::TripleO::Services::HeatApiCloudwatch
- OS::TripleO::Services::HeatEngine
- OS::TripleO::Services::NeutronDhcpAgent
- OS::TripleO::Services::NeutronL3Agent
- OS::TripleO::Services::NeutronMetadataAgent
- OS::TripleO::Services::NeutronServer
- OS::TripleO::Services::NeutronCorePlugin
- OS::TripleO::Services::NeutronOvsAgent
- OS::TripleO::Services::RabbitMQ
- OS::TripleO::Services::HAproxy
- OS::TripleO::Services::Keepalived
- OS::TripleO::Services::Memcached
- OS::TripleO::Services::SwiftProxy
- OS::TripleO::Services::Redis
- OS::TripleO::Services::NovaConductor
- OS::TripleO::Services::MongoDb
- OS::TripleO::Services::NovaApi
- OS::TripleO::Services::NovaScheduler
- OS::TripleO::Services::NovaConsoleauth
- OS::TripleO::Services::NovaVncproxy
description: A list of service resources (configured in the Heat
resource_registry) which represent nested stacks
for each service that should get installed on the Controllers.
type: comma_delimited_list
ComputeServices:
default:
- OS::TripleO::Services::NovaCompute
description: A list of service resources (configured in the Heat
resource_registry) which represent nested stacks
for each service that should get installed on the Compute Nodes.
type: comma_delimited_list
# Block storage specific parameters
BlockStorageCount:
type: number
default: 0
BlockStorageImage:
default: overcloud-full
type: string
OvercloudBlockStorageFlavor:
description: Flavor for block storage nodes to request when deploying.
default: baremetal
type: string
constraints:
- custom_constraint: nova.flavor
BlockStorageExtraConfig:
default: {}
description: |
BlockStorage specific configuration to inject into the cluster. Same
structure as ExtraConfig.
type: json
BlockStorageSchedulerHints:
type: json
description: Optional scheduler hints to pass to nova
default: {}
# Object storage specific parameters
ObjectStorageCount:
type: number
default: 0
OvercloudSwiftStorageFlavor:
description: Flavor for Swift storage nodes to request when deploying.
default: baremetal
type: string
constraints:
- custom_constraint: nova.flavor
SwiftStorageImage:
default: overcloud-full
type: string
ObjectStorageExtraConfig:
default: {}
description: |
ObjectStorage specific configuration to inject into the cluster. Same
structure as ExtraConfig.
type: json
ObjectStorageSchedulerHints:
type: json
description: Optional scheduler hints to pass to nova
default: {}
ObjectStorageServices:
default: []
description: A list of service resources (configured in the Heat
resource_registry) which represent nested stacks
for each service that should get installed on the ObjectStorage nodes.
Note this role currently only supports steps 2, 3 and 4 configuration.
type: comma_delimited_list
# Ceph storage specific parameters
CephStorageCount:
type: number
default: 0
CephStorageImage:
default: overcloud-full
type: string
OvercloudCephStorageFlavor:
default: baremetal
description: Flavor for Ceph storage nodes to request when deploying.
type: string
constraints:
- custom_constraint: nova.flavor
CephStorageExtraConfig:
default: {}
description: |
CephStorage specific configuration to inject into the cluster. Same
structure as ExtraConfig.
type: json
CephStorageSchedulerHints:
type: json
description: Optional scheduler hints to pass to nova
default: {}
CephStorageServices:
default: []
description: A list of service resources (configured in the Heat
resource_registry) which represent nested stacks
for each service that should get installed on the CephStorage nodes.
type: comma_delimited_list
# Hostname format for each role
# Note %index% is translated into the index of the node, e.g 0/1/2 etc
# and %stackname% is replaced with OS::stack_name in the template below.
# If you want to use the heat generated names, pass '' (empty string).
ControllerHostnameFormat:
type: string
description: Format for Controller node hostnames
default: '%stackname%-controller-%index%'
ComputeHostnameFormat:
type: string
description: Format for Compute node hostnames
default: '%stackname%-novacompute-%index%'
BlockStorageHostnameFormat:
type: string
description: Format for BlockStorage node hostnames
default: '%stackname%-blockstorage-%index%'
ObjectStorageHostnameFormat:
type: string
description: Format for SwiftStorage node hostnames
default: '%stackname%-objectstorage-%index%'
CephStorageHostnameFormat:
type: string
description: Format for CephStorage node hostnames
default: '%stackname%-cephstorage-%index%'
# Identifiers to trigger tasks on nodes
UpdateIdentifier:
default: ''
type: string
description: >
Setting to a previously unused value during stack-update will trigger
package update on all nodes
DeployIdentifier:
default: ''
type: string
description: >
Setting this to a unique value will re-run any deployment tasks which
perform configuration on a Heat stack-update.
# If you want to remove a specific node from a resource group, you can pass
# the node name or id as a <Group>RemovalPolicies parameter, for example:
# ComputeRemovalPolicies: [{'resource_list': ['0']}]
ControllerRemovalPolicies:
default: []
type: json
description: >
List of resources to be removed from ControllerResourceGroup when
doing an update which requires removal of specific resources.
ComputeRemovalPolicies:
default: []
type: json
description: >
List of resources to be removed from ComputeResourceGroup when
doing an update which requires removal of specific resources.
BlockStorageRemovalPolicies:
default: []
type: json
description: >
List of resources to be removed from BlockStorageResourceGroup when
doing an update which requires removal of specific resources.
ObjectStorageRemovalPolicies:
default: []
type: json
description: >
List of resources to be removed from ObjectStorageResourceGroup when
doing an update which requires removal of specific resources.
CephStorageRemovalPolicies:
default: []
type: json
description: >
List of resources to be removed from CephStorageResourceGroup when
doing an update which requires removal of specific resources.
parameter_groups:
- label: deprecated
description: Do not use deprecated params, they will be removed.
parameters:
- controllerExtraConfig
resources:
HeatAuthEncryptionKey:
type: OS::Heat::RandomString
PcsdPassword:
type: OS::Heat::RandomString
properties:
length: 16
HorizonSecret:
type: OS::Heat::RandomString
properties:
length: 10
EndpointMap:
type: OS::TripleO::EndpointMap
properties:
CloudName: {get_param: CloudName}
CeilometerApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
AodhApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]}
CinderApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
GlanceRegistryVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
GnocchiApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]}
HeatApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
MysqlVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
NeutronApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
NovaApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
SaharaApiVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
SwiftProxyVirtualIP: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
PublicVirtualIP: {get_attr: [VipMap, net_ip_uri_map, external]}
ControllerServiceChain:
type: OS::TripleO::Services
depends_on: Networks
properties:
Services: {get_param: ControllerServices}
EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
Controller:
type: OS::Heat::ResourceGroup
depends_on: Networks
properties:
count: {get_param: ControllerCount}
removal_policies: {get_param: ControllerRemovalPolicies}
resource_def:
type: OS::TripleO::Controller
properties:
AdminPassword: {get_param: AdminPassword}
AodhPassword: {get_param: AodhPassword}
CeilometerBackend: {get_param: CeilometerBackend}
CeilometerMeteringSecret: {get_param: CeilometerMeteringSecret}
CeilometerPassword: {get_param: CeilometerPassword}
CeilometerMeterDispatcher: {get_param: CeilometerMeterDispatcher}
CloudDomain: {get_param: CloudDomain}
ControlVirtualInterface: {get_param: ControlVirtualInterface}
controllerExtraConfig: {get_param: controllerExtraConfig}
CorosyncIPv6: {get_param: CorosyncIPv6}
Debug: {get_param: Debug}
EnableFencing: {get_param: EnableFencing}
ManageFirewall: {get_param: ManageFirewall}
PurgeFirewallRules: {get_param: PurgeFirewallRules}
EnableGalera: {get_param: EnableGalera}
EnableCephStorage: {get_param: ControllerEnableCephStorage}
EnableSwiftStorage: {get_param: ControllerEnableSwiftStorage}
ExtraConfig: {get_param: ExtraConfig}
FencingConfig: {get_param: FencingConfig}
Flavor: {get_param: OvercloudControlFlavor}
GnocchiPassword: {get_param: GnocchiPassword}
GnocchiBackend: {get_param: GnocchiBackend}
GnocchiIndexerBackend: {get_param: GnocchiIndexerBackend}
HAProxySyslogAddress: {get_param: HAProxySyslogAddress}
HeatAuthEncryptionKey: {get_resource: HeatAuthEncryptionKey}
HorizonAllowedHosts: {get_param: HorizonAllowedHosts}
HorizonSecret: {get_resource: HorizonSecret}
Image: {get_param: controllerImage}
ImageUpdatePolicy: {get_param: ImageUpdatePolicy}
InstanceNameTemplate: {get_param: InstanceNameTemplate}
KeyName: {get_param: KeyName}
MemcachedIPv6: {get_param: MemcachedIPv6}
MysqlClusterUniquePart: {get_attr: [MysqlClusterUniquePart, value]}
MysqlInnodbBufferPoolSize: {get_param: MysqlInnodbBufferPoolSize}
MysqlMaxConnections: {get_param: MysqlMaxConnections}
MysqlRootPassword: {get_attr: [MysqlRootPassword, value]}
NeutronTenantMtu: {get_param: NeutronTenantMtu}
NeutronPublicInterface: {get_param: NeutronPublicInterface}
NeutronPassword: {get_param: NeutronPassword}
NeutronMetadataProxySharedSecret: {get_param: NeutronMetadataProxySharedSecret}
NovaIPv6: {get_param: NovaIPv6}
NovaPassword: {get_param: NovaPassword}
NtpServer: {get_param: NtpServer}
PcsdPassword: {get_resource: PcsdPassword}
PublicVirtualInterface: {get_param: PublicVirtualInterface}
RabbitPassword: {get_param: RabbitPassword}
RabbitUserName: {get_param: RabbitUserName}
RabbitCookie: {get_attr: [RabbitCookie, value]}
RabbitClientUseSSL: {get_param: RabbitClientUseSSL}
RabbitClientPort: {get_param: RabbitClientPort}
RedisPassword: {get_param: RedisPassword}
SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
RedisVirtualIP: {get_attr: [RedisVirtualIP, ip_address]}
RedisVirtualIPUri: {get_attr: [RedisVirtualIP, ip_address_uri]}
SwiftHashSuffix: {get_param: SwiftHashSuffix}
SwiftMountCheck: {get_param: SwiftMountCheck}
SwiftMinPartHours: {get_param: SwiftMinPartHours}
SwiftPartPower: {get_param: SwiftPartPower}
SwiftReplicas: { get_param: SwiftReplicas}
TimeZone: {get_param: TimeZone}
VirtualIP: {get_attr: [VipMap, net_ip_map, ctlplane]} # deprecated. Use per service VIP settings instead now.
PublicVirtualIP: {get_attr: [VipMap, net_ip_map, external]}
ServiceNetMap: {get_param: ServiceNetMap}
EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
CeilometerApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
AodhApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]}
GnocchiApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]}
CinderApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
HeatApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
HeatApiVirtualIPUri: {get_attr: [VipMap, net_ip_uri_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
NovaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
SwiftProxyVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
NeutronApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
NovaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
SaharaApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
UpdateIdentifier: {get_param: UpdateIdentifier}
Hostname:
str_replace:
template: {get_param: ControllerHostnameFormat}
params:
'%stackname%': {get_param: 'OS::stack_name'}
NodeIndex: '%index%'
ServerMetadata: {get_param: ServerMetadata}
SchedulerHints: {get_param: ControllerSchedulerHints}
ServiceConfigSettings: {get_attr: [ControllerServiceChain, config_settings]}
ComputeServiceChain:
type: OS::TripleO::Services
properties:
Services: {get_param: ComputeServices}
EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
Compute:
type: OS::Heat::ResourceGroup
depends_on: Networks
properties:
count: {get_param: ComputeCount}
removal_policies: {get_param: ComputeRemovalPolicies}
resource_def:
type: OS::TripleO::Compute
properties:
AdminPassword: {get_param: AdminPassword}
CeilometerComputeAgent: {get_param: CeilometerComputeAgent}
CeilometerMeteringSecret: {get_param: CeilometerMeteringSecret}
CeilometerPassword: {get_param: CeilometerPassword}
CinderEnableNfsBackend: {get_param: CinderEnableNfsBackend}
CinderEnableRbdBackend: {get_param: CinderEnableRbdBackend}
Debug: {get_param: Debug}
ExtraConfig: {get_param: ExtraConfig}
Flavor: {get_param: OvercloudComputeFlavor}
GlanceHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
Image: {get_param: NovaImage}
ImageUpdatePolicy: {get_param: ImageUpdatePolicy}
KeyName: {get_param: KeyName}
KeystoneAdminApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
NeutronBridgeMappings: {get_param: NeutronBridgeMappings}
NeutronTenantMtu: {get_param: NeutronTenantMtu}
NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling}
NeutronEnableL2Pop : {get_param: NeutronEnableL2Pop}
NeutronFlatNetworks: {get_param: NeutronFlatNetworks}
NeutronHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
NeutronNetworkType: {get_param: NeutronNetworkType}
NeutronTunnelTypes: {get_param: NeutronTunnelTypes}
NeutronNetworkVLANRanges: {get_param: NeutronNetworkVLANRanges}
NeutronPassword: {get_param: NeutronPassword}
NeutronPhysicalBridge: {get_param: HypervisorNeutronPhysicalBridge}
NeutronPublicInterface: {get_param: HypervisorNeutronPublicInterface}
NeutronMetadataProxySharedSecret: {get_param: NeutronMetadataProxySharedSecret}
NeutronCorePlugin: {get_param: NeutronCorePlugin}
NeutronServicePlugins: {get_param: NeutronServicePlugins}
NeutronTypeDrivers: {get_param: NeutronTypeDrivers}
NeutronMechanismDrivers: {get_param: NeutronMechanismDrivers}
NeutronAgentExtensions: {get_param: NeutronAgentExtensions}
# L3 HA and Failover is not relevant for Computes, should be removed
NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover}
NeutronL3HA: {get_param: NeutronL3HA}
NovaApiHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
NovaComputeDriver: {get_param: NovaComputeDriver}
NovaComputeExtraConfig: {get_param: NovaComputeExtraConfig}
NovaComputeLibvirtType: {get_param: NovaComputeLibvirtType}
NovaComputeLibvirtVifDriver: {get_param: NovaComputeLibvirtVifDriver}
NovaEnableRbdBackend: {get_param: NovaEnableRbdBackend}
NovaIPv6: {get_param: NovaIPv6}
NovaPublicIP: {get_attr: [VipMap, net_ip_map, external]}
NovaPassword: {get_param: NovaPassword}
NovaOVSBridge: {get_param: NovaOVSBridge}
NovaSecurityGroupAPI: {get_param: NovaSecurityGroupAPI}
NtpServer: {get_param: NtpServer}
RabbitHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
RabbitPassword: {get_param: RabbitPassword}
RabbitUserName: {get_param: RabbitUserName}
RabbitClientUseSSL: {get_param: RabbitClientUseSSL}
RabbitClientPort: {get_param: RabbitClientPort}
SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
ServiceNetMap: {get_param: ServiceNetMap}
TimeZone: {get_param: TimeZone}
EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
UpdateIdentifier: {get_param: UpdateIdentifier}
Hostname:
str_replace:
template: {get_param: ComputeHostnameFormat}
params:
'%stackname%': {get_param: 'OS::stack_name'}
CloudDomain: {get_param: CloudDomain}
ServerMetadata: {get_param: ServerMetadata}
SchedulerHints: {get_param: NovaComputeSchedulerHints}
NodeIndex: '%index%'
ServiceConfigSettings: {get_attr: [ComputeServiceChain, config_settings]}
BlockStorage:
type: OS::Heat::ResourceGroup
depends_on: Networks
properties:
count: {get_param: BlockStorageCount}
removal_policies: {get_param: BlockStorageRemovalPolicies}
resource_def:
type: OS::TripleO::BlockStorage
properties:
Debug: {get_param: Debug}
Image: {get_param: BlockStorageImage}
CinderISCSIHelper: {get_param: CinderISCSIHelper}
CinderLVMLoopDeviceSize: {get_param: CinderLVMLoopDeviceSize}
# Purpose of the dedicated BlockStorage nodes should be to use their local LVM
CinderEnableIscsiBackend: {get_param: CinderEnableIscsiBackend}
CinderPassword: {get_param: CinderPassword}
KeyName: {get_param: KeyName}
Flavor: {get_param: OvercloudBlockStorageFlavor}
VirtualIP: {get_attr: [VipMap, net_ip_map, ctlplane]}
GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
RabbitPassword: {get_param: RabbitPassword}
RabbitUserName: {get_param: RabbitUserName}
RabbitClientUseSSL: {get_param: RabbitClientUseSSL}
RabbitClientPort: {get_param: RabbitClientPort}
TimeZone: {get_param: TimeZone}
NtpServer: {get_param: NtpServer}
UpdateIdentifier: {get_param: UpdateIdentifier}
Hostname:
str_replace:
template: {get_param: BlockStorageHostnameFormat}
params:
'%stackname%': {get_param: 'OS::stack_name'}
ServiceNetMap: {get_param: ServiceNetMap}
EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
ExtraConfig: {get_param: ExtraConfig}
BlockStorageExtraConfig: {get_param: BlockStorageExtraConfig}
CloudDomain: {get_param: CloudDomain}
ServerMetadata: {get_param: ServerMetadata}
SchedulerHints: {get_param: BlockStorageSchedulerHints}
NodeIndex: '%index%'
ObjectStorageServiceChain:
type: OS::TripleO::Services
properties:
Services: {get_param: ObjectStorageServices}
EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
ObjectStorage:
type: OS::Heat::ResourceGroup
depends_on: Networks
properties:
count: {get_param: ObjectStorageCount}
removal_policies: {get_param: ObjectStorageRemovalPolicies}
resource_def:
type: OS::TripleO::ObjectStorage
properties:
KeyName: {get_param: KeyName}
Flavor: {get_param: OvercloudSwiftStorageFlavor}
HashSuffix: {get_param: SwiftHashSuffix}
MountCheck: {get_param: SwiftMountCheck}
MinPartHours: {get_param: SwiftMinPartHours}
PartPower: {get_param: SwiftPartPower}
Image: {get_param: SwiftStorageImage}
Replicas: { get_param: SwiftReplicas}
TimeZone: {get_param: TimeZone}
NtpServer: {get_param: NtpServer}
UpdateIdentifier: {get_param: UpdateIdentifier}
ServiceNetMap: {get_param: ServiceNetMap}
Hostname:
str_replace:
template: {get_param: ObjectStorageHostnameFormat}
params:
'%stackname%': {get_param: 'OS::stack_name'}
ExtraConfig: {get_param: ExtraConfig}
ObjectStorageExtraConfig: {get_param: ObjectStorageExtraConfig}
CloudDomain: {get_param: CloudDomain}
ServerMetadata: {get_param: ServerMetadata}
SchedulerHints: {get_param: ObjectStorageSchedulerHints}
NodeIndex: '%index%'
ServiceConfigSettings: {get_attr: [ObjectStorageServiceChain, config_settings]}
CephStorageServiceChain:
type: OS::TripleO::Services
properties:
Services: {get_param: CephStorageServices}
EndpointMap: {get_attr: [EndpointMap, endpoint_map]}
CephStorage:
type: OS::Heat::ResourceGroup
depends_on: Networks
properties:
count: {get_param: CephStorageCount}
removal_policies: {get_param: CephStorageRemovalPolicies}
resource_def:
type: OS::TripleO::CephStorage
properties:
Image: {get_param: CephStorageImage}
KeyName: {get_param: KeyName}
Flavor: {get_param: OvercloudCephStorageFlavor}
NtpServer: {get_param: NtpServer}
ServiceNetMap: {get_param: ServiceNetMap}
TimeZone: {get_param: TimeZone}
UpdateIdentifier: {get_param: UpdateIdentifier}
Hostname:
str_replace:
template: {get_param: CephStorageHostnameFormat}
params:
'%stackname%': {get_param: 'OS::stack_name'}
ExtraConfig: {get_param: ExtraConfig}
CephStorageExtraConfig: {get_param: CephStorageExtraConfig}
CloudDomain: {get_param: CloudDomain}
ServerMetadata: {get_param: ServerMetadata}
SchedulerHints: {get_param: CephStorageSchedulerHints}
NodeIndex: '%index%'
ServiceConfigSettings: {get_attr: [CephStorageServiceChain, config_settings]}
ControllerIpListMap:
type: OS::TripleO::Network::Ports::NetIpListMap
properties:
ControlPlaneIpList: {get_attr: [Controller, ip_address]}
ExternalIpList: {get_attr: [Controller, external_ip_address]}
InternalApiIpList: {get_attr: [Controller, internal_api_ip_address]}
StorageIpList: {get_attr: [Controller, storage_ip_address]}
StorageMgmtIpList: {get_attr: [Controller, storage_mgmt_ip_address]}
TenantIpList: {get_attr: [Controller, tenant_ip_address]}
ManagementIpList: {get_attr: [Controller, management_ip_address]}
allNodesConfig:
type: OS::TripleO::AllNodes::SoftwareConfig
properties:
compute_hosts: {get_attr: [Compute, hosts_entry]}
controller_hosts: {get_attr: [Controller, hosts_entry]}
controller_ips: {get_attr: [Controller, ip_address]}
block_storage_hosts: {get_attr: [BlockStorage, hosts_entry]}
object_storage_hosts: {get_attr: [ObjectStorage, hosts_entry]}
ceph_storage_hosts: {get_attr: [CephStorage, hosts_entry]}
controller_names: {get_attr: [Controller, hostname]}
rabbit_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
mongo_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
redis_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
memcache_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
mysql_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
horizon_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
heat_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
swift_proxy_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
ceilometer_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
aodh_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]}
gnocchi_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]}
nova_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
nova_metadata_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
glance_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
glance_registry_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
cinder_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
neutron_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
keystone_public_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
keystone_admin_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
sahara_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
DeployIdentifier: {get_param: DeployIdentifier}
UpdateIdentifier: {get_param: UpdateIdentifier}
MysqlRootPassword:
type: OS::Heat::RandomString
properties:
length: 10
MysqlClusterUniquePart:
type: OS::Heat::RandomString
properties:
length: 10
RabbitCookie:
type: OS::Heat::RandomString
properties:
length: 20
salt: {get_param: RabbitCookieSalt}
# creates the network architecture
Networks:
type: OS::TripleO::Network
ControlVirtualIP:
type: OS::Neutron::Port
depends_on: Networks
properties:
name: control_virtual_ip
network: {get_param: NeutronControlPlaneID}
fixed_ips: {get_param: ControlFixedIPs}
replacement_policy: AUTO
RedisVirtualIP:
depends_on: Networks
type: OS::TripleO::Network::Ports::RedisVipPort
properties:
ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
ControlPlaneNetwork: {get_param: NeutronControlPlaneID}
PortName: redis_virtual_ip
NetworkName: {get_param: [ServiceNetMap, RedisNetwork]}
ServiceName: redis
# The public VIP is on the External net, falls back to ctlplane
PublicVirtualIP:
depends_on: Networks
type: OS::TripleO::Network::Ports::ExternalVipPort
properties:
ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
ControlPlaneNetwork: {get_param: NeutronControlPlaneID}
PortName: public_virtual_ip
FixedIPs: {get_param: PublicVirtualFixedIPs}
InternalApiVirtualIP:
depends_on: Networks
type: OS::TripleO::Network::Ports::InternalApiVipPort
properties:
ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
PortName: internal_api_virtual_ip
FixedIPs: {get_param: InternalApiVirtualFixedIPs}
StorageVirtualIP:
depends_on: Networks
type: OS::TripleO::Network::Ports::StorageVipPort
properties:
ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
PortName: storage_virtual_ip
FixedIPs: {get_param: StorageVirtualFixedIPs}
StorageMgmtVirtualIP:
depends_on: Networks
type: OS::TripleO::Network::Ports::StorageMgmtVipPort
properties:
ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
PortName: storage_management_virtual_ip
FixedIPs: {get_param: StorageMgmtVirtualFixedIPs}
VipMap:
type: OS::TripleO::Network::Ports::NetVipMap
properties:
ControlPlaneIp: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
ExternalIp: {get_attr: [PublicVirtualIP, ip_address]}
ExternalIpUri: {get_attr: [PublicVirtualIP, ip_address_uri]}
InternalApiIp: {get_attr: [InternalApiVirtualIP, ip_address]}
InternalApiIpUri: {get_attr: [InternalApiVirtualIP, ip_address_uri]}
StorageIp: {get_attr: [StorageVirtualIP, ip_address]}
StorageIpUri: {get_attr: [StorageVirtualIP, ip_address_uri]}
StorageMgmtIp: {get_attr: [StorageMgmtVirtualIP, ip_address]}
StorageMgmtIpUri: {get_attr: [StorageMgmtVirtualIP, ip_address_uri]}
# No tenant or management VIP required
VipConfig:
type: OS::TripleO::VipConfig
VipDeployment:
type: OS::Heat::StructuredDeployments
properties:
name: VipDeployment
config: {get_resource: VipConfig}
servers: {get_attr: [Controller, attributes, nova_server_resource]}
input_values:
# service VIP mappings
keystone_admin_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
keystone_public_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
neutron_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
cinder_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
glance_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
glance_registry_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
swift_proxy_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
nova_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
nova_metadata_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
ceilometer_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
aodh_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]}
gnocchi_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]}
heat_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
horizon_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
redis_vip: {get_attr: [RedisVirtualIP, ip_address]}
mysql_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
rabbit_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
# direct configuration of Virtual IPs for each network
control_virtual_ip: {get_attr: [VipMap, net_ip_map, ctlplane]}
public_virtual_ip: {get_attr: [VipMap, net_ip_map, external]}
internal_api_virtual_ip: {get_attr: [VipMap, net_ip_map, internal_api]}
sahara_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
storage_virtual_ip: {get_attr: [VipMap, net_ip_map, storage]}
storage_mgmt_virtual_ip: {get_attr: [VipMap, net_ip_map, storage_mgmt]}
ControllerBootstrapNodeConfig:
type: OS::TripleO::BootstrapNode::SoftwareConfig
properties:
bootstrap_nodeid: {get_attr: [Controller, resource.0.hostname]}
bootstrap_nodeid_ip: {get_attr: [Controller, resource.0.ip_address]}
ControllerBootstrapNodeDeployment:
type: OS::Heat::StructuredDeployments
properties:
name: ControllerBootstrapNodeDeployment
config: {get_attr: [ControllerBootstrapNodeConfig, config_id]}
servers: {get_attr: [Controller, attributes, nova_server_resource]}
ControllerSwiftDeployment:
type: OS::Heat::StructuredDeployments
properties:
name: ControllerSwiftDeployment
config: {get_attr: [SwiftDevicesAndProxyConfig, config_id]}
servers: {get_attr: [Controller, attributes, nova_server_resource]}
ObjectStorageSwiftDeployment:
type: OS::Heat::StructuredDeployments
properties:
name: ObjectStorageSwiftDeployment
config: {get_attr: [SwiftDevicesAndProxyConfig, config_id]}
servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
SwiftDevicesAndProxyConfig:
type: OS::TripleO::SwiftDevicesAndProxy::SoftwareConfig
properties:
controller_swift_devices: {get_attr: [Controller, swift_device]}
object_store_swift_devices: {get_attr: [ObjectStorage, swift_device]}
controller_swift_proxy_memcaches: {get_attr: [Controller, swift_proxy_memcache]}
ComputeCephDeployment:
type: OS::Heat::StructuredDeployments
properties:
name: ComputeCephDeployment
config: {get_attr: [CephClusterConfig, config_id]}
servers: {get_attr: [Compute, attributes, nova_server_resource]}
ControllerCephDeployment:
type: OS::Heat::StructuredDeployments
properties:
name: ControllerCephDeployment
config: {get_attr: [CephClusterConfig, config_id]}
servers: {get_attr: [Controller, attributes, nova_server_resource]}
CephStorageCephDeployment:
type: OS::Heat::StructuredDeployments
properties:
name: CephStorageCephDeployment
config: {get_attr: [CephClusterConfig, config_id]}
servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
CephClusterConfig:
type: OS::TripleO::CephClusterConfig::SoftwareConfig
properties:
ceph_storage_count: {get_param: CephStorageCount}
ceph_fsid: {get_param: CephClusterFSID}
ceph_mon_key: {get_param: CephMonKey}
ceph_admin_key: {get_param: CephAdminKey}
ceph_client_key: {get_param: CephClientKey}
ceph_external_mon_ips: {get_param: CephExternalMonHost}
ceph_mon_names: {get_attr: [Controller, hostname]}
ceph_mon_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
ControllerAllNodesDeployment:
type: OS::Heat::StructuredDeployments
properties:
name: ControllerAllNodesDeployment
config: {get_attr: [allNodesConfig, config_id]}
servers: {get_attr: [Controller, attributes, nova_server_resource]}
ComputeAllNodesDeployment:
type: OS::Heat::StructuredDeployments
properties:
name: ComputeAllNodesDeployment
config: {get_attr: [allNodesConfig, config_id]}
servers: {get_attr: [Compute, attributes, nova_server_resource]}
BlockStorageAllNodesDeployment:
type: OS::Heat::StructuredDeployments
properties:
name: BlockStorageAllNodesDeployment
config: {get_attr: [allNodesConfig, config_id]}
servers: {get_attr: [BlockStorage, attributes, nova_server_resource]}
ObjectStorageAllNodesDeployment:
type: OS::Heat::StructuredDeployments
properties:
name: ObjectStorageAllNodesDeployment
config: {get_attr: [allNodesConfig, config_id]}
servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
CephStorageAllNodesDeployment:
type: OS::Heat::StructuredDeployments
properties:
name: CephStorageAllNodesDeployment
config: {get_attr: [allNodesConfig, config_id]}
servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
# All Nodes Validations
AllNodesValidationConfig:
type: OS::TripleO::AllNodes::Validation
properties:
PingTestIps:
list_join:
- ' '
- - {get_attr: [Controller, resource.0.external_ip_address]}
- {get_attr: [Controller, resource.0.internal_api_ip_address]}
- {get_attr: [Controller, resource.0.storage_ip_address]}
- {get_attr: [Controller, resource.0.storage_mgmt_ip_address]}
- {get_attr: [Controller, resource.0.tenant_ip_address]}
ControllerAllNodesValidationDeployment:
type: OS::Heat::StructuredDeployments
depends_on: ControllerAllNodesDeployment
properties:
name: ControllerAllNodesValidationDeployment
config: {get_resource: AllNodesValidationConfig}
servers: {get_attr: [Controller, attributes, nova_server_resource]}
ComputeAllNodesValidationDeployment:
type: OS::Heat::StructuredDeployments
depends_on: ComputeAllNodesDeployment
properties:
name: ComputeAllNodesValidationDeployment
config: {get_resource: AllNodesValidationConfig}
servers: {get_attr: [Compute, attributes, nova_server_resource]}
BlockStorageAllNodesValidationDeployment:
type: OS::Heat::StructuredDeployments
depends_on: BlockStorageAllNodesDeployment
properties:
name: BlockStorageAllNodesValidationDeployment
config: {get_resource: AllNodesValidationConfig}
servers: {get_attr: [BlockStorage, attributes, nova_server_resource]}
ObjectStorageAllNodesValidationDeployment:
type: OS::Heat::StructuredDeployments
depends_on: ObjectStorageAllNodesDeployment
properties:
name: ObjectStorageAllNodesValidationDeployment
config: {get_resource: AllNodesValidationConfig}
servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
CephStorageAllNodesValidationDeployment:
type: OS::Heat::StructuredDeployments
depends_on: CephStorageAllNodesDeployment
properties:
name: CephStorageAllNodesValidationDeployment
config: {get_resource: AllNodesValidationConfig}
servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
UpdateWorkflow:
type: OS::TripleO::Tasks::UpdateWorkflow
properties:
controller_servers: {get_attr: [Controller, attributes, nova_server_resource]}
compute_servers: {get_attr: [Compute, attributes, nova_server_resource]}
blockstorage_servers: {get_attr: [BlockStorage, attributes, nova_server_resource]}
objectstorage_servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
cephstorage_servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
input_values:
deploy_identifier: {get_param: DeployIdentifier}
update_identifier: {get_param: UpdateIdentifier}
# Optional ExtraConfig for all nodes - all roles are passed in here, but
# the nested template may configure each role differently (or not at all)
AllNodesExtraConfig:
type: OS::TripleO::AllNodesExtraConfig
depends_on:
- UpdateWorkflow
- ComputeAllNodesValidationDeployment
- BlockStorageAllNodesValidationDeployment
- ObjectStorageAllNodesValidationDeployment
- CephStorageAllNodesValidationDeployment
- ControllerAllNodesValidationDeployment
properties:
controller_servers: {get_attr: [Controller, attributes, nova_server_resource]}
compute_servers: {get_attr: [Compute, attributes, nova_server_resource]}
blockstorage_servers: {get_attr: [BlockStorage, attributes, nova_server_resource]}
objectstorage_servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
cephstorage_servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
# Nested stack deployment runs after all other controller deployments
ControllerNodesPostDeployment:
type: OS::TripleO::ControllerPostDeployment
depends_on: [ControllerBootstrapNodeDeployment, ControllerAllNodesDeployment, ControllerSwiftDeployment, ControllerCephDeployment]
properties:
servers: {get_attr: [Controller, attributes, nova_server_resource]}
NodeConfigIdentifiers:
allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]}
controller_config: {get_attr: [Controller, attributes, config_identifier]}
deployment_identifier: {get_param: DeployIdentifier}
StepConfig: {get_attr: [ControllerServiceChain, step_config]}
ComputeNodesPostDeployment:
type: OS::TripleO::ComputePostDeployment
depends_on: [ComputeAllNodesDeployment, ComputeCephDeployment]
properties:
servers: {get_attr: [Compute, attributes, nova_server_resource]}
NodeConfigIdentifiers:
allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]}
compute_config: {get_attr: [Compute, attributes, config_identifier]}
deployment_identifier: {get_param: DeployIdentifier}
StepConfig: {get_attr: [ComputeServiceChain, step_config]}
ObjectStorageNodesPostDeployment:
type: OS::TripleO::ObjectStoragePostDeployment
depends_on: [ObjectStorageSwiftDeployment, ObjectStorageAllNodesDeployment]
properties:
servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
NodeConfigIdentifiers:
allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]}
objectstorage_config: {get_attr: [ObjectStorage, attributes, config_identifier]}
deployment_identifier: {get_param: DeployIdentifier}
StepConfig: {get_attr: [ObjectStorageServiceChain, step_config]}
BlockStorageNodesPostDeployment:
type: OS::TripleO::BlockStoragePostDeployment
depends_on: [ControllerNodesPostDeployment, BlockStorageAllNodesDeployment]
properties:
servers: {get_attr: [BlockStorage, attributes, nova_server_resource]}
NodeConfigIdentifiers:
allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]}
blockstorage_config: {get_attr: [BlockStorage, attributes, config_identifier]}
deployment_identifier: {get_param: DeployIdentifier}
CephStorageNodesPostDeployment:
type: OS::TripleO::CephStoragePostDeployment
depends_on: [ControllerNodesPostDeployment, CephStorageCephDeployment, CephStorageAllNodesDeployment]
properties:
servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
NodeConfigIdentifiers:
allnodes_extra: {get_attr: [AllNodesExtraConfig, config_identifier]}
cephstorage_config: {get_attr: [CephStorage, attributes, config_identifier]}
deployment_identifier: {get_param: DeployIdentifier}
StepConfig: {get_attr: [CephStorageServiceChain, step_config]}
outputs:
KeystoneURL:
description: URL for the Overcloud Keystone service
value: {get_attr: [EndpointMap, endpoint_map, KeystonePublic, uri]}
KeystoneAdminVip:
description: Keystone Admin VIP endpoint
value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
PublicVip:
description: Controller VIP for public API endpoints
value: {get_attr: [VipMap, net_ip_map, external]}
AodhInternalVip:
description: VIP for Aodh API internal endpoint
value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, AodhApiNetwork]}]}
CeilometerInternalVip:
description: VIP for Ceilometer API internal endpoint
value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
CinderInternalVip:
description: VIP for Cinder API internal endpoint
value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
GlanceInternalVip:
description: VIP for Glance API internal endpoint
value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
GnocchiInternalVip:
description: VIP for Gnocchi API internal endpoint
value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GnocchiApiNetwork]}]}
HeatInternalVip:
description: VIP for Heat API internal endpoint
value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
KeystoneInternalVip:
description: VIP for Keystone API internal endpoint
value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
NeutronInternalVip:
description: VIP for Neutron API internal endpoint
value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
NovaInternalVip:
description: VIP for Nova API internal endpoint
value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
SaharaInternalVip:
description: VIP for Sahara API internal endpoint
value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SaharaApiNetwork]}]}
SwiftInternalVip:
description: VIP for Swift Proxy internal endpoint
value: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
EndpointMap:
description: |
Mapping of the resources with the needed info for their endpoints.
This includes the protocol used, the IP, port and also a full
representation of the URI.
value: {get_attr: [EndpointMap, endpoint_map]}
HostsEntry:
description: |
The content that should be appended to your /etc/hosts if you want to get
hostname-based access to the deployed nodes (useful for testing without
setting up a DNS).
value: {get_attr: [allNodesConfig, hosts_entries]}