tripleo-heat-templates/overcloud-without-mergepy.yaml
Dan Prince 49639ec8a1 Isolate the Ceph storage and storage_mgmt nets
This patch updates the Ceph configuration for the puppet
implementation so that it isolates the Ceph traffic
for the public and cluster interfaces. By default public traffic
runs on the "storage" network and the cluster traffic runs on the
"storage mgmt" network.

If network isolation is not enabled then the default
ctlplane address's will be used for both the public and
cluster interfaces.

Change-Id: I791244d72c8f42142d9de99e0cf0acdca19e62b0
2015-06-04 13:28:00 -04:00

1080 lines
42 KiB
YAML

heat_template_version: 2015-04-30
description: >
Nova API,Keystone,Heat Engine and API,Glance,Neutron,Dedicated MySQL
server,Dedicated RabbitMQ Server,Group of Nova Computes
# TODO(shadower): we should probably use the parameter groups to put
# some order in here.
parameters:
# Common parameters (not specific to a role)
AdminPassword:
default: unset
description: The password for the keystone admin account, used for monitoring, querying neutron etc.
type: string
hidden: true
CeilometerBackend:
default: 'mongodb'
description: The ceilometer backend type.
type: string
CeilometerMeteringSecret:
default: unset
description: Secret shared by the ceilometer services.
type: string
hidden: true
CeilometerPassword:
default: unset
description: The password for the ceilometer service account.
type: string
hidden: true
# This has to be an UUID so for now we generate it outside the template
CephClusterFSID:
default: ''
type: string
description: The Ceph cluster FSID. Must be a UUID.
CephMonKey:
default: ''
description: The Ceph monitors key. Can be created with ceph-authtool --gen-print-key.
type: string
CephAdminKey:
default: ''
description: The Ceph admin client key. Can be created with ceph-authtool --gen-print-key.
type: string
CinderEnableIscsiBackend:
default: true
description: Whether to enable or not the Iscsi backend for Cinder
type: boolean
CloudName:
default: ''
description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
type: string
ControlFixedIPs:
default: []
description: Should be used for arbitrary ips.
type: json
Debug:
default: ''
description: Set to True to enable debugging on all services.
type: string
DefaultSignalTransport:
default: CFN_SIGNAL
description: Transport to use for software-config signals.
type: string
constraints:
- allowed_values: [ CFN_SIGNAL, HEAT_SIGNAL, NO_SIGNAL ]
GlancePort:
default: "9292"
description: Glance port.
type: string
GlanceProtocol:
default: http
description: Protocol to use when connecting to glance, set to https for SSL.
type: string
ImageUpdatePolicy:
default: 'REBUILD_PRESERVE_EPHEMERAL'
description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
type: string
KeyName:
default: default
description: Name of an existing EC2 KeyPair to enable SSH access to the instances
type: string
constraints:
- custom_constraint: nova.keypair
NeutronBridgeMappings:
description: >
The OVS logical->physical bridge mappings to use. See the Neutron
documentation for details. Defaults to mapping br-ex - the external
bridge on hosts - to a physical name 'datacentre' which can be used
to create provider networks (and we use this for the default floating
network) - if changing this either use different post-install network
scripts or be sure to keep 'datacentre' as a mapping network name.
type: string
default: "datacentre:br-ex"
NeutronControlPlaneID:
default: ''
type: string
description: Neutron ID for ctlplane network.
NeutronEnableTunnelling:
type: string
default: "True"
NeutronFlatNetworks:
type: string
default: 'datacentre'
description: >
If set, flat networks to configure in neutron plugins. Defaults to
'datacentre' to permit external network creation.
NeutronNetworkType:
default: 'gre'
description: The tenant network type for Neutron, either gre or vxlan.
type: string
NeutronPassword:
default: unset
description: The password for the neutron service account, used by neutron agents.
type: string
hidden: true
NeutronPublicInterface:
default: nic1
description: What interface to bridge onto br-ex for network nodes.
type: string
NeutronPublicInterfaceTag:
default: ''
description: >
VLAN tag for creating a public VLAN. The tag will be used to
create an access port on the exterior bridge for each control plane node,
and that port will be given the IP address returned by neutron from the
public network. Set CONTROLEXTRA=overcloud-vlan-port.yaml when compiling
overcloud.yaml to include the deployment of VLAN ports to the control
plane.
type: string
NeutronComputeAgentMode:
default: 'dvr'
description: Agent mode for the neutron-l3-agent on the compute hosts
type: string
NeutronAgentMode:
default: 'dvr_snat'
description: Agent mode for the neutron-l3-agent on the controller hosts
type: string
NeutronDVR:
default: 'False'
description: Whether to configure Neutron Distributed Virtual Routers
type: string
NeutronMetadataProxySharedSecret:
default: 'unset'
description: Shared secret to prevent spoofing
type: string
NeutronTunnelTypes:
default: 'gre'
description: |
The tunnel types for the Neutron tenant network. To specify multiple
values, use a comma separated string, like so: 'gre,vxlan'
type: string
NeutronMechanismDrivers:
default: 'openvswitch'
description: |
The mechanism drivers for the Neutron tenant network. To specify multiple
values, use a comma separated string, like so: 'openvswitch,l2_population'
type: string
NeutronAllowL3AgentFailover:
default: 'True'
description: Allow automatic l3-agent failover
type: string
NeutronL3HA:
default: 'False'
description: Whether to enable l3-agent HA
type: string
NovaPassword:
default: unset
description: The password for the nova service account, used by nova-api.
type: string
hidden: true
NtpServer:
type: string
default: ''
PublicVirtualFixedIPs:
default: []
description: >
Control the IP allocation for the PublicVirtualInterface port. E.g.
[{'ip_address':'1.2.3.4'}]
type: json
PublicVirtualNetwork:
default: 'ctlplane'
type: string
description: >
Neutron network to allocate public virtual IP port on.
RabbitCookieSalt:
type: string
default: unset
description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change.
# FIXME: 'guest' is provisioned in RabbitMQ by default, we should create a user if these are changed
RabbitUserName:
default: guest
description: The username for RabbitMQ
type: string
RabbitPassword:
default: guest
description: The password for RabbitMQ
type: string
hidden: true
RabbitClientUseSSL:
default: false
description: >
Rabbit client subscriber parameter to specify
an SSL connection to the RabbitMQ host.
type: string
RabbitClientPort:
default: 5672
description: Set rabbit subscriber port, change this if using SSL
type: number
SnmpdReadonlyUserName:
default: ro_snmp_user
description: The user name for SNMPd with readonly rights running on all Overcloud nodes
type: string
SnmpdReadonlyUserPassword:
default: unset
description: The user password for SNMPd with readonly rights running on all Overcloud nodes
type: string
hidden: true
# Controller-specific params
AdminToken:
default: unset
description: The keystone auth secret.
type: string
hidden: true
CinderEnableRbdBackend:
default: false
description: Whether to enable or not the Rbd backend for Cinder
type: boolean
CinderLVMLoopDeviceSize:
default: 5000
description: The size of the loopback file used by the cinder LVM driver.
type: number
CinderPassword:
default: unset
description: The password for the cinder service account, used by cinder-api.
type: string
hidden: true
CinderISCSIHelper:
default: tgtadm
description: The iSCSI helper to use with cinder.
type: string
ControllerCount:
type: number
default: 1
controllerExtraConfig:
default: {}
description: |
Controller specific configuration to inject into the cluster. Same
structure as ExtraConfig.
type: json
controllerImage:
type: string
default: overcloud-control
constraints:
- custom_constraint: glance.image
OvercloudControlFlavor:
description: Flavor for control nodes to request when deploying.
type: string
constraints:
- custom_constraint: nova.flavor
ControlVirtualInterface:
default: 'br-ex'
description: Interface where virtual ip will be assigned.
type: string
EnableGalera:
default: true
description: Whether to use Galera instead of regular MariaDB.
type: boolean
EnablePacemaker:
default: false
description: If enabled services will be monitored by Pacemaker; it
will manage VIPs as well, in place of Keepalived.
type: boolean
ControllerEnableCephStorage:
default: false
description: Whether to deploy Ceph Storage (OSD) on the Controller
type: boolean
ControllerEnableSwiftStorage:
default: true
description: Whether to enable Swift Storage on the Controller
type: boolean
ExtraConfig:
default: {}
description: |
Additional configuration to inject into the cluster. The JSON should have
the following structure:
{"FILEKEY":
{"config":
[{"section": "SECTIONNAME",
"values":
[{"option": "OPTIONNAME",
"value": "VALUENAME"
}
]
}
]
}
}
For instance:
{"nova":
{"config":
[{"section": "default",
"values":
[{"option": "force_config_drive",
"value": "always"
}
]
},
{"section": "cells",
"values":
[{"option": "driver",
"value": "nova.cells.rpc_driver.CellsRPCDriver"
}
]
}
]
}
}
type: json
GlanceLogFile:
description: The filepath of the file to use for logging messages from Glance.
type: string
default: ''
GlanceNotifierStrategy:
description: Strategy to use for Glance notification queue
type: string
default: noop
GlancePassword:
default: unset
description: The password for the glance service account, used by the glance services.
type: string
hidden: true
GlanceBackend:
default: swift
description: The short name of the Glance backend to use. Should be one
of swift, rbd or file
type: string
constraints:
- allowed_values: ['swift', 'file', 'rbd']
HeatPassword:
default: unset
description: The password for the Heat service account, used by the Heat services.
type: string
hidden: true
HeatStackDomainAdminPassword:
description: Password for heat_domain_admin user.
type: string
default: ''
hidden: true
KeystoneCACertificate:
default: ''
description: Keystone self-signed certificate authority certificate.
type: string
KeystoneSigningCertificate:
default: ''
description: Keystone certificate for verifying token validity.
type: string
KeystoneSigningKey:
default: ''
description: Keystone key for signing tokens.
type: string
hidden: true
KeystoneSSLCertificate:
default: ''
description: Keystone certificate for verifying token validity.
type: string
KeystoneSSLCertificateKey:
default: ''
description: Keystone key for signing tokens.
type: string
hidden: true
MysqlInnodbBufferPoolSize:
description: >
Specifies the size of the buffer pool in megabytes. Setting to
zero should be interpreted as "no value" and will defer to the
lower level default.
type: number
default: 0
NeutronDnsmasqOptions:
default: 'dhcp-option-force=26,1400'
description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the tunnel overhead.
type: string
NeutronPublicInterfaceDefaultRoute:
default: ''
description: A custom default route for the NeutronPublicInterface.
type: string
NeutronPublicInterfaceIP:
default: ''
description: A custom IP address to put onto the NeutronPublicInterface.
type: string
NeutronPublicInterfaceRawDevice:
default: ''
description: If set, the public interface is a vlan with this device as the raw device.
type: string
PublicVirtualInterface:
default: 'br-ex'
description: >
Specifies the interface where the public-facing virtual ip will be assigned.
This should be int_public when a VLAN is being used.
type: string
SSLCertificate:
default: ''
description: If set, the contents of an SSL certificate .crt file for encrypting SSL endpoints.
type: string
hidden: true
SSLKey:
default: ''
description: If set, the contents of an SSL certificate .key file for encrypting SSL endpoints.
type: string
hidden: true
SSLCACertificate:
default: ''
description: If set, the contents of an SSL certificate authority file.
type: string
SwiftHashSuffix:
default: unset
description: A random string to be used as a salt when hashing to determine mappings in the ring.
type: string
hidden: true
SwiftPassword:
default: unset
description: The password for the swift service account, used by the swift proxy services.
type: string
hidden: true
SwiftMountCheck:
default: 'false'
description: Value of mount_check in Swift account/container/object -server.conf
type: boolean
SwiftMinPartHours:
type: number
default: 1
description: The minimum time (in hours) before a partition in a ring can be moved following a rebalance.
SwiftPartPower:
default: 10
description: Partition Power to use when building Swift rings
type: number
SwiftReplicas:
type: number
default: 3
description: How many replicas to use in the swift rings.
# Compute-specific params
CeilometerComputeAgent:
description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
type: string
default: ''
constraints:
- allowed_values: ['', Present]
ComputeCount:
type: number
default: 1
HypervisorNeutronPhysicalBridge:
default: 'br-ex'
description: >
An OVS bridge to create on each hypervisor. This defaults to br-ex the
same as the control plane nodes, as we have a uniform configuration of
the openvswitch agent. Typically should not need to be changed.
type: string
HypervisorNeutronPublicInterface:
default: nic1
description: What interface to add to the HypervisorNeutronPhysicalBridge.
type: string
NeutronNetworkVLANRanges:
default: 'datacentre'
description: >
The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
Neutron documentation for permitted values. Defaults to permitting any
VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
type: string
NovaComputeDriver:
type: string
default: libvirt.LibvirtDriver
NovaComputeExtraConfig:
default: {}
description: |
NovaCompute specific configuration to inject into the cluster. Same
structure as ExtraConfig.
type: json
NovaComputeLibvirtType:
default: ''
type: string
NovaEnableRbdBackend:
default: false
description: Whether to enable or not the Rbd backend for Nova
type: boolean
NovaImage:
type: string
default: overcloud-compute
constraints:
- custom_constraint: glance.image
OvercloudComputeFlavor:
description: Use this flavor
type: string
constraints:
- custom_constraint: nova.flavor
ServiceNetMap:
default:
NeutronLocalIp: tenant
CeilometerApiNetwork: internal_api
MongoDbNetwork: internal_api
CinderApiNetwork: internal_api
CinderIscsiNetwork: storage
GlanceApiNetwork: storage
GlanceRegistryNetwork: internal_api
KeystoneAdminApiNetwork: internal_api
KeystonePublicApiNetwork: internal_api
NeutronApiNetwork: internal_api
HeatApiNetwork: internal_api
NovaApiNetwork: internal_api
NovaMetadataNetwork: internal_api
SwiftMgmtNetwork: storage_mgmt
SwiftProxyNetwork: storage
HorizonNetwork: internal_api
MemcachedNetwork: internal_api
RabbitMqNetwork: internal_api
RedisNetwork: internal_api
MysqlNetwork: internal_api
CephClusterNetwork: storage_mgmt
CephPublicNetwork: storage
description: Mapping of service_name -> network name. Typically set
via parameter_defaults in the resource registry.
type: json
# Block storage specific parameters
BlockStorageCount:
type: number
default: 0
BlockStorageImage:
default: overcloud-cinder-volume
type: string
OvercloudBlockStorageFlavor:
description: Flavor for block storage nodes to request when deploying.
type: string
constraints:
- custom_constraint: nova.flavor
# Object storage specific parameters
ObjectStorageCount:
type: number
default: 0
OvercloudSwiftStorageFlavor:
description: Flavor for Swift storage nodes to request when deploying.
type: string
constraints:
- custom_constraint: nova.flavor
SwiftStorageImage:
default: overcloud-swift-storage
type: string
# Ceph storage specific parameters
CephStorageCount:
type: number
default: 0
CephStorageImage:
default: overcloud-ceph-storage
type: string
OvercloudCephStorageFlavor:
default: baremetal
description: Flavor for Ceph storage nodes to request when deploying.
type: string
constraints:
- custom_constraint: nova.flavor
resources:
HeatAuthEncryptionKey:
type: OS::Heat::RandomString
PcsdPassword:
type: OS::Heat::RandomString
properties:
length: 16
HorizonSecret:
type: OS::Heat::RandomString
properties:
length: 10
Controller:
type: OS::Heat::ResourceGroup
depends_on: Networks
properties:
count: {get_param: ControllerCount}
resource_def:
type: OS::TripleO::Controller
properties:
AdminPassword: {get_param: AdminPassword}
AdminToken: {get_param: AdminToken}
CeilometerBackend: {get_param: CeilometerBackend}
CeilometerMeteringSecret: {get_param: CeilometerMeteringSecret}
CeilometerPassword: {get_param: CeilometerPassword}
CinderLVMLoopDeviceSize: {get_param: CinderLVMLoopDeviceSize}
CinderPassword: {get_param: CinderPassword}
CinderISCSIHelper: {get_param: CinderISCSIHelper}
CinderEnableIscsiBackend: {get_param: CinderEnableIscsiBackend}
CinderEnableRbdBackend: {get_param: CinderEnableRbdBackend}
CloudName: {get_param: CloudName}
ControlVirtualInterface: {get_param: ControlVirtualInterface}
ControllerExtraConfig: {get_param: controllerExtraConfig}
Debug: {get_param: Debug}
EnableGalera: {get_param: EnableGalera}
EnablePacemaker: {get_param: EnablePacemaker}
EnableCephStorage: {get_param: ControllerEnableCephStorage}
EnableSwiftStorage: {get_param: ControllerEnableSwiftStorage}
ExtraConfig: {get_param: ExtraConfig}
Flavor: {get_param: OvercloudControlFlavor}
GlancePort: {get_param: GlancePort}
GlanceProtocol: {get_param: GlanceProtocol}
GlancePassword: {get_param: GlancePassword}
GlanceBackend: {get_param: GlanceBackend}
GlanceNotifierStrategy: {get_param: GlanceNotifierStrategy}
GlanceLogFile: {get_param: GlanceLogFile}
HeatPassword: {get_param: HeatPassword}
HeatStackDomainAdminPassword: {get_param: HeatStackDomainAdminPassword}
HeatAuthEncryptionKey: {get_resource: HeatAuthEncryptionKey}
HorizonSecret: {get_resource: HorizonSecret}
Image: {get_param: controllerImage}
ImageUpdatePolicy: {get_param: ImageUpdatePolicy}
KeyName: {get_param: KeyName}
KeystoneCACertificate: {get_param: KeystoneCACertificate}
KeystoneSigningCertificate: {get_param: KeystoneSigningCertificate}
KeystoneSigningKey: {get_param: KeystoneSigningKey}
KeystoneSSLCertificate: {get_param: KeystoneSSLCertificate}
KeystoneSSLCertificateKey: {get_param: KeystoneSSLCertificateKey}
MysqlClusterUniquePart: {get_attr: [MysqlClusterUniquePart, value]}
MysqlInnodbBufferPoolSize: {get_param: MysqlInnodbBufferPoolSize}
MysqlRootPassword: {get_attr: [MysqlRootPassword, value]}
NeutronPublicInterfaceIP: {get_param: NeutronPublicInterfaceIP}
NeutronFlatNetworks: {get_param: NeutronFlatNetworks}
NeutronBridgeMappings: {get_param: NeutronBridgeMappings}
NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling}
NeutronNetworkVLANRanges: {get_param: NeutronNetworkVLANRanges}
NeutronPublicInterface: {get_param: NeutronPublicInterface}
NeutronPublicInterfaceDefaultRoute: {get_param: NeutronPublicInterfaceDefaultRoute}
NeutronPublicInterfaceRawDevice: {get_param: NeutronPublicInterfaceRawDevice}
NeutronPassword: {get_param: NeutronPassword}
NeutronDnsmasqOptions: {get_param: NeutronDnsmasqOptions}
NeutronDVR: {get_param: NeutronDVR}
NeutronMetadataProxySharedSecret: {get_param: NeutronMetadataProxySharedSecret}
NeutronAgentMode: {get_param: NeutronAgentMode}
NeutronMechanismDrivers: {get_param: NeutronMechanismDrivers}
NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover}
NeutronL3HA: {get_param: NeutronL3HA}
NeutronNetworkType: {get_param: NeutronNetworkType}
NeutronTunnelTypes: {get_param: NeutronTunnelTypes}
NovaPassword: {get_param: NovaPassword}
NtpServer: {get_param: NtpServer}
PcsdPassword: {get_resource: PcsdPassword}
PublicVirtualInterface: {get_param: PublicVirtualInterface}
RabbitPassword: {get_param: RabbitPassword}
RabbitUserName: {get_param: RabbitUserName}
RabbitCookie: {get_attr: [RabbitCookie, value]}
RabbitClientUseSSL: {get_param: RabbitClientUseSSL}
RabbitClientPort: {get_param: RabbitClientPort}
SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
SSLCertificate: {get_param: SSLCertificate}
SSLKey: {get_param: SSLKey}
SSLCACertificate: {get_param: SSLCACertificate}
SwiftHashSuffix: {get_param: SwiftHashSuffix}
SwiftMountCheck: {get_param: SwiftMountCheck}
SwiftMinPartHours: {get_param: SwiftMinPartHours}
SwiftPartPower: {get_param: SwiftPartPower}
SwiftPassword: {get_param: SwiftPassword}
SwiftReplicas: { get_param: SwiftReplicas}
VirtualIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]} # deprecated. Use per service VIP settings instead now.
PublicVirtualIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]} # deprecated. Use per service VIP settings instead now.
ServiceNetMap: {get_param: ServiceNetMap}
HeatApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
GlanceApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
MysqlVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
KeystonePublicApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
NeutronApiVirtualIP: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
Compute:
type: OS::Heat::ResourceGroup
depends_on: Networks
properties:
count: {get_param: ComputeCount}
resource_def:
type: OS::TripleO::Compute
properties:
AdminPassword: {get_param: AdminPassword}
CeilometerComputeAgent: {get_param: CeilometerComputeAgent}
CeilometerMeteringSecret: {get_param: CeilometerMeteringSecret}
CeilometerPassword: {get_param: CeilometerPassword}
Debug: {get_param: Debug}
ExtraConfig: {get_param: ExtraConfig}
Flavor: {get_param: OvercloudComputeFlavor}
GlanceHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
GlancePort: {get_param: GlancePort}
GlanceProtocol: {get_param: GlanceProtocol}
Image: {get_param: NovaImage}
ImageUpdatePolicy: {get_param: ImageUpdatePolicy}
KeyName: {get_param: KeyName}
KeystoneHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
NeutronBridgeMappings: {get_param: NeutronBridgeMappings}
NeutronEnableTunnelling: {get_param: NeutronEnableTunnelling}
NeutronFlatNetworks: {get_param: NeutronFlatNetworks}
NeutronHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
NeutronNetworkType: {get_param: NeutronNetworkType}
NeutronTunnelTypes: {get_param: NeutronTunnelTypes}
NeutronNetworkVLANRanges: {get_param: NeutronNetworkVLANRanges}
NeutronPassword: {get_param: NeutronPassword}
NeutronPhysicalBridge: {get_param: HypervisorNeutronPhysicalBridge}
NeutronPublicInterface: {get_param: HypervisorNeutronPublicInterface}
NeutronDVR: {get_param: NeutronDVR}
NeutronMetadataProxySharedSecret: {get_param: NeutronMetadataProxySharedSecret}
NeutronAgentMode: {get_param: NeutronComputeAgentMode}
NeutronPublicInterfaceRawDevice: {get_param: NeutronPublicInterfaceRawDevice}
NeutronMechanismDrivers: {get_param: NeutronMechanismDrivers}
# L3 HA and Failover is not relevant for Computes, should be removed
NeutronAllowL3AgentFailover: {get_param: NeutronAllowL3AgentFailover}
NeutronL3HA: {get_param: NeutronL3HA}
NovaApiHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
NovaComputeDriver: {get_param: NovaComputeDriver}
NovaComputeExtraConfig: {get_param: NovaComputeExtraConfig}
NovaComputeLibvirtType: {get_param: NovaComputeLibvirtType}
NovaEnableRbdBackend: {get_param: NovaEnableRbdBackend}
NovaPublicIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
NovaPassword: {get_param: NovaPassword}
NtpServer: {get_param: NtpServer}
RabbitHost: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
RabbitPassword: {get_param: RabbitPassword}
RabbitUserName: {get_param: RabbitUserName}
RabbitClientUseSSL: {get_param: RabbitClientUseSSL}
RabbitClientPort: {get_param: RabbitClientPort}
SnmpdReadonlyUserName: {get_param: SnmpdReadonlyUserName}
SnmpdReadonlyUserPassword: {get_param: SnmpdReadonlyUserPassword}
ServiceNetMap: {get_param: ServiceNetMap}
BlockStorage:
type: OS::Heat::ResourceGroup
depends_on: Networks
properties:
count: {get_param: BlockStorageCount}
resource_def:
type: OS::TripleO::BlockStorage
properties:
Debug: {get_param: Debug}
Image: {get_param: BlockStorageImage}
CinderISCSIHelper: {get_param: CinderISCSIHelper}
CinderLVMLoopDeviceSize: {get_param: CinderLVMLoopDeviceSize}
# Purpose of the dedicated BlockStorage nodes should be to use their local LVM
CinderEnableIscsiBackend: {get_param: CinderEnableIscsiBackend}
CinderPassword: {get_param: CinderPassword}
VirtualIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
KeyName: {get_param: KeyName}
Flavor: {get_param: OvercloudBlockStorageFlavor}
RabbitPassword: {get_param: RabbitPassword}
RabbitUserName: {get_param: RabbitUserName}
RabbitClientUseSSL: {get_param: RabbitClientUseSSL}
RabbitClientPort: {get_param: RabbitClientPort}
NtpServer: {get_param: NtpServer}
ObjectStorage:
type: OS::Heat::ResourceGroup
depends_on: Networks
properties:
count: {get_param: ObjectStorageCount}
resource_def:
type: OS::TripleO::ObjectStorage
properties:
KeyName: {get_param: KeyName}
Flavor: {get_param: OvercloudSwiftStorageFlavor}
HashSuffix: {get_param: SwiftHashSuffix}
MountCheck: {get_param: SwiftMountCheck}
MinPartHours: {get_param: SwiftMinPartHours}
PartPower: {get_param: SwiftPartPower}
Image: {get_param: SwiftStorageImage}
Replicas: { get_param: SwiftReplicas}
NtpServer: {get_param: NtpServer}
CephStorage:
type: OS::Heat::ResourceGroup
depends_on: Networks
properties:
count: {get_param: CephStorageCount}
resource_def:
type: OS::TripleO::CephStorage
properties:
Image: {get_param: CephStorageImage}
KeyName: {get_param: KeyName}
Flavor: {get_param: OvercloudCephStorageFlavor}
NtpServer: {get_param: NtpServer}
ServiceNetMap: {get_param: ServiceNetMap}
ControllerIpListMap:
type: OS::TripleO::Network::Ports::NetIpListMap
properties:
ExternalIpList: {get_attr: [Controller, external_ip_address]}
InternalApiIpList: {get_attr: [Controller, internal_api_ip_address]}
StorageIpList: {get_attr: [Controller, storage_ip_address]}
StorageMgmtIpList: {get_attr: [Controller, storage_mgmt_ip_address]}
TenantIpList: {get_attr: [Controller, tenant_ip_address]}
allNodesConfig:
type: OS::TripleO::AllNodes::SoftwareConfig
properties:
compute_hosts: {get_attr: [Compute, hosts_entry]}
controller_hosts: {get_attr: [Controller, hosts_entry]}
controller_ips: {get_attr: [Controller, ip_address]}
block_storage_hosts: {get_attr: [BlockStorage, hosts_entry]}
object_storage_hosts: {get_attr: [ObjectStorage, hosts_entry]}
ceph_storage_hosts: {get_attr: [CephStorage, hosts_entry]}
controller_names: {get_attr: [Controller, hostname]}
rabbit_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
mongo_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MongoDbNetwork]}]}
redis_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
memcache_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MemcachedNetwork]}]}
mysql_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
horizon_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
heat_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
swift_proxy_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
ceilometer_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
nova_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
nova_metadata_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
glance_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
glance_registry_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
cinder_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
neutron_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
keystone_public_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
keystone_admin_api_node_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
MysqlRootPassword:
type: OS::Heat::RandomString
properties:
length: 10
MysqlClusterUniquePart:
type: OS::Heat::RandomString
properties:
length: 10
RabbitCookie:
type: OS::Heat::RandomString
properties:
length: 20
salt: {get_param: RabbitCookieSalt}
# creates the network architecture
Networks:
type: OS::TripleO::Network
ControlVirtualIP:
type: OS::Neutron::Port
depends_on: Networks
properties:
name: control_virtual_ip
network_id: {get_param: NeutronControlPlaneID}
fixed_ips: {get_param: ControlFixedIPs}
replacement_policy: AUTO
# same as external
PublicVirtualIP:
type: OS::Neutron::Port
depends_on: Networks
properties:
name: public_virtual_ip
network: {get_param: PublicVirtualNetwork}
fixed_ips: {get_param: PublicVirtualFixedIPs}
replacement_policy: AUTO
InternalApiVirtualIP:
depends_on: Networks
type: OS::TripleO::Controller::Ports::InternalApiPort
properties:
ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
PortName: internal_api_virtual_ip
StorageVirtualIP:
depends_on: Networks
type: OS::TripleO::Controller::Ports::StoragePort
properties:
ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
PortName: storage_virtual_ip
StorageMgmtVirtualIP:
depends_on: Networks
type: OS::TripleO::Controller::Ports::StorageMgmtPort
properties:
ControlPlaneIP: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
PortName: storage_management_virtual_ip
VipMap:
type: OS::TripleO::Network::Ports::NetIpMap
properties:
ExternalIp: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
InternalApiIp: {get_attr: [InternalApiVirtualIP, ip_address]}
StorageIp: {get_attr: [StorageVirtualIP, ip_address]}
StorageMgmtIp: {get_attr: [StorageMgmtVirtualIP, ip_address]}
# No tenant VIP required
VipConfig:
type: OS::TripleO::VipConfig
VipDeployment:
type: OS::Heat::StructuredDeployments
properties:
config: {get_resource: VipConfig}
servers: {get_attr: [Controller, attributes, nova_server_resource]}
input_values:
# service VIP mappings
keystone_admin_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystoneAdminApiNetwork]}]}
keystone_public_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, KeystonePublicApiNetwork]}]}
neutron_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NeutronApiNetwork]}]}
cinder_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CinderApiNetwork]}]}
glance_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceApiNetwork]}]}
glance_registry_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, GlanceRegistryNetwork]}]}
swift_proxy_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, SwiftProxyNetwork]}]}
nova_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaApiNetwork]}]}
nova_metadata_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, NovaMetadataNetwork]}]}
ceilometer_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, CeilometerApiNetwork]}]}
heat_api_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HeatApiNetwork]}]}
horizon_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, HorizonNetwork]}]}
redis_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, RedisNetwork]}]}
mysql_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, MysqlNetwork]}]}
rabbit_vip: {get_attr: [VipMap, net_ip_map, {get_param: [ServiceNetMap, RabbitMqNetwork]}]}
# direct configuration of Virtual IPs for each network
control_virtual_ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
public_virtual_ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
internal_api_virtual_ip: {get_attr: [InternalApiVirtualIP, ip_address]}
storage_virtual_ip: {get_attr: [StorageVirtualIP, ip_address]}
storage_mgmt_virtual_ip: {get_attr: [StorageMgmtVirtualIP, ip_address]}
ControllerBootstrapNodeConfig:
type: OS::TripleO::BootstrapNode::SoftwareConfig
properties:
bootstrap_nodeid: {get_attr: [Controller, resource.0.hostname]}
bootstrap_nodeid_ip: {get_attr: [Controller, resource.0.ip_address]}
ControllerBootstrapNodeDeployment:
type: OS::Heat::StructuredDeployments
properties:
config: {get_attr: [ControllerBootstrapNodeConfig, config_id]}
servers: {get_attr: [Controller, attributes, nova_server_resource]}
signal_transport: NO_SIGNAL
ControllerSwiftDeployment:
type: OS::Heat::StructuredDeployments
properties:
config: {get_attr: [SwiftDevicesAndProxyConfig, config_id]}
servers: {get_attr: [Controller, attributes, nova_server_resource]}
signal_transport: NO_SIGNAL
ObjectStorageSwiftDeployment:
type: OS::Heat::StructuredDeployments
properties:
config: {get_attr: [SwiftDevicesAndProxyConfig, config_id]}
servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
signal_transport: NO_SIGNAL
SwiftDevicesAndProxyConfig:
type: OS::TripleO::SwiftDevicesAndProxy::SoftwareConfig
properties:
controller_swift_devices: {get_attr: [Controller, swift_device]}
object_store_swift_devices: {get_attr: [ObjectStorage, swift_device]}
controller_swift_proxy_memcaches: {get_attr: [Controller, swift_proxy_memcache]}
ComputeCephDeployment:
type: OS::Heat::StructuredDeployments
properties:
config: {get_attr: [CephClusterConfig, config_id]}
servers: {get_attr: [Compute, attributes, nova_server_resource]}
ControllerCephDeployment:
type: OS::Heat::StructuredDeployments
properties:
config: {get_attr: [CephClusterConfig, config_id]}
servers: {get_attr: [Controller, attributes, nova_server_resource]}
CephStorageCephDeployment:
type: OS::Heat::StructuredDeployments
properties:
config: {get_attr: [CephClusterConfig, config_id]}
servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
CephClusterConfig:
type: OS::TripleO::CephClusterConfig::SoftwareConfig
properties:
ceph_fsid: {get_param: CephClusterFSID}
ceph_mon_key: {get_param: CephMonKey}
ceph_admin_key: {get_param: CephAdminKey}
ceph_mon_names: {get_attr: [Controller, hostname]}
ceph_mon_ips: {get_attr: [ControllerIpListMap, net_ip_map, {get_param: [ServiceNetMap, CephPublicNetwork]}]}
ControllerClusterConfig:
type: OS::Heat::StructuredConfig
properties:
config:
corosync:
nodes: {get_attr: [Controller, corosync_node]}
horizon:
caches:
memcached:
nodes: {get_attr: [Controller, hostname]}
mysql:
nodes: {get_attr: [Controller, corosync_node]}
haproxy:
nodes: {get_attr: [Controller, corosync_node]}
ControllerClusterDeployment:
type: OS::Heat::StructuredDeployments
properties:
config: {get_resource: ControllerClusterConfig}
servers: {get_attr: [Controller, attributes, nova_server_resource]}
signal_transport: NO_SIGNAL
ControllerAllNodesDeployment:
type: OS::Heat::StructuredDeployments
properties:
config: {get_attr: [allNodesConfig, config_id]}
servers: {get_attr: [Controller, attributes, nova_server_resource]}
ComputeAllNodesDeployment:
type: OS::Heat::StructuredDeployments
properties:
config: {get_attr: [allNodesConfig, config_id]}
servers: {get_attr: [Compute, attributes, nova_server_resource]}
BlockStorageAllNodesDeployment:
type: OS::Heat::StructuredDeployments
properties:
config: {get_attr: [allNodesConfig, config_id]}
servers: {get_attr: [BlockStorage, attributes, nova_server_resource]}
ObjectStorageAllNodesDeployment:
type: OS::Heat::StructuredDeployments
properties:
config: {get_attr: [allNodesConfig, config_id]}
servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
CephStorageAllNodesDeployment:
type: OS::Heat::StructuredDeployments
properties:
config: {get_attr: [allNodesConfig, config_id]}
servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
# Nested stack deployment runs after all other controller deployments
ControllerNodesPostDeployment:
type: OS::TripleO::ControllerPostDeployment
depends_on: [ControllerBootstrapNodeDeployment, ControllerAllNodesDeployment, ControllerSwiftDeployment, ControllerCephDeployment]
properties:
servers: {get_attr: [Controller, attributes, nova_server_resource]}
ComputeNodesPostDeployment:
type: OS::TripleO::ComputePostDeployment
depends_on: [ComputeAllNodesDeployment, ComputeCephDeployment]
properties:
servers: {get_attr: [Compute, attributes, nova_server_resource]}
ObjectStorageNodesPostDeployment:
type: OS::TripleO::ObjectStoragePostDeployment
depends_on: [ObjectStorageSwiftDeployment, ObjectStorageAllNodesDeployment]
properties:
servers: {get_attr: [ObjectStorage, attributes, nova_server_resource]}
BlockStorageNodesPostDeployment:
type: OS::TripleO::BlockStoragePostDeployment
depends_on: [ControllerNodesPostDeployment, BlockStorageAllNodesDeployment]
properties:
servers: {get_attr: [BlockStorage, attributes, nova_server_resource]}
CephStorageNodesPostDeployment:
type: OS::TripleO::CephStoragePostDeployment
depends_on: [ControllerNodesPostDeployment, CephStorageCephDeployment, CephStorageAllNodesDeployment]
properties:
servers: {get_attr: [CephStorage, attributes, nova_server_resource]}
outputs:
KeystoneURL:
description: URL for the Overcloud Keystone service
value:
list_join:
- ''
- - http://
- {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
- :5000/v2.0/