openstack
/
tripleo-heat-templates
Code Issues Proposed changes
tripleo-heat-templates/overcloud-source.yaml

850 lines
28 KiB
YAML
Raw Permalink Blame History

description: Nova API,Keystone,Heat Engine and API,Glance,Neutron,Dedicated MySQL
server,Dedicated RabbitMQ Server,Group of Nova Computes
heat_template_version: 2013-05-23
parameters:
AdminPassword:
default: unset
description: The password for the keystone admin account, used for monitoring, querying neutron etc.
type: string
hidden: true
AdminToken:
default: unset
description: The keystone auth secret.
type: string
hidden: true
CinderPassword:
default: unset
description: The password for the cinder service account, used by cinder-api.
type: string
hidden: true
CinderISCSIHelper:
default: tgtadm
description: The iSCSI helper to use with cinder.
type: string
CinderLVMLoopDeviceSize:
default: 5000
description: The size of the loopback file used by the cinder LVM driver.
type: number
ExtraConfig:
default: {}
description: |
Additional configuration to inject into the cluster. The JSON should have
the following structure:
{"FILEKEY":
{"config":
[{"section": "SECTIONNAME",
"values":
[{"option": "OPTIONNAME",
"value": "VALUENAME"
}
]
}
]
}
}
For instance:
{"nova":
{"config":
[{"section": "default",
"values":
[{"option": "compute_manager",
"value": "ironic.nova.compute.manager.ClusterComputeManager"
}
]
},
{"section": "cells",
"values":
[{"option": "driver",
"value": "nova.cells.rpc_driver.CellsRPCDriver"
}
]
}
]
}
}
type: json
OvercloudControlFlavor:
default: baremetal
description: Flavor for control nodes to request when deploying.
type: string
OvercloudComputeFlavor:
default: baremetal
description: Flavor for compute nodes to request when deploying.
type: string
GlancePort:
default: 9292
description: Glance port.
type: string
GlanceProtocol:
default: http
description: Protocol to use when connecting to glance, set to https for SSL.
type: string
GlancePassword:
default: unset
description: The password for the glance service account, used by the glance services.
type: string
hidden: true
GlanceNotifierStrategy:
description: Strategy to use for Glance notification queue
type: string
default: noop
GlanceLogFile:
description: The filepath of the file to use for logging messages from Glance.
type: string
default: ''
HeatPassword:
default: unset
description: The password for the Heat service account, used by the Heat services.
type: string
hidden: true
ImageUpdatePolicy:
default: 'REBUILD_PRESERVE_EPHEMERAL'
description: What policy to use when reconstructing instances. REBUILD for rebuilds, REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
type: string
KeyName:
default: default
description: Name of an existing EC2 KeyPair to enable SSH access to the instances
type: string
NeutronBridgeMappings:
description: |
The OVS logical->physical bridge mappings to use. See the Neutron
documentation for details. Defaults to mapping br-ex - the external
bridge on hosts - to a physical name 'datacentre' which can be used
to create provider networks (and we use this for the default floating
network) - if changing this either use different post-install network
scripts or be sure to keep 'datacentre' as a mapping network name.
type: string
default: "datacentre:br-ex"
NeutronNetworkVLANRanges:
default: 'datacentre'
description: |
The Neutron ML2 and OpenVSwitch vlan mapping range to support. See the
Neutron documentation for permitted values. Defaults to permitting any
VLAN on the 'datacentre' physical network (See NeutronBridgeMappings).
type: string
NeutronPassword:
default: unset
description: The password for the neutron service account, used by neutron agents.
type: string
hidden: true
CeilometerComputeAgent:
description: Indicates whether the Compute agent is present and expects nova-compute to be configured accordingly
type: string
default: ''
constraints:
- allowed_values: ['', Present]
CeilometerMeteringSecret:
default: unset
description: Secret shared by the ceilometer services.
type: string
hidden: true
CeilometerPassword:
default: unset
description: The password for the ceilometer service account.
type: string
hidden: true
SnmpdReadonlyUserName:
default: ro_snmp_user
description: The user name for SNMPd with readonly rights running on all Overcloud nodes
type: string
SnmpdReadonlyUserPassword:
default: unset
description: The user password for SNMPd with readonly rights running on all Overcloud nodes
type: string
hidden: true
CloudName:
default: ''
description: The DNS name of this cloud. E.g. ci-overcloud.tripleo.org
type: string
NovaComputeDriver:
default: libvirt.LibvirtDriver
type: string
NovaComputeLibvirtType:
default: ''
type: string
NovaImage:
type: string
default: overcloud-compute
NovaPassword:
default: unset
description: The password for the nova service account, used by nova-api.
type: string
hidden: true
NeutronFlatNetworks:
type: string
default: 'datacentre'
description: |
If set, flat networks to configure in neutron plugins. Defaults to
'datacentre' to permit external network creation.
HypervisorNeutronPhysicalBridge:
default: 'br-ex'
description: |
An OVS bridge to create on each hypervisor. This defaults to br-ex the
same as the control plane nodes, as we have a uniform configuration of
the openvswitch agent. Typically should not need to be changed.
type: string
HypervisorNeutronPublicInterface:
default: 'eth0'
description: What interface to add to the HypervisorNeutronPhysicalBridge.
type: string
NeutronPublicInterface:
default: eth0
description: What interface to bridge onto br-ex for network nodes.
type: string
NeutronPublicInterfaceDefaultRoute:
default: ''
description: A custom default route for the NeutronPublicInterface.
type: string
NeutronPublicInterfaceIP:
default: ''
description: A custom IP address to put onto the NeutronPublicInterface.
type: string
NeutronPublicInterfaceRawDevice:
default: ''
description: If set, the public interface is a vlan with this device as the raw device.
type: string
NeutronControlPlaneID:
default: ''
type: string
description: Neutron ID for ctlplane network.
NeutronDnsmasqOptions:
default: 'dhcp-option-force=26,1400'
description: Dnsmasq options for neutron-dhcp-agent. The default value here forces MTU to be set to 1400 to account for the gre tunnel overhead.
type: string
controllerImage:
type: string
default: overcloud-control
NtpServer:
type: string
default: ''
RabbitUserName:
default: guest
description: The username for RabbitMQ
type: string
RabbitPassword:
default: guest
description: The password for RabbitMQ
type: string
hidden: true
RabbitCookieSalt:
type: string
default: unset
description: Salt for the rabbit cookie, change this to force the randomly generated rabbit cookie to change.
HeatStackDomainAdminPassword:
description: Password for heat_domain_admin user.
type: string
default: ''
hidden: true
LiveUpdateUserName:
type: string
description: The live-update username for the undercloud Glance API.
default: ''
LiveUpdateTenantName:
type: string
description: The live-update tenant name for the undercloud Glance API.
default: ''
LiveUpdateHost:
type: string
description: The IP address for the undercloud Glance API.
default: ''
LiveUpdatePassword:
type: string
default: ''
description: The live-update password for the undercloud Glance API.
hidden: true
LiveUpdateComputeImage:
type: string
description: The image ID for live-updates to the overcloud compute nodes.
default: ''
MysqlInnodbBufferPoolSize:
description: >
Specifies the size of the buffer pool in megabytes. Setting to
zero should be interpreted as "no value" and will defer to the
lower level default.
type: number
default: 0
ControlVirtualInterface:
default: 'br-ex'
description: Interface where virtual ip will be assigned.
type: string
ControlFixedIPs:
default: []
description: Should be used for arbitrary ips.
type: json
PublicVirtualFixedIPs:
default: []
description: |
Control the IP allocation for the PublicVirtualInterface port. E.g.
[{'ip_address':'1.2.3.4'}]
type: json
PublicVirtualInterface:
default: 'br-ex'
description: >
Specifies the interface where the public-facing virtual ip will be assigned.
This should be int_public when a VLAN is being used.
type: string
PublicVirtualNetwork:
default: 'ctlplane'
type: string
description: >
Neutron network to allocate public virtual IP port on.
KeystoneCACertificate:
default: ''
description: Keystone self-signed certificate authority certificate.
type: string
KeystoneSigningCertificate:
default: ''
description: Keystone certificate for verifying token validity.
type: string
KeystoneSigningKey:
default: ''
description: Keystone key for signing tokens.
type: string
hidden: true
DefaultSignalTransport:
default: CFN_SIGNAL
description: Transport to use for software-config signals.
type: string
constraints:
- allowed_values: [ CFN_SIGNAL, HEAT_SIGNAL, NO_SIGNAL ]
resources:
ControlVirtualIP:
type: OS::Neutron::Port
properties:
name: control_virtual_ip
network_id: {get_param: NeutronControlPlaneID}
fixed_ips:
get_param: ControlFixedIPs
MysqlClusterUniquePart:
type: OS::Heat::RandomString
properties:
length: 10
MysqlRootPassword:
type: OS::Heat::RandomString
properties:
length: 10
PublicVirtualIP:
type: OS::Neutron::Port
properties:
name: public_virtual_ip
network: {get_param: PublicVirtualNetwork}
fixed_ips:
get_param: PublicVirtualFixedIPs
RabbitCookie:
type: OS::Heat::RandomString
properties:
length: 20
salt:
get_param: RabbitCookieSalt
NovaCompute0Deployment:
type: FileInclude
Path: nova-compute-instance.yaml
SubKey: resources.NovaCompute0Deployment
parameters:
DefaultSignalTransport:
get_param: DefaultSignalTransport
NovaApiHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
KeystoneHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
NeutronHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
GlanceHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
RabbitHost: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
NovaDSN:
Fn::Join:
- ''
- - mysql://nova:unset@
- &compute_database_host {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
- /nova
NovaPublicIP: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
CeilometerDSN:
Fn::Join:
- ''
- - mysql://ceilometer:unset@
- *compute_database_host
- /ceilometer
NeutronDSN:
Fn::Join:
- ''
- - mysql://neutron:unset@
- *compute_database_host
- /ovs_neutron
NeutronNetworkType: "gre"
NeutronEnableTunnelling: "True"
NeutronFlatNetworks:
get_param: NeutronFlatNetworks
NeutronNetworkVLANRanges:
get_param: NeutronNetworkVLANRanges
NeutronPhysicalBridge:
get_param: HypervisorNeutronPhysicalBridge
NeutronPublicInterface:
get_param: HypervisorNeutronPublicInterface
NeutronBridgeMappings:
get_param: NeutronBridgeMappings
NovaCompute0AllNodesDeployment:
type: FileInclude
Path: nova-compute-instance.yaml
SubKey: resources.NovaCompute0AllNodesDeployment
parameters:
AllNodesConfig: {get_resource: allNodesConfig}
NovaCompute0Passthrough:
type: FileInclude
Path: nova-compute-instance.yaml
SubKey: resources.NovaCompute0Passthrough
parameters:
passthrough_config: {get_param: ExtraConfig}
NovaCompute0:
type: FileInclude
Path: nova-compute-instance.yaml
SubKey: resources.NovaCompute0
controllerConfig:
type: OS::Heat::StructuredConfig
properties:
group: os-apply-config
config:
admin-password:
get_param: AdminPassword
admin-token:
get_param: AdminToken
bootstack:
public_interface_ip:
get_param: NeutronPublicInterfaceIP
bootstrap_host:
bootstrap_nodeid:
Fn::Select:
- 0
- Fn::Select:
- 0
- Merge::Map:
controller0:
- Fn::Select:
- name
- get_attr:
- controller0
- show
nodeid: {get_input: bootstack_nodeid}
database:
host: &database_host
{get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
cinder:
db:
Fn::Join:
- ''
- - mysql://cinder:unset@
- *database_host
- /cinder
volume_size_mb:
get_param: CinderLVMLoopDeviceSize
service-password:
get_param: CinderPassword
iscsi-helper:
get_param: CinderISCSIHelper
controller-address:
get_input: controller_host
corosync:
bindnetaddr: {get_input: controller_host}
mcastport: 5577
nodes:
Merge::Map:
controller0:
ip: {get_attr: [controller0, networks, ctlplane, 0]}
pacemaker:
stonith_enabled : false
recheck_interval : 5
quorum_policy : ignore
db-password: unset
glance:
registry:
host: {get_input: controller_virtual_ip}
backend: swift
db:
Fn::Join:
- ''
- - mysql://glance:unset@
- *database_host
- /glance
host:
get_input: controller_virtual_ip
port:
get_param: GlancePort
protocol:
get_param: GlanceProtocol
service-password:
get_param: GlancePassword
swift-store-user: service:glance
swift-store-key:
get_param: GlancePassword
notifier-strategy:
get_param: GlanceNotifierStrategy
log-file:
get_param: GlanceLogFile
heat:
admin_password:
get_param: HeatPassword
admin_tenant_name: service
admin_user: heat
auth_encryption_key: unset___________
db:
Fn::Join:
- ''
- - mysql://heat:unset@
- *database_host
- /heat
stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
watch_server_url: {get_input: heat.watch_server_url}
metadata_server_url: {get_input: heat.metadata_server_url}
waitcondition_server_url: {get_input: heat.waitcondition_server_url}
horizon:
caches:
memcached:
nodes:
Merge::Map:
controller0:
{get_attr: [controller0, show, name]}
keystone:
db:
Fn::Join:
- ''
- - mysql://keystone:unset@
- *database_host
- /keystone
host:
get_input: controller_virtual_ip
ca_certificate: {get_param: KeystoneCACertificate}
signing_key: {get_param: KeystoneSigningKey}
signing_certificate: {get_param: KeystoneSigningCertificate}
mysql:
innodb_buffer_pool_size: {get_param: MysqlInnodbBufferPoolSize}
local_bind: true
root-password: {get_resource: MysqlRootPassword}
nodes:
Merge::Map:
controller0:
ip: {get_attr: [controller0, networks, ctlplane, 0]}
cluster_name:
Fn::Join:
- '-'
- - 'tripleo'
- {get_resource: MysqlClusterUniquePart}
neutron:
flat-networks: {get_param: NeutronFlatNetworks}
host: {get_input: controller_virtual_ip}
metadata_proxy_shared_secret: unset
ovs:
enable_tunneling: 'True'
local_ip:
get_input: controller_host
network_vlan_ranges: {get_param: NeutronNetworkVLANRanges}
bridge_mappings: {get_param: NeutronBridgeMappings}
public_interface:
get_param: NeutronPublicInterface
public_interface_raw_device:
get_param: NeutronPublicInterfaceRawDevice
public_interface_route:
get_param: NeutronPublicInterfaceDefaultRoute
physical_bridge: br-ex
tenant_network_type: gre
ovs_db:
Fn::Join:
- ''
- - mysql://neutron:unset@
- *database_host
- /ovs_neutron?charset=utf8
service-password:
get_param: NeutronPassword
dnsmasq-options:
get_param: NeutronDnsmasqOptions
ceilometer:
db:
Fn::Join:
- ''
- - mysql://ceilometer:unset@
- *database_host
- /ceilometer
metering_secret: {get_param: CeilometerMeteringSecret}
service-password:
get_param: CeilometerPassword
snmpd:
export_MIB: UCD-SNMP-MIB
readonly_user_name:
get_param: SnmpdReadonlyUserName
readonly_user_password:
get_param: SnmpdReadonlyUserPassword
nova:
compute_driver: libvirt.LibvirtDriver
db:
Fn::Join:
- ''
- - mysql://nova:unset@
- *database_host
- /nova
default_floating_pool:
ext-net
host: {get_input: controller_virtual_ip}
metadata-proxy: true
service-password:
get_param: NovaPassword
rabbit:
host: {get_input: controller_virtual_ip}
username:
get_param: RabbitUserName
password:
get_param: RabbitPassword
cookie:
get_attr:
- RabbitCookie
- value
ntp:
servers:
- {server: {get_param: NtpServer}, fudge: "stratum 0"}
virtual_interfaces:
instances:
- vrrp_instance_name: VI_CONTROL
virtual_router_id: 51
keepalive_interface:
get_param: ControlVirtualInterface
priority: 101
virtual_ips:
- ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
interface:
get_param: ControlVirtualInterface
- vrrp_instance_name: VI_PUBLIC
virtual_router_id: 52
keepalive_interface:
get_param: PublicVirtualInterface
priority: 101
virtual_ips:
- ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
interface:
get_param: PublicVirtualInterface
vrrp_sync_groups:
- name: VG1
members:
- VI_CONTROL
- VI_PUBLIC
keepalived:
keepalive_interface:
get_param: PublicVirtualInterface
priority: 101
virtual_ips:
-
ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
interface:
get_param: ControlVirtualInterface
-
ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
interface:
get_param: PublicVirtualInterface
haproxy:
nodes:
Merge::Map:
controller0:
ip: {get_attr: [controller0, networks, ctlplane, 0]}
name: {get_attr: [controller0, show, name]}
net_binds:
- ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
services:
- name: keystone_admin
port: 35357
net_binds: &public_binds
- ip: {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
- ip: {get_attr: [PublicVirtualIP, fixed_ips, 0, ip_address]}
- name: keystone_public
port: 5000
net_binds: *public_binds
- name: horizon
port: 80
net_binds: *public_binds
- name: neutron
port: 9696
net_binds: *public_binds
- name: cinder
port: 8776
net_binds: *public_binds
- name: glance_api
port: 9292
net_binds: *public_binds
- name: glance_registry
port: 9191
net_binds: *public_binds
- name: heat_api
port: 8004
net_binds: *public_binds
- name: heat_cloudwatch
port: 8003
net_binds: *public_binds
- name: heat_cfn
port: 8000
net_binds: *public_binds
- name: mysql
port: 3306
extra_server_params:
- backup
options:
- timeout client 0
- timeout server 0
- name: nova_ec2
port: 8773
- name: nova_osapi
port: 8774
net_binds: *public_binds
- name: nova_metadata
port: 8775
net_binds: *public_binds
- name: ceilometer
port: 8777
net_binds: *public_binds
- name: swift_proxy_server
port: 8080
net_binds: *public_binds
- name: rabbitmq
port: 5672
options:
- timeout client 0
- timeout server 0
controllerPassthrough:
type: OS::Heat::StructuredConfig
properties:
group: os-apply-config
config: {get_input: passthrough_config}
controller0:
type: OS::Nova::Server
properties:
image:
get_param: controllerImage
image_update_policy:
get_param: ImageUpdatePolicy
flavor:
get_param: OvercloudControlFlavor
key_name:
get_param: KeyName
networks:
- network: ctlplane
user_data_format: SOFTWARE_CONFIG
controller0AllNodesDeployment:
depends_on: [controller0Deployment,controller0SSLDeployment,controller0Swift,controller0Passthrough]
type: OS::Heat::StructuredDeployment
properties:
signal_transport: {get_param: DefaultSignalTransport}
config: {get_resource: allNodesConfig}
server: {get_resource: controller0}
controller0Deployment:
type: OS::Heat::StructuredDeployment
properties:
signal_transport: NO_SIGNAL
config: {get_resource: controllerConfig}
server: {get_resource: controller0}
input_values:
bootstack_nodeid: {get_attr: [controller0, show, name]}
controller_host: {get_attr: [controller0, networks, ctlplane, 0]}
controller_virtual_ip:
{get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
heat.watch_server_url:
Fn::Join:
- ''
- - 'http://'
- {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
- ':8003'
heat.metadata_server_url:
Fn::Join:
- ''
- - 'http://'
- {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
- ':8000'
heat.waitcondition_server_url:
Fn::Join:
- ''
- - 'http://'
- {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
- ':8000/v1/waitcondition'
allNodesConfig:
type: OS::Heat::StructuredConfig
properties:
config:
completion-signal: {get_input: deploy_signal_id}
hosts:
Fn::Join:
- "\n"
- - Fn::Join:
- "\n"
- Merge::Map:
NovaCompute0:
Fn::Join:
- ' '
- - {get_attr: [NovaCompute0, networks, ctlplane, 0]}
- {get_attr: [NovaCompute0, show, name]}
- Fn::Join:
- '.'
- - {get_attr: [NovaCompute0, show, name]}
- 'novalocal'
- Fn::Join:
- "\n"
- Merge::Map:
BlockStorage0:
Fn::Join:
- ' '
- - {get_attr: [BlockStorage0, networks, ctlplane, 0]}
- {get_attr: [BlockStorage0, show, name]}
- Fn::Join:
- '.'
- - {get_attr: [BlockStorage0, show, name]}
- 'novalocal'
- Fn::Join:
- "\n"
- Merge::Map:
SwiftStorage0:
Fn::Join:
- ' '
- - {get_attr: [SwiftStorage0, networks, ctlplane, 0]}
- {get_attr: [SwiftStorage0, show, name]}
- Fn::Join:
- '.'
- - {get_attr: [SwiftStorage0, show, name]}
- 'novalocal'
- Fn::Join:
- "\n"
- Merge::Map:
controller0:
Fn::Join:
- ' '
- - {get_attr: [controller0, networks, ctlplane, 0]}
- {get_attr: [controller0, show, name]}
- Fn::Join:
- '.'
- - {get_attr: [controller0, show, name]}
- 'novalocal'
- {get_param: CloudName}
rabbit:
nodes:
Fn::Join:
- ','
- Merge::Map:
controller0:
{get_attr: [controller0, show, name]}
controller0SSLDeployment:
type: OS::Heat::StructuredDeployment
properties:
config: {get_resource: SSLConfig}
server: {get_resource: controller0}
signal_transport: NO_SIGNAL
input_values:
controller_host: {get_attr: [controller0, networks, ctlplane, 0]}
ssl_certificate: {get_param: SSLCertificate}
ssl_key: {get_param: SSLKey}
ssl_ca_certificate: {get_param: SSLCACertificate}
controller0Passthrough:
type: OS::Heat::StructuredDeployment
properties:
config: {get_resource: controllerPassthrough}
server: {get_resource: controller0}
signal_transport: NO_SIGNAL
input_values:
passthrough_config: {get_param: ExtraConfig}
outputs:
KeystoneURL:
description: URL for the Overcloud Keystone service
value:
Fn::Join:
- ''
- - http://
- {get_attr: [ControlVirtualIP, fixed_ips, 0, ip_address]}
- :5000/v2.0/
View Git Blame Copy Permalink