Created
March 20, 2014 12:32
-
-
Save jprovaznik/9662754 to your computer and use it in GitHub Desktop.
overcloud-ha.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Description: 'Nova API,Keystone,Heat Engine and API,Glance,Neutron,Dedicated MySQL | |
server,Dedicated RabbitMQ Server,Group of Nova Computes,Swift-common: Openstack | |
object storage common configurations' | |
HeatTemplateFormatVersion: '2012-12-12' | |
Outputs: | |
KeystoneURL: | |
Description: URL for the Overcloud Keystone service | |
Value: | |
Fn::Join: | |
- '' | |
- - http:// | |
- Ref: ControllerVirtualIp | |
- :5000/v2.0/ | |
Parameters: | |
AdminPassword: | |
Default: unset | |
Description: The password for the keystone admin account, used for monitoring, | |
querying neutron etc. | |
NoEcho: true | |
Type: String | |
AdminToken: | |
Default: unset | |
Description: The keystone auth secret. | |
NoEcho: true | |
Type: String | |
CinderPassword: | |
Default: unset | |
Description: The password for the cinder service account, used by cinder-api. | |
NoEcho: true | |
Type: String | |
ControllerVirtualIp: | |
Default: 192.0.2.254 | |
Description: Virtual IP used by haproxy | |
NoEcho: true | |
Type: String | |
Flavor: | |
Default: baremetal | |
Description: Flavor to request when deploying. | |
Type: String | |
GlancePassword: | |
Default: unset | |
Description: The password for the glance service account, used by the glance services. | |
NoEcho: true | |
Type: String | |
HeatPassword: | |
Default: unset | |
Description: The password for the Heat service account, used by the Heat services. | |
NoEcho: true | |
Type: String | |
ImageUpdatePolicy: | |
Default: REPLACE | |
Description: What policy to use when reconstructing instances. REBUILD for rebuilds, | |
REBUILD_PRESERVE_EPHEMERAL to preserve /mnt. | |
Type: String | |
KeyName: | |
Default: default | |
Description: Name of an existing EC2 KeyPair to enable SSH access to the instances | |
Type: String | |
NeutronPassword: | |
Default: unset | |
Description: The password for the neutron service account, used by neutron agents. | |
NoEcho: true | |
Type: String | |
NeutronPublicInterface: | |
Default: eth0 | |
Description: What interface to bridge onto br-ex for network nodes. | |
Type: String | |
NeutronPublicInterfaceDefaultRoute: | |
Default: '' | |
Description: A custom default route for the NeutronPublicInterface. | |
Type: String | |
NeutronPublicInterfaceIP: | |
Default: '' | |
Description: A custom IP address to put onto the NeutronPublicInterface. | |
Type: String | |
NeutronPublicInterfaceRawDevice: | |
Default: '' | |
Description: If set, the public interface is a vlan with this device as the raw | |
device. | |
Type: String | |
NovaComputeDriver: | |
Default: libvirt.LibvirtDriver | |
Type: String | |
NovaComputeLibvirtType: | |
Default: '' | |
Type: String | |
NovaImage: | |
Default: overcloud-compute | |
Type: String | |
NovaPassword: | |
Default: unset | |
Description: The password for the nova service account, used by nova-api. | |
NoEcho: true | |
Type: String | |
PowerUserName: | |
Default: stack | |
Description: What username to ssh to the virtual power host with. | |
Type: String | |
SwiftHashSuffix: | |
Default: unset | |
Description: A random string to be used as a salt when hashing to determine mappings | |
in the ring. | |
NoEcho: true | |
Type: String | |
SwiftPassword: | |
Default: unset | |
Description: The password for the swift service account, used by the swift proxy | |
services. | |
NoEcho: true | |
Type: String | |
notcomputeImage: | |
Default: overcloud-control | |
Type: String | |
Resources: | |
RabbitCookie: | |
Type: OS::Heat::RandomString | |
Properties: | |
length: 20 | |
AccessPolicy: | |
Properties: | |
AllowedResources: | |
- notcompute0 | |
- notcompute0Config | |
- notcompute1 | |
- notcompute1Config | |
Type: OS::Heat::AccessPolicy | |
CompletionCondition: | |
DependsOn: notcompute0 | |
Properties: | |
Count: '1' | |
Handle: | |
Ref: CompletionHandle | |
Timeout: '1800' | |
Type: AWS::CloudFormation::WaitCondition | |
CompletionHandle: | |
Type: AWS::CloudFormation::WaitConditionHandle | |
ComputeAccessPolicy: | |
Properties: | |
AllowedResources: | |
- NovaCompute0 | |
- NovaCompute0Config | |
Type: OS::Heat::AccessPolicy | |
ComputeKey: | |
Properties: | |
UserName: | |
Ref: ComputeUser | |
Type: AWS::IAM::AccessKey | |
ComputeUser: | |
Properties: | |
Policies: | |
- Ref: ComputeAccessPolicy | |
Type: AWS::IAM::User | |
Key: | |
Properties: | |
UserName: | |
Ref: User | |
Type: AWS::IAM::AccessKey | |
NovaCompute0: | |
Metadata: | |
OpenStack::ImageBuilder::Elements: | |
- nova-compute | |
os-collect-config: | |
cfn: | |
access_key_id: | |
Ref: ComputeKey | |
path: NovaCompute0Config.Metadata | |
secret_access_key: | |
Fn::GetAtt: | |
- ComputeKey | |
- SecretAccessKey | |
stack_name: | |
Ref: AWS::StackName | |
Properties: | |
flavor: | |
Ref: Flavor | |
image: | |
Ref: NovaImage | |
image_update_policy: | |
Ref: ImageUpdatePolicy | |
key_name: | |
Ref: KeyName | |
Type: OS::Nova::Server | |
NovaCompute0Config: | |
Metadata: | |
admin-password: | |
Ref: AdminPassword | |
glance: | |
host: | |
Ref: ControllerVirtualIp | |
keystone: | |
host: | |
Ref: ControllerVirtualIp | |
neutron: | |
host: | |
Ref: ControllerVirtualIp | |
ovs: | |
bridge_mappings: '' | |
enable_tunneling: 'True' | |
local_ip: | |
Fn::Select: | |
- 0 | |
- Fn::Select: | |
- ctlplane | |
- Fn::GetAtt: | |
- NovaCompute0 | |
- networks | |
network_vlan_ranges: '' | |
tenant_network_type: gre | |
ovs_db: | |
Fn::Join: | |
- '' | |
- - mysql://neutron:unset@ | |
- Ref: ControllerVirtualIp | |
- /neutron | |
service-password: | |
Ref: NeutronPassword | |
nova: | |
compute_driver: | |
Ref: NovaComputeDriver | |
compute_libvirt_type: | |
Ref: NovaComputeLibvirtType | |
db: | |
Fn::Join: | |
- '' | |
- - mysql://nova:unset@ | |
- Ref: ControllerVirtualIp | |
- /nova | |
host: | |
Ref: ControllerVirtualIp | |
service-password: | |
Ref: NovaPassword | |
os-collect-config: | |
cfn: | |
access_key_id: | |
Ref: ComputeKey | |
path: NovaCompute0Config.Metadata | |
secret_access_key: | |
Fn::GetAtt: | |
- ComputeKey | |
- SecretAccessKey | |
stack_name: | |
Ref: AWS::StackName | |
rabbit: | |
host: | |
Ref: ControllerVirtualIp | |
password: guest | |
cookie: | |
Fn::GetAtt: | |
- RabbitCookie | |
- value | |
Properties: | |
ImageId: '0' | |
InstanceType: '0' | |
Type: AWS::AutoScaling::LaunchConfiguration | |
User: | |
Properties: | |
Policies: | |
- Ref: AccessPolicy | |
Type: AWS::IAM::User | |
notcompute0: | |
Metadata: | |
os-collect-config: | |
cfn: | |
access_key_id: | |
Ref: Key | |
path: notcompute0Config.Metadata | |
secret_access_key: | |
Fn::GetAtt: | |
- Key | |
- SecretAccessKey | |
stack_name: | |
Ref: AWS::StackName | |
Properties: | |
flavor: | |
Ref: Flavor | |
image: | |
Ref: notcomputeImage | |
image_update_policy: | |
Ref: ImageUpdatePolicy | |
key_name: | |
Ref: KeyName | |
Type: OS::Nova::Server | |
notcompute0Config: | |
Metadata: | |
OpenStack::Heat::Stack: {} | |
Openstack::ImageBuilder::Elements: | |
- boot-stack | |
- heat-cfntools | |
- heat-localip | |
- neutron-network-node | |
admin-password: | |
Ref: AdminPassword | |
admin-token: | |
Ref: AdminToken | |
bootstack: | |
public_interface_ip: | |
Ref: NeutronPublicInterfaceIP | |
cinder: | |
db: mysql://cinder:unset@localhost/cinder | |
service-password: | |
Ref: CinderPassword | |
volume_size_mb: '5000' | |
completion-handle: | |
Ref: CompletionHandle | |
controller-address: | |
Ref: ControllerVirtualIp | |
db-password: unset | |
virtual_ips: | |
- ip: | |
Ref: ControllerVirtualIp | |
interface: eth0 | |
glance: | |
backend: swift | |
db: mysql://glance:unset@localhost/glance | |
host: | |
Ref: ControllerVirtualIp | |
service-password: | |
Ref: GlancePassword | |
swift-store-key: | |
Ref: GlancePassword | |
swift-store-user: service:glance | |
haproxy: | |
nodes: | |
- ip: | |
Fn::Select: | |
- 0 | |
- Fn::Select: | |
- ctlplane | |
- Fn::GetAtt: | |
- notcompute0 | |
- networks | |
name: notcompute0 | |
- ip: | |
Fn::Select: | |
- 0 | |
- Fn::Select: | |
- ctlplane | |
- Fn::GetAtt: | |
- notcompute1 | |
- networks | |
name: notcompute1 | |
services: | |
- name: dashboard_cluster | |
port: 443 | |
proxy_port: 453 | |
- name: glance_api_cluster | |
port: 9292 | |
proxy_port: 9302 | |
- name: glance_registry_cluster | |
port: 9191 | |
proxy_port: 9201 | |
- name: keystone_admin_cluster | |
port: 35367 | |
proxy_port: 35357 | |
- name: keystone_public_internal_cluster | |
port: 5010 | |
proxy_port: 5000 | |
- name: nova_ec2_api_cluster | |
port: 8773 | |
proxy_port: 8783 | |
- name: nova_compute_api_cluster | |
port: 8774 | |
proxy_port: 8784 | |
- name: nova_metadata_api_cluster | |
port: 8775 | |
proxy_port: 8785 | |
- name: cinder_api_cluster | |
port: 8776 | |
proxy_port: 8786 | |
- name: ceilometer_api_cluster | |
port: 8777 | |
proxy_port: 8787 | |
- name: spice_cluster | |
port: 6082 | |
proxy_port: 6092 | |
- name: neutron_api_cluster | |
port: 9696 | |
proxy_port: 9706 | |
- name: swift_proxy_cluster | |
port: 8080 | |
proxy_port: 8090 | |
heat: | |
admin_password: | |
Ref: HeatPassword | |
admin_tenant_name: service | |
admin_user: heat | |
auth_encryption_key: unset___________ | |
db: mysql://heat:unset@localhost/heat | |
metadata_server_url: | |
Fn::Join: | |
- '' | |
- - http:// | |
- Ref: ControllerVirtualIp | |
- :8000 | |
waitcondition_server_url: | |
Fn::Join: | |
- '' | |
- - http:// | |
- Ref: ControllerVirtualIp | |
- :8000/v1/waitcondition | |
watch_server_url: | |
Fn::Join: | |
- '' | |
- - http:// | |
- Ref: ControllerVirtualIp | |
- :8003 | |
hosts: | |
Fn::Join: | |
- ' | |
' | |
- - Fn::Join: | |
- ' | |
' | |
- - Fn::Join: | |
- ' ' | |
- - Fn::Select: | |
- 0 | |
- Fn::Select: | |
- ctlplane | |
- Fn::GetAtt: | |
- notcompute0 | |
- networks | |
- Fn::Select: | |
- name | |
- Fn::GetAtt: | |
- notcompute0 | |
- show | |
- Fn::Join: | |
- . | |
- - Fn::Select: | |
- name | |
- Fn::GetAtt: | |
- notcompute0 | |
- show | |
- novalocal | |
- Fn::Join: | |
- ' ' | |
- - Fn::Select: | |
- 0 | |
- Fn::Select: | |
- ctlplane | |
- Fn::GetAtt: | |
- notcompute1 | |
- networks | |
- Fn::Select: | |
- name | |
- Fn::GetAtt: | |
- notcompute1 | |
- show | |
- Fn::Join: | |
- . | |
- - Fn::Select: | |
- name | |
- Fn::GetAtt: | |
- notcompute1 | |
- show | |
- novalocal | |
keepalived: | |
priority: 101 | |
keepalive_interface: eth0 | |
keystone: | |
db: mysql://keystone:unset@localhost/keystone | |
host: | |
Ref: ControllerVirtualIp | |
neutron: | |
host: | |
Ref: ControllerVirtualIp | |
metadata_proxy_shared_secret: unset | |
ovs: | |
enable_tunneling: 'True' | |
local_ip: | |
Ref: ControllerVirtualIp | |
physical_bridge: br-ex | |
public_interface: | |
Ref: NeutronPublicInterface | |
public_interface_raw_device: | |
Ref: NeutronPublicInterfaceRawDevice | |
public_interface_route: | |
Ref: NeutronPublicInterfaceDefaultRoute | |
tenant_network_type: gre | |
ovs_db: mysql://neutron:unset@localhost/ovs_neutron?charset=utf8 | |
service-password: | |
Ref: NeutronPassword | |
nova: | |
compute_driver: libvirt.LibvirtDriver | |
db: mysql://nova:unset@localhost/nova | |
default_floating_pool: ext-net | |
host: | |
Ref: ControllerVirtualIp | |
metadata-proxy: true | |
service-password: | |
Ref: NovaPassword | |
os-collect-config: | |
cfn: | |
access_key_id: | |
Ref: Key | |
path: notcompute0Config.Metadata | |
secret_access_key: | |
Fn::GetAtt: | |
- Key | |
- SecretAccessKey | |
stack_name: | |
Ref: AWS::StackName | |
rabbit: | |
host: | |
Ref: ControllerVirtualIp | |
password: guest | |
cookie: | |
Fn::GetAtt: | |
- RabbitCookie | |
- value | |
nodes: | |
Fn::Join: | |
- ',' | |
- - Fn::Select: | |
- name | |
- Fn::GetAtt: | |
- notcompute0 | |
- show | |
- Fn::Select: | |
- name | |
- Fn::GetAtt: | |
- notcompute1 | |
- show | |
swift: | |
devices: | |
Fn::Join: | |
- '' | |
- - r1z1- | |
- Fn::Select: | |
- 0 | |
- Fn::Select: | |
- ctlplane | |
- Fn::GetAtt: | |
- notcompute0 | |
- networks | |
- :%PORT%/d1 | |
hash: | |
Ref: SwiftHashSuffix | |
part-power: 10 | |
replicas: 1 | |
service-password: | |
Ref: SwiftPassword | |
Properties: | |
ImageId: '0' | |
InstanceType: '0' | |
Type: AWS::AutoScaling::LaunchConfiguration | |
notcompute1: | |
Metadata: | |
os-collect-config: | |
cfn: | |
access_key_id: | |
Ref: Key | |
path: notcompute1Config.Metadata | |
secret_access_key: | |
Fn::GetAtt: | |
- Key | |
- SecretAccessKey | |
stack_name: | |
Ref: AWS::StackName | |
Properties: | |
flavor: | |
Ref: Flavor | |
image: | |
Ref: notcomputeImage | |
image_update_policy: | |
Ref: ImageUpdatePolicy | |
key_name: | |
Ref: KeyName | |
Type: OS::Nova::Server | |
notcompute1Config: | |
Metadata: | |
OpenStack::Heat::Stack: {} | |
Openstack::ImageBuilder::Elements: | |
- boot-stack | |
- heat-cfntools | |
- heat-localip | |
- neutron-network-node | |
admin-password: | |
Ref: AdminPassword | |
admin-token: | |
Ref: AdminToken | |
bootstack: | |
public_interface_ip: | |
Ref: NeutronPublicInterfaceIP | |
cinder: | |
db: mysql://cinder:unset@localhost/cinder | |
service-password: | |
Ref: CinderPassword | |
volume_size_mb: '5000' | |
completion-handle: | |
Ref: CompletionHandle | |
controller-address: | |
Ref: ControllerVirtualIp | |
db-password: unset | |
virtual_ips: | |
- ip: | |
Ref: ControllerVirtualIp | |
interface: eth0 | |
glance: | |
backend: swift | |
db: mysql://glance:unset@localhost/glance | |
host: | |
Ref: ControllerVirtualIp | |
service-password: | |
Ref: GlancePassword | |
swift-store-key: | |
Ref: GlancePassword | |
swift-store-user: service:glance | |
haproxy: | |
nodes: | |
- ip: | |
Fn::Select: | |
- 0 | |
- Fn::Select: | |
- ctlplane | |
- Fn::GetAtt: | |
- notcompute0 | |
- networks | |
name: notcompute0 | |
- ip: | |
Fn::Select: | |
- 0 | |
- Fn::Select: | |
- ctlplane | |
- Fn::GetAtt: | |
- notcompute1 | |
- networks | |
name: notcompute1 | |
services: | |
- name: dashboard_cluster | |
port: 443 | |
proxy_port: 453 | |
- name: glance_api_cluster | |
port: 9292 | |
proxy_port: 9302 | |
- name: glance_registry_cluster | |
port: 9191 | |
proxy_port: 9201 | |
- name: keystone_admin_cluster | |
port: 35367 | |
proxy_port: 35357 | |
- name: keystone_public_internal_cluster | |
port: 5010 | |
proxy_port: 5000 | |
- name: nova_ec2_api_cluster | |
port: 8773 | |
proxy_port: 8783 | |
- name: nova_compute_api_cluster | |
port: 8774 | |
proxy_port: 8784 | |
- name: nova_metadata_api_cluster | |
port: 8775 | |
proxy_port: 8785 | |
- name: cinder_api_cluster | |
port: 8776 | |
proxy_port: 8786 | |
- name: ceilometer_api_cluster | |
port: 8777 | |
proxy_port: 8787 | |
- name: spice_cluster | |
port: 6082 | |
proxy_port: 6092 | |
- name: neutron_api_cluster | |
port: 9696 | |
proxy_port: 9706 | |
- name: swift_proxy_cluster | |
port: 8080 | |
proxy_port: 8090 | |
heat: | |
admin_password: | |
Ref: HeatPassword | |
admin_tenant_name: service | |
admin_user: heat | |
auth_encryption_key: unset___________ | |
db: mysql://heat:unset@localhost/heat | |
metadata_server_url: | |
Fn::Join: | |
- '' | |
- - http:// | |
- Ref: ControllerVirtualIp | |
- :8000 | |
waitcondition_server_url: | |
Fn::Join: | |
- '' | |
- - http:// | |
- Ref: ControllerVirtualIp | |
- :8000/v1/waitcondition | |
watch_server_url: | |
Fn::Join: | |
- '' | |
- - http:// | |
- Ref: ControllerVirtualIp | |
- :8003 | |
hosts: | |
Fn::Join: | |
- ' | |
' | |
- - Fn::Join: | |
- ' | |
' | |
- - Fn::Join: | |
- ' ' | |
- - Fn::Select: | |
- 0 | |
- Fn::Select: | |
- ctlplane | |
- Fn::GetAtt: | |
- notcompute0 | |
- networks | |
- Fn::Select: | |
- name | |
- Fn::GetAtt: | |
- notcompute0 | |
- show | |
- Fn::Join: | |
- . | |
- - Fn::Select: | |
- name | |
- Fn::GetAtt: | |
- notcompute0 | |
- show | |
- novalocal | |
- Fn::Join: | |
- ' ' | |
- - Fn::Select: | |
- 0 | |
- Fn::Select: | |
- ctlplane | |
- Fn::GetAtt: | |
- notcompute1 | |
- networks | |
- Fn::Select: | |
- name | |
- Fn::GetAtt: | |
- notcompute1 | |
- show | |
- Fn::Join: | |
- . | |
- - Fn::Select: | |
- name | |
- Fn::GetAtt: | |
- notcompute1 | |
- show | |
- novalocal | |
keepalived: | |
priority: 100 | |
keepalive_interface: eth0 | |
keystone: | |
db: mysql://keystone:unset@localhost/keystone | |
host: | |
Ref: ControllerVirtualIp | |
neutron: | |
host: | |
Ref: ControllerVirtualIp | |
metadata_proxy_shared_secret: unset | |
ovs: | |
enable_tunneling: 'True' | |
local_ip: | |
Ref: ControllerVirtualIp | |
physical_bridge: br-ex | |
public_interface: | |
Ref: NeutronPublicInterface | |
public_interface_raw_device: | |
Ref: NeutronPublicInterfaceRawDevice | |
public_interface_route: | |
Ref: NeutronPublicInterfaceDefaultRoute | |
tenant_network_type: gre | |
ovs_db: mysql://neutron:unset@localhost/ovs_neutron?charset=utf8 | |
service-password: | |
Ref: NeutronPassword | |
nova: | |
compute_driver: libvirt.LibvirtDriver | |
db: mysql://nova:unset@localhost/nova | |
default_floating_pool: ext-net | |
host: | |
Ref: ControllerVirtualIp | |
metadata-proxy: true | |
service-password: | |
Ref: NovaPassword | |
os-collect-config: | |
cfn: | |
access_key_id: | |
Ref: Key | |
path: notcompute1Config.Metadata | |
secret_access_key: | |
Fn::GetAtt: | |
- Key | |
- SecretAccessKey | |
stack_name: | |
Ref: AWS::StackName | |
rabbit: | |
host: | |
Ref: ControllerVirtualIp | |
password: guest | |
cookie: | |
Fn::GetAtt: | |
- RabbitCookie | |
- value | |
cluster: true | |
nodes: | |
Fn::Join: | |
- ',' | |
- - Fn::Select: | |
- name | |
- Fn::GetAtt: | |
- notcompute0 | |
- show | |
- Fn::Select: | |
- name | |
- Fn::GetAtt: | |
- notcompute1 | |
- show | |
swift: | |
devices: | |
Fn::Join: | |
- '' | |
- - r1z1- | |
- Fn::Select: | |
- 0 | |
- Fn::Select: | |
- ctlplane | |
- Fn::GetAtt: | |
- notcompute0 | |
- networks | |
- :%PORT%/d1 | |
hash: | |
Ref: SwiftHashSuffix | |
part-power: 10 | |
replicas: 1 | |
service-password: | |
Ref: SwiftPassword | |
Properties: | |
ImageId: '0' | |
InstanceType: '0' | |
Type: AWS::AutoScaling::LaunchConfiguration |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment