Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
overcloud-ha.yaml
Description: 'Nova API,Keystone,Heat Engine and API,Glance,Neutron,Dedicated MySQL
server,Dedicated RabbitMQ Server,Group of Nova Computes,Swift-common: Openstack
object storage common configurations'
HeatTemplateFormatVersion: '2012-12-12'
Outputs:
KeystoneURL:
Description: URL for the Overcloud Keystone service
Value:
Fn::Join:
- ''
- - http://
- Ref: ControllerVirtualIp
- :5000/v2.0/
Parameters:
AdminPassword:
Default: unset
Description: The password for the keystone admin account, used for monitoring,
querying neutron etc.
NoEcho: true
Type: String
AdminToken:
Default: unset
Description: The keystone auth secret.
NoEcho: true
Type: String
CinderPassword:
Default: unset
Description: The password for the cinder service account, used by cinder-api.
NoEcho: true
Type: String
ControllerVirtualIp:
Default: 192.0.2.254
Description: Virtual IP used by haproxy
NoEcho: true
Type: String
Flavor:
Default: baremetal
Description: Flavor to request when deploying.
Type: String
GlancePassword:
Default: unset
Description: The password for the glance service account, used by the glance services.
NoEcho: true
Type: String
HeatPassword:
Default: unset
Description: The password for the Heat service account, used by the Heat services.
NoEcho: true
Type: String
ImageUpdatePolicy:
Default: REPLACE
Description: What policy to use when reconstructing instances. REBUILD for rebuilds,
REBUILD_PRESERVE_EPHEMERAL to preserve /mnt.
Type: String
KeyName:
Default: default
Description: Name of an existing EC2 KeyPair to enable SSH access to the instances
Type: String
NeutronPassword:
Default: unset
Description: The password for the neutron service account, used by neutron agents.
NoEcho: true
Type: String
NeutronPublicInterface:
Default: eth0
Description: What interface to bridge onto br-ex for network nodes.
Type: String
NeutronPublicInterfaceDefaultRoute:
Default: ''
Description: A custom default route for the NeutronPublicInterface.
Type: String
NeutronPublicInterfaceIP:
Default: ''
Description: A custom IP address to put onto the NeutronPublicInterface.
Type: String
NeutronPublicInterfaceRawDevice:
Default: ''
Description: If set, the public interface is a vlan with this device as the raw
device.
Type: String
NovaComputeDriver:
Default: libvirt.LibvirtDriver
Type: String
NovaComputeLibvirtType:
Default: ''
Type: String
NovaImage:
Default: overcloud-compute
Type: String
NovaPassword:
Default: unset
Description: The password for the nova service account, used by nova-api.
NoEcho: true
Type: String
PowerUserName:
Default: stack
Description: What username to ssh to the virtual power host with.
Type: String
SwiftHashSuffix:
Default: unset
Description: A random string to be used as a salt when hashing to determine mappings
in the ring.
NoEcho: true
Type: String
SwiftPassword:
Default: unset
Description: The password for the swift service account, used by the swift proxy
services.
NoEcho: true
Type: String
notcomputeImage:
Default: overcloud-control
Type: String
Resources:
RabbitCookie:
Type: OS::Heat::RandomString
Properties:
length: 20
AccessPolicy:
Properties:
AllowedResources:
- notcompute0
- notcompute0Config
- notcompute1
- notcompute1Config
Type: OS::Heat::AccessPolicy
CompletionCondition:
DependsOn: notcompute0
Properties:
Count: '1'
Handle:
Ref: CompletionHandle
Timeout: '1800'
Type: AWS::CloudFormation::WaitCondition
CompletionHandle:
Type: AWS::CloudFormation::WaitConditionHandle
ComputeAccessPolicy:
Properties:
AllowedResources:
- NovaCompute0
- NovaCompute0Config
Type: OS::Heat::AccessPolicy
ComputeKey:
Properties:
UserName:
Ref: ComputeUser
Type: AWS::IAM::AccessKey
ComputeUser:
Properties:
Policies:
- Ref: ComputeAccessPolicy
Type: AWS::IAM::User
Key:
Properties:
UserName:
Ref: User
Type: AWS::IAM::AccessKey
NovaCompute0:
Metadata:
OpenStack::ImageBuilder::Elements:
- nova-compute
os-collect-config:
cfn:
access_key_id:
Ref: ComputeKey
path: NovaCompute0Config.Metadata
secret_access_key:
Fn::GetAtt:
- ComputeKey
- SecretAccessKey
stack_name:
Ref: AWS::StackName
Properties:
flavor:
Ref: Flavor
image:
Ref: NovaImage
image_update_policy:
Ref: ImageUpdatePolicy
key_name:
Ref: KeyName
Type: OS::Nova::Server
NovaCompute0Config:
Metadata:
admin-password:
Ref: AdminPassword
glance:
host:
Ref: ControllerVirtualIp
keystone:
host:
Ref: ControllerVirtualIp
neutron:
host:
Ref: ControllerVirtualIp
ovs:
bridge_mappings: ''
enable_tunneling: 'True'
local_ip:
Fn::Select:
- 0
- Fn::Select:
- ctlplane
- Fn::GetAtt:
- NovaCompute0
- networks
network_vlan_ranges: ''
tenant_network_type: gre
ovs_db:
Fn::Join:
- ''
- - mysql://neutron:unset@
- Ref: ControllerVirtualIp
- /neutron
service-password:
Ref: NeutronPassword
nova:
compute_driver:
Ref: NovaComputeDriver
compute_libvirt_type:
Ref: NovaComputeLibvirtType
db:
Fn::Join:
- ''
- - mysql://nova:unset@
- Ref: ControllerVirtualIp
- /nova
host:
Ref: ControllerVirtualIp
service-password:
Ref: NovaPassword
os-collect-config:
cfn:
access_key_id:
Ref: ComputeKey
path: NovaCompute0Config.Metadata
secret_access_key:
Fn::GetAtt:
- ComputeKey
- SecretAccessKey
stack_name:
Ref: AWS::StackName
rabbit:
host:
Ref: ControllerVirtualIp
password: guest
cookie:
Fn::GetAtt:
- RabbitCookie
- value
Properties:
ImageId: '0'
InstanceType: '0'
Type: AWS::AutoScaling::LaunchConfiguration
User:
Properties:
Policies:
- Ref: AccessPolicy
Type: AWS::IAM::User
notcompute0:
Metadata:
os-collect-config:
cfn:
access_key_id:
Ref: Key
path: notcompute0Config.Metadata
secret_access_key:
Fn::GetAtt:
- Key
- SecretAccessKey
stack_name:
Ref: AWS::StackName
Properties:
flavor:
Ref: Flavor
image:
Ref: notcomputeImage
image_update_policy:
Ref: ImageUpdatePolicy
key_name:
Ref: KeyName
Type: OS::Nova::Server
notcompute0Config:
Metadata:
OpenStack::Heat::Stack: {}
Openstack::ImageBuilder::Elements:
- boot-stack
- heat-cfntools
- heat-localip
- neutron-network-node
admin-password:
Ref: AdminPassword
admin-token:
Ref: AdminToken
bootstack:
public_interface_ip:
Ref: NeutronPublicInterfaceIP
cinder:
db: mysql://cinder:unset@localhost/cinder
service-password:
Ref: CinderPassword
volume_size_mb: '5000'
completion-handle:
Ref: CompletionHandle
controller-address:
Ref: ControllerVirtualIp
db-password: unset
virtual_ips:
- ip:
Ref: ControllerVirtualIp
interface: eth0
glance:
backend: swift
db: mysql://glance:unset@localhost/glance
host:
Ref: ControllerVirtualIp
service-password:
Ref: GlancePassword
swift-store-key:
Ref: GlancePassword
swift-store-user: service:glance
haproxy:
nodes:
- ip:
Fn::Select:
- 0
- Fn::Select:
- ctlplane
- Fn::GetAtt:
- notcompute0
- networks
name: notcompute0
- ip:
Fn::Select:
- 0
- Fn::Select:
- ctlplane
- Fn::GetAtt:
- notcompute1
- networks
name: notcompute1
services:
- name: dashboard_cluster
port: 443
proxy_port: 453
- name: glance_api_cluster
port: 9292
proxy_port: 9302
- name: glance_registry_cluster
port: 9191
proxy_port: 9201
- name: keystone_admin_cluster
port: 35367
proxy_port: 35357
- name: keystone_public_internal_cluster
port: 5010
proxy_port: 5000
- name: nova_ec2_api_cluster
port: 8773
proxy_port: 8783
- name: nova_compute_api_cluster
port: 8774
proxy_port: 8784
- name: nova_metadata_api_cluster
port: 8775
proxy_port: 8785
- name: cinder_api_cluster
port: 8776
proxy_port: 8786
- name: ceilometer_api_cluster
port: 8777
proxy_port: 8787
- name: spice_cluster
port: 6082
proxy_port: 6092
- name: neutron_api_cluster
port: 9696
proxy_port: 9706
- name: swift_proxy_cluster
port: 8080
proxy_port: 8090
heat:
admin_password:
Ref: HeatPassword
admin_tenant_name: service
admin_user: heat
auth_encryption_key: unset___________
db: mysql://heat:unset@localhost/heat
metadata_server_url:
Fn::Join:
- ''
- - http://
- Ref: ControllerVirtualIp
- :8000
waitcondition_server_url:
Fn::Join:
- ''
- - http://
- Ref: ControllerVirtualIp
- :8000/v1/waitcondition
watch_server_url:
Fn::Join:
- ''
- - http://
- Ref: ControllerVirtualIp
- :8003
hosts:
Fn::Join:
- '
'
- - Fn::Join:
- '
'
- - Fn::Join:
- ' '
- - Fn::Select:
- 0
- Fn::Select:
- ctlplane
- Fn::GetAtt:
- notcompute0
- networks
- Fn::Select:
- name
- Fn::GetAtt:
- notcompute0
- show
- Fn::Join:
- .
- - Fn::Select:
- name
- Fn::GetAtt:
- notcompute0
- show
- novalocal
- Fn::Join:
- ' '
- - Fn::Select:
- 0
- Fn::Select:
- ctlplane
- Fn::GetAtt:
- notcompute1
- networks
- Fn::Select:
- name
- Fn::GetAtt:
- notcompute1
- show
- Fn::Join:
- .
- - Fn::Select:
- name
- Fn::GetAtt:
- notcompute1
- show
- novalocal
keepalived:
priority: 101
keepalive_interface: eth0
keystone:
db: mysql://keystone:unset@localhost/keystone
host:
Ref: ControllerVirtualIp
neutron:
host:
Ref: ControllerVirtualIp
metadata_proxy_shared_secret: unset
ovs:
enable_tunneling: 'True'
local_ip:
Ref: ControllerVirtualIp
physical_bridge: br-ex
public_interface:
Ref: NeutronPublicInterface
public_interface_raw_device:
Ref: NeutronPublicInterfaceRawDevice
public_interface_route:
Ref: NeutronPublicInterfaceDefaultRoute
tenant_network_type: gre
ovs_db: mysql://neutron:unset@localhost/ovs_neutron?charset=utf8
service-password:
Ref: NeutronPassword
nova:
compute_driver: libvirt.LibvirtDriver
db: mysql://nova:unset@localhost/nova
default_floating_pool: ext-net
host:
Ref: ControllerVirtualIp
metadata-proxy: true
service-password:
Ref: NovaPassword
os-collect-config:
cfn:
access_key_id:
Ref: Key
path: notcompute0Config.Metadata
secret_access_key:
Fn::GetAtt:
- Key
- SecretAccessKey
stack_name:
Ref: AWS::StackName
rabbit:
host:
Ref: ControllerVirtualIp
password: guest
cookie:
Fn::GetAtt:
- RabbitCookie
- value
nodes:
Fn::Join:
- ','
- - Fn::Select:
- name
- Fn::GetAtt:
- notcompute0
- show
- Fn::Select:
- name
- Fn::GetAtt:
- notcompute1
- show
swift:
devices:
Fn::Join:
- ''
- - r1z1-
- Fn::Select:
- 0
- Fn::Select:
- ctlplane
- Fn::GetAtt:
- notcompute0
- networks
- :%PORT%/d1
hash:
Ref: SwiftHashSuffix
part-power: 10
replicas: 1
service-password:
Ref: SwiftPassword
Properties:
ImageId: '0'
InstanceType: '0'
Type: AWS::AutoScaling::LaunchConfiguration
notcompute1:
Metadata:
os-collect-config:
cfn:
access_key_id:
Ref: Key
path: notcompute1Config.Metadata
secret_access_key:
Fn::GetAtt:
- Key
- SecretAccessKey
stack_name:
Ref: AWS::StackName
Properties:
flavor:
Ref: Flavor
image:
Ref: notcomputeImage
image_update_policy:
Ref: ImageUpdatePolicy
key_name:
Ref: KeyName
Type: OS::Nova::Server
notcompute1Config:
Metadata:
OpenStack::Heat::Stack: {}
Openstack::ImageBuilder::Elements:
- boot-stack
- heat-cfntools
- heat-localip
- neutron-network-node
admin-password:
Ref: AdminPassword
admin-token:
Ref: AdminToken
bootstack:
public_interface_ip:
Ref: NeutronPublicInterfaceIP
cinder:
db: mysql://cinder:unset@localhost/cinder
service-password:
Ref: CinderPassword
volume_size_mb: '5000'
completion-handle:
Ref: CompletionHandle
controller-address:
Ref: ControllerVirtualIp
db-password: unset
virtual_ips:
- ip:
Ref: ControllerVirtualIp
interface: eth0
glance:
backend: swift
db: mysql://glance:unset@localhost/glance
host:
Ref: ControllerVirtualIp
service-password:
Ref: GlancePassword
swift-store-key:
Ref: GlancePassword
swift-store-user: service:glance
haproxy:
nodes:
- ip:
Fn::Select:
- 0
- Fn::Select:
- ctlplane
- Fn::GetAtt:
- notcompute0
- networks
name: notcompute0
- ip:
Fn::Select:
- 0
- Fn::Select:
- ctlplane
- Fn::GetAtt:
- notcompute1
- networks
name: notcompute1
services:
- name: dashboard_cluster
port: 443
proxy_port: 453
- name: glance_api_cluster
port: 9292
proxy_port: 9302
- name: glance_registry_cluster
port: 9191
proxy_port: 9201
- name: keystone_admin_cluster
port: 35367
proxy_port: 35357
- name: keystone_public_internal_cluster
port: 5010
proxy_port: 5000
- name: nova_ec2_api_cluster
port: 8773
proxy_port: 8783
- name: nova_compute_api_cluster
port: 8774
proxy_port: 8784
- name: nova_metadata_api_cluster
port: 8775
proxy_port: 8785
- name: cinder_api_cluster
port: 8776
proxy_port: 8786
- name: ceilometer_api_cluster
port: 8777
proxy_port: 8787
- name: spice_cluster
port: 6082
proxy_port: 6092
- name: neutron_api_cluster
port: 9696
proxy_port: 9706
- name: swift_proxy_cluster
port: 8080
proxy_port: 8090
heat:
admin_password:
Ref: HeatPassword
admin_tenant_name: service
admin_user: heat
auth_encryption_key: unset___________
db: mysql://heat:unset@localhost/heat
metadata_server_url:
Fn::Join:
- ''
- - http://
- Ref: ControllerVirtualIp
- :8000
waitcondition_server_url:
Fn::Join:
- ''
- - http://
- Ref: ControllerVirtualIp
- :8000/v1/waitcondition
watch_server_url:
Fn::Join:
- ''
- - http://
- Ref: ControllerVirtualIp
- :8003
hosts:
Fn::Join:
- '
'
- - Fn::Join:
- '
'
- - Fn::Join:
- ' '
- - Fn::Select:
- 0
- Fn::Select:
- ctlplane
- Fn::GetAtt:
- notcompute0
- networks
- Fn::Select:
- name
- Fn::GetAtt:
- notcompute0
- show
- Fn::Join:
- .
- - Fn::Select:
- name
- Fn::GetAtt:
- notcompute0
- show
- novalocal
- Fn::Join:
- ' '
- - Fn::Select:
- 0
- Fn::Select:
- ctlplane
- Fn::GetAtt:
- notcompute1
- networks
- Fn::Select:
- name
- Fn::GetAtt:
- notcompute1
- show
- Fn::Join:
- .
- - Fn::Select:
- name
- Fn::GetAtt:
- notcompute1
- show
- novalocal
keepalived:
priority: 100
keepalive_interface: eth0
keystone:
db: mysql://keystone:unset@localhost/keystone
host:
Ref: ControllerVirtualIp
neutron:
host:
Ref: ControllerVirtualIp
metadata_proxy_shared_secret: unset
ovs:
enable_tunneling: 'True'
local_ip:
Ref: ControllerVirtualIp
physical_bridge: br-ex
public_interface:
Ref: NeutronPublicInterface
public_interface_raw_device:
Ref: NeutronPublicInterfaceRawDevice
public_interface_route:
Ref: NeutronPublicInterfaceDefaultRoute
tenant_network_type: gre
ovs_db: mysql://neutron:unset@localhost/ovs_neutron?charset=utf8
service-password:
Ref: NeutronPassword
nova:
compute_driver: libvirt.LibvirtDriver
db: mysql://nova:unset@localhost/nova
default_floating_pool: ext-net
host:
Ref: ControllerVirtualIp
metadata-proxy: true
service-password:
Ref: NovaPassword
os-collect-config:
cfn:
access_key_id:
Ref: Key
path: notcompute1Config.Metadata
secret_access_key:
Fn::GetAtt:
- Key
- SecretAccessKey
stack_name:
Ref: AWS::StackName
rabbit:
host:
Ref: ControllerVirtualIp
password: guest
cookie:
Fn::GetAtt:
- RabbitCookie
- value
cluster: true
nodes:
Fn::Join:
- ','
- - Fn::Select:
- name
- Fn::GetAtt:
- notcompute0
- show
- Fn::Select:
- name
- Fn::GetAtt:
- notcompute1
- show
swift:
devices:
Fn::Join:
- ''
- - r1z1-
- Fn::Select:
- 0
- Fn::Select:
- ctlplane
- Fn::GetAtt:
- notcompute0
- networks
- :%PORT%/d1
hash:
Ref: SwiftHashSuffix
part-power: 10
replicas: 1
service-password:
Ref: SwiftPassword
Properties:
ImageId: '0'
InstanceType: '0'
Type: AWS::AutoScaling::LaunchConfiguration
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.