OpenStack Resource Types¶
OS::Aodh::CompositeAlarm¶
Available since 8.0.0 (Ocata)
A resource that implements Aodh composite alarm.
Allows to specify multiple rules when creating a composite alarm, and the rules combined with logical operators: and, or.
Required Properties¶
- composite_rule¶
- Composite threshold rules in JSON format.Map value expected.Can be updated without replacement.Map properties:
- operator¶
- Required.The operator indicates how to combine the rules.String value expected.Can be updated without replacement.Allowed values: “or”, “and”
- rules¶
- Rules list. Basic threshold/gnocchi rules and nested dict which combine threshold/gnocchi rules by “and” or “or” are allowed. For example, the form is like: [RULE1, RULE2, {“and”: [RULE3, RULE4]}], the basic threshold/gnocchi rules must include a “type” field.List value expected.Can be updated without replacement.The length must be at least 2.
Optional Properties¶
- alarm_actions¶
- A list of URLs (webhooks) to invoke when state transitions to alarm.List value expected.Can be updated without replacement.
- alarm_queues¶
Available since 8.0.0 (Ocata)
A list of Zaqar queues to post to when state transitions to alarm.List value expected.Can be updated without replacement.Defaults to[]
List contents:- Optional.String value expected.Can be updated without replacement.Value must be of type zaqar.queue
- description¶
- Description for the alarm.String value expected.Can be updated without replacement.
- enabled¶
- True if alarm evaluation/actioning is enabled.Boolean value expected.Can be updated without replacement.Defaults to
"true"
- insufficient_data_actions¶
- A list of URLs (webhooks) to invoke when state transitions to insufficient-data.List value expected.Can be updated without replacement.
- insufficient_data_queues¶
Available since 8.0.0 (Ocata)
A list of Zaqar queues to post to when state transitions to insufficient-data.List value expected.Can be updated without replacement.Defaults to[]
List contents:- Optional.String value expected.Can be updated without replacement.Value must be of type zaqar.queue
- ok_actions¶
- A list of URLs (webhooks) to invoke when state transitions to ok.List value expected.Can be updated without replacement.
- ok_queues¶
Available since 8.0.0 (Ocata)
A list of Zaqar queues to post to when state transitions to ok.List value expected.Can be updated without replacement.Defaults to[]
List contents:- Optional.String value expected.Can be updated without replacement.Value must be of type zaqar.queue
- repeat_actions¶
- False to trigger actions when the threshold is reached AND the alarm’s state has changed. By default, actions are called each time the threshold is reached.Boolean value expected.Can be updated without replacement.Defaults to
"true"
- severity¶
Available since 5.0.0 (Liberty)
Severity of the alarm.String value expected.Can be updated without replacement.Defaults to"low"
Allowed values: “low”, “moderate”, “critical”- time_constraints¶
Available since 5.0.0 (Liberty)
Describe time constraints for the alarm. Only evaluate the alarm if the time at evaluation is within this time constraint. Start point(s) of the constraint are specified with a cron expression, whereas its duration is given in seconds.List value expected.Updates cause replacement.Defaults to[]
List contents:- Map value expected.Updates cause replacement.Map properties:
- description¶
- Optional.Description for the time constraint.String value expected.Updates cause replacement.
- duration¶
- Required.Duration for the time constraint.Integer value expected.Updates cause replacement.The value must be at least 0.
- name¶
- Required.Name for the time constraint.String value expected.Updates cause replacement.
- start¶
- Required.Start time for the time constraint. A CRON expression property.String value expected.Updates cause replacement.Value must be of type cron_expression
- timezone¶
- Optional.Timezone for the time constraint (eg. ‘Asia/Taipei’, ‘Europe/Amsterdam’).String value expected.Updates cause replacement.Value must be of type timezone
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Aodh::CompositeAlarm
properties:
alarm_actions: [Value, Value, ...]
alarm_queues: [String, String, ...]
composite_rule: {"operator": String, "rules": [Value, Value, ...]}
description: String
enabled: Boolean
insufficient_data_actions: [Value, Value, ...]
insufficient_data_queues: [String, String, ...]
ok_actions: [Value, Value, ...]
ok_queues: [String, String, ...]
repeat_actions: Boolean
severity: String
time_constraints: [{"name": String, "start": String, "description": String, "duration": Integer, "timezone": String}, {"name": String, "start": String, "description": String, "duration": Integer, "timezone": String}, ...]
OS::Aodh::EventAlarm¶
Available since 8.0.0 (Ocata)
A resource that implements event alarms.
Allows users to define alarms which can be evaluated based on events passed from other OpenStack services. The events can be emitted when the resources from other OpenStack services have been updated, created or deleted, such as ‘compute.instance.reboot.end’, ‘scheduler.select_destinations.end’.
Optional Properties¶
- alarm_actions¶
- A list of URLs (webhooks) to invoke when state transitions to alarm.List value expected.Can be updated without replacement.
- alarm_queues¶
Available since 8.0.0 (Ocata)
A list of Zaqar queues to post to when state transitions to alarm.List value expected.Can be updated without replacement.Defaults to[]
List contents:- Optional.String value expected.Can be updated without replacement.Value must be of type zaqar.queue
- description¶
- Description for the alarm.String value expected.Can be updated without replacement.
- enabled¶
- True if alarm evaluation/actioning is enabled.Boolean value expected.Can be updated without replacement.Defaults to
"true"
- event_type¶
- Event type to evaluate against. If not specified will match all events.String value expected.Can be updated without replacement.Defaults to
"*"
- insufficient_data_actions¶
- A list of URLs (webhooks) to invoke when state transitions to insufficient-data.List value expected.Can be updated without replacement.
- insufficient_data_queues¶
Available since 8.0.0 (Ocata)
A list of Zaqar queues to post to when state transitions to insufficient-data.List value expected.Can be updated without replacement.Defaults to[]
List contents:- Optional.String value expected.Can be updated without replacement.Value must be of type zaqar.queue
- ok_actions¶
- A list of URLs (webhooks) to invoke when state transitions to ok.List value expected.Can be updated without replacement.
- ok_queues¶
Available since 8.0.0 (Ocata)
A list of Zaqar queues to post to when state transitions to ok.List value expected.Can be updated without replacement.Defaults to[]
List contents:- Optional.String value expected.Can be updated without replacement.Value must be of type zaqar.queue
- query¶
- A list for filtering events. Query conditions used to filter specific events when evaluating the alarm.List value expected.Can be updated without replacement.List contents:
- Map value expected.Can be updated without replacement.Map properties:
- field¶
- Optional.Name of attribute to compare.String value expected.Can be updated without replacement.
- op¶
- Optional.Comparison operator.String value expected.Can be updated without replacement.Allowed values: “le”, “ge”, “eq”, “lt”, “gt”, “ne”
- type¶
- Optional.The type of the attribute.String value expected.Can be updated without replacement.Defaults to
"string"
Allowed values: “integer”, “float”, “string”, “boolean”, “datetime” - value¶
- Optional.String value with which to compare.String value expected.Can be updated without replacement.
- repeat_actions¶
- False to trigger actions when the threshold is reached AND the alarm’s state has changed. By default, actions are called each time the threshold is reached.Boolean value expected.Can be updated without replacement.Defaults to
"true"
- severity¶
Available since 5.0.0 (Liberty)
Severity of the alarm.String value expected.Can be updated without replacement.Defaults to"low"
Allowed values: “low”, “moderate”, “critical”- time_constraints¶
Available since 5.0.0 (Liberty)
Describe time constraints for the alarm. Only evaluate the alarm if the time at evaluation is within this time constraint. Start point(s) of the constraint are specified with a cron expression, whereas its duration is given in seconds.List value expected.Updates cause replacement.Defaults to[]
List contents:- Map value expected.Updates cause replacement.Map properties:
- description¶
- Optional.Description for the time constraint.String value expected.Updates cause replacement.
- duration¶
- Required.Duration for the time constraint.Integer value expected.Updates cause replacement.The value must be at least 0.
- name¶
- Required.Name for the time constraint.String value expected.Updates cause replacement.
- start¶
- Required.Start time for the time constraint. A CRON expression property.String value expected.Updates cause replacement.Value must be of type cron_expression
- timezone¶
- Optional.Timezone for the time constraint (eg. ‘Asia/Taipei’, ‘Europe/Amsterdam’).String value expected.Updates cause replacement.Value must be of type timezone
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Aodh::EventAlarm
properties:
alarm_actions: [Value, Value, ...]
alarm_queues: [String, String, ...]
description: String
enabled: Boolean
event_type: String
insufficient_data_actions: [Value, Value, ...]
insufficient_data_queues: [String, String, ...]
ok_actions: [Value, Value, ...]
ok_queues: [String, String, ...]
query: [{"field": String, "type": String, "op": String, "value": String}, {"field": String, "type": String, "op": String, "value": String}, ...]
repeat_actions: Boolean
severity: String
time_constraints: [{"name": String, "start": String, "description": String, "duration": Integer, "timezone": String}, {"name": String, "start": String, "description": String, "duration": Integer, "timezone": String}, ...]
OS::Aodh::GnocchiAggregationByMetricsAlarm¶
Available since 2015.1 (Kilo)
A resource that implements alarm with specified metrics.
A resource that implements alarm which allows to use specified by user metrics in metrics list.
Required Properties¶
Optional Properties¶
- aggregation_method¶
- The aggregation method to compare to the threshold.String value expected.Can be updated without replacement.
- alarm_actions¶
- A list of URLs (webhooks) to invoke when state transitions to alarm.List value expected.Can be updated without replacement.
- alarm_queues¶
Available since 8.0.0 (Ocata)
A list of Zaqar queues to post to when state transitions to alarm.List value expected.Can be updated without replacement.Defaults to[]
List contents:- Optional.String value expected.Can be updated without replacement.Value must be of type zaqar.queue
- comparison_operator¶
- Operator used to compare specified statistic with threshold.String value expected.Can be updated without replacement.Allowed values: “le”, “ge”, “eq”, “lt”, “gt”, “ne”
- description¶
- Description for the alarm.String value expected.Can be updated without replacement.
- enabled¶
- True if alarm evaluation/actioning is enabled.Boolean value expected.Can be updated without replacement.Defaults to
"true"
- evaluation_periods¶
- Number of periods to evaluate over.Integer value expected.Can be updated without replacement.
- granularity¶
- The time range in seconds.Integer value expected.Can be updated without replacement.
- insufficient_data_actions¶
- A list of URLs (webhooks) to invoke when state transitions to insufficient-data.List value expected.Can be updated without replacement.
- insufficient_data_queues¶
Available since 8.0.0 (Ocata)
A list of Zaqar queues to post to when state transitions to insufficient-data.List value expected.Can be updated without replacement.Defaults to[]
List contents:- Optional.String value expected.Can be updated without replacement.Value must be of type zaqar.queue
- ok_actions¶
- A list of URLs (webhooks) to invoke when state transitions to ok.List value expected.Can be updated without replacement.
- ok_queues¶
Available since 8.0.0 (Ocata)
A list of Zaqar queues to post to when state transitions to ok.List value expected.Can be updated without replacement.Defaults to[]
List contents:- Optional.String value expected.Can be updated without replacement.Value must be of type zaqar.queue
- repeat_actions¶
- False to trigger actions when the threshold is reached AND the alarm’s state has changed. By default, actions are called each time the threshold is reached.Boolean value expected.Can be updated without replacement.Defaults to
"true"
- severity¶
Available since 5.0.0 (Liberty)
Severity of the alarm.String value expected.Can be updated without replacement.Defaults to"low"
Allowed values: “low”, “moderate”, “critical”- time_constraints¶
Available since 5.0.0 (Liberty)
Describe time constraints for the alarm. Only evaluate the alarm if the time at evaluation is within this time constraint. Start point(s) of the constraint are specified with a cron expression, whereas its duration is given in seconds.List value expected.Updates cause replacement.Defaults to[]
List contents:- Map value expected.Updates cause replacement.Map properties:
- description¶
- Optional.Description for the time constraint.String value expected.Updates cause replacement.
- duration¶
- Required.Duration for the time constraint.Integer value expected.Updates cause replacement.The value must be at least 0.
- name¶
- Required.Name for the time constraint.String value expected.Updates cause replacement.
- start¶
- Required.Start time for the time constraint. A CRON expression property.String value expected.Updates cause replacement.Value must be of type cron_expression
- timezone¶
- Optional.Timezone for the time constraint (eg. ‘Asia/Taipei’, ‘Europe/Amsterdam’).String value expected.Updates cause replacement.Value must be of type timezone
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Aodh::GnocchiAggregationByMetricsAlarm
properties:
aggregation_method: String
alarm_actions: [Value, Value, ...]
alarm_queues: [String, String, ...]
comparison_operator: String
description: String
enabled: Boolean
evaluation_periods: Integer
granularity: Integer
insufficient_data_actions: [Value, Value, ...]
insufficient_data_queues: [String, String, ...]
metrics: [Value, Value, ...]
ok_actions: [Value, Value, ...]
ok_queues: [String, String, ...]
repeat_actions: Boolean
severity: String
threshold: Number
time_constraints: [{"name": String, "start": String, "description": String, "duration": Integer, "timezone": String}, {"name": String, "start": String, "description": String, "duration": Integer, "timezone": String}, ...]
OS::Aodh::GnocchiAggregationByResourcesAlarm¶
Available since 2015.1 (Kilo)
A resource that implements alarm as an aggregation of resources alarms.
A resource that implements alarm which uses aggregation of resources alarms with some condition. If state of a system is satisfied alarm condition, alarm is activated.
Required Properties¶
- metric¶
- Metric name watched by the alarm.String value expected.Can be updated without replacement.
- query¶
- The query to filter the metrics.String value expected.Can be updated without replacement.
- resource_type¶
- Resource type.String value expected.Can be updated without replacement.
- threshold¶
- Threshold to evaluate against.Number value expected.Can be updated without replacement.
Optional Properties¶
- aggregation_method¶
- The aggregation method to compare to the threshold.String value expected.Can be updated without replacement.
- alarm_actions¶
- A list of URLs (webhooks) to invoke when state transitions to alarm.List value expected.Can be updated without replacement.
- alarm_queues¶
Available since 8.0.0 (Ocata)
A list of Zaqar queues to post to when state transitions to alarm.List value expected.Can be updated without replacement.Defaults to[]
List contents:- Optional.String value expected.Can be updated without replacement.Value must be of type zaqar.queue
- comparison_operator¶
- Operator used to compare specified statistic with threshold.String value expected.Can be updated without replacement.Allowed values: “le”, “ge”, “eq”, “lt”, “gt”, “ne”
- description¶
- Description for the alarm.String value expected.Can be updated without replacement.
- enabled¶
- True if alarm evaluation/actioning is enabled.Boolean value expected.Can be updated without replacement.Defaults to
"true"
- evaluation_periods¶
- Number of periods to evaluate over.Integer value expected.Can be updated without replacement.
- granularity¶
- The time range in seconds.Integer value expected.Can be updated without replacement.
- insufficient_data_actions¶
- A list of URLs (webhooks) to invoke when state transitions to insufficient-data.List value expected.Can be updated without replacement.
- insufficient_data_queues¶
Available since 8.0.0 (Ocata)
A list of Zaqar queues to post to when state transitions to insufficient-data.List value expected.Can be updated without replacement.Defaults to[]
List contents:- Optional.String value expected.Can be updated without replacement.Value must be of type zaqar.queue
- ok_actions¶
- A list of URLs (webhooks) to invoke when state transitions to ok.List value expected.Can be updated without replacement.
- ok_queues¶
Available since 8.0.0 (Ocata)
A list of Zaqar queues to post to when state transitions to ok.List value expected.Can be updated without replacement.Defaults to[]
List contents:- Optional.String value expected.Can be updated without replacement.Value must be of type zaqar.queue
- repeat_actions¶
- False to trigger actions when the threshold is reached AND the alarm’s state has changed. By default, actions are called each time the threshold is reached.Boolean value expected.Can be updated without replacement.Defaults to
"true"
- severity¶
Available since 5.0.0 (Liberty)
Severity of the alarm.String value expected.Can be updated without replacement.Defaults to"low"
Allowed values: “low”, “moderate”, “critical”- time_constraints¶
Available since 5.0.0 (Liberty)
Describe time constraints for the alarm. Only evaluate the alarm if the time at evaluation is within this time constraint. Start point(s) of the constraint are specified with a cron expression, whereas its duration is given in seconds.List value expected.Updates cause replacement.Defaults to[]
List contents:- Map value expected.Updates cause replacement.Map properties:
- description¶
- Optional.Description for the time constraint.String value expected.Updates cause replacement.
- duration¶
- Required.Duration for the time constraint.Integer value expected.Updates cause replacement.The value must be at least 0.
- name¶
- Required.Name for the time constraint.String value expected.Updates cause replacement.
- start¶
- Required.Start time for the time constraint. A CRON expression property.String value expected.Updates cause replacement.Value must be of type cron_expression
- timezone¶
- Optional.Timezone for the time constraint (eg. ‘Asia/Taipei’, ‘Europe/Amsterdam’).String value expected.Updates cause replacement.Value must be of type timezone
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Aodh::GnocchiAggregationByResourcesAlarm
properties:
aggregation_method: String
alarm_actions: [Value, Value, ...]
alarm_queues: [String, String, ...]
comparison_operator: String
description: String
enabled: Boolean
evaluation_periods: Integer
granularity: Integer
insufficient_data_actions: [Value, Value, ...]
insufficient_data_queues: [String, String, ...]
metric: String
ok_actions: [Value, Value, ...]
ok_queues: [String, String, ...]
query: String
repeat_actions: Boolean
resource_type: String
severity: String
threshold: Number
time_constraints: [{"name": String, "start": String, "description": String, "duration": Integer, "timezone": String}, {"name": String, "start": String, "description": String, "duration": Integer, "timezone": String}, ...]
OS::Aodh::GnocchiResourcesAlarm¶
Available since 2015.1 (Kilo)
A resource allowing for the watch of some specified resource.
An alarm that evaluates threshold based on some metric for the specified resource.
Required Properties¶
- metric¶
- Metric name watched by the alarm.String value expected.Can be updated without replacement.
- resource_id¶
- Id of a resource.String value expected.Can be updated without replacement.
- resource_type¶
- Resource type.String value expected.Can be updated without replacement.
- threshold¶
- Threshold to evaluate against.Number value expected.Can be updated without replacement.
Optional Properties¶
- aggregation_method¶
- The aggregation method to compare to the threshold.String value expected.Can be updated without replacement.
- alarm_actions¶
- A list of URLs (webhooks) to invoke when state transitions to alarm.List value expected.Can be updated without replacement.
- alarm_queues¶
Available since 8.0.0 (Ocata)
A list of Zaqar queues to post to when state transitions to alarm.List value expected.Can be updated without replacement.Defaults to[]
List contents:- Optional.String value expected.Can be updated without replacement.Value must be of type zaqar.queue
- comparison_operator¶
- Operator used to compare specified statistic with threshold.String value expected.Can be updated without replacement.Allowed values: “le”, “ge”, “eq”, “lt”, “gt”, “ne”
- description¶
- Description for the alarm.String value expected.Can be updated without replacement.
- enabled¶
- True if alarm evaluation/actioning is enabled.Boolean value expected.Can be updated without replacement.Defaults to
"true"
- evaluation_periods¶
- Number of periods to evaluate over.Integer value expected.Can be updated without replacement.
- granularity¶
- The time range in seconds.Integer value expected.Can be updated without replacement.
- insufficient_data_actions¶
- A list of URLs (webhooks) to invoke when state transitions to insufficient-data.List value expected.Can be updated without replacement.
- insufficient_data_queues¶
Available since 8.0.0 (Ocata)
A list of Zaqar queues to post to when state transitions to insufficient-data.List value expected.Can be updated without replacement.Defaults to[]
List contents:- Optional.String value expected.Can be updated without replacement.Value must be of type zaqar.queue
- ok_actions¶
- A list of URLs (webhooks) to invoke when state transitions to ok.List value expected.Can be updated without replacement.
- ok_queues¶
Available since 8.0.0 (Ocata)
A list of Zaqar queues to post to when state transitions to ok.List value expected.Can be updated without replacement.Defaults to[]
List contents:- Optional.String value expected.Can be updated without replacement.Value must be of type zaqar.queue
- repeat_actions¶
- False to trigger actions when the threshold is reached AND the alarm’s state has changed. By default, actions are called each time the threshold is reached.Boolean value expected.Can be updated without replacement.Defaults to
"true"
- severity¶
Available since 5.0.0 (Liberty)
Severity of the alarm.String value expected.Can be updated without replacement.Defaults to"low"
Allowed values: “low”, “moderate”, “critical”- time_constraints¶
Available since 5.0.0 (Liberty)
Describe time constraints for the alarm. Only evaluate the alarm if the time at evaluation is within this time constraint. Start point(s) of the constraint are specified with a cron expression, whereas its duration is given in seconds.List value expected.Updates cause replacement.Defaults to[]
List contents:- Map value expected.Updates cause replacement.Map properties:
- description¶
- Optional.Description for the time constraint.String value expected.Updates cause replacement.
- duration¶
- Required.Duration for the time constraint.Integer value expected.Updates cause replacement.The value must be at least 0.
- name¶
- Required.Name for the time constraint.String value expected.Updates cause replacement.
- start¶
- Required.Start time for the time constraint. A CRON expression property.String value expected.Updates cause replacement.Value must be of type cron_expression
- timezone¶
- Optional.Timezone for the time constraint (eg. ‘Asia/Taipei’, ‘Europe/Amsterdam’).String value expected.Updates cause replacement.Value must be of type timezone
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Aodh::GnocchiResourcesAlarm
properties:
aggregation_method: String
alarm_actions: [Value, Value, ...]
alarm_queues: [String, String, ...]
comparison_operator: String
description: String
enabled: Boolean
evaluation_periods: Integer
granularity: Integer
insufficient_data_actions: [Value, Value, ...]
insufficient_data_queues: [String, String, ...]
metric: String
ok_actions: [Value, Value, ...]
ok_queues: [String, String, ...]
repeat_actions: Boolean
resource_id: String
resource_type: String
severity: String
threshold: Number
time_constraints: [{"name": String, "start": String, "description": String, "duration": Integer, "timezone": String}, {"name": String, "start": String, "description": String, "duration": Integer, "timezone": String}, ...]
OS::Aodh::LBMemberHealthAlarm¶
Available since 13.0.0 (Train)
A resource that implements a Loadbalancer Member Health Alarm.
Allows setting alarms based on the health of load balancer pool members, where the health of a member is determined by the member reporting an operating_status of ERROR beyond an initial grace period after creation (120 seconds by default).
Required Properties¶
- autoscaling_group_id¶
- ID of the Heat autoscaling group that contains the loadbalancer members. Unhealthy members will be marked as such before an update is triggered on the root stack.String value expected.Can be updated without replacement.
- pool¶
- Name or ID of the loadbalancer pool for which the health of each member will be evaluated.String value expected.Can be updated without replacement.
- stack¶
- Name or ID of the root / top level Heat stack containing the loadbalancer pool and members. An update will be triggered on the root Stack if an unhealthy member is detected in the loadbalancer pool.String value expected.Updates cause replacement.
Optional Properties¶
- alarm_actions¶
- A list of URLs (webhooks) to invoke when state transitions to alarm.List value expected.Can be updated without replacement.
- alarm_queues¶
Available since 8.0.0 (Ocata)
A list of Zaqar queues to post to when state transitions to alarm.List value expected.Can be updated without replacement.Defaults to[]
List contents:- Optional.String value expected.Can be updated without replacement.Value must be of type zaqar.queue
- description¶
- Description for the alarm.String value expected.Can be updated without replacement.
- enabled¶
- True if alarm evaluation/actioning is enabled.Boolean value expected.Can be updated without replacement.Defaults to
"true"
- insufficient_data_actions¶
- A list of URLs (webhooks) to invoke when state transitions to insufficient-data.List value expected.Can be updated without replacement.
- insufficient_data_queues¶
Available since 8.0.0 (Ocata)
A list of Zaqar queues to post to when state transitions to insufficient-data.List value expected.Can be updated without replacement.Defaults to[]
List contents:- Optional.String value expected.Can be updated without replacement.Value must be of type zaqar.queue
- ok_actions¶
- A list of URLs (webhooks) to invoke when state transitions to ok.List value expected.Can be updated without replacement.
- ok_queues¶
Available since 8.0.0 (Ocata)
A list of Zaqar queues to post to when state transitions to ok.List value expected.Can be updated without replacement.Defaults to[]
List contents:- Optional.String value expected.Can be updated without replacement.Value must be of type zaqar.queue
- repeat_actions¶
- False to trigger actions when the threshold is reached AND the alarm’s state has changed. By default, actions are called each time the threshold is reached.Boolean value expected.Can be updated without replacement.Defaults to
"true"
- severity¶
Available since 5.0.0 (Liberty)
Severity of the alarm.String value expected.Can be updated without replacement.Defaults to"low"
Allowed values: “low”, “moderate”, “critical”- time_constraints¶
Available since 5.0.0 (Liberty)
Describe time constraints for the alarm. Only evaluate the alarm if the time at evaluation is within this time constraint. Start point(s) of the constraint are specified with a cron expression, whereas its duration is given in seconds.List value expected.Updates cause replacement.Defaults to[]
List contents:- Map value expected.Updates cause replacement.Map properties:
- description¶
- Optional.Description for the time constraint.String value expected.Updates cause replacement.
- duration¶
- Required.Duration for the time constraint.Integer value expected.Updates cause replacement.The value must be at least 0.
- name¶
- Required.Name for the time constraint.String value expected.Updates cause replacement.
- start¶
- Required.Start time for the time constraint. A CRON expression property.String value expected.Updates cause replacement.Value must be of type cron_expression
- timezone¶
- Optional.Timezone for the time constraint (eg. ‘Asia/Taipei’, ‘Europe/Amsterdam’).String value expected.Updates cause replacement.Value must be of type timezone
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Aodh::LBMemberHealthAlarm
properties:
alarm_actions: [Value, Value, ...]
alarm_queues: [String, String, ...]
autoscaling_group_id: String
description: String
enabled: Boolean
insufficient_data_actions: [Value, Value, ...]
insufficient_data_queues: [String, String, ...]
ok_actions: [Value, Value, ...]
ok_queues: [String, String, ...]
pool: String
repeat_actions: Boolean
severity: String
stack: String
time_constraints: [{"name": String, "start": String, "description": String, "duration": Integer, "timezone": String}, {"name": String, "start": String, "description": String, "duration": Integer, "timezone": String}, ...]
OS::Barbican::CertificateContainer¶
Available since 6.0.0 (Mitaka)
A resource for creating barbican certificate container.
A certificate container is used for storing the secrets that are relevant to certificates.
Optional Properties¶
- certificate_ref¶
- Reference to certificate.String value expected.Updates cause replacement.Value must be of type barbican.secret
- intermediates_ref¶
- Reference to intermediates.String value expected.Updates cause replacement.Value must be of type barbican.secret
- name¶
- Human-readable name for the container.String value expected.Updates cause replacement.
- private_key_passphrase_ref¶
- Reference to private key passphrase.String value expected.Updates cause replacement.Value must be of type barbican.secret
- private_key_ref¶
- Reference to private key.String value expected.Updates cause replacement.Value must be of type barbican.secret
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Barbican::CertificateContainer
properties:
certificate_ref: String
intermediates_ref: String
name: String
private_key_passphrase_ref: String
private_key_ref: String
OS::Barbican::GenericContainer¶
Available since 6.0.0 (Mitaka)
A resource for creating Barbican generic container.
A generic container is used for any type of secret that a user may wish to aggregate. There are no restrictions on the amount of secrets that can be held within this container.
Optional Properties¶
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Barbican::GenericContainer
properties:
name: String
secrets: [{"name": String, "ref": String}, {"name": String, "ref": String}, ...]
OS::Barbican::Order¶
Available since 2014.2 (Juno)
A resource allowing for the generation secret material by Barbican.
The resource allows to generate some secret material. It can be, for example, some key or certificate. The order encapsulates the workflow and history for the creation of a secret. The time to generate a secret can vary depending on the type of secret.
Required Properties¶
- type¶
Available since 5.0.0 (Liberty)
The type of the order.String value expected.Updates cause replacement.Allowed values: “key”, “asymmetric”, “certificate”
Optional Properties¶
- algorithm¶
- The algorithm type used to generate the secret. Required for key and asymmetric types of order.String value expected.Updates cause replacement.
- bit_length¶
- The bit-length of the secret. Required for key and asymmetric types of order.Integer value expected.Updates cause replacement.
- ca_id¶
Available since 5.0.0 (Liberty)
The identifier of the CA to use.String value expected.Updates cause replacement.- expiration¶
- The expiration date for the secret in ISO-8601 format.String value expected.Updates cause replacement.Value must be of type expiration
- mode¶
- The type/mode of the algorithm associated with the secret information.String value expected.Updates cause replacement.
- name¶
- Human readable name for the secret.String value expected.Updates cause replacement.
- pass_phrase¶
Available since 5.0.0 (Liberty)
The passphrase of the created key. Can be set only for asymmetric type of order.String value expected.Updates cause replacement.- payload_content_type¶
- The type/format the secret data is provided in.String value expected.Updates cause replacement.
- profile¶
Available since 5.0.0 (Liberty)
The profile of certificate to use.String value expected.Updates cause replacement.- request_data¶
Available since 5.0.0 (Liberty)
The content of the CSR. Only for certificate orders.String value expected.Updates cause replacement.- request_type¶
Available since 5.0.0 (Liberty)
The type of the certificate request.String value expected.Updates cause replacement.Allowed values: “stored-key”, “simple-cmc”, “custom”- source_container_ref¶
Available since 5.0.0 (Liberty)
The source of certificate request.String value expected.Updates cause replacement.Value must be of type barbican.container- subject_dn¶
Available since 5.0.0 (Liberty)
The subject of the certificate request.String value expected.Updates cause replacement.
Attributes¶
- certificate¶
Available since 5.0.0 (Liberty)
The payload of the created certificate, if available.
- container_ref¶
Available since 5.0.0 (Liberty)
The URI to the created container.
- intermediates¶
Available since 5.0.0 (Liberty)
The payload of the created intermediates, if available.
- order_ref¶
The URI to the order.
- private_key¶
Available since 5.0.0 (Liberty)
The payload of the created private key, if available.
- public_key¶
Available since 5.0.0 (Liberty)
The payload of the created public key, if available.
- secret_ref¶
The URI to the created secret.
- show¶
Detailed information about resource.
- status¶
The status of the order.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Barbican::Order
properties:
algorithm: String
bit_length: Integer
ca_id: String
expiration: String
mode: String
name: String
pass_phrase: String
payload_content_type: String
profile: String
request_data: String
request_type: String
source_container_ref: String
subject_dn: String
type: String
OS::Barbican::RSAContainer¶
Available since 6.0.0 (Mitaka)
A resource for creating barbican RSA container.
An RSA container is used for storing RSA public keys, private keys, and private key pass phrases.
Optional Properties¶
- name¶
- Human-readable name for the container.String value expected.Updates cause replacement.
- private_key_passphrase_ref¶
- Reference to private key passphrase.String value expected.Updates cause replacement.Value must be of type barbican.secret
- private_key_ref¶
- Reference to private key.String value expected.Updates cause replacement.Value must be of type barbican.secret
- public_key_ref¶
- Reference to public key.String value expected.Updates cause replacement.Value must be of type barbican.secret
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Barbican::RSAContainer
properties:
name: String
private_key_passphrase_ref: String
private_key_ref: String
public_key_ref: String
OS::Barbican::Secret¶
Available since 2014.2 (Juno)
The resource provides access to the secret/keying stored material.
A secret is a singular item that stored within Barbican. A secret is anything you want it to be; however, the formal use case is a key that you wish to store away from prying eyes. Secret may include private keys, passwords and so on.
Optional Properties¶
- algorithm¶
- The algorithm type used to generate the secret.String value expected.Updates cause replacement.
- bit_length¶
- The bit-length of the secret.Integer value expected.Updates cause replacement.The value must be at least 0.
- expiration¶
- The expiration date for the secret in ISO-8601 format.String value expected.Updates cause replacement.Value must be of type expiration
- mode¶
- The type/mode of the algorithm associated with the secret information.String value expected.Updates cause replacement.
- name¶
- Human readable name for the secret.String value expected.Updates cause replacement.
- payload¶
- The unencrypted plain text of the secret.String value expected.Updates cause replacement.
- payload_content_encoding¶
- The encoding format used to provide the payload data.String value expected.Updates cause replacement.Allowed values: “base64”
- payload_content_type¶
- The type/format the secret data is provided in.String value expected.Updates cause replacement.Allowed values: “text/plain”, “application/octet-stream”
- secret_type¶
Available since 5.0.0 (Liberty)
The type of the secret.String value expected.Updates cause replacement.Defaults to"opaque"
Allowed values: “symmetric”, “public”, “private”, “certificate”, “passphrase”, “opaque”
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Barbican::Secret
properties:
algorithm: String
bit_length: Integer
expiration: String
mode: String
name: String
payload: String
payload_content_encoding: String
payload_content_type: String
secret_type: String
OS::Blazar::Host¶
Available since 12.0.0 (Stein)
A resource to manage Blazar hosts.
Host resource manages the physical hosts for the lease/reservation within OpenStack.
# TODO(asmita): Based on an agreement with Blazar team, this resource class does not support updating host resource as currently Blazar does not support to delete existing extra_capability keys while updating host. Also, in near future, when Blazar team will come up with a new alternative API to resolve this issue, we will need to modify this class.
Optional Properties¶
- extra_capability¶
- The extra capability of the host.Map value expected.Updates cause replacement.
Attributes¶
- cpu_info¶
Information of the CPU of the host.
- created_at¶
The date and time when the host was created. The date and time format must be “CCYY-MM-DD hh:mm”.
- extra_capability¶
The extra capability of the host.
- hypervisor_hostname¶
The hypervisor name of the host.
- hypervisor_type¶
The hypervisor type the host.
- hypervisor_version¶
The hypervisor version of the host.
- local_gb¶
Gigabytes of the disk of the host.
- memory_mb¶
Megabytes of the memory of the host.
- reservable¶
The flag which represents whether the host is reservable or not.
- service_name¶
The compute service name of the host.
- show¶
Detailed information about resource.
- status¶
The status of the host.
- trust_id¶
The UUID of the trust of the host operator.
- updated_at¶
The date and time when the host was updated. The date and time format must be “CCYY-MM-DD hh:mm”.
- vcpus¶
The number of the VCPUs of the host.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Blazar::Host
properties:
extra_capability: {...}
name: String
OS::Blazar::Lease¶
Available since 12.0.0 (Stein)
A resource to manage Blazar leases.
Lease resource manages the reservations of specific type/amount of cloud resources within OpenStack.
Note: Based on an agreement with Blazar team, this resource class does not support updating, because current Blazar lease scheme is not suitable for Heat, if you want to update a lease, you need to specify reservation’s id, which is one of attribute of lease.
Required Properties¶
- end_date¶
- The end date and time of the lease The date and time format must be “CCYY-MM-DD hh:mm”.String value expected.Updates cause replacement.Value must match pattern: \d{4}-\d{2}-\d{2}\s\d{2}:\d{2}
- name¶
- The name of the lease.String value expected.Updates cause replacement.
- reservations¶
- The list of reservations.List value expected.Updates cause replacement.List contents:
- Map value expected.Updates cause replacement.Map properties:
- affinity¶
- Optional.The affinity of instances to reserve.Boolean value expected.Updates cause replacement.Defaults to
false
- amount¶
- Optional.The amount of instances to reserve.Integer value expected.Updates cause replacement.The value must be in the range 0 to 2147483647.
- before_end¶
- Optional.The before-end-action of the reservation.String value expected.Updates cause replacement.Defaults to
"default"
Allowed values: “default”, “snapshot” - disk_gb¶
- Optional.Gigabytes of the local disk per the instance.Integer value expected.Updates cause replacement.The value must be in the range 0 to 2147483647.
- hypervisor_properties¶
- Optional.Properties of the hypervisor to reserve.String value expected.Updates cause replacement.
- max¶
- Optional.The maximum number of hosts to reserve.Integer value expected.Updates cause replacement.The value must be at least 1.
- memory_mb¶
- Optional.Megabytes of memory per the instance.Integer value expected.Updates cause replacement.The value must be in the range 0 to 2147483647.
- min¶
- Optional.The minimum number of hosts to reserve.Integer value expected.Updates cause replacement.The value must be at least 1.
- resource_properties¶
- Optional.Properties of the resource to reserve.String value expected.Updates cause replacement.
- resource_type¶
- Required.The type of the resource to reserve.String value expected.Updates cause replacement.Allowed values: “virtual:instance”, “physical:host”
- vcpus¶
- Optional.The number of VCPUs per the instance.Integer value expected.Updates cause replacement.The value must be in the range 0 to 2147483647.
- start_date¶
- The start date and time of the lease. The date and time format must be “CCYY-MM-DD hh:mm”.String value expected.Updates cause replacement.Value must match pattern: \d{4}-\d{2}-\d{2}\s\d{2}:\d{2}
Optional Properties¶
- before_end_date¶
- The date and time for the before-end-action of the lease. The date and time format must be “CCYY-MM-DD hh:mm”.String value expected.Updates cause replacement.Value must match pattern: \d{4}-\d{2}-\d{2}\s\d{2}:\d{2}
- events¶
- A list of event objects.List value expected.Updates cause replacement.Defaults to
[]
List contents:- Map value expected.Updates cause replacement.Map properties:
Attributes¶
- created_at¶
The date and time when the lease was created. The date and time format is “CCYY-MM-DD hh:mm”.
- degraded¶
The flag which represents condition of reserved resources of the lease. If it is true, the amount of reserved resources is less than the request or reserved resources were changed.
- end_date¶
The end date and time of the lease. The date and time format is “CCYY-MM-DD hh:mm”.
- events¶
Event information of the lease.
- name¶
The name of the lease.
- project_id¶
The UUID the project which owns the lease.
- reservations¶
A list of reservation objects.
- show¶
Detailed information about resource.
- start_date¶
The start date and time of the lease. The date and time format is “CCYY-MM-DD hh:mm”.
- status¶
The status of the lease.
- trust_id¶
The UUID of the trust of the lease owner.
- updated_at¶
The date and time when the lease was updated. The date and time format is “CCYY-MM-DD hh:mm”.
- user_id¶
The UUID of the lease owner.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Blazar::Lease
properties:
before_end_date: String
end_date: String
events: [{"event_type": String, "time": String}, {"event_type": String, "time": String}, ...]
name: String
reservations: [{"resource_type": String, "min": Integer, "max": Integer, "hypervisor_properties": String, "resource_properties": String, "before_end": String, "amount": Integer, "vcpus": Integer, "memory_mb": Integer, "disk_gb": Integer, "affinity": Boolean}, {"resource_type": String, "min": Integer, "max": Integer, "hypervisor_properties": String, "resource_properties": String, "before_end": String, "amount": Integer, "vcpus": Integer, "memory_mb": Integer, "disk_gb": Integer, "affinity": Boolean}, ...]
start_date: String
OS::Cinder::EncryptedVolumeType¶
Available since 5.0.0 (Liberty)
A resource for encrypting a cinder volume type.
A Volume Encryption Type is a collection of settings used to conduct encryption for a specific volume type.
Note that default cinder security policy usage of this resource is limited to being used by administrators only.
Required Properties¶
- provider¶
- The class that provides encryption support. For example, nova.volume.encryptors.luks.LuksEncryptor.String value expected.Can be updated without replacement.
- volume_type¶
- Name or id of volume type (OS::Cinder::VolumeType).String value expected.Updates cause replacement.Value must be of type cinder.vtype
Optional Properties¶
- cipher¶
- The encryption algorithm or mode. For example, aes-xts-plain64.String value expected.Can be updated without replacement.Allowed values: “aes-xts-plain64”, “aes-cbc-essiv”
- control_location¶
- Notional service where encryption is performed For example, front-end. For Nova.String value expected.Can be updated without replacement.Defaults to
"front-end"
Allowed values: “front-end”, “back-end” - key_size¶
- Size of encryption key, in bits. For example, 128 or 256.Integer value expected.Can be updated without replacement.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Cinder::EncryptedVolumeType
properties:
cipher: String
control_location: String
key_size: Integer
provider: String
volume_type: String
OS::Cinder::QoSAssociation¶
Available since 8.0.0 (Ocata)
A resource to associate cinder QoS specs with volume types.
Usage of this resource restricted to admins only by default policy.
Required Properties¶
- qos_specs¶
- ID or Name of the QoS specs.String value expected.Updates cause replacement.Value must be of type cinder.qos_specs
- volume_types¶
- List of volume type IDs or Names to be attached to QoS specs.List value expected.Can be updated without replacement.List contents:
- Optional.A volume type to attach specs.String value expected.Can be updated without replacement.Value must be of type cinder.vtype
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Cinder::QoSAssociation
properties:
qos_specs: String
volume_types: [String, String, ...]
OS::Cinder::QoSSpecs¶
Available since 7.0.0 (Newton)
A resource for creating cinder QoS specs.
Users can ask for a specific volume type. Part of that volume type is a string that defines the QoS of the volume IO (fast, normal, or slow). Backends that can handle all of the demands of the volume type become candidates for scheduling. Usage of this resource restricted to admins only by default policy.
Required Properties¶
- specs¶
- The specs key and value pairs of the QoS.Map value expected.Can be updated without replacement.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Cinder::QoSSpecs
properties:
name: String
specs: {...}
OS::Cinder::Quota¶
Available since 7.0.0 (Newton)
A resource for creating cinder quotas.
Cinder Quota is used to manage operational limits for projects. Currently, this resource can manage Cinder’s gigabytes, snapshots, and volumes quotas.
Note that default cinder security policy usage of this resource is limited to being used by administrators only. Administrators should be careful to create only one Cinder Quota resource per project, otherwise it will be hard for them to manage the quota properly.
Required Properties¶
- project¶
- OpenStack Keystone Project.String value expected.Updates cause replacement.Value must be of type keystone.project
Optional Properties¶
- backup_gigabytes¶
Available since 16.0.0
Quota for the amount of backups disk space (in Gigabytes). Setting the value to -1 removes the limit.Integer value expected.Can be updated without replacement.The value must be at least -1.- backups¶
Available since 16.0.0
Quota for the number of backups. Setting the value to -1 removes the limit.Integer value expected.Can be updated without replacement.The value must be at least -1.- gigabytes¶
- Quota for the amount of disk space (in Gigabytes). Setting the value to -1 removes the limit.Integer value expected.Can be updated without replacement.The value must be at least -1.
- snapshots¶
- Quota for the number of snapshots. Setting the value to -1 removes the limit.Integer value expected.Can be updated without replacement.The value must be at least -1.
- volumes¶
- Quota for the number of volumes. Setting the value to -1 removes the limit.Integer value expected.Can be updated without replacement.The value must be at least -1.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Cinder::Quota
properties:
backup_gigabytes: Integer
backups: Integer
gigabytes: Integer
project: String
snapshots: Integer
volumes: Integer
OS::Cinder::Volume¶
A resource that implements Cinder volumes.
Cinder volume is a storage in the form of block devices. It can be used, for example, for providing storage to instance. Volume supports creation from snapshot, backup or image. Also volume can be created only by size.
Optional Properties¶
- availability_zone¶
- The availability zone in which the volume will be created.String value expected.Updates cause replacement.
- backup_id¶
- If specified, the backup to create the volume from.String value expected.Can be updated without replacement.Value must be of type cinder.backup
- description¶
- A description of the volume.String value expected.Can be updated without replacement.
- image¶
- If specified, the name or ID of the image to create the volume from.String value expected.Updates cause replacement.Value must be of type glance.image
- metadata¶
- Key/value pairs to associate with the volume.Map value expected.Can be updated without replacement.Defaults to
{}
- name¶
- A name used to distinguish the volume.String value expected.Can be updated without replacement.
- read_only¶
Available since 5.0.0 (Liberty)
Enables or disables read-only access mode of volume.Boolean value expected.Can be updated without replacement.- scheduler_hints¶
Available since 2015.1 (Kilo)
Arbitrary key-value pairs specified by the client to help the Cinder scheduler creating a volume.Map value expected.Updates cause replacement.- size¶
- The size of the volume in GB. On update only increase in size is supported. This property is required unless property backup_id or source_volid or snapshot_id is specified.Integer value expected.Can be updated without replacement.The value must be at least 1.
- snapshot_id¶
- If specified, the snapshot to create the volume from.String value expected.Updates cause replacement.Value must be of type cinder.snapshot
- source_volid¶
- If specified, the volume to use as source.String value expected.Updates cause replacement.Value must be of type cinder.volume
- volume_type¶
- If specified, the type of volume to use, mapping to a specific backend.String value expected.Can be updated without replacement.Value must be of type cinder.vtype
Attributes¶
- attachments¶
DEPRECATED since 9.0.0 (Pike) - Use property attachments_list.
Available since 2015.1 (Kilo)
A string representation of the list of attachments of the volume.
- attachments_list¶
Available since 9.0.0 (Pike)
The list of attachments of the volume.
- availability_zone¶
The availability zone in which the volume is located.
- bootable¶
Boolean indicating if the volume can be booted or not.
- created_at¶
The timestamp indicating volume creation.
- display_description¶
Description of the volume.
- display_name¶
Name of the volume.
- encrypted¶
Boolean indicating if the volume is encrypted or not.
- metadata¶
Key/value pairs associated with the volume.
- metadata_values¶
Key/value pairs associated with the volume in raw dict form.
- multiattach¶
Available since 6.0.0 (Mitaka)
Boolean indicating whether allow the volume to be attached more than once.
- show¶
Detailed information about resource.
- size¶
The size of the volume in GB.
- snapshot_id¶
The snapshot the volume was created from, if any.
- source_volid¶
The volume used as source, if any.
- status¶
The current status of the volume.
- volume_type¶
The type of the volume mapping to a backend, if any.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Cinder::Volume
properties:
availability_zone: String
backup_id: String
description: String
image: String
metadata: {...}
name: String
read_only: Boolean
scheduler_hints: {...}
size: Integer
snapshot_id: String
source_volid: String
volume_type: String
OS::Cinder::VolumeAttachment¶
Resource for associating volume to instance.
Resource for associating existing volume to instance. Also, the location where the volume is exposed on the instance can be specified.
Required Properties¶
Optional Properties¶
- mountpoint¶
- The location where the volume is exposed on the instance. This assignment may not be honored and it is advised that the path /dev/disk/by-id/virtio-<VolumeId> be used instead.String value expected.Can be updated without replacement.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Cinder::VolumeAttachment
properties:
instance_uuid: String
mountpoint: String
volume_id: String
OS::Cinder::VolumeType¶
Available since 2015.1 (Kilo)
A resource for creating cinder volume types.
Volume type resource allows to define, whether volume, which will be use this type, will public and which projects are allowed to work with it. Also, there can be some user-defined metadata.
Note that default cinder security policy usage of this resource is limited to being used by administrators only.
Required Properties¶
- name¶
- Name of the volume type.String value expected.Can be updated without replacement.
Optional Properties¶
- description¶
Available since 5.0.0 (Liberty)
Description of the volume type.String value expected.Can be updated without replacement.- is_public¶
Available since 5.0.0 (Liberty)
Whether the volume type is accessible to the public.Boolean value expected.Can be updated without replacement.Defaults totrue
- metadata¶
- The extra specs key and value pairs of the volume type.Map value expected.Can be updated without replacement.
- projects¶
Available since 5.0.0 (Liberty)
Projects to add volume type access to. NOTE: This property is only supported since Cinder API V2.List value expected.Can be updated without replacement.Defaults to[]
List contents:- Optional.String value expected.Can be updated without replacement.Value must be of type keystone.project
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Cinder::VolumeType
properties:
description: String
is_public: Boolean
metadata: {...}
name: String
projects: [String, String, ...]
OS::Designate::RecordSet¶
Available since 8.0.0 (Ocata)
Heat Template Resource for Designate RecordSet.
Designate provides DNS-as-a-Service services for OpenStack. RecordSet helps to add more than one records.
Required Properties¶
- records¶
- A list of data for this RecordSet. Each item will be a separate record in Designate These items should conform to the DNS spec for the record type - e.g. A records must be IPv4 addresses, CNAME records must be a hostname. DNS record data varies based on the type of record. For more details, please refer rfc 1035.List value expected.Can be updated without replacement.
- type¶
- DNS RecordSet type.String value expected.Updates cause replacement.Allowed values: “A”, “AAAA”, “CNAME”, “MX”, “SRV”, “TXT”, “SPF”, “NS”, “PTR”, “SSHFP”, “SOA”
- zone¶
- DNS Zone id or name.String value expected.Updates cause replacement.Value must be of type designate.zone
Optional Properties¶
- description¶
- Description of RecordSet.String value expected.Can be updated without replacement.The length must be no greater than 160.
- name¶
- RecordSet name.String value expected.Updates cause replacement.The length must be no greater than 255.
- ttl¶
- Time To Live (Seconds).Integer value expected.Can be updated without replacement.The value must be in the range 1 to 2147483647.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Designate::RecordSet
properties:
description: String
name: String
records: [Value, Value, ...]
ttl: Integer
type: String
zone: String
OS::Designate::Zone¶
Available since 8.0.0 (Ocata)
Heat Template Resource for Designate Zone.
Designate provides DNS-as-a-Service services for OpenStack. So, zone, part of domain is a realm with an identification string, unique in DNS.
Required Properties¶
- name¶
- DNS Name for the zone.String value expected.Updates cause replacement.The length must be no greater than 255.
Optional Properties¶
- description¶
- Description of zone.String value expected.Can be updated without replacement.The length must be no greater than 160.
- email¶
- E-mail for the zone. Used in SOA records for the zone. It is required for PRIMARY Type, otherwise ignored.String value expected.Can be updated without replacement.
- primaries¶
- The primary servers to transfer DNS zone information from. Mandatory for zone type SECONDARY, otherwise ignored.List value expected.Can be updated without replacement.
- ttl¶
- Time To Live (Seconds) for the zone.Integer value expected.Can be updated without replacement.The value must be in the range 1 to 2147483647.
- type¶
- Type of zone. PRIMARY is controlled by Designate, SECONDARY zones are transferred from another DNS Server.String value expected.Updates cause replacement.Defaults to
"PRIMARY"
Allowed values: “PRIMARY”, “SECONDARY” - masters¶
DEPRECATED since 15.0.0 (Victoria) - Use ``primaries`` instead.
The primary servers to transfer DNS zone information from. Mandatory for zone type SECONDARY, otherwise ignored.List value expected.Can be updated without replacement.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Designate::Zone
properties:
description: String
email: String
name: String
primaries: [Value, Value, ...]
ttl: Integer
type: String
OS::Glance::WebImage¶
Available since 12.0.0 (Stein)
A resource managing images in Glance using web-download import.
This provides image support for recent Glance installation.
Required Properties¶
- container_format¶
- Container format of image.String value expected.Updates cause replacement.Allowed values: “ami”, “ari”, “aki”, “bare”, “ovf”, “ova”, “docker”
- disk_format¶
- Disk format of image.String value expected.Updates cause replacement.Allowed values: “ami”, “ari”, “aki”, “vhd”, “vhdx”, “vmdk”, “raw”, “qcow2”, “vdi”, “iso”, “ploop”
- location¶
- URL where the data for this image already resides. For example, if the image data is stored in swift, you could specify “swift://example.com/container/obj”.String value expected.Updates cause replacement.
Optional Properties¶
- active¶
Available since 16.0.0
Activate or deactivate the image. Requires Admin Access.Boolean value expected.Can be updated without replacement.Defaults totrue
- architecture¶
- Operating system architecture.String value expected.Can be updated without replacement.
- id¶
- The image ID. Glance will generate a UUID if not specified.String value expected.Updates cause replacement.
- kernel_id¶
- ID of image stored in Glance that should be used as the kernel when booting an AMI-style image.String value expected.Can be updated without replacement.Value must match pattern: ^([0-9a-fA-F]){8}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){12}$
- members¶
Available since 16.0.0
List of additional members that are permitted to read the image. This may be a Keystone Project IDs or User IDs, depending on the Glance configuration in use.List value expected.Can be updated without replacement.List contents:- Optional.A member ID. This may be a Keystone Project ID or User ID, depending on the Glance configuration in use.String value expected.Can be updated without replacement.
- min_disk¶
- Amount of disk space (in GB) required to boot image. Default value is 0 if not specified and means no limit on the disk size.Integer value expected.Updates cause replacement.Defaults to
0
The value must be at least 0. - min_ram¶
- Amount of ram (in MB) required to boot image. Default value is 0 if not specified and means no limit on the ram size.Integer value expected.Updates cause replacement.Defaults to
0
The value must be at least 0. - name¶
- Name for the image. The name of an image is not unique to a Image Service node.String value expected.Updates cause replacement.
- os_distro¶
- The common name of the operating system distribution in lowercase.String value expected.Can be updated without replacement.
- os_version¶
- Operating system version as specified by the distributor.String value expected.Can be updated without replacement.
- owner¶
- Owner of the image.String value expected.Can be updated without replacement.
- protected¶
- Whether the image can be deleted. If the value is True, the image is protected and cannot be deleted.Boolean value expected.Can be updated without replacement.Defaults to
false
- ramdisk_id¶
- ID of image stored in Glance that should be used as the ramdisk when booting an AMI-style image.String value expected.Can be updated without replacement.Value must match pattern: ^([0-9a-fA-F]){8}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){12}$
- tags¶
- List of image tags.List value expected.Can be updated without replacement.
- visibility¶
- Scope of image accessibility.String value expected.Can be updated without replacement.Defaults to
"private"
Allowed values: “public”, “private”, “community”, “shared”
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Glance::WebImage
properties:
active: Boolean
architecture: String
container_format: String
disk_format: String
id: String
kernel_id: String
location: String
members: [String, String, ...]
min_disk: Integer
min_ram: Integer
name: String
os_distro: String
os_version: String
owner: String
protected: Boolean
ramdisk_id: String
tags: [Value, Value, ...]
visibility: String
OS::Heat::AccessPolicy¶
Resource for defining which resources can be accessed by users.
NOTE: Now this resource is actually associated with an AWS user resource, not any OS:: resource though it is registered under the OS namespace below.
Resource for defining resources that users are allowed to access by the DescribeStackResource API.
Required Properties¶
- AllowedResources¶
- Resources that users are allowed to access by the DescribeStackResource API.List value expected.Updates cause replacement.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Heat::AccessPolicy
properties:
AllowedResources: [Value, Value, ...]
OS::Heat::AutoScalingGroup¶
Available since 2014.1 (Icehouse)
An autoscaling group that can scale arbitrary resources.
An autoscaling group allows the creation of a desired count of similar resources, which are defined with the resource property in HOT format. If there is a need to create many of the same resources (e.g. one hundred sets of Server, WaitCondition and WaitConditionHandle or even Neutron Nets), AutoScalingGroup is a convenient and easy way to do that.
Required Properties¶
- max_size¶
- Maximum number of resources in the group.Integer value expected.Can be updated without replacement.The value must be at least 0.
- min_size¶
- Minimum number of resources in the group.Integer value expected.Can be updated without replacement.The value must be at least 0.
- resource¶
- Resource definition for the resources in the group, in HOT format. The value of this property is the definition of a resource just as if it had been declared in the template itself.Map value expected.Can be updated without replacement.
Optional Properties¶
- cooldown¶
- Cooldown period, in seconds.Integer value expected.Can be updated without replacement.
- desired_capacity¶
- Desired initial number of resources.Integer value expected.Can be updated without replacement.
- rolling_updates¶
- Policy for rolling updates for this scaling group.Map value expected.Can be updated without replacement.Defaults to
{"min_in_service": 0, "max_batch_size": 1, "pause_time": 0}
Map properties:- max_batch_size¶
- Optional.The maximum number of resources to replace at once.Integer value expected.Can be updated without replacement.Defaults to
1
The value must be at least 1. - min_in_service¶
- Optional.The minimum number of resources in service while rolling updates are being executed.Integer value expected.Can be updated without replacement.Defaults to
0
The value must be at least 0. - pause_time¶
- Optional.The number of seconds to wait between batches of updates.Number value expected.Can be updated without replacement.Defaults to
0
The value must be at least 0.
Attributes¶
- current_size¶
Available since 2015.1 (Kilo)
The current size of AutoscalingResourceGroup.
- outputs¶
Available since 2014.2 (Juno)
A map of resource names to the specified attribute of each individual resource that is part of the AutoScalingGroup. This map specifies output parameters that are available once the AutoScalingGroup has been instantiated.
- outputs_list¶
Available since 2014.2 (Juno)
A list of the specified attribute of each individual resource that is part of the AutoScalingGroup. This list of attributes is available as an output once the AutoScalingGroup has been instantiated.
- refs¶
Available since 7.0.0 (Newton)
A list of resource IDs for the resources in the group.
- refs_map¶
Available since 7.0.0 (Newton)
A map of resource names to IDs for the resources in the group.
- show¶
Detailed information about resource.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Heat::AutoScalingGroup
properties:
cooldown: Integer
desired_capacity: Integer
max_size: Integer
min_size: Integer
resource: {...}
rolling_updates: {"min_in_service": Integer, "max_batch_size": Integer, "pause_time": Number}
OS::Heat::CloudConfig¶
Available since 2014.1 (Icehouse)
A configuration resource for representing cloud-init cloud-config.
This resource allows cloud-config YAML to be defined and stored by the config API. Any intrinsic functions called in the config will be resolved before storing the result.
This resource will generally be referenced by OS::Nova::Server user_data, or OS::Heat::MultipartMime parts config. Since cloud-config is boot-only configuration, any changes to the definition will result in the replacement of all servers which reference it.
Optional Properties¶
- cloud_config¶
- Map representing the cloud-config data structure which will be formatted as YAML.Map value expected.Updates cause replacement.
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Heat::CloudConfig
properties:
cloud_config: {...}
OS::Heat::Delay¶
Available since 11.0.0 (Rocky)
A resource that pauses for a configurable delay.
By manipulating the dependency relationships between resources in the template, a delay can be inserted at an arbitrary point during e.g. stack creation or deletion. They delay will occur after any resource that it depends on during CREATE or SUSPEND, and before any resource that it depends on during DELETE or RESUME. Similarly, it will occur before any resource that depends on it during CREATE or SUSPEND, and after any resource thet depends on it during DELETE or RESUME.
If a non-zero maximum jitter is specified, a random amount of jitter - chosen with uniform probability in the range from 0 to the product of the maximum jitter value and the jitter multiplier (1s by default) - is added to the minimum delay time. This can be used, for example, in the scaled unit of a large scaling group to prevent ‘thundering herd’ issues.
Optional Properties¶
- actions¶
- Actions during which the delay will occur.List value expected.Can be updated without replacement.Defaults to
["CREATE"]
Allowed values: “CREATE”, “DELETE”, “SUSPEND”, “RESUME” - jitter_multiplier¶
- Number of seconds to multiply the maximum jitter value by.Number value expected.Can be updated without replacement.Defaults to
1.0
The value must be at least 0. - max_jitter¶
- Maximum jitter to add to the minimum wait time.Number value expected.Can be updated without replacement.Defaults to
0
The value must be at least 0. - min_wait¶
- Minimum time in seconds to wait during the specified actions.Number value expected.Can be updated without replacement.Defaults to
0
The value must be at least 0.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Heat::Delay
properties:
actions: [Value, Value, ...]
jitter_multiplier: Number
max_jitter: Number
min_wait: Number
OS::Heat::DeployedServer¶
A resource for managing servers that are already deployed.
A DeployedServer resource manages resources for servers that have been deployed externally from OpenStack. These servers can be associated with SoftwareDeployments for further orchestration via Heat.
Optional Properties¶
- deployment_swift_data¶
Available since 9.0.0 (Pike)
Swift container and object to use for storing deployment data for the server resource. The parameter is a map value with the keys “container” and “object”, and the values are the corresponding container and object names. The software_config_transport parameter must be set to POLL_TEMP_URL for swift to be used. If not specified, and software_config_transport is set to POLL_TEMP_URL, a container will be automatically created from the resource name, and the object name will be a generated uuid.Map value expected.Can be updated without replacement.Defaults to{}
Map properties:- name¶
- Server name.String value expected.Can be updated without replacement.
- software_config_transport¶
- How the server should receive the metadata required for software configuration. POLL_SERVER_CFN will allow calls to the cfn API action DescribeStackResource authenticated with the provided keypair. POLL_SERVER_HEAT will allow calls to the Heat API resource-show using the provided keystone credentials. POLL_TEMP_URL will create and populate a Swift TempURL with metadata for polling. ZAQAR_MESSAGE will create a dedicated zaqar queue and post the metadata for polling.String value expected.Can be updated without replacement.Defaults to
"POLL_SERVER_CFN"
Allowed values: “POLL_SERVER_CFN”, “POLL_SERVER_HEAT”, “POLL_TEMP_URL”, “ZAQAR_MESSAGE” - metadata¶
DEPRECATED since 9.0.0 (Pike) - This property will be ignored
Available since 8.0.0 (Ocata)
Arbitrary key/value metadata to store for this server. Both keys and values must be 255 characters or less. Non-string values will be serialized to JSON (and the serialized string must be 255 characters or less).Map value expected.Can be updated without replacement.
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Heat::DeployedServer
properties:
deployment_swift_data: {"container": String, "object": String}
name: String
software_config_transport: String
OS::Heat::InstanceGroup¶
An instance group that can scale arbitrary instances.
A resource allowing for the creating number of defined with AWS::AutoScaling::LaunchConfiguration instances. Allows to associate scaled resources with loadbalancer resources.
Required Properties¶
- AvailabilityZones¶
- Not Implemented.List value expected.Updates cause replacement.
- LaunchConfigurationName¶
- The reference to a LaunchConfiguration resource.String value expected.Can be updated without replacement.
- Size¶
- Desired number of instances.Integer value expected.Can be updated without replacement.
Optional Properties¶
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Heat::InstanceGroup
properties:
AvailabilityZones: [Value, Value, ...]
LaunchConfigurationName: String
LoadBalancerNames: [Value, Value, ...]
Size: Integer
Tags: [{"Key": String, "Value": String}, {"Key": String, "Value": String}, ...]
OS::Heat::MultipartMime¶
Available since 2014.1 (Icehouse)
Assembles a collection of software configurations as a multi-part mime.
Parts in the message can be populated with inline configuration or references to other config resources. If the referenced resource is itself a valid multi-part mime message, that will be broken into parts and those parts appended to this message.
The resulting multi-part mime message will be stored by the configs API and can be referenced in properties such as OS::Nova::Server user_data.
This resource is generally used to build a list of cloud-init configuration elements including scripts and cloud-config. Since cloud-init is boot-only configuration, any changes to the definition will result in the replacement of all servers which reference it.
Optional Properties¶
- group¶
Available since 14.0.0 (Ussuri)
Namespace to group this multi-part configs by when delivered to a server. This may imply what configuration tool is going to perform the configuration.String value expected.Updates cause replacement.Defaults to"Heat::Ungrouped"
- parts¶
- Parts belonging to this message.List value expected.Updates cause replacement.Defaults to
[]
List contents:- Map value expected.Updates cause replacement.Map properties:
- config¶
- Required.Content of part to attach, either inline or by referencing the ID of another software config resource.String value expected.Updates cause replacement.
- filename¶
- Optional.Optional filename to associate with part.String value expected.Updates cause replacement.
- subtype¶
- Optional.Optional subtype to specify with the type.String value expected.Updates cause replacement.
- type¶
- Optional.Whether the part content is text or multipart.String value expected.Updates cause replacement.Defaults to
"text"
Allowed values: “text”, “multipart”
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Heat::MultipartMime
properties:
group: String
parts: [{"config": String, "filename": String, "type": String, "subtype": String}, {"config": String, "filename": String, "type": String, "subtype": String}, ...]
OS::Heat::None¶
Available since 5.0.0 (Liberty)
Enables easily disabling certain resources via the resource_registry.
It does nothing, but can effectively stub out any other resource because it will accept any properties and return any attribute (as None). Note this resource always does nothing on update (e.g it is not replaced even if a change to the stubbed resource properties would cause replacement).
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Heat::None
OS::Heat::RandomString¶
Available since 2014.1 (Icehouse)
A resource which generates a random string.
This is useful for configuring passwords and secrets on services. Random string can be generated from specified character sequences, which means that all characters will be randomly chosen from specified sequences, or with some classes, e.g. letterdigits, which means that all character will be randomly chosen from union of ascii letters and digits. Output string will be randomly generated string with specified length (or with length of 32, if length property doesn’t specified).
Optional Properties¶
- character_classes¶
- A list of character class and their constraints to generate the random string from.List value expected.Updates cause replacement.Defaults to
[{"class": "lettersdigits", "min": 1}]
List contents:- Map value expected.Updates cause replacement.Map properties:
- class¶
- Optional.A character class and its corresponding min constraint to generate the random string from.String value expected.Updates cause replacement.Defaults to
"lettersdigits"
Allowed values: “lettersdigits”, “letters”, “lowercase”, “uppercase”, “digits”, “hexdigits”, “octdigits” - min¶
- Optional.The minimum number of characters from this character class that will be in the generated string.Integer value expected.Updates cause replacement.Defaults to
1
The value must be in the range 1 to 512.
- character_sequences¶
- A list of character sequences and their constraints to generate the random string from.List value expected.Updates cause replacement.List contents:
- Map value expected.Updates cause replacement.Map properties:
- min¶
- Optional.The minimum number of characters from this sequence that will be in the generated string.Integer value expected.Updates cause replacement.Defaults to
1
The value must be in the range 1 to 512. - sequence¶
- Required.A character sequence and its corresponding min constraint to generate the random string from.String value expected.Updates cause replacement.
- length¶
- Length of the string to generate.Integer value expected.Updates cause replacement.Defaults to
32
The value must be in the range 1 to 512. - salt¶
- Value which can be set or changed on stack update to trigger the resource for replacement with a new random string. The salt value itself is ignored by the random generator.String value expected.Updates cause replacement.
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Heat::RandomString
properties:
character_classes: [{"class": String, "min": Integer}, {"class": String, "min": Integer}, ...]
character_sequences: [{"sequence": String, "min": Integer}, {"sequence": String, "min": Integer}, ...]
length: Integer
salt: String
OS::Heat::ResourceChain¶
Available since 6.0.0 (Mitaka)
Creates one or more resources with the same configuration.
The types of resources to be created are passed into the chain
through the resources
property. One resource will be created for each
type listed. Each is passed the configuration specified
under resource_properties
.
The concurrent
property controls if the resources will be created
concurrently. If omitted or set to false, each resource will be treated
as having a dependency on the resource before it in the list.
Required Properties¶
- resources¶
- The list of resource types to create. This list may contain type names or aliases defined in the resource registry. Specific template names are not supported.List value expected.Can be updated without replacement.
Optional Properties¶
- concurrent¶
- If true, the resources in the chain will be created concurrently. If false or omitted, each resource will be treated as having a dependency on the previous resource in the list.Boolean value expected.Updates cause replacement.Defaults to
false
- resource_properties¶
- Properties to pass to each resource being created in the chain.Map value expected.Updates cause replacement.
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Heat::ResourceChain
properties:
concurrent: Boolean
resource_properties: {...}
resources: [Value, Value, ...]
OS::Heat::ResourceGroup¶
Available since 2014.1 (Icehouse)
Creates one or more identically configured nested resources.
In addition to the refs attribute, this resource implements synthetic attributes that mirror those of the resources in the group. When getting an attribute from this resource, however, a list of attribute values for each resource in the group is returned. To get attribute values for a single resource in the group, synthetic attributes of the form resource.{resource index}.{attribute name} can be used. The resource ID of a particular resource in the group can be obtained via the synthetic attribute resource.{resource index}. Note, that if you get attribute without {resource index}, e.g. [resource, {attribute_name}], you’ll get a list of this attribute’s value for all resources in group.
While each resource in the group will be identically configured, this resource does allow for some index-based customization of the properties of the resources in the group. For example:
resources:
my_indexed_group:
type: OS::Heat::ResourceGroup
properties:
count: 3
resource_def:
type: OS::Nova::Server
properties:
# create a unique name for each server
# using its index in the group
name: my_server_%index%
image: CentOS 6.5
flavor: 4GB Performance
would result in a group of three servers having the same image and flavor, but names of my_server_0, my_server_1, and my_server_2. The variable used for substitution can be customized by using the index_var property.
Required Properties¶
- resource_def¶
- Resource definition for the resources in the group. The value of this property is the definition of a resource just as if it had been declared in the template itself.Map value expected.Can be updated without replacement.Map properties:
- metadata¶
Available since 5.0.0 (Liberty)
Supplied metadata for the resources in the group.Map value expected.Can be updated without replacement.- properties¶
- Property values for the resources in the group.Map value expected.Can be updated without replacement.
- type¶
- Required.The type of the resources in the group.String value expected.Can be updated without replacement.
Optional Properties¶
- count¶
- The number of resources to create.Integer value expected.Can be updated without replacement.Defaults to
1
The value must be at least 0. - index_var¶
Available since 2014.2 (Juno)
A variable that this resource will use to replace with the current index of a given resource in the group. Can be used, for example, to customize the name property of grouped servers in order to differentiate them when listed with nova client.String value expected.Updates cause replacement.Defaults to"%index%"
The length must be at least 3.- removal_policies¶
Available since 2015.1 (Kilo)
Policies for removal of resources on update.List value expected.Can be updated without replacement.Defaults to[]
List contents:- Policy to be processed when doing an update which requires removal of specific resources.Map value expected.Can be updated without replacement.Map properties:
- resource_list¶
- List of resources to be removed when doing an update which requires removal of specific resources. The resource may be specified several ways: (1) The resource name, as in the nested stack, (2) The resource reference returned from get_resource in a template, as available via the ‘refs’ attribute. Note this is destructive on update when specified; even if the count is not being reduced, and once a resource name is removed, its name is never reused in subsequent updates.List value expected.Can be updated without replacement.Defaults to
[]
- removal_policies_mode¶
Available since 10.0.0 (Queens)
How to handle changes to removal_policies on update. The default “append” mode appends to the internal list, “update” replaces it on update.String value expected.Can be updated without replacement.Defaults to"append"
Allowed values: “append”, “update”
Attributes¶
- attributes¶
Available since 2014.2 (Juno)
A map of resource names to the specified attribute of each individual resource. Requires heat_template_version: 2014-10-16.
- refs¶
A list of resource IDs for the resources in the group.
- refs_map¶
Available since 7.0.0 (Newton)
A map of resource names to IDs for the resources in the group.
- removed_rsrc_list¶
Available since 7.0.0 (Newton)
A list of removed resource names.
- show¶
Detailed information about resource.
update_policy¶
- batch_create¶
Available since 5.0.0 (Liberty)
Map value expected.Updates cause replacement.Map properties:- max_batch_size¶
- Optional.The maximum number of resources to create at once.Integer value expected.Updates cause replacement.Defaults to
1
The value must be at least 1. - pause_time¶
- Optional.The number of seconds to wait between batches.Number value expected.Updates cause replacement.Defaults to
0
The value must be at least 0.
- rolling_update¶
Available since 5.0.0 (Liberty)
Map value expected.Updates cause replacement.Map properties:- max_batch_size¶
- Optional.The maximum number of resources to replace at once.Integer value expected.Updates cause replacement.Defaults to
1
The value must be at least 1. - min_in_service¶
- Optional.The minimum number of resources in service while rolling updates are being executed.Integer value expected.Updates cause replacement.Defaults to
0
The value must be at least 0. - pause_time¶
- Optional.The number of seconds to wait between batches of updates.Number value expected.Updates cause replacement.Defaults to
0
The value must be at least 0.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Heat::ResourceGroup
properties:
count: Integer
index_var: String
removal_policies: [{"resource_list": [Value, Value, ...]}, {"resource_list": [Value, Value, ...]}, ...]
removal_policies_mode: String
resource_def: {"type": String, "properties": {...}, "metadata": {...}}
OS::Heat::ScalingPolicy¶
A resource to manage scaling of OS::Heat::AutoScalingGroup.
Note while it may incidentally support AWS::AutoScaling::AutoScalingGroup for now, please don’t use it for that purpose and use AWS::AutoScaling::ScalingPolicy instead.
Resource to manage scaling for OS::Heat::AutoScalingGroup, i.e. define which metric should be scaled and scaling adjustment, set cooldown etc.
Required Properties¶
- adjustment_type¶
- Type of adjustment (absolute or percentage).String value expected.Can be updated without replacement.Allowed values: “change_in_capacity”, “exact_capacity”, “percent_change_in_capacity”
- auto_scaling_group_id¶
- AutoScaling group ID to apply policy to.String value expected.Updates cause replacement.
- scaling_adjustment¶
- Size of adjustment.Number value expected.Can be updated without replacement.
Optional Properties¶
- cooldown¶
- Cooldown period, in seconds.Number value expected.Can be updated without replacement.
- min_adjustment_step¶
- Minimum number of resources that are added or removed when the AutoScaling group scales up or down. This can be used only when specifying percent_change_in_capacity for the adjustment_type property.Integer value expected.Can be updated without replacement.The value must be at least 0.
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Heat::ScalingPolicy
properties:
adjustment_type: String
auto_scaling_group_id: String
cooldown: Number
min_adjustment_step: Integer
scaling_adjustment: Number
OS::Heat::SoftwareComponent¶
Available since 2014.2 (Juno)
A resource for describing and storing a software component.
This resource is similar to OS::Heat::SoftwareConfig. In contrast to SoftwareConfig which allows for storing only one configuration (e.g. one script), SoftwareComponent allows for storing multiple configurations to address handling of all lifecycle hooks (CREATE, UPDATE, SUSPEND, RESUME, DELETE) for a software component in one place.
This resource is backed by the persistence layer and the API of the SoftwareConfig resource, and only adds handling for the additional ‘configs’ property and attribute.
Required Properties¶
- configs¶
- The list of configurations for the different lifecycle actions of the represented software component.List value expected.Updates cause replacement.The length must be at least 1.List contents:
- Map value expected.Updates cause replacement.Map properties:
- actions¶
- Lifecycle actions to which the configuration applies. The string values provided for this property can include the standard resource actions CREATE, DELETE, UPDATE, SUSPEND and RESUME supported by Heat.List value expected.Updates cause replacement.Defaults to
["CREATE", "UPDATE"]
The length must be at least 1.List contents:- Optional.String value expected.Updates cause replacement.
- config¶
- Optional.Configuration script or manifest which specifies what actual configuration is performed.String value expected.Updates cause replacement.
- tool¶
- Required.The configuration tool used to actually apply the configuration on a server. This string property has to be understood by in-instance tools running inside deployed servers.String value expected.Updates cause replacement.
Optional Properties¶
- inputs¶
- Schema representing the inputs that this software config is expecting.List value expected.Updates cause replacement.List contents:
- Map value expected.Updates cause replacement.Map properties:
- default¶
- Optional.Default value for the input if none is specified.Any value expected.Updates cause replacement.
- description¶
- Optional.Description of the input.String value expected.Updates cause replacement.
- name¶
- Required.Name of the input.String value expected.Updates cause replacement.
- replace_on_change¶
- Optional.Replace the deployment instead of updating it when the input value changes.Boolean value expected.Updates cause replacement.Defaults to
false
- type¶
- Optional.Type of the value of the input.String value expected.Updates cause replacement.Defaults to
"String"
Allowed values: “String”, “Number”, “CommaDelimitedList”, “Json”, “Boolean”
- options¶
- Map containing options specific to the configuration management tool used by this resource.Map value expected.Updates cause replacement.
- outputs¶
- Schema representing the outputs that this software config will produce.List value expected.Updates cause replacement.List contents:
- Map value expected.Updates cause replacement.Map properties:
- description¶
- Optional.Description of the output.String value expected.Updates cause replacement.
- error_output¶
- Optional.Denotes that the deployment is in an error state if this output has a value.Boolean value expected.Updates cause replacement.Defaults to
false
- name¶
- Required.Name of the output.String value expected.Updates cause replacement.
- type¶
- Optional.Type of the value of the output.String value expected.Updates cause replacement.Defaults to
"String"
Allowed values: “String”, “Number”, “CommaDelimitedList”, “Json”, “Boolean”
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Heat::SoftwareComponent
properties:
configs: [{"actions": [String, String, ...], "config": String, "tool": String}, {"actions": [String, String, ...], "config": String, "tool": String}, ...]
inputs: [{"name": String, "description": String, "type": String, "default": Any, "replace_on_change": Boolean}, {"name": String, "description": String, "type": String, "default": Any, "replace_on_change": Boolean}, ...]
options: {...}
outputs: [{"name": String, "description": String, "type": String, "error_output": Boolean}, {"name": String, "description": String, "type": String, "error_output": Boolean}, ...]
OS::Heat::SoftwareConfig¶
Available since 2014.1 (Icehouse)
A resource for describing and storing software configuration.
The software_configs API which backs this resource creates immutable configs, so any change to the template resource definition will result in a new config being created, and the old one being deleted.
Configs can be defined in the same template which uses them, or they can be created in one stack, and passed to another stack via a parameter.
A config resource can be referenced in other resource properties which are config-aware. This includes the properties OS::Nova::Server user_data, OS::Heat::SoftwareDeployment config and OS::Heat::MultipartMime parts config.
Along with the config script itself, this resource can define schemas for inputs and outputs which the config script is expected to consume and produce. Inputs and outputs are optional and will map to concepts which are specific to the configuration tool being used.
Optional Properties¶
- config¶
- Configuration script or manifest which specifies what actual configuration is performed.String value expected.Updates cause replacement.
- group¶
- Namespace to group this software config by when delivered to a server. This may imply what configuration tool is going to perform the configuration.String value expected.Updates cause replacement.Defaults to
"Heat::Ungrouped"
- inputs¶
- Schema representing the inputs that this software config is expecting.List value expected.Updates cause replacement.List contents:
- Map value expected.Updates cause replacement.Map properties:
- default¶
- Optional.Default value for the input if none is specified.Any value expected.Updates cause replacement.
- description¶
- Optional.Description of the input.String value expected.Updates cause replacement.
- name¶
- Required.Name of the input.String value expected.Updates cause replacement.
- replace_on_change¶
- Optional.Replace the deployment instead of updating it when the input value changes.Boolean value expected.Updates cause replacement.Defaults to
false
- type¶
- Optional.Type of the value of the input.String value expected.Updates cause replacement.Defaults to
"String"
Allowed values: “String”, “Number”, “CommaDelimitedList”, “Json”, “Boolean”
- options¶
- Map containing options specific to the configuration management tool used by this resource.Map value expected.Updates cause replacement.
- outputs¶
- Schema representing the outputs that this software config will produce.List value expected.Updates cause replacement.List contents:
- Map value expected.Updates cause replacement.Map properties:
- description¶
- Optional.Description of the output.String value expected.Updates cause replacement.
- error_output¶
- Optional.Denotes that the deployment is in an error state if this output has a value.Boolean value expected.Updates cause replacement.Defaults to
false
- name¶
- Required.Name of the output.String value expected.Updates cause replacement.
- type¶
- Optional.Type of the value of the output.String value expected.Updates cause replacement.Defaults to
"String"
Allowed values: “String”, “Number”, “CommaDelimitedList”, “Json”, “Boolean”
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Heat::SoftwareConfig
properties:
config: String
group: String
inputs: [{"name": String, "description": String, "type": String, "default": Any, "replace_on_change": Boolean}, {"name": String, "description": String, "type": String, "default": Any, "replace_on_change": Boolean}, ...]
options: {...}
outputs: [{"name": String, "description": String, "type": String, "error_output": Boolean}, {"name": String, "description": String, "type": String, "error_output": Boolean}, ...]
OS::Heat::SoftwareDeployment¶
Available since 2014.1 (Icehouse)
This resource associates a server with some configuration.
The configuration is to be deployed to that server.
A deployment allows input values to be specified which map to the inputs schema defined in the config resource. These input values are interpreted by the configuration tool in a tool-specific manner.
Whenever this resource goes to an IN_PROGRESS state, it creates an
ephemeral config that includes the inputs values plus a number of extra
inputs which have names prefixed with deploy_
. The extra inputs relate
to the current state of the stack, along with the information and
credentials required to signal back the deployment results.
Unless signal_transport=NO_SIGNAL, this resource will remain in an IN_PROGRESS state until the server signals it with the output values for that deployment. Those output values are then available as resource attributes, along with the default attributes deploy_stdout, deploy_stderr and deploy_status_code.
Specifying actions other than the default CREATE and UPDATE will result in the deployment being triggered in those actions. For example this would allow cleanup configuration to be performed during actions SUSPEND and DELETE. A config could be designed to only work with some specific actions, or a config can read the value of the deploy_action input to allow conditional logic to perform different configuration for different actions.
Required Properties¶
- server¶
- ID of resource to apply configuration to. Normally this should be a Nova server ID.String value expected.Updates cause replacement.
Optional Properties¶
- actions¶
- Which lifecycle actions of the deployment resource will result in this deployment being triggered.List value expected.Can be updated without replacement.Defaults to
["CREATE", "UPDATE"]
Allowed values: “CREATE”, “UPDATE”, “DELETE”, “SUSPEND”, “RESUME” - config¶
- ID of software configuration resource to execute when applying to the server.String value expected.Can be updated without replacement.
- input_values¶
- Input values to apply to the software configuration on this server.Map value expected.Can be updated without replacement.
- name¶
- Name of the derived config associated with this deployment. This is used to apply a sort order to the list of configurations currently deployed to a server.String value expected.Can be updated without replacement.
- signal_transport¶
- How the server should signal to heat with the deployment output values. CFN_SIGNAL will allow an HTTP POST to a CFN keypair signed URL. TEMP_URL_SIGNAL will create a Swift TempURL to be signaled via HTTP PUT. HEAT_SIGNAL will allow calls to the Heat API resource-signal using the provided keystone credentials. ZAQAR_SIGNAL will create a dedicated zaqar queue to be signaled using the provided keystone credentials. NO_SIGNAL will result in the resource going to the COMPLETE state without waiting for any signal.String value expected.Updates cause replacement.Defaults to
"CFN_SIGNAL"
Allowed values: “CFN_SIGNAL”, “TEMP_URL_SIGNAL”, “HEAT_SIGNAL”, “NO_SIGNAL”, “ZAQAR_SIGNAL”
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Heat::SoftwareDeployment
properties:
actions: [Value, Value, ...]
config: String
input_values: {...}
name: String
server: String
signal_transport: String
OS::Heat::SoftwareDeploymentGroup¶
Available since 5.0.0 (Liberty)
This resource associates a group of servers with some configuration.
The configuration is to be deployed to all servers in the group.
The properties work in a similar way to OS::Heat::SoftwareDeployment, and in addition to the attributes documented, you may pass any attribute supported by OS::Heat::SoftwareDeployment, including those exposing arbitrary outputs, and return a map of deployment names to the specified attribute.
Required Properties¶
- servers¶
- A map of names and server IDs to apply configuration to. The name is arbitrary and is used as the Heat resource name for the corresponding deployment.Map value expected.Can be updated without replacement.
Optional Properties¶
- actions¶
- Which lifecycle actions of the deployment resource will result in this deployment being triggered.List value expected.Can be updated without replacement.Defaults to
["CREATE", "UPDATE"]
Allowed values: “CREATE”, “UPDATE”, “DELETE”, “SUSPEND”, “RESUME” - config¶
- ID of software configuration resource to execute when applying to the server.String value expected.Can be updated without replacement.
- input_values¶
- Input values to apply to the software configuration on this server.Map value expected.Can be updated without replacement.
- name¶
- Name of the derived config associated with this deployment. This is used to apply a sort order to the list of configurations currently deployed to a server.String value expected.Can be updated without replacement.
- signal_transport¶
- How the server should signal to heat with the deployment output values. CFN_SIGNAL will allow an HTTP POST to a CFN keypair signed URL. TEMP_URL_SIGNAL will create a Swift TempURL to be signaled via HTTP PUT. HEAT_SIGNAL will allow calls to the Heat API resource-signal using the provided keystone credentials. ZAQAR_SIGNAL will create a dedicated zaqar queue to be signaled using the provided keystone credentials. NO_SIGNAL will result in the resource going to the COMPLETE state without waiting for any signal.String value expected.Updates cause replacement.Defaults to
"CFN_SIGNAL"
Allowed values: “CFN_SIGNAL”, “TEMP_URL_SIGNAL”, “HEAT_SIGNAL”, “NO_SIGNAL”, “ZAQAR_SIGNAL”
Attributes¶
- deploy_status_codes¶
A map of Nova names and returned status code from the configuration execution.
- deploy_stderrs¶
A map of Nova names and captured stderrs from the configuration execution to each server.
- deploy_stdouts¶
A map of Nova names and captured stdouts from the configuration execution to each server.
- show¶
Detailed information about resource.
update_policy¶
- batch_create¶
Available since 7.0.0 (Newton)
Map value expected.Updates cause replacement.Map properties:- max_batch_size¶
- Optional.The maximum number of resources to create at once.Integer value expected.Updates cause replacement.Defaults to
1
The value must be at least 1. - pause_time¶
- Optional.The number of seconds to wait between batches.Number value expected.Updates cause replacement.Defaults to
0
The value must be at least 0.
- rolling_update¶
Available since 7.0.0 (Newton)
Map value expected.Updates cause replacement.Map properties:- max_batch_size¶
- Optional.The maximum number of deployments to replace at once.Integer value expected.Updates cause replacement.Defaults to
1
The value must be at least 1. - pause_time¶
- Optional.The number of seconds to wait between batches of updates.Number value expected.Updates cause replacement.Defaults to
0
The value must be at least 0.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Heat::SoftwareDeploymentGroup
properties:
actions: [Value, Value, ...]
config: String
input_values: {...}
name: String
servers: {...}
signal_transport: String
OS::Heat::Stack¶
A Resource representing a stack.
A resource that allowing for the creating stack, where should be defined stack template in HOT format, parameters (if template has any parameters with no default value), and timeout of creating. After creating current stack will have remote stack.
Required Properties¶
- template¶
- Template that specifies the stack to be created as a resource.String value expected.Can be updated without replacement.
Optional Properties¶
- context¶
- Context for this stack.Map value expected.Can be updated without replacement.Map properties:
- ca_cert¶
Available since 12.0.0 (Stein)
Optional.CA Cert for SSL.String value expected.Can be updated without replacement.- credential_secret_id¶
Available since 12.0.0 (Stein)
Optional.A Barbican secret ID. The Barbican secret should contain an OpenStack credential that can be used to access a remote cloud.String value expected.Can be updated without replacement.- insecure¶
Available since 12.0.0 (Stein)
Optional.If set, then the server’s certificate will not be verified.Boolean value expected.Can be updated without replacement.Defaults tofalse
- region_name¶
- Optional.Region name in which this stack will be created.String value expected.Can be updated without replacement.
- parameters¶
- Set of parameters passed to this stack.Map value expected.Can be updated without replacement.Defaults to
{}
- timeout¶
- Number of minutes to wait for this stack creation.Integer value expected.Can be updated without replacement.
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Heat::Stack
properties:
context: {"region_name": String, "credential_secret_id": String, "ca_cert": String, "insecure": Boolean}
parameters: {...}
template: String
timeout: Integer
OS::Heat::StructuredConfig¶
Available since 2014.1 (Icehouse)
A resource which has same logic with OS::Heat::SoftwareConfig.
This resource is like OS::Heat::SoftwareConfig except that the config property is represented by a Map rather than a String.
This is useful for configuration tools which use YAML or JSON as their configuration syntax. The resulting configuration is transferred, stored and returned by the software_configs API as parsed JSON.
Optional Properties¶
- config¶
- Map representing the configuration data structure which will be serialized to JSON format.Map value expected.Updates cause replacement.
- group¶
- Namespace to group this software config by when delivered to a server. This may imply what configuration tool is going to perform the configuration.String value expected.Updates cause replacement.Defaults to
"Heat::Ungrouped"
- inputs¶
- Schema representing the inputs that this software config is expecting.List value expected.Updates cause replacement.List contents:
- Map value expected.Updates cause replacement.Map properties:
- default¶
- Optional.Default value for the input if none is specified.Any value expected.Updates cause replacement.
- description¶
- Optional.Description of the input.String value expected.Updates cause replacement.
- name¶
- Required.Name of the input.String value expected.Updates cause replacement.
- replace_on_change¶
- Optional.Replace the deployment instead of updating it when the input value changes.Boolean value expected.Updates cause replacement.Defaults to
false
- type¶
- Optional.Type of the value of the input.String value expected.Updates cause replacement.Defaults to
"String"
Allowed values: “String”, “Number”, “CommaDelimitedList”, “Json”, “Boolean”
- options¶
- Map containing options specific to the configuration management tool used by this resource.Map value expected.Updates cause replacement.
- outputs¶
- Schema representing the outputs that this software config will produce.List value expected.Updates cause replacement.List contents:
- Map value expected.Updates cause replacement.Map properties:
- description¶
- Optional.Description of the output.String value expected.Updates cause replacement.
- error_output¶
- Optional.Denotes that the deployment is in an error state if this output has a value.Boolean value expected.Updates cause replacement.Defaults to
false
- name¶
- Required.Name of the output.String value expected.Updates cause replacement.
- type¶
- Optional.Type of the value of the output.String value expected.Updates cause replacement.Defaults to
"String"
Allowed values: “String”, “Number”, “CommaDelimitedList”, “Json”, “Boolean”
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Heat::StructuredConfig
properties:
config: {...}
group: String
inputs: [{"name": String, "description": String, "type": String, "default": Any, "replace_on_change": Boolean}, {"name": String, "description": String, "type": String, "default": Any, "replace_on_change": Boolean}, ...]
options: {...}
outputs: [{"name": String, "description": String, "type": String, "error_output": Boolean}, {"name": String, "description": String, "type": String, "error_output": Boolean}, ...]
OS::Heat::StructuredDeployment¶
Available since 2014.1 (Icehouse)
A resource which has same logic with OS::Heat::SoftwareDeployment.
A deployment resource like OS::Heat::SoftwareDeployment, but which performs input value substitution on the config defined by a OS::Heat::StructuredConfig resource.
Some configuration tools have no concept of inputs, so the input value substitution needs to occur in the deployment resource. An example of this is the JSON metadata consumed by the cfn-init tool.
Where the config contains {get_input: input_name} this will be substituted with the value of input_name in this resource’s input_values. If get_input needs to be passed through to the substituted configuration then a different input_key property value can be specified.
Required Properties¶
- server¶
- ID of resource to apply configuration to. Normally this should be a Nova server ID.String value expected.Updates cause replacement.
Optional Properties¶
- actions¶
- Which lifecycle actions of the deployment resource will result in this deployment being triggered.List value expected.Can be updated without replacement.Defaults to
["CREATE", "UPDATE"]
Allowed values: “CREATE”, “UPDATE”, “DELETE”, “SUSPEND”, “RESUME” - config¶
- ID of software configuration resource to execute when applying to the server.String value expected.Can be updated without replacement.
- input_key¶
- Name of key to use for substituting inputs during deployment.String value expected.Updates cause replacement.Defaults to
"get_input"
- input_values¶
- Input values to apply to the software configuration on this server.Map value expected.Can be updated without replacement.
- input_values_validate¶
- Perform a check on the input values passed to verify that each required input has a corresponding value. When the property is set to STRICT and no value is passed, an exception is raised.String value expected.Updates cause replacement.Defaults to
"LAX"
Allowed values: “LAX”, “STRICT” - name¶
- Name of the derived config associated with this deployment. This is used to apply a sort order to the list of configurations currently deployed to a server.String value expected.Can be updated without replacement.
- signal_transport¶
- How the server should signal to heat with the deployment output values. CFN_SIGNAL will allow an HTTP POST to a CFN keypair signed URL. TEMP_URL_SIGNAL will create a Swift TempURL to be signaled via HTTP PUT. HEAT_SIGNAL will allow calls to the Heat API resource-signal using the provided keystone credentials. ZAQAR_SIGNAL will create a dedicated zaqar queue to be signaled using the provided keystone credentials. NO_SIGNAL will result in the resource going to the COMPLETE state without waiting for any signal.String value expected.Updates cause replacement.Defaults to
"CFN_SIGNAL"
Allowed values: “CFN_SIGNAL”, “TEMP_URL_SIGNAL”, “HEAT_SIGNAL”, “NO_SIGNAL”, “ZAQAR_SIGNAL”
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Heat::StructuredDeployment
properties:
actions: [Value, Value, ...]
config: String
input_key: String
input_values: {...}
input_values_validate: String
name: String
server: String
signal_transport: String
OS::Heat::StructuredDeploymentGroup¶
Available since 5.0.0 (Liberty)
This resource associates a group of servers with some configuration.
This resource works similar as OS::Heat::SoftwareDeploymentGroup, but for structured resources.
Required Properties¶
- servers¶
- A map of names and server IDs to apply configuration to. The name is arbitrary and is used as the Heat resource name for the corresponding deployment.Map value expected.Can be updated without replacement.
Optional Properties¶
- actions¶
- Which lifecycle actions of the deployment resource will result in this deployment being triggered.List value expected.Can be updated without replacement.Defaults to
["CREATE", "UPDATE"]
Allowed values: “CREATE”, “UPDATE”, “DELETE”, “SUSPEND”, “RESUME” - config¶
- ID of software configuration resource to execute when applying to the server.String value expected.Can be updated without replacement.
- input_key¶
- Name of key to use for substituting inputs during deployment.String value expected.Updates cause replacement.Defaults to
"get_input"
- input_values¶
- Input values to apply to the software configuration on this server.Map value expected.Can be updated without replacement.
- input_values_validate¶
- Perform a check on the input values passed to verify that each required input has a corresponding value. When the property is set to STRICT and no value is passed, an exception is raised.String value expected.Updates cause replacement.Defaults to
"LAX"
Allowed values: “LAX”, “STRICT” - name¶
- Name of the derived config associated with this deployment. This is used to apply a sort order to the list of configurations currently deployed to a server.String value expected.Can be updated without replacement.
- signal_transport¶
- How the server should signal to heat with the deployment output values. CFN_SIGNAL will allow an HTTP POST to a CFN keypair signed URL. TEMP_URL_SIGNAL will create a Swift TempURL to be signaled via HTTP PUT. HEAT_SIGNAL will allow calls to the Heat API resource-signal using the provided keystone credentials. ZAQAR_SIGNAL will create a dedicated zaqar queue to be signaled using the provided keystone credentials. NO_SIGNAL will result in the resource going to the COMPLETE state without waiting for any signal.String value expected.Updates cause replacement.Defaults to
"CFN_SIGNAL"
Allowed values: “CFN_SIGNAL”, “TEMP_URL_SIGNAL”, “HEAT_SIGNAL”, “NO_SIGNAL”, “ZAQAR_SIGNAL”
Attributes¶
- deploy_status_codes¶
A map of Nova names and returned status code from the configuration execution.
- deploy_stderrs¶
A map of Nova names and captured stderrs from the configuration execution to each server.
- deploy_stdouts¶
A map of Nova names and captured stdouts from the configuration execution to each server.
- show¶
Detailed information about resource.
update_policy¶
- batch_create¶
Available since 7.0.0 (Newton)
Map value expected.Updates cause replacement.Map properties:- max_batch_size¶
- Optional.The maximum number of resources to create at once.Integer value expected.Updates cause replacement.Defaults to
1
The value must be at least 1. - pause_time¶
- Optional.The number of seconds to wait between batches.Number value expected.Updates cause replacement.Defaults to
0
The value must be at least 0.
- rolling_update¶
Available since 7.0.0 (Newton)
Map value expected.Updates cause replacement.Map properties:- max_batch_size¶
- Optional.The maximum number of deployments to replace at once.Integer value expected.Updates cause replacement.Defaults to
1
The value must be at least 1. - pause_time¶
- Optional.The number of seconds to wait between batches of updates.Number value expected.Updates cause replacement.Defaults to
0
The value must be at least 0.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Heat::StructuredDeploymentGroup
properties:
actions: [Value, Value, ...]
config: String
input_key: String
input_values: {...}
input_values_validate: String
name: String
servers: {...}
signal_transport: String
OS::Heat::SwiftSignal¶
Available since 2014.2 (Juno)
Resource for handling signals received by SwiftSignalHandle.
This resource handles signals received by SwiftSignalHandle and is same as WaitCondition resource.
Required Properties¶
- handle¶
- URL of TempURL where resource will signal completion and optionally upload data.String value expected.Updates cause replacement.
- timeout¶
- The maximum number of seconds to wait for the resource to signal completion. Once the timeout is reached, creation of the signal resource will fail.Number value expected.Updates cause replacement.The value must be in the range 1 to 43200.
Optional Properties¶
- count¶
- The number of success signals that must be received before the stack creation process continues.Integer value expected.Updates cause replacement.Defaults to
1
The value must be in the range 1 to 1000.
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Heat::SwiftSignal
properties:
count: Integer
handle: String
timeout: Number
OS::Heat::SwiftSignalHandle¶
Available since 2014.2 (Juno)
Resource for managing signals from Swift resources.
This resource is same as WaitConditionHandle, but designed for using by Swift resources.
Attributes¶
- curl_cli¶
Convenience attribute, provides curl CLI command prefix, which can be used for signalling handle completion or failure. You can signal success by adding –data-binary ‘{“status”: “SUCCESS”}’ , or signal failure by adding –data-binary ‘{“status”: “FAILURE”}’.
- endpoint¶
Endpoint/url which can be used for signalling handle.
- show¶
Detailed information about resource.
- token¶
Tokens are not needed for Swift TempURLs. This attribute is being kept for compatibility with the OS::Heat::WaitConditionHandle resource.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Heat::SwiftSignalHandle
OS::Heat::TestResource¶
Available since 5.0.0 (Liberty)
A resource which stores the string value that was provided.
This resource is to be used only for testing. It has control knobs such as ‘update_replace’, ‘fail’, ‘wait_secs’.
Optional Properties¶
- action_wait_secs¶
- Options for simulating waiting.Map value expected.Can be updated without replacement.Map properties:
- create¶
- Optional.Seconds to wait after a create. Defaults to the global wait_secs.Number value expected.Can be updated without replacement.
- delete¶
- Optional.Seconds to wait after a delete. Defaults to the global wait_secs.Number value expected.Can be updated without replacement.
- update¶
- Optional.Seconds to wait after an update. Defaults to the global wait_secs.Number value expected.Can be updated without replacement.
- attr_wait_secs¶
Available since 6.0.0 (Mitaka)
Number value for timeout during resolving output value.Number value expected.Can be updated without replacement.Defaults to0
- client_name¶
- Client to poll.String value expected.Can be updated without replacement.Defaults to
""
- constraint_prop_secs¶
Available since 6.0.0 (Mitaka)
Number value for delay during resolve constraint.Number value expected.Can be updated without replacement.Defaults to0
Value must be of type test_constr- entity_name¶
- Client entity to poll.String value expected.Can be updated without replacement.Defaults to
""
- fail¶
- Value which can be set to fail the resource operation to test failure scenarios.Boolean value expected.Can be updated without replacement.Defaults to
false
- update_replace¶
- Value which can be set to trigger update replace for the particular resource.Boolean value expected.Can be updated without replacement.Defaults to
false
- update_replace_value¶
Available since 7.0.0 (Newton)
Some value that can be stored but can not be updated.String value expected.Updates cause replacement.- value¶
- The input string to be stored.String value expected.Can be updated without replacement.Defaults to
"test_string"
- wait_secs¶
- Seconds to wait after an action (-1 is infinite).Number value expected.Can be updated without replacement.Defaults to
0
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Heat::TestResource
properties:
action_wait_secs: {"create": Number, "update": Number, "delete": Number}
attr_wait_secs: Number
client_name: String
constraint_prop_secs: Number
entity_name: String
fail: Boolean
update_replace: Boolean
update_replace_value: String
value: String
wait_secs: Number
OS::Heat::UpdateWaitConditionHandle¶
Available since 2014.1 (Icehouse)
WaitConditionHandle that clears signals and changes handle on update.
This works similarly to an AWS::CloudFormation::WaitConditionHandle, except that on update it clears all signals received and changes the handle. Using this handle means that you must setup the signal senders to send their signals again any time the update handle changes. This allows us to roll out new configurations and be confident that they are rolled out once UPDATE COMPLETE is reached.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Heat::UpdateWaitConditionHandle
OS::Heat::Value¶
Available since 7.0.0 (Newton)
A resource which exposes its value property as an attribute.
This is useful for exposing a value that is a simple manipulation of other template parameters and/or other resources.
Required Properties¶
- value¶
- The expression to generate the “value” attribute.Any value expected.Can be updated without replacement.
Optional Properties¶
- type¶
- The type of the “value” property.String value expected.Can be updated without replacement.Allowed values: “string”, “number”, “comma_delimited_list”, “json”, “boolean”
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Heat::Value
properties:
type: String
value: Any
OS::Heat::WaitCondition¶
Available since 2014.2 (Juno)
Resource for handling signals received by WaitConditionHandle.
Resource takes WaitConditionHandle and starts to create. Resource is in CREATE_IN_PROGRESS status until WaitConditionHandle doesn’t receive sufficient number of successful signals (this number can be specified with count property) and successfully creates after that, or fails due to timeout.
Required Properties¶
- handle¶
- A reference to the wait condition handle used to signal this wait condition.String value expected.Updates cause replacement.
- timeout¶
- The number of seconds to wait for the correct number of signals to arrive.Number value expected.Updates cause replacement.The value must be in the range 1 to 43200.
Optional Properties¶
- count¶
- The number of success signals that must be received before the stack creation process continues.Integer value expected.Can be updated without replacement.Defaults to
1
The value must be at least 1.
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Heat::WaitCondition
properties:
count: Integer
handle: String
timeout: Number
OS::Heat::WaitConditionHandle¶
Available since 2014.2 (Juno)
Resource for managing instance signals.
- The main points of this resource are:
have no dependencies (so the instance can reference it).
create credentials to allow for signalling from the instance.
handle signals from the instance, validate and store result.
Optional Properties¶
- signal_transport¶
Available since 6.0.0 (Mitaka)
How the client will signal the wait condition. CFN_SIGNAL will allow an HTTP POST to a CFN keypair signed URL. TEMP_URL_SIGNAL will create a Swift TempURL to be signalled via HTTP PUT. HEAT_SIGNAL will allow calls to the Heat API resource-signal using the provided keystone credentials. ZAQAR_SIGNAL will create a dedicated zaqar queue to be signalled using the provided keystone credentials. TOKEN_SIGNAL will allow and HTTP POST to a Heat API endpoint with the provided keystone token. NO_SIGNAL will result in the resource going to a signalled state without waiting for any signal.String value expected.Updates cause replacement.Defaults to"TOKEN_SIGNAL"
Allowed values: “CFN_SIGNAL”, “TEMP_URL_SIGNAL”, “HEAT_SIGNAL”, “NO_SIGNAL”, “ZAQAR_SIGNAL”, “TOKEN_SIGNAL”
Attributes¶
- curl_cli¶
Convenience attribute, provides curl CLI command prefix, which can be used for signalling handle completion or failure when signal_transport is set to TOKEN_SIGNAL. You can signal success by adding –data-binary ‘{“status”: “SUCCESS”}’ , or signal failure by adding –data-binary ‘{“status”: “FAILURE”}’. This attribute is set to None for all other signal transports.
- endpoint¶
Endpoint/url which can be used for signalling handle when signal_transport is set to TOKEN_SIGNAL. None for all other signal transports.
- show¶
Detailed information about resource.
- signal¶
JSON serialized map that includes the endpoint, token and/or other attributes the client must use for signalling this handle. The contents of this map depend on the type of signal selected in the signal_transport property.
- token¶
Token for stack-user which can be used for signalling handle when signal_transport is set to TOKEN_SIGNAL. None for all other signal transports.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Heat::WaitConditionHandle
properties:
signal_transport: String
OS::Ironic::Port¶
Available since 13.0.0 (Train)
A resource that creates a ironic port.
Node UUID and physical hardware address for the Port (MAC address in most cases) are needed (all Ports must be associated to a Node when created).
Required Properties¶
Optional Properties¶
- extra¶
- A set of one or more arbitrary metadata key and value pairs.Map value expected.Can be updated without replacement.
- is_smartnic¶
- Indicates whether the Port is a Smart NIC port.Boolean value expected.Can be updated without replacement.
- local_link_connection¶
- The Port binding profile. If specified, must contain switch_id (only a MAC address or an OpenFlow based datapath_id of the switch are accepted in this field) and port_id (identifier of the physical port on the switch to which node’s port is connected to) fields. switch_info is an optional string field to be used to store any vendor-specific information.Map value expected.Can be updated without replacement.
- physical_network¶
- The name of the physical network to which a port is connected. May be empty.String value expected.Can be updated without replacement.
- portgroup¶
- UUID or name of the Portgroup this resource belongs to.String value expected.Can be updated without replacement.Value must be of type ironic.portgroup
- pxe_enabled¶
- Indicates whether PXE is enabled or disabled on the Port.Boolean value expected.Can be updated without replacement.
Attributes¶
- address¶
Physical hardware address of this network Port, typically the hardware MAC address.
- extra¶
A set of one or more arbitrary metadata key and value pairs.
- internal_info¶
Internal metadata set and stored by the Port. This field is read-only.
- is_smartnic¶
Indicates whether the Port is a Smart NIC port.
- local_link_connection¶
The Port binding profile. If specified, must contain switch_id (only a MAC address or an OpenFlow based datapath_id of the switch are accepted in this field) and port_id (identifier of the physical port on the switch to which node’s port is connected to) fields. switch_info is an optional string field to be used to store any vendor-specific information.
- node_uuid¶
UUID of the Node this resource belongs to.
- physical_network¶
The name of the physical network to which a port is connected. May be empty.
- portgroup_uuid¶
UUID of the Portgroup this resource belongs to.
- pxe_enabled¶
Indicates whether PXE is enabled or disabled on the Port.
- show¶
Detailed information about resource.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Ironic::Port
properties:
address: String
extra: {...}
is_smartnic: Boolean
local_link_connection: {...}
node: String
physical_network: String
portgroup: String
pxe_enabled: Boolean
OS::Keystone::Domain¶
Available since 8.0.0 (Ocata) - Supported versions: keystone v3
Heat Template Resource for Keystone Domain.
This plug-in helps to create, update and delete a keystone domain. Also it can be used for enable or disable a given keystone domain.
Optional Properties¶
- description¶
- Description of keystone domain.String value expected.Can be updated without replacement.
- enabled¶
- This domain is enabled or disabled.Boolean value expected.Can be updated without replacement.Defaults to
true
- name¶
- The name of the domain.String value expected.Can be updated without replacement.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Keystone::Domain
properties:
description: String
enabled: Boolean
name: String
OS::Keystone::Endpoint¶
Available since 5.0.0 (Liberty) - Supported versions: keystone v3
Heat Template Resource for Keystone Service Endpoint.
Keystone endpoint is just the URL that can be used for accessing a service within OpenStack. Endpoint can be accessed by admin, by services or public, i.e. everyone can use this endpoint.
Required Properties¶
- interface¶
- Interface type of keystone service endpoint.String value expected.Can be updated without replacement.Allowed values: “public”, “internal”, “admin”
- service¶
- Name or Id of keystone service.String value expected.Can be updated without replacement.Value must be of type keystone.service
- url¶
- URL of keystone service endpoint.String value expected.Can be updated without replacement.
Optional Properties¶
- enabled¶
Available since 6.0.0 (Mitaka)
This endpoint is enabled or disabled.Boolean value expected.Can be updated without replacement.Defaults totrue
- name¶
- Name of keystone endpoint.String value expected.Can be updated without replacement.
- region¶
- Name or Id of keystone region.String value expected.Can be updated without replacement.Value must be of type keystone.region
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Keystone::Endpoint
properties:
enabled: Boolean
interface: String
name: String
region: String
service: String
url: String
OS::Keystone::Group¶
Available since 2015.1 (Kilo) - Supported versions: keystone v3
Heat Template Resource for Keystone Group.
Groups are a container representing a collection of users. A group itself must be owned by a specific domain, and hence all group names are not globally unique, but only unique to their domain.
Optional Properties¶
- description¶
- Description of keystone group.String value expected.Can be updated without replacement.Defaults to
""
- domain¶
- Name or id of keystone domain.String value expected.Can be updated without replacement.Defaults to
"default"
Value must be of type keystone.domain - name¶
- Name of keystone group.String value expected.Can be updated without replacement.
- roles¶
- List of role assignments.List value expected.Can be updated without replacement.List contents:
- Map between role with either project or domain.Map value expected.Can be updated without replacement.Map properties:
- domain¶
- Optional.Keystone domain.String value expected.Can be updated without replacement.Value must be of type keystone.domain
- project¶
- Optional.Keystone project.String value expected.Can be updated without replacement.Value must be of type keystone.project
- role¶
- Required.Keystone role.String value expected.Can be updated without replacement.Value must be of type keystone.role
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Keystone::Group
properties:
description: String
domain: String
name: String
roles: [{"role": String, "project": String, "domain": String}, {"role": String, "project": String, "domain": String}, ...]
OS::Keystone::GroupRoleAssignment¶
Available since 5.0.0 (Liberty) - Supported versions: keystone v3
Resource for granting roles to a group.
Resource for specifying groups and their’s roles.
Required Properties¶
- group¶
- Name or id of keystone group.String value expected.Can be updated without replacement.Value must be of type keystone.group
Optional Properties¶
- roles¶
- List of role assignments.List value expected.Can be updated without replacement.List contents:
- Map between role with either project or domain.Map value expected.Can be updated without replacement.Map properties:
- domain¶
- Optional.Keystone domain.String value expected.Can be updated without replacement.Value must be of type keystone.domain
- project¶
- Optional.Keystone project.String value expected.Can be updated without replacement.Value must be of type keystone.project
- role¶
- Required.Keystone role.String value expected.Can be updated without replacement.Value must be of type keystone.role
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Keystone::GroupRoleAssignment
properties:
group: String
roles: [{"role": String, "project": String, "domain": String}, {"role": String, "project": String, "domain": String}, ...]
OS::Keystone::Project¶
Available since 2015.1 (Kilo) - Supported versions: keystone v3
Heat Template Resource for Keystone Project.
Projects represent the base unit of ownership in OpenStack, in that all resources in OpenStack should be owned by a specific project. A project itself must be owned by a specific domain, and hence all project names are not globally unique, but unique to their domain. If the domain for a project is not specified, then it is added to the default domain.
Optional Properties¶
- description¶
- Description of keystone project.String value expected.Can be updated without replacement.Defaults to
""
- domain¶
- Name or id of keystone domain.String value expected.Can be updated without replacement.Defaults to
"default"
Value must be of type keystone.domain - enabled¶
- This project is enabled or disabled.Boolean value expected.Can be updated without replacement.Defaults to
true
- name¶
- Name of keystone project.String value expected.Can be updated without replacement.
- parent¶
Available since 6.0.0 (Mitaka)
The name or ID of parent of this keystone project in hierarchy.String value expected.Updates cause replacement.Value must be of type keystone.project- tags¶
Available since 10.0.0 (Queens)
A list of tags for labeling and sorting projects.List value expected.Can be updated without replacement.Defaults to[]
Attributes¶
- domain_id¶
Available since 10.0.0 (Queens)
Domain id for project.
- enabled¶
Available since 10.0.0 (Queens)
Flag of enable project.
- is_domain¶
Available since 10.0.0 (Queens)
Indicates whether the project also acts as a domain.
- name¶
Available since 10.0.0 (Queens)
Project name.
- parent_id¶
Available since 10.0.0 (Queens)
Parent project id.
- show¶
Detailed information about resource.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Keystone::Project
properties:
description: String
domain: String
enabled: Boolean
name: String
parent: String
tags: [Value, Value, ...]
OS::Keystone::Region¶
Available since 6.0.0 (Mitaka) - Supported versions: keystone v3
Heat Template Resource for Keystone Region.
This plug-in helps to create, update and delete a keystone region. Also it can be used for enable or disable a given keystone region.
Optional Properties¶
- description¶
- Description of keystone region.String value expected.Can be updated without replacement.
- enabled¶
- This region is enabled or disabled.Boolean value expected.Can be updated without replacement.Defaults to
true
- id¶
- The user-defined region ID and should unique to the OpenStack deployment. While creating the region, heat will url encode this ID.String value expected.Updates cause replacement.
- parent_region¶
- If the region is hierarchically a child of another region, set this parameter to the ID of the parent region.String value expected.Can be updated without replacement.Value must be of type keystone.region
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Keystone::Region
properties:
description: String
enabled: Boolean
id: String
parent_region: String
OS::Keystone::Role¶
Available since 2015.1 (Kilo) - Supported versions: keystone v3
Heat Template Resource for Keystone Role.
Roles dictate the level of authorization the end user can obtain. Roles can be granted at either the domain or project level. Role can be assigned to the individual user or at the group level. Role name is unique within the owning domain.
Optional Properties¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Keystone::Role
properties:
domain: String
name: String
OS::Keystone::Service¶
Available since 5.0.0 (Liberty) - Supported versions: keystone v3
Heat Template Resource for Keystone Service.
A resource that allows to create new service and manage it by Keystone.
Required Properties¶
- type¶
- Type of keystone Service.String value expected.Can be updated without replacement.
Optional Properties¶
- description¶
- Description of keystone service.String value expected.Can be updated without replacement.
- enabled¶
Available since 6.0.0 (Mitaka)
This service is enabled or disabled.Boolean value expected.Can be updated without replacement.Defaults totrue
- name¶
- Name of keystone service.String value expected.Can be updated without replacement.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Keystone::Service
properties:
description: String
enabled: Boolean
name: String
type: String
OS::Keystone::User¶
Available since 2015.1 (Kilo) - Supported versions: keystone v3
Heat Template Resource for Keystone User.
Users represent an individual API consumer. A user itself must be owned by a specific domain, and hence all user names are not globally unique, but only unique to their domain.
Optional Properties¶
- default_project¶
- Name or ID of default project of keystone user.String value expected.Can be updated without replacement.Value must be of type keystone.project
- description¶
- Description of keystone user.String value expected.Can be updated without replacement.Defaults to
""
- domain¶
- Name or ID of keystone domain.String value expected.Can be updated without replacement.Defaults to
"default"
Value must be of type keystone.domain - email¶
- Email address of keystone user.String value expected.Can be updated without replacement.
- enabled¶
- Keystone user is enabled or disabled.Boolean value expected.Can be updated without replacement.Defaults to
true
- groups¶
- Keystone user groups.List value expected.Can be updated without replacement.List contents:
- Optional.Keystone user group.String value expected.Can be updated without replacement.Value must be of type keystone.group
- name¶
- Name of keystone user.String value expected.Can be updated without replacement.
- password¶
- Password of keystone user.String value expected.Can be updated without replacement.
- roles¶
- List of role assignments.List value expected.Can be updated without replacement.List contents:
- Map between role with either project or domain.Map value expected.Can be updated without replacement.Map properties:
- domain¶
- Optional.Keystone domain.String value expected.Can be updated without replacement.Value must be of type keystone.domain
- project¶
- Optional.Keystone project.String value expected.Can be updated without replacement.Value must be of type keystone.project
- role¶
- Required.Keystone role.String value expected.Can be updated without replacement.Value must be of type keystone.role
Attributes¶
- default_project_id¶
Available since 9.0.0 (Pike)
Default project id for user.
- domain_id¶
Available since 9.0.0 (Pike)
Domain id for user.
- enabled¶
Available since 9.0.0 (Pike)
Flag of enable user.
- name¶
Available since 9.0.0 (Pike)
User name.
- password_expires_at¶
Available since 9.0.0 (Pike)
Show user password expiration time.
- show¶
Detailed information about resource.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Keystone::User
properties:
default_project: String
description: String
domain: String
email: String
enabled: Boolean
groups: [String, String, ...]
name: String
password: String
roles: [{"role": String, "project": String, "domain": String}, {"role": String, "project": String, "domain": String}, ...]
OS::Keystone::UserRoleAssignment¶
Available since 5.0.0 (Liberty) - Supported versions: keystone v3
Resource for granting roles to a user.
Resource for specifying users and their’s roles.
Required Properties¶
- user¶
- Name or id of keystone user.String value expected.Can be updated without replacement.Value must be of type keystone.user
Optional Properties¶
- roles¶
- List of role assignments.List value expected.Can be updated without replacement.List contents:
- Map between role with either project or domain.Map value expected.Can be updated without replacement.Map properties:
- domain¶
- Optional.Keystone domain.String value expected.Can be updated without replacement.Value must be of type keystone.domain
- project¶
- Optional.Keystone project.String value expected.Can be updated without replacement.Value must be of type keystone.project
- role¶
- Required.Keystone role.String value expected.Can be updated without replacement.Value must be of type keystone.role
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Keystone::UserRoleAssignment
properties:
roles: [{"role": String, "project": String, "domain": String}, {"role": String, "project": String, "domain": String}, ...]
user: String
OS::Magnum::Cluster¶
Available since 9.0.0 (Pike)
A resource that creates a magnum cluster.
This resource creates a magnum cluster, which is a collection of node objects where work is scheduled.
Required Properties¶
- cluster_template¶
- The name or ID of the cluster template.String value expected.Updates cause replacement.Value must be of type magnum.cluster_template
Optional Properties¶
- create_timeout¶
- Timeout for creating the cluster in minutes. Set to 0 for no timeout.Integer value expected.Can be updated without replacement.Defaults to
60
The value must be at least 0. - discovery_url¶
- Specifies a custom discovery url for node discovery.String value expected.Can be updated without replacement.
- keypair¶
- The name of the keypair. If not presented, use keypair in cluster template.String value expected.Updates cause replacement.Value must be of type nova.keypair
- master_count¶
- The number of master nodes for this cluster.Integer value expected.Can be updated without replacement.Defaults to
1
The value must be at least 1. - name¶
- The cluster name.String value expected.Updates cause replacement.
- node_count¶
- The node count for this cluster.Integer value expected.Can be updated without replacement.Defaults to
1
The value must be at least 1.
Attributes¶
- api_address¶
The endpoint URL of COE API exposed to end-users.
- cluster_template_id¶
The UUID of the cluster template.
- coe_version¶
Version info of chosen COE in cluster for helping client in picking the right version of client.
- container_version¶
Version info of constainer engine in the chosen COE in cluster for helping client in picking the right version of client.
- create_timeout¶
The timeout for cluster creation in minutes.
- discovery_url¶
The custom discovery url for node discovery.
- keypair¶
The name of the keypair.
- master_addresses¶
List of floating IP of all master nodes.
- master_count¶
The number of servers that will serve as master for the cluster.
- name¶
Name of the resource.
- node_addresses¶
List of floating IP of all servers that serve as node.
- node_count¶
The number of servers that will serve as node in the cluster.
- show¶
Detailed information about resource.
- stack_id¶
The reference UUID of orchestration stack for this COE cluster.
- status¶
The status for this COE cluster.
- status_reason¶
The reason of cluster current status.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Magnum::Cluster
properties:
cluster_template: String
create_timeout: Integer
discovery_url: String
keypair: String
master_count: Integer
name: String
node_count: Integer
OS::Magnum::ClusterTemplate¶
Available since 9.0.0 (Pike)
A resource for the ClusterTemplate in Magnum.
ClusterTemplate is an object that stores template information about the cluster which is used to create new clusters consistently.
Required Properties¶
- coe¶
- The Container Orchestration Engine for cluster.String value expected.Updates cause replacement.Allowed values: “kubernetes”, “swarm”, “mesos”
- external_network¶
- The external neutron network name or UUID to attach the Cluster.String value expected.Updates cause replacement.Value must be of type neutron.network
- image¶
- The image name or UUID to use as a base image for cluster.String value expected.Updates cause replacement.Value must be of type glance.image
Optional Properties¶
- dns_nameserver¶
- The DNS nameserver address.String value expected.Updates cause replacement.Value must be of type ip_addr
- docker_storage_driver¶
- Select a docker storage driver.String value expected.Updates cause replacement.Defaults to
"devicemapper"
Allowed values: “devicemapper”, “overlay” - docker_volume_size¶
- The size in GB of the docker volume.Integer value expected.Updates cause replacement.The value must be at least 1.
- fixed_network¶
- The fixed neutron network name or UUID to attach the Cluster.String value expected.Updates cause replacement.Value must be of type neutron.network
- fixed_subnet¶
- The fixed neutron subnet name or UUID to attach the Cluster.String value expected.Updates cause replacement.Value must be of type neutron.subnet
- flavor¶
- The nova flavor name or UUID to use when launching the cluster.String value expected.Updates cause replacement.Value must be of type nova.flavor
- floating_ip_enabled¶
- Indicates whether created clusters should have a floating ip or not.Boolean value expected.Updates cause replacement.Defaults to
true
- http_proxy¶
- The http_proxy address to use for nodes in cluster.String value expected.Updates cause replacement.
- https_proxy¶
- The https_proxy address to use for nodes in cluster.String value expected.Updates cause replacement.
- keypair¶
- The name of the SSH keypair to load into the cluster nodes.String value expected.Updates cause replacement.Value must be of type nova.keypair
- labels¶
- Arbitrary labels in the form of key=value pairs to associate with cluster.Map value expected.Updates cause replacement.
- master_flavor¶
- The nova flavor name or UUID to use when launching the master node of the cluster.String value expected.Updates cause replacement.Value must be of type nova.flavor
- master_lb_enabled¶
- Indicates whether created clusters should have a load balancer for master nodes or not.Boolean value expected.Updates cause replacement.Defaults to
true
- name¶
- The cluster template name.String value expected.Updates cause replacement.
- network_driver¶
- The name of the driver used for instantiating container networks. By default, Magnum will choose the pre-configured network driver based on COE type.String value expected.Updates cause replacement.
- no_proxy¶
- A comma separated list of addresses for which proxies should not be used in the cluster.String value expected.Updates cause replacement.
- public¶
- Make the cluster template public. To enable this option, you must own the right to publish in magnum. Which default set to admin only.Boolean value expected.Can be updated without replacement.Defaults to
false
- registry_enabled¶
- Enable the docker registry in the cluster.Boolean value expected.Updates cause replacement.Defaults to
false
- server_type¶
- Specify the server type to be used.String value expected.Updates cause replacement.Defaults to
"vm"
Allowed values: “vm”, “bm” - tls_disabled¶
- Disable TLS in the cluster.Boolean value expected.Updates cause replacement.Defaults to
false
- volume_driver¶
- The volume driver name for instantiating container volume.String value expected.Updates cause replacement.Allowed values: “cinder”, “rexray”
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Magnum::ClusterTemplate
properties:
coe: String
dns_nameserver: String
docker_storage_driver: String
docker_volume_size: Integer
external_network: String
fixed_network: String
fixed_subnet: String
flavor: String
floating_ip_enabled: Boolean
http_proxy: String
https_proxy: String
image: String
keypair: String
labels: {...}
master_flavor: String
master_lb_enabled: Boolean
name: String
network_driver: String
no_proxy: String
public: Boolean
registry_enabled: Boolean
server_type: String
tls_disabled: Boolean
volume_driver: String
OS::Manila::SecurityService¶
Available since 5.0.0 (Liberty)
A resource that implements security service of Manila.
A security_service is a set of options that defines a security domain for a particular shared filesystem protocol, such as an Active Directory domain or a Kerberos domain.
Required Properties¶
- type¶
- Security service type.String value expected.Updates cause replacement.Allowed values: “ldap”, “kerberos”, “active_directory”
Optional Properties¶
- description¶
- Security service description.String value expected.Can be updated without replacement.
- dns_ip¶
- DNS IP address used inside tenant’s network.String value expected.Can be updated without replacement.
- domain¶
- Security service domain.String value expected.Can be updated without replacement.
- name¶
- Security service name.String value expected.Can be updated without replacement.
- password¶
- Password used by user.String value expected.Can be updated without replacement.
- server¶
- Security service IP address or hostname.String value expected.Can be updated without replacement.
- user¶
- Security service user or group used by tenant.String value expected.Can be updated without replacement.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Manila::SecurityService
properties:
description: String
dns_ip: String
domain: String
name: String
password: String
server: String
type: String
user: String
OS::Mistral::CronTrigger¶
Available since 5.0.0 (Liberty)
A resource implements Mistral cron trigger.
Cron trigger is an object allowing to run workflow on a schedule. User specifies what workflow with what input needs to be run and also specifies how often it should be run. Pattern property is used to describe the frequency of workflow execution.
Required Properties¶
- workflow¶
- Workflow to execute.Map value expected.Updates cause replacement.Map properties:
Optional Properties¶
- count¶
- Remaining executions.Integer value expected.Updates cause replacement.
- first_time¶
- Time of the first execution in format “YYYY-MM-DD HH:MM”.String value expected.Updates cause replacement.
- name¶
- Name of the cron trigger.String value expected.Updates cause replacement.
- pattern¶
- Cron expression.String value expected.Updates cause replacement.Value must be of type cron_expression
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Mistral::CronTrigger
properties:
count: Integer
first_time: String
name: String
pattern: String
workflow: {"name": String, "input": {...}}
OS::Mistral::ExternalResource¶
Available since 9.0.0 (Pike)
A plugin for managing user-defined resources via Mistral workflows.
This resource allows users to manage resources that are not known to Heat. The user may specify a Mistral workflow to handle each resource action, such as CREATE, UPDATE, or DELETE.
The workflows may return an output named ‘resource_id’, which will be treated as the physical ID of the resource by Heat.
Once the resource is created, subsequent workflow runs will receive the
output of the last workflow execution in the ‘heat_extresource_data’ key
in the workflow environment (accessible as env().heat_extresource_data
in the workflow).
The template author may specify a subset of inputs as causing replacement of the resource when they change, as an alternative to running the UPDATE workflow.
Required Properties¶
- actions¶
- Resource action which triggers a workflow execution.Map value expected.Updates cause replacement.Map properties:
- CREATE¶
- Dictionary which defines the workflow to run and its params.Map value expected.Updates cause replacement.Map properties:
- params¶
- Workflow additional parameters. If workflow is reverse typed, params requires “task_name”, which defines initial task.Map value expected.Updates cause replacement.Defaults to
{}
- workflow¶
- Required.Workflow to execute.String value expected.Updates cause replacement.Value must be of type mistral.workflow
- DELETE¶
- Dictionary which defines the workflow to run and its params.Map value expected.Updates cause replacement.Map properties:
- params¶
- Workflow additional parameters. If workflow is reverse typed, params requires “task_name”, which defines initial task.Map value expected.Updates cause replacement.Defaults to
{}
- workflow¶
- Required.Workflow to execute.String value expected.Updates cause replacement.Value must be of type mistral.workflow
- RESUME¶
- Dictionary which defines the workflow to run and its params.Map value expected.Updates cause replacement.Map properties:
- params¶
- Workflow additional parameters. If workflow is reverse typed, params requires “task_name”, which defines initial task.Map value expected.Updates cause replacement.Defaults to
{}
- workflow¶
- Required.Workflow to execute.String value expected.Updates cause replacement.Value must be of type mistral.workflow
- SUSPEND¶
- Dictionary which defines the workflow to run and its params.Map value expected.Updates cause replacement.Map properties:
- params¶
- Workflow additional parameters. If workflow is reverse typed, params requires “task_name”, which defines initial task.Map value expected.Updates cause replacement.Defaults to
{}
- workflow¶
- Required.Workflow to execute.String value expected.Updates cause replacement.Value must be of type mistral.workflow
- UPDATE¶
- Dictionary which defines the workflow to run and its params.Map value expected.Updates cause replacement.Map properties:
- params¶
- Workflow additional parameters. If workflow is reverse typed, params requires “task_name”, which defines initial task.Map value expected.Updates cause replacement.Defaults to
{}
- workflow¶
- Required.Workflow to execute.String value expected.Updates cause replacement.Value must be of type mistral.workflow
Optional Properties¶
- always_update¶
- Triggers UPDATE action execution even if input is unchanged.Boolean value expected.Updates cause replacement.Defaults to
false
- description¶
- Workflow execution description.String value expected.Updates cause replacement.Defaults to
"Heat managed"
- input¶
- Dictionary which contains input for the workflows.Map value expected.Can be updated without replacement.Defaults to
{}
- replace_on_change_inputs¶
- A list of inputs that should cause the resource to be replaced when their values change.List value expected.Updates cause replacement.Defaults to
[]
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Mistral::ExternalResource
properties:
actions: {"CREATE": {"workflow": String, "params": {...}}, "UPDATE": {"workflow": String, "params": {...}}, "SUSPEND": {"workflow": String, "params": {...}}, "RESUME": {"workflow": String, "params": {...}}, "DELETE": {"workflow": String, "params": {...}}}
always_update: Boolean
description: String
input: {...}
replace_on_change_inputs: [Value, Value, ...]
OS::Mistral::Workflow¶
Available since 2015.1 (Kilo)
A resource that implements Mistral workflow.
Workflow represents a process that can be described in a various number of ways and that can do some job interesting to the end user. Each workflow consists of tasks (at least one) describing what exact steps should be made during workflow execution.
For detailed description how to use Workflow, read Mistral documentation.
Required Properties¶
- tasks¶
- Dictionary containing workflow tasks.List value expected.Can be updated without replacement.The length must be at least 1.List contents:
- Map value expected.Can be updated without replacement.Map properties:
- action¶
- Optional.Name of the action associated with the task. Either action or workflow may be defined in the task.String value expected.Can be updated without replacement.
- concurrency¶
Available since 8.0.0 (Ocata)
Optional.Defines a max number of actions running simultaneously in a task. Applicable only for tasks that have with-items.Integer value expected.Can be updated without replacement.- description¶
- Optional.Task description.String value expected.Can be updated without replacement.
- input¶
- Actual input parameter values of the task.Map value expected.Can be updated without replacement.
- join¶
Available since 6.0.0 (Mitaka)
Optional.Allows to synchronize multiple parallel workflow branches and aggregate their data. Valid inputs: all - the task will run only if all upstream tasks are completed. Any numeric value - then the task will run once at least this number of upstream tasks are completed and corresponding conditions have triggered.String value expected.Can be updated without replacement.- keep_result¶
Available since 5.0.0 (Liberty)
Optional.Allowing not to store action results after task completion.Boolean value expected.Can be updated without replacement.- name¶
- Required.Task name.String value expected.Can be updated without replacement.
- on_complete¶
- List of tasks which will run after the task has completed regardless of whether it is successful or not.List value expected.Can be updated without replacement.
- on_error¶
- List of tasks which will run after the task has completed with an error.List value expected.Can be updated without replacement.
- on_success¶
- List of tasks which will run after the task has completed successfully.List value expected.Can be updated without replacement.
- pause_before¶
Available since 5.0.0 (Liberty)
Optional.Defines whether Mistral Engine should put the workflow on hold or not before starting a task.Boolean value expected.Can be updated without replacement.- publish¶
- Dictionary of variables to publish to the workflow context.Map value expected.Can be updated without replacement.
- requires¶
- List of tasks which should be executed before this task. Used only in reverse workflows.List value expected.Can be updated without replacement.
- retry¶
Available since 5.0.0 (Liberty)
Defines a pattern how task should be repeated in case of an error.Map value expected.Can be updated without replacement.- target¶
Available since 5.0.0 (Liberty)
Optional.It defines an executor to which task action should be sent to.String value expected.Can be updated without replacement.- timeout¶
Available since 5.0.0 (Liberty)
Optional.Defines a period of time in seconds after which a task will be failed automatically by engine if hasn’t completed.Integer value expected.Can be updated without replacement.- wait_after¶
Available since 5.0.0 (Liberty)
Optional.Defines a delay in seconds that Mistral Engine should wait after a task has completed before starting next tasks defined in on-success, on-error or on-complete.Integer value expected.Can be updated without replacement.- wait_before¶
Available since 5.0.0 (Liberty)
Optional.Defines a delay in seconds that Mistral Engine should wait before starting a task.Integer value expected.Can be updated without replacement.- with_items¶
Available since 5.0.0 (Liberty)
Optional.If configured, it allows to run action or workflow associated with a task multiple times on a provided list of items.String value expected.Can be updated without replacement.- workflow¶
- Optional.Name of the workflow associated with the task. Can be defined by intrinsic function get_resource or by name of the referenced workflow, i.e. { workflow: wf_name } or { workflow: { get_resource: wf_name }}. Either action or workflow may be defined in the task.String value expected.Can be updated without replacement.Value must be of type mistral.workflow
- type¶
- Workflow type.String value expected.Can be updated without replacement.Allowed values: “direct”, “reverse”
Optional Properties¶
- description¶
- Workflow description.String value expected.Can be updated without replacement.
- input¶
- Dictionary which contains input for workflow.Map value expected.Can be updated without replacement.
- name¶
- Workflow name.String value expected.Updates cause replacement.
- output¶
- Any data structure arbitrarily containing YAQL expressions that defines workflow output. May be nested.Map value expected.Can be updated without replacement.
- params¶
- Workflow additional parameters. If Workflow is reverse typed, params requires ‘task_name’, which defines initial task.Map value expected.Can be updated without replacement.
- tags¶
Available since 10.0.0 (Queens)
List of tags to set on the workflow.List value expected.Can be updated without replacement.- task_defaults¶
Available since 5.0.0 (Liberty)
Default settings for some of task attributes defined at workflow level.Map value expected.Can be updated without replacement.Map properties:- concurrency¶
Available since 8.0.0 (Ocata)
Optional.Defines a max number of actions running simultaneously in a task. Applicable only for tasks that have with-items.Integer value expected.Can be updated without replacement.- on_complete¶
- List of tasks which will run after the task has completed regardless of whether it is successful or not.List value expected.Can be updated without replacement.
- on_error¶
- List of tasks which will run after the task has completed with an error.List value expected.Can be updated without replacement.
- on_success¶
- List of tasks which will run after the task has completed successfully.List value expected.Can be updated without replacement.
- pause_before¶
- Optional.Defines whether Mistral Engine should put the workflow on hold or not before starting a task.Boolean value expected.Can be updated without replacement.
- requires¶
- List of tasks which should be executed before this task. Used only in reverse workflows.List value expected.Can be updated without replacement.
- retry¶
- Defines a pattern how task should be repeated in case of an error.Map value expected.Can be updated without replacement.
- timeout¶
- Optional.Defines a period of time in seconds after which a task will be failed automatically by engine if hasn’t completed.Integer value expected.Can be updated without replacement.
- wait_after¶
- Optional.Defines a delay in seconds that Mistral Engine should wait after a task has completed before starting next tasks defined in on-success, on-error or on-complete.Integer value expected.Can be updated without replacement.
- wait_before¶
- Optional.Defines a delay in seconds that Mistral Engine should wait before starting a task.Integer value expected.Can be updated without replacement.
- use_request_body_as_input¶
Available since 6.0.0 (Mitaka)
Defines the method in which the request body for signaling a workflow would be parsed. In case this property is set to True, the body would be parsed as a simple json where each key is a workflow input, in other cases body would be parsed expecting a specific json format with two keys: “input” and “params”.Boolean value expected.Can be updated without replacement.
Attributes¶
- alarm_url¶
A signed url to create executions for workflows specified in Workflow resource.
- data¶
A dictionary which contains name and input of the workflow.
- executions¶
List of workflows’ executions, each of them is a dictionary with information about execution. Each dictionary returns values for next keys: id, workflow_name, created_at, updated_at, state for current execution state, input, output.
- show¶
Detailed information about resource.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Mistral::Workflow
properties:
description: String
input: {...}
name: String
output: {...}
params: {...}
tags: [Value, Value, ...]
task_defaults: {"on_success": [Value, Value, ...], "on_error": [Value, Value, ...], "on_complete": [Value, Value, ...], "requires": [Value, Value, ...], "retry": {...}, "wait_before": Integer, "wait_after": Integer, "pause_before": Boolean, "timeout": Integer, "concurrency": Integer}
tasks: [{"name": String, "description": String, "input": {...}, "action": String, "workflow": String, "publish": {...}, "on_success": [Value, Value, ...], "on_error": [Value, Value, ...], "on_complete": [Value, Value, ...], "policies": {...}, "requires": [Value, Value, ...], "retry": {...}, "wait_before": Integer, "wait_after": Integer, "pause_before": Boolean, "timeout": Integer, "with_items": String, "keep_result": Boolean, "concurrency": Integer, "target": String, "join": String}, {"name": String, "description": String, "input": {...}, "action": String, "workflow": String, "publish": {...}, "on_success": [Value, Value, ...], "on_error": [Value, Value, ...], "on_complete": [Value, Value, ...], "policies": {...}, "requires": [Value, Value, ...], "retry": {...}, "wait_before": Integer, "wait_after": Integer, "pause_before": Boolean, "timeout": Integer, "with_items": String, "keep_result": Boolean, "concurrency": Integer, "target": String, "join": String}, ...]
type: String
use_request_body_as_input: Boolean
OS::Monasca::AlarmDefinition¶
Available since 7.0.0 (Newton)
UNSUPPORTED since 5.0.0 (Liberty)
Heat Template Resource for Monasca Alarm definition.
Monasca Alarm definition helps to define the required expression for a given alarm situation. This plugin helps to create, update and delete the alarm definition.
Alarm definitions is necessary to describe and manage alarms in a one-to-many relationship in order to avoid having to manually declare each alarm even though they may share many common attributes and differ in only one, such as hostname.
Required Properties¶
- expression¶
- Expression of the alarm to evaluate.String value expected.Updates cause replacement.
Optional Properties¶
- actions_enabled¶
- Whether to enable the actions or not.Boolean value expected.Can be updated without replacement.Defaults to
true
- alarm_actions¶
- The notification methods to use when an alarm state is ALARM.List value expected.Can be updated without replacement.Defaults to
[]
List contents:- Optional.Monasca notification.String value expected.Can be updated without replacement.Value must be of type monasca.notification
- description¶
- Description of the alarm.String value expected.Can be updated without replacement.
- match_by¶
- The metric dimensions to match to the alarm dimensions. One or more dimension key names separated by a comma.List value expected.Updates cause replacement.Defaults to
[]
- name¶
- Name of the alarm. By default, physical resource name is used.String value expected.Can be updated without replacement.
- ok_actions¶
- The notification methods to use when an alarm state is OK.List value expected.Can be updated without replacement.Defaults to
[]
List contents:- Optional.Monasca notification.String value expected.Can be updated without replacement.Value must be of type monasca.notification
- severity¶
- Severity of the alarm.String value expected.Can be updated without replacement.Defaults to
"low"
Allowed values: “low”, “medium”, “high”, “critical” - undetermined_actions¶
- The notification methods to use when an alarm state is UNDETERMINED.List value expected.Can be updated without replacement.Defaults to
[]
List contents:- Optional.Monasca notification.String value expected.Can be updated without replacement.Value must be of type monasca.notification
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Monasca::AlarmDefinition
properties:
actions_enabled: Boolean
alarm_actions: [String, String, ...]
description: String
expression: String
match_by: [Value, Value, ...]
name: String
ok_actions: [String, String, ...]
severity: String
undetermined_actions: [String, String, ...]
OS::Monasca::Notification¶
Available since 7.0.0 (Newton)
UNSUPPORTED since 5.0.0 (Liberty)
Heat Template Resource for Monasca Notification.
A resource which is used to notificate if there is some alarm. Monasca Notification helps to declare the hook points, which will be invoked once alarm is generated. This plugin helps to create, update and delete the notification.
Required Properties¶
- address¶
- Address of the notification. It could be a valid email address, url or service key based on notification type.String value expected.Can be updated without replacement.The length must be no greater than 512.
- type¶
- Type of the notification.String value expected.Can be updated without replacement.Allowed values: “email”, “webhook”, “pagerduty”
Optional Properties¶
- name¶
- Name of the notification. By default, physical resource name is used.String value expected.Can be updated without replacement.
- period¶
Available since 7.0.0 (Newton)
Interval in seconds to invoke webhooks if the alarm state does not transition away from the defined trigger state. A value of 0 will disable continuous notifications. This property is only applicable for the webhook notification type and has default period interval of 60 seconds.Integer value expected.Can be updated without replacement.Allowed values: 0, 60
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Monasca::Notification
properties:
address: String
name: String
period: Integer
type: String
OS::Neutron::AddressScope¶
Available since 6.0.0 (Mitaka)
A resource for Neutron address scope.
This resource can be associated with multiple subnet pools in a one-to-many relationship. The subnet pools under an address scope must not overlap.
Optional Properties¶
- ip_version¶
- Address family of the address scope, which is 4 or 6.Integer value expected.Updates cause replacement.Defaults to
4
Allowed values: 4, 6 - name¶
- The name for the address scope.String value expected.Can be updated without replacement.
- tenant_id¶
- The owner tenant ID of the address scope. Only administrative users can specify a tenant ID other than their own.String value expected.Updates cause replacement.Value must be of type keystone.project
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::AddressScope
properties:
ip_version: Integer
name: String
shared: Boolean
tenant_id: String
OS::Neutron::ExtraRouteSet¶
Available since 14.0.0 (Ussuri)
Resource for specifying extra routes for a Neutron router.
Requires Neutron extraroute-atomic
extension to be enabled:
$ openstack extension show extraroute-atomic
An extra route is a static routing table entry that is added beyond the routes managed implicitly by router interfaces and router gateways.
The destination
of an extra route is any IP network in /CIDR notation.
The nexthop
of an extra route is an IP in a subnet that is directly
connected to the router.
In a single OS::Neutron::ExtraRouteSet resource you can specify a
set of extra routes (represented as a list) on the same virtual
router. As an improvement over the (never formally supported)
OS::Neutron::ExtraRoute resource this resource plugin uses a Neutron
API extension (extraroute-atomic
) that is not prone to race
conditions when used to manage multiple extra routes of the same
router. It is safe to manage multiple extra routes of the same router
from multiple stacks.
On the other hand use of the same route on the same router is not safe from multiple stacks (or between Heat and non-Heat managed Neutron extra routes).
Required Properties¶
- router¶
- The router id.String value expected.Updates cause replacement.Value must be of type neutron.router
Optional Properties¶
- routes¶
- A set of route dictionaries for the router.List value expected.Can be updated without replacement.Defaults to
[]
List contents:- Map value expected.Can be updated without replacement.Map properties:
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::ExtraRouteSet
properties:
router: String
routes: [{"destination": String, "nexthop": String}, {"destination": String, "nexthop": String}, ...]
OS::Neutron::Firewall¶
A resource for the Firewall resource in Neutron FWaaS.
Resource for using the Neutron firewall implementation. Firewall is a network security system that monitors and controls the incoming and outgoing network traffic based on predetermined security rules.
Required Properties¶
- firewall_policy_id¶
- The ID of the firewall policy that this firewall is associated with.String value expected.Can be updated without replacement.
Optional Properties¶
- admin_state_up¶
- Administrative state of the firewall. If false (down), firewall does not forward packets and will drop all traffic to/from VMs behind the firewall.Boolean value expected.Can be updated without replacement.Defaults to
true
- description¶
- Description for the firewall.String value expected.Can be updated without replacement.
- name¶
- Name for the firewall.String value expected.Can be updated without replacement.
- value_specs¶
Available since 5.0.0 (Liberty)
Extra parameters to include in the request. Parameters are often specific to installed hardware or extensions.Map value expected.Can be updated without replacement.Defaults to{}
Attributes¶
- admin_state_up¶
The administrative state of the firewall.
- description¶
Description of the firewall.
- firewall_policy_id¶
Unique identifier of the firewall policy used to create the firewall.
- name¶
Name for the firewall.
- show¶
Detailed information about resource.
- status¶
The status of the firewall.
- tenant_id¶
Id of the tenant owning the firewall.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::Firewall
properties:
admin_state_up: Boolean
description: String
firewall_policy_id: String
name: String
value_specs: {...}
OS::Neutron::FirewallPolicy¶
A resource for the FirewallPolicy resource in Neutron FWaaS.
FirewallPolicy resource is an ordered collection of firewall rules. A firewall policy can be shared across tenants.
Optional Properties¶
- audited¶
- Whether this policy should be audited. When set to True, each time the firewall policy or the associated firewall rules are changed, this attribute will be set to False and will have to be explicitly set to True through an update operation.Boolean value expected.Can be updated without replacement.Defaults to
false
- description¶
- Description for the firewall policy.String value expected.Can be updated without replacement.
- firewall_rules¶
- An ordered list of firewall rules to apply to the firewall. (Prior to version 14.0.0 this was a required property).List value expected.Can be updated without replacement.
- name¶
- Name for the firewall policy.String value expected.Can be updated without replacement.
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::FirewallPolicy
properties:
audited: Boolean
description: String
firewall_rules: [Value, Value, ...]
name: String
shared: Boolean
OS::Neutron::FirewallRule¶
A resource for the FirewallRule resource in Neutron FWaaS.
FirewallRule represents a collection of attributes like ports, ip addresses etc. which define match criteria and action (allow, or deny) that needs to be taken on the matched data traffic.
Optional Properties¶
- action¶
- Action to be performed on the traffic matching the rule.String value expected.Can be updated without replacement.Defaults to
"deny"
Allowed values: “allow”, “deny” - description¶
- Description for the firewall rule.String value expected.Can be updated without replacement.
- destination_ip_address¶
- Destination IP address or CIDR.String value expected.Can be updated without replacement.Value must be of type net_cidr
- destination_port¶
- Destination port number or a range.String value expected.Can be updated without replacement.
- enabled¶
- Whether this rule should be enabled.Boolean value expected.Can be updated without replacement.Defaults to
true
- ip_version¶
- Internet protocol version.String value expected.Can be updated without replacement.Defaults to
"4"
Allowed values: “4”, “6” - name¶
- Name for the firewall rule.String value expected.Can be updated without replacement.
- protocol¶
- Protocol for the firewall rule.String value expected.Can be updated without replacement.Defaults to
"any"
Allowed values: “tcp”, “udp”, “icmp”, “any” - source_ip_address¶
- Source IP address or CIDR.String value expected.Can be updated without replacement.Value must be of type net_cidr
- source_port¶
- Source port number or a range.String value expected.Can be updated without replacement.
Attributes¶
- action¶
Allow or deny action for this firewall rule.
- description¶
Description of the firewall rule.
- destination_ip_address¶
Destination ip_address for this firewall rule.
- destination_port¶
Destination port range for this firewall rule.
- enabled¶
Indicates whether this firewall rule is enabled or not.
- firewall_policy_id¶
Unique identifier of the firewall policy to which this firewall rule belongs.
- ip_version¶
Ip_version for this firewall rule.
- name¶
Name for the firewall rule.
- position¶
Position of the rule within the firewall policy.
- protocol¶
Protocol value for this firewall rule.
- show¶
Detailed information about resource.
- source_ip_address¶
Source ip_address for this firewall rule.
- source_port¶
Source port range for this firewall rule.
- tenant_id¶
Id of the tenant owning the firewall.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::FirewallRule
properties:
action: String
description: String
destination_ip_address: String
destination_port: String
enabled: Boolean
ip_version: String
name: String
protocol: String
shared: Boolean
source_ip_address: String
source_port: String
OS::Neutron::FloatingIP¶
A resource for managing Neutron floating ips.
Floating IP addresses can change their association between routers by action of the user. One of the most common use cases for floating IPs is to provide public IP addresses to a private cloud, where there are a limited number of IP addresses available. Another is for a public cloud user to have a “static” IP address that can be reassigned when an instance is upgraded or moved.
Required Properties¶
- floating_network¶
Available since 2014.2 (Juno)
Network to allocate floating IP from.String value expected.Updates cause replacement.Value must be of type neutron.network
Optional Properties¶
- dns_domain¶
Available since 7.0.0 (Newton)
DNS domain associated with floating ip.String value expected.Can be updated without replacement.Value must be of type dns_domain- dns_name¶
Available since 7.0.0 (Newton)
DNS name associated with floating ip.String value expected.Can be updated without replacement.Value must be of type rel_dns_name- fixed_ip_address¶
- IP address to use if the port has multiple addresses.String value expected.Can be updated without replacement.Value must be of type ip_addr
- floating_ip_address¶
Available since 5.0.0 (Liberty)
IP address of the floating IP. NOTE: The default policy setting in Neutron restricts usage of this property to administrative users only.String value expected.Updates cause replacement.Value must be of type ip_addr- floating_subnet¶
Available since 9.0.0 (Pike)
Subnet to allocate floating IP from.String value expected.Updates cause replacement.Value must be of type neutron.subnet- port_id¶
- ID of an existing port with at least one IP address to associate with this floating IP.String value expected.Can be updated without replacement.Value must be of type neutron.port
- value_specs¶
- Extra parameters to include in the “floatingip” object in the creation request. Parameters are often specific to installed hardware or extensions.Map value expected.Updates cause replacement.Defaults to
{}
Attributes¶
- fixed_ip_address¶
IP address of the associated port, if specified.
- floating_ip_address¶
The allocated address of this IP.
- floating_network_id¶
ID of the network in which this IP is allocated.
- port_id¶
ID of the port associated with this IP.
- router_id¶
ID of the router used as gateway, set when associated with a port.
- show¶
Detailed information about resource.
- tenant_id¶
The tenant owning this floating IP.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::FloatingIP
properties:
dns_domain: String
dns_name: String
fixed_ip_address: String
floating_ip_address: String
floating_network: String
floating_subnet: String
port_id: String
value_specs: {...}
OS::Neutron::FloatingIPAssociation¶
A resource for associating floating ips and ports.
This resource allows associating a floating IP to a port with at least one IP address to associate with this floating IP.
Required Properties¶
Optional Properties¶
- fixed_ip_address¶
- IP address to use if the port has multiple addresses.String value expected.Can be updated without replacement.Value must be of type ip_addr
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::FloatingIPAssociation
properties:
fixed_ip_address: String
floatingip_id: String
port_id: String
OS::Neutron::IKEPolicy¶
A resource for IKE policy in Neutron.
The Internet Key Exchange policy identifies the authentication and encryption algorithm used during phase one and phase two negotiation of a VPN connection.
Optional Properties¶
- auth_algorithm¶
- Authentication hash algorithm for the ike policy.String value expected.Can be updated without replacement.Defaults to
"sha1"
Allowed values: “sha1”, “sha256”, “sha384”, “sha512” - description¶
- Description for the ike policy.String value expected.Can be updated without replacement.
- encryption_algorithm¶
- Encryption algorithm for the ike policy.String value expected.Can be updated without replacement.Defaults to
"aes-128"
Allowed values: “3des”, “aes-128”, “aes-192”, “aes-256” - ike_version¶
- Version for the ike policy.String value expected.Can be updated without replacement.Defaults to
"v1"
Allowed values: “v1”, “v2” - lifetime¶
- Safety assessment lifetime configuration for the ike policy.Map value expected.Can be updated without replacement.Map properties:
- units¶
- Optional.Safety assessment lifetime units.String value expected.Can be updated without replacement.Defaults to
"seconds"
Allowed values: “seconds”, “kilobytes” - value¶
- Optional.Safety assessment lifetime value in specified units.Integer value expected.Can be updated without replacement.Defaults to
3600
- name¶
- Name for the ike policy.String value expected.Can be updated without replacement.
- pfs¶
- Perfect forward secrecy in lowercase for the ike policy.String value expected.Can be updated without replacement.Defaults to
"group5"
Allowed values: “group2”, “group5”, “group14” - phase1_negotiation_mode¶
- Negotiation mode for the ike policy.String value expected.Updates cause replacement.Defaults to
"main"
Allowed values: “main”
Attributes¶
- auth_algorithm¶
The authentication hash algorithm used by the ike policy.
- description¶
The description of the ike policy.
- encryption_algorithm¶
The encryption algorithm used by the ike policy.
- ike_version¶
The version of the ike policy.
- lifetime¶
The safety assessment lifetime configuration for the ike policy.
- name¶
The name of the ike policy.
- pfs¶
The perfect forward secrecy of the ike policy.
- phase1_negotiation_mode¶
The negotiation mode of the ike policy.
- show¶
Detailed information about resource.
- tenant_id¶
The unique identifier of the tenant owning the ike policy.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::IKEPolicy
properties:
auth_algorithm: String
description: String
encryption_algorithm: String
ike_version: String
lifetime: {"units": String, "value": Integer}
name: String
pfs: String
phase1_negotiation_mode: String
OS::Neutron::IPsecPolicy¶
A resource for IPsec policy in Neutron.
The IP security policy specifying the authentication and encryption algorithm, and encapsulation mode used for the established VPN connection.
Optional Properties¶
- auth_algorithm¶
- Authentication hash algorithm for the ipsec policy.String value expected.Updates cause replacement.Defaults to
"sha1"
Allowed values: “sha1” - description¶
- Description for the ipsec policy.String value expected.Can be updated without replacement.
- encapsulation_mode¶
- Encapsulation mode for the ipsec policy.String value expected.Updates cause replacement.Defaults to
"tunnel"
Allowed values: “tunnel”, “transport” - encryption_algorithm¶
- Encryption algorithm for the ipsec policy.String value expected.Updates cause replacement.Defaults to
"aes-128"
Allowed values: “3des”, “aes-128”, “aes-192”, “aes-256” - lifetime¶
- Safety assessment lifetime configuration for the ipsec policy.Map value expected.Updates cause replacement.Map properties:
- name¶
- Name for the ipsec policy.String value expected.Can be updated without replacement.
- pfs¶
- Perfect forward secrecy for the ipsec policy.String value expected.Updates cause replacement.Defaults to
"group5"
Allowed values: “group2”, “group5”, “group14” - transform_protocol¶
- Transform protocol for the ipsec policy.String value expected.Updates cause replacement.Defaults to
"esp"
Allowed values: “esp”, “ah”, “ah-esp”
Attributes¶
- auth_algorithm¶
The authentication hash algorithm of the ipsec policy.
- description¶
The description of the ipsec policy.
- encapsulation_mode¶
The encapsulation mode of the ipsec policy.
- encryption_algorithm¶
The encryption algorithm of the ipsec policy.
- lifetime¶
The safety assessment lifetime configuration of the ipsec policy.
- name¶
The name of the ipsec policy.
- pfs¶
The perfect forward secrecy of the ipsec policy.
- show¶
Detailed information about resource.
- tenant_id¶
The unique identifier of the tenant owning the ipsec policy.
- transform_protocol¶
The transform protocol of the ipsec policy.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::IPsecPolicy
properties:
auth_algorithm: String
description: String
encapsulation_mode: String
encryption_algorithm: String
lifetime: {"units": String, "value": Integer}
name: String
pfs: String
transform_protocol: String
OS::Neutron::IPsecSiteConnection¶
A resource for IPsec site connection in Neutron.
This resource has details for the site-to-site IPsec connection, including the peer CIDRs, MTU, peer address, DPD settings and status.
Required Properties¶
- ikepolicy_id¶
- Unique identifier for the ike policy associated with the ipsec site connection.String value expected.Updates cause replacement.
- ipsecpolicy_id¶
- Unique identifier for the ipsec policy associated with the ipsec site connection.String value expected.Updates cause replacement.
- peer_address¶
- Remote branch router public IPv4 address or IPv6 address or FQDN.String value expected.Updates cause replacement.
- peer_cidrs¶
- Remote subnet(s) in CIDR format.List value expected.Updates cause replacement.List contents:
- Optional.String value expected.Updates cause replacement.Value must be of type net_cidr
- peer_id¶
- Remote branch router identity.String value expected.Updates cause replacement.
- psk¶
- Pre-shared key string for the ipsec site connection.String value expected.Updates cause replacement.
- vpnservice_id¶
- Unique identifier for the vpn service associated with the ipsec site connection.String value expected.Updates cause replacement.
Optional Properties¶
- admin_state_up¶
- Administrative state for the ipsec site connection.Boolean value expected.Can be updated without replacement.Defaults to
true
- description¶
- Description for the ipsec site connection.String value expected.Can be updated without replacement.
- dpd¶
- Dead Peer Detection protocol configuration for the ipsec site connection.Map value expected.Updates cause replacement.Map properties:
- actions¶
- Optional.Controls DPD protocol mode.String value expected.Updates cause replacement.Defaults to
"hold"
Allowed values: “clear”, “disabled”, “hold”, “restart”, “restart-by-peer” - interval¶
- Optional.Number of seconds for the DPD delay.Integer value expected.Updates cause replacement.Defaults to
30
- timeout¶
- Optional.Number of seconds for the DPD timeout.Integer value expected.Updates cause replacement.Defaults to
120
- initiator¶
- Initiator state in lowercase for the ipsec site connection.String value expected.Updates cause replacement.Defaults to
"bi-directional"
Allowed values: “bi-directional”, “response-only” - mtu¶
- Maximum transmission unit size (in bytes) for the ipsec site connection.Integer value expected.Updates cause replacement.Defaults to
1500
- name¶
- Name for the ipsec site connection.String value expected.Can be updated without replacement.
Attributes¶
- admin_state_up¶
The administrative state of the ipsec site connection.
- auth_mode¶
The authentication mode of the ipsec site connection.
- description¶
The description of the ipsec site connection.
- dpd¶
The dead peer detection protocol configuration of the ipsec site connection.
- ikepolicy_id¶
The unique identifier of ike policy associated with the ipsec site connection.
- initiator¶
The initiator of the ipsec site connection.
- ipsecpolicy_id¶
The unique identifier of ipsec policy associated with the ipsec site connection.
- mtu¶
The maximum transmission unit size (in bytes) of the ipsec site connection.
- name¶
The name of the ipsec site connection.
- peer_address¶
The remote branch router public IPv4 address or IPv6 address or FQDN.
- peer_cidrs¶
The remote subnet(s) in CIDR format of the ipsec site connection.
- peer_id¶
The remote branch router identity of the ipsec site connection.
- psk¶
The pre-shared key string of the ipsec site connection.
- route_mode¶
The route mode of the ipsec site connection.
- show¶
Detailed information about resource.
- status¶
The status of the ipsec site connection.
- tenant_id¶
The unique identifier of the tenant owning the ipsec site connection.
- vpnservice_id¶
The unique identifier of vpn service associated with the ipsec site connection.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::IPsecSiteConnection
properties:
admin_state_up: Boolean
description: String
dpd: {"actions": String, "interval": Integer, "timeout": Integer}
ikepolicy_id: String
initiator: String
ipsecpolicy_id: String
mtu: Integer
name: String
peer_address: String
peer_cidrs: [String, String, ...]
peer_id: String
psk: String
vpnservice_id: String
OS::Neutron::L2Gateway¶
Available since 12.0.0 (Stein)
A resource for managing Neutron L2 Gateways.
The are a number of use cases that can be addressed by an L2 Gateway API. Most notably in cloud computing environments, a typical use case is bridging the virtual with the physical. Translate this to Neutron and the OpenStack world, and this means relying on L2 Gateway capabilities to extend Neutron logical (overlay) networks into physical (provider) networks that are outside the OpenStack realm.
Required Properties¶
- devices¶
- List of gateway devices.List value expected.Can be updated without replacement.List contents:
- Map value expected.Can be updated without replacement.Map properties:
- device_name¶
- Required.The name of the gateway device.String value expected.Can be updated without replacement.
- interfaces¶
- List of gateway device interfaces.List value expected.Can be updated without replacement.List contents:
- Map value expected.Can be updated without replacement.Map properties:
- name¶
- A symbolic name for the l2-gateway, which is not required to be unique.String value expected.Can be updated without replacement.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::L2Gateway
properties:
devices: [{"device_name": String, "interfaces": [{"name": String, "segmentation_id": [Value, Value, ...]}, {"name": String, "segmentation_id": [Value, Value, ...]}, ...]}, {"device_name": String, "interfaces": [{"name": String, "segmentation_id": [Value, Value, ...]}, {"name": String, "segmentation_id": [Value, Value, ...]}, ...]}, ...]
name: String
OS::Neutron::L2GatewayConnection¶
Available since 12.0.0 (Stein)
A resource for managing Neutron L2 Gateway Connections.
The L2 Gateway Connection provides a mapping to connect a Neutron network to a L2 Gateway on a particular segmentation ID.
Required Properties¶
Optional Properties¶
- segmentation_id¶
- A string specifying a segmentation id for the interface on the l2gateway.String value expected.Updates cause replacement.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::L2GatewayConnection
properties:
l2_gateway_id: String
network_id: String
segmentation_id: String
OS::Neutron::LBaaS::HealthMonitor¶
Available since 6.0.0 (Mitaka)
A resource to handle load balancer health monitors.
This resource creates and manages Neutron LBaaS v2 healthmonitors, which watches status of the load balanced servers.
Required Properties¶
- delay¶
- The minimum time in milliseconds between regular connections of the member.Integer value expected.Can be updated without replacement.The value must be at least 0.
- max_retries¶
- Number of permissible connection failures before changing the member status to INACTIVE.Integer value expected.Can be updated without replacement.The value must be in the range 1 to 10.
- pool¶
- ID or name of the load balancing pool.String value expected.Updates cause replacement.Value must be of type neutron.lbaas.pool
- timeout¶
- Maximum number of milliseconds for a monitor to wait for a connection to be established before it times out.Integer value expected.Can be updated without replacement.The value must be at least 0.
- type¶
- One of predefined health monitor types.String value expected.Updates cause replacement.Allowed values: “PING”, “TCP”, “HTTP”, “HTTPS”
Optional Properties¶
- admin_state_up¶
- The administrative state of the health monitor.Boolean value expected.Can be updated without replacement.Defaults to
true
- expected_codes¶
- The HTTP status codes expected in response from the member to declare it healthy. Specify one of the following values: a single value, such as 200. a list, such as 200, 202. a range, such as 200-204.String value expected.Can be updated without replacement.Defaults to
"200"
- http_method¶
- The HTTP method used for requests by the monitor of type HTTP.String value expected.Can be updated without replacement.Defaults to
"GET"
Allowed values: “GET”, “HEAD”, “POST”, “PUT”, “DELETE”, “TRACE”, “OPTIONS”, “CONNECT”, “PATCH” - tenant_id¶
- ID of the tenant who owns the health monitor.String value expected.Updates cause replacement.
- url_path¶
- The HTTP path used in the HTTP request used by the monitor to test a member health. A valid value is a string the begins with a forward slash (/).String value expected.Can be updated without replacement.Defaults to
"/"
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::LBaaS::HealthMonitor
properties:
admin_state_up: Boolean
delay: Integer
expected_codes: String
http_method: String
max_retries: Integer
pool: String
tenant_id: String
timeout: Integer
type: String
url_path: String
OS::Neutron::LBaaS::L7Policy¶
Available since 7.0.0 (Newton)
A resource for managing LBaaS v2 L7Policies.
This resource manages Neutron-LBaaS v2 L7Policies, which represent a collection of L7Rules. L7Policy holds the action that should be performed when the rules are matched (Redirect to Pool, Redirect to URL, Reject). L7Policy holds a Listener id, so a Listener can evaluate a collection of L7Policies. L7Policy will return True when all of the L7Rules that belong to this L7Policy are matched. L7Policies under a specific Listener are ordered and the first l7Policy that returns a match will be executed. When none of the policies match the request gets forwarded to listener.default_pool_id.
Required Properties¶
- action¶
- Action type of the policy.String value expected.Can be updated without replacement.Allowed values: “REJECT”, “REDIRECT_TO_POOL”, “REDIRECT_TO_URL”
- listener¶
- ID or name of the listener this policy belongs to.String value expected.Updates cause replacement.Value must be of type neutron.lbaas.listener
Optional Properties¶
- admin_state_up¶
- The administrative state of the policy.Boolean value expected.Can be updated without replacement.Defaults to
true
- description¶
- Description of the policy.String value expected.Can be updated without replacement.
- name¶
- Name of the policy.String value expected.Can be updated without replacement.
- position¶
- L7 policy position in ordered policies list. This must be an integer starting from 1. If not specified, policy will be placed at the tail of existing policies list.Number value expected.Can be updated without replacement.The value must be at least 1.
- redirect_pool¶
- ID or name of the pool for REDIRECT_TO_POOL action type.String value expected.Can be updated without replacement.Value must be of type neutron.lbaas.pool
- redirect_url¶
- URL for REDIRECT_TO_URL action type. This should be a valid URL string.String value expected.Can be updated without replacement.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::LBaaS::L7Policy
properties:
action: String
admin_state_up: Boolean
description: String
listener: String
name: String
position: Number
redirect_pool: String
redirect_url: String
OS::Neutron::LBaaS::L7Rule¶
Available since 7.0.0 (Newton)
A resource for managing LBaaS v2 L7Rules.
This resource manages Neutron-LBaaS v2 L7Rules, which represent a set of attributes that defines which part of the request should be matched and how it should be matched.
Required Properties¶
- compare_type¶
- Rule compare type.String value expected.Can be updated without replacement.Allowed values: “REGEX”, “STARTS_WITH”, “ENDS_WITH”, “CONTAINS”, “EQUAL_TO”
- l7policy¶
- ID or name of L7 policy this rule belongs to.String value expected.Updates cause replacement.
- type¶
- Rule type.String value expected.Can be updated without replacement.Allowed values: “HOST_NAME”, “PATH”, “FILE_TYPE”, “HEADER”, “COOKIE”
- value¶
- Value to compare.String value expected.Can be updated without replacement.
Optional Properties¶
- admin_state_up¶
- The administrative state of the rule.Boolean value expected.Can be updated without replacement.Defaults to
true
- invert¶
- Invert the compare type.Boolean value expected.Can be updated without replacement.Defaults to
false
- key¶
- Key to compare. Relevant for HEADER and COOKIE types only.String value expected.Can be updated without replacement.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::LBaaS::L7Rule
properties:
admin_state_up: Boolean
compare_type: String
invert: Boolean
key: String
l7policy: String
type: String
value: String
OS::Neutron::LBaaS::Listener¶
Available since 6.0.0 (Mitaka)
A resource for managing LBaaS v2 Listeners.
This resource creates and manages Neutron LBaaS v2 Listeners, which represent a listening endpoint for the vip.
Required Properties¶
- protocol¶
- Protocol on which to listen for the client traffic.String value expected.Updates cause replacement.Allowed values: “TCP”, “HTTP”, “HTTPS”, “TERMINATED_HTTPS”
- protocol_port¶
- TCP or UDP port on which to listen for client traffic.Integer value expected.Updates cause replacement.The value must be in the range 1 to 65535.
Optional Properties¶
- admin_state_up¶
- The administrative state of this listener.Boolean value expected.Can be updated without replacement.Defaults to
true
- connection_limit¶
- The maximum number of connections permitted for this load balancer. Defaults to -1, which is infinite.Integer value expected.Can be updated without replacement.Defaults to
-1
The value must be at least -1. - default_pool¶
Available since 9.0.0 (Pike)
ID or name of the default pool for the listener. Requires shared_pools service extension.String value expected.Can be updated without replacement.Value must be of type neutron.lbaas.pool- default_tls_container_ref¶
- Default TLS container reference to retrieve TLS information.String value expected.Can be updated without replacement.
- description¶
- Description of this listener.String value expected.Can be updated without replacement.Defaults to
""
- loadbalancer¶
- ID or name of the load balancer with which listener is associated.String value expected.Updates cause replacement.Value must be of type neutron.lbaas.loadbalancer
- name¶
- Name of this listener.String value expected.Can be updated without replacement.
- sni_container_refs¶
- List of TLS container references for SNI.List value expected.Can be updated without replacement.
- tenant_id¶
- The ID of the tenant who owns the listener.String value expected.Updates cause replacement.
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::LBaaS::Listener
properties:
admin_state_up: Boolean
connection_limit: Integer
default_pool: String
default_tls_container_ref: String
description: String
loadbalancer: String
name: String
protocol: String
protocol_port: Integer
sni_container_refs: [Value, Value, ...]
tenant_id: String
OS::Neutron::LBaaS::LoadBalancer¶
Available since 6.0.0 (Mitaka)
A resource for creating LBaaS v2 Load Balancers.
This resource creates and manages Neutron LBaaS v2 Load Balancers, which allows traffic to be directed between servers.
Required Properties¶
- vip_subnet¶
- The name or ID of the subnet on which to allocate the VIP address.String value expected.Updates cause replacement.Value must be of type neutron.subnet
Optional Properties¶
- admin_state_up¶
- The administrative state of this Load Balancer.Boolean value expected.Can be updated without replacement.Defaults to
true
- description¶
- Description of this Load Balancer.String value expected.Can be updated without replacement.Defaults to
""
- name¶
- Name of this Load Balancer.String value expected.Can be updated without replacement.
- provider¶
- Provider for this Load Balancer.String value expected.Updates cause replacement.Value must be of type neutron.lbaas.provider
- tenant_id¶
- The ID of the tenant who owns the Load Balancer. Only administrative users can specify a tenant ID other than their own.String value expected.Updates cause replacement.Value must be of type keystone.project
- vip_address¶
- IP address for the VIP.String value expected.Updates cause replacement.Value must be of type ip_addr
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::LBaaS::LoadBalancer
properties:
admin_state_up: Boolean
description: String
name: String
provider: String
tenant_id: String
vip_address: String
vip_subnet: String
OS::Neutron::LBaaS::Pool¶
Available since 6.0.0 (Mitaka)
A resource for managing LBaaS v2 Pools.
This resources manages Neutron-LBaaS v2 Pools, which represent a group of nodes. Pools define the subnet where nodes reside, balancing algorithm, and the nodes themselves.
Required Properties¶
- lb_algorithm¶
- The algorithm used to distribute load between the members of the pool.String value expected.Can be updated without replacement.Allowed values: “ROUND_ROBIN”, “LEAST_CONNECTIONS”, “SOURCE_IP”
- protocol¶
- Protocol of the pool.String value expected.Updates cause replacement.Allowed values: “TCP”, “HTTP”, “HTTPS”
Optional Properties¶
- admin_state_up¶
- The administrative state of this pool.Boolean value expected.Can be updated without replacement.Defaults to
true
- description¶
- Description of this pool.String value expected.Can be updated without replacement.Defaults to
""
- listener¶
- Listener name or ID to be associated with this pool.String value expected.Updates cause replacement.Value must be of type neutron.lbaas.listener
- loadbalancer¶
Available since 9.0.0 (Pike)
Loadbalancer name or ID to be associated with this pool. Requires shared_pools service extension.String value expected.Updates cause replacement.Value must be of type neutron.lbaas.loadbalancer- name¶
- Name of this pool.String value expected.Can be updated without replacement.
- session_persistence¶
- Configuration of session persistence.Map value expected.Updates cause replacement.Map properties:
- cookie_name¶
- Optional.Name of the cookie, required if type is APP_COOKIE.String value expected.Updates cause replacement.
- type¶
- Required.Method of implementation of session persistence feature.String value expected.Updates cause replacement.Allowed values: “SOURCE_IP”, “HTTP_COOKIE”, “APP_COOKIE”
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::LBaaS::Pool
properties:
admin_state_up: Boolean
description: String
lb_algorithm: String
listener: String
loadbalancer: String
name: String
protocol: String
session_persistence: {"type": String, "cookie_name": String}
OS::Neutron::LBaaS::PoolMember¶
Available since 6.0.0 (Mitaka)
A resource for managing LBaaS v2 Pool Members.
A pool member represents a single backend node.
Required Properties¶
- address¶
- IP address of the pool member on the pool network.String value expected.Updates cause replacement.Value must be of type ip_addr
- pool¶
- Name or ID of the load balancing pool.String value expected.Updates cause replacement.Value must be of type neutron.lbaas.pool
- protocol_port¶
- Port on which the pool member listens for requests or connections.Integer value expected.Updates cause replacement.The value must be in the range 1 to 65535.
- subnet¶
- Subnet name or ID of this member.String value expected.Updates cause replacement.Value must be of type neutron.subnet
Optional Properties¶
- admin_state_up¶
- The administrative state of the pool member.Boolean value expected.Can be updated without replacement.Defaults to
true
- weight¶
- Weight of pool member in the pool (default to 1).Integer value expected.Can be updated without replacement.Defaults to
1
The value must be in the range 0 to 256.
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::LBaaS::PoolMember
properties:
address: String
admin_state_up: Boolean
pool: String
protocol_port: Integer
subnet: String
weight: Integer
OS::Neutron::MeteringLabel¶
Available since 2014.1 (Icehouse)
A resource for creating neutron metering label.
The idea is to meter this at the L3 routers levels. The point is to allow operators to configure IP ranges and to assign a label to them. For example we will be able to set two labels; one for the internal traffic, and the other one for the external traffic. Each label will measure the traffic for a specific set of IP range. Then, bandwidth measurement will be sent for each label to the Oslo notification system and could be collected by Ceilometer.
Optional Properties¶
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::MeteringLabel
properties:
description: String
name: String
shared: Boolean
OS::Neutron::MeteringRule¶
Available since 2014.1 (Icehouse)
A resource to create rule for some label.
Resource for allowing specified label to measure the traffic for a specific set of ip range.
Required Properties¶
Optional Properties¶
- direction¶
- The direction in which metering rule is applied, either ingress or egress.String value expected.Updates cause replacement.Defaults to
"ingress"
Allowed values: “ingress”, “egress” - excluded¶
- Specify whether the remote_ip_prefix will be excluded or not from traffic counters of the metering label. For example to not count the traffic of a specific IP address of a range.Boolean value expected.Updates cause replacement.Defaults to
"False"
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::MeteringRule
properties:
direction: String
excluded: Boolean
metering_label_id: String
remote_ip_prefix: String
OS::Neutron::Net¶
A resource for managing Neutron net.
A network is a virtual isolated layer-2 broadcast domain which is typically reserved to the tenant who created it, unless the network has been explicitly configured to be shared.
Optional Properties¶
- admin_state_up¶
- A boolean value specifying the administrative status of the network.Boolean value expected.Can be updated without replacement.Defaults to
true
- dhcp_agent_ids¶
- The IDs of the DHCP agent to schedule the network. Note that the default policy setting in Neutron restricts usage of this property to administrative users only.List value expected.Can be updated without replacement.
- dns_domain¶
Available since 7.0.0 (Newton)
DNS domain associated with this network.String value expected.Can be updated without replacement.Value must be of type dns_domain- name¶
- A string specifying a symbolic name for the network, which is not required to be unique.String value expected.Can be updated without replacement.
- port_security_enabled¶
Available since 5.0.0 (Liberty)
Flag to enable/disable port security on the network. It provides the default value for the attribute of the ports created on this network.Boolean value expected.Can be updated without replacement.- qos_policy¶
Available since 6.0.0 (Mitaka)
The name or ID of QoS policy to attach to this network.String value expected.Can be updated without replacement.Value must be of type neutron.qos_policy- tags¶
Available since 9.0.0 (Pike)
The tags to be added to the network.List value expected.Can be updated without replacement.List contents:- Optional.String value expected.Can be updated without replacement.
- tenant_id¶
- The ID of the tenant which will own the network. Only administrative users can set the tenant identifier; this cannot be changed using authorization policies.String value expected.Updates cause replacement.
- value_specs¶
- Extra parameters to include in the request. Parameters are often specific to installed hardware or extensions.Map value expected.Can be updated without replacement.Defaults to
{}
Attributes¶
- admin_state_up¶
The administrative status of the network.
- l2_adjacency¶
Available since 9.0.0 (Pike)
A boolean value for L2 adjacency, True means that you can expect L2 connectivity throughout the Network.
- mtu¶
Available since 5.0.0 (Liberty)
The maximum transmission unit size(in bytes) for the network.
- name¶
The name of the network.
- port_security_enabled¶
Available since 5.0.0 (Liberty)
Port security enabled of the network.
- qos_policy_id¶
Available since 6.0.0 (Mitaka)
The QoS policy ID attached to this network.
- segments¶
Available since 11.0.0 (Rocky)
The segments of this network.
- show¶
Detailed information about resource.
- status¶
The status of the network.
- subnets¶
Subnets of this network.
- tenant_id¶
The tenant owning this network.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::Net
properties:
admin_state_up: Boolean
dhcp_agent_ids: [Value, Value, ...]
dns_domain: String
name: String
port_security_enabled: Boolean
qos_policy: String
shared: Boolean
tags: [String, String, ...]
tenant_id: String
value_specs: {...}
OS::Neutron::NetworkGateway¶
Available since 2014.1 (Icehouse)
Network Gateway resource in Neutron Network Gateway.
Resource for connecting internal networks with specified devices.
Required Properties¶
- devices¶
- Device info for this network gateway.List value expected.Can be updated without replacement.The length must be at least 1.List contents:
- Map value expected.Can be updated without replacement.Map properties:
Optional Properties¶
- connections¶
- Connection info for this network gateway.List value expected.Can be updated without replacement.Defaults to
{}
List contents:- Map value expected.Can be updated without replacement.Map properties:
- network¶
Available since 2014.2 (Juno)
Required.The internal network to connect on the network gateway.String value expected.Can be updated without replacement.Value must be of type neutron.network- segmentation_id¶
- Optional.The id for L2 segment on the external side of the network gateway. Must be specified when using vlan.Integer value expected.Can be updated without replacement.The value must be in the range 0 to 4094.
- segmentation_type¶
- Optional.L2 segmentation strategy on the external side of the network gateway.String value expected.Can be updated without replacement.Defaults to
"flat"
Allowed values: “flat”, “vlan”
- name¶
- The name of the network gateway.String value expected.Can be updated without replacement.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::NetworkGateway
properties:
connections: [{"network_id": String, "network": String, "segmentation_type": String, "segmentation_id": Integer}, {"network_id": String, "network": String, "segmentation_type": String, "segmentation_id": Integer}, ...]
devices: [{"id": String, "interface_name": String}, {"id": String, "interface_name": String}, ...]
name: String
OS::Neutron::Port¶
A resource for managing Neutron ports.
A port represents a virtual switch port on a logical network switch. Virtual instances attach their interfaces into ports. The logical port also defines the MAC address and the IP address(es) to be assigned to the interfaces plugged into them. When IP addresses are associated to a port, this also implies the port is associated with a subnet, as the IP address was taken from the allocation pool for a specific subnet.
Required Properties¶
- network¶
Available since 2014.2 (Juno)
Network this port belongs to. If you plan to use current port to assign Floating IP, you should specify fixed_ips with subnet. Note if this changes to a different network update, the port will be replaced.String value expected.Updates cause replacement.Value must be of type neutron.network
Optional Properties¶
- admin_state_up¶
- The administrative state of this port.Boolean value expected.Can be updated without replacement.Defaults to
true
- allowed_address_pairs¶
- Additional MAC/IP address pairs allowed to pass through the port.List value expected.Can be updated without replacement.List contents:
- Map value expected.Can be updated without replacement.Map properties:
- ip_address¶
- Required.IP address to allow through this port.String value expected.Can be updated without replacement.Value must be of type ip_or_cidr
- mac_address¶
- Optional.MAC address to allow through this port.String value expected.Can be updated without replacement.Value must be of type mac_addr
- binding:vnic_type¶
Available since 2015.1 (Kilo)
The vnic type to be bound on the neutron port. To support SR-IOV PCI passthrough networking, you can request that the neutron port to be realized as normal (virtual nic), direct (pci passthrough), or macvtap (virtual interface with a tap-like software interface). Note that this only works for Neutron deployments that support the bindings extension.String value expected.Can be updated without replacement.Defaults to"normal"
Allowed values: “normal”, “direct”, “macvtap”, “direct-physical”, “baremetal”, “virtio-forwarder”, “smart-nic”- device_id¶
- Device ID of this port.String value expected.Can be updated without replacement.Defaults to
""
- device_owner¶
- Name of the network owning the port. The value is typically network:floatingip or network:router_interface or network:dhcp.String value expected.Can be updated without replacement.Defaults to
""
- dns_name¶
Available since 7.0.0 (Newton)
DNS name associated with the port.String value expected.Can be updated without replacement.Value must be of type dns_name- fixed_ips¶
- Desired IPs for this port.List value expected.Can be updated without replacement.List contents:
- Map value expected.Can be updated without replacement.Map properties:
- ip_address¶
- Optional.IP address desired in the subnet for this port.String value expected.Can be updated without replacement.Value must be of type ip_addr
- subnet¶
Available since 2014.2 (Juno)
Optional.Subnet in which to allocate the IP address for this port.String value expected.Can be updated without replacement.Value must be of type neutron.subnet
- mac_address¶
- MAC address to give to this port. The default update policy of this property in neutron is that allow admin role only.String value expected.Updates cause replacement.Value must be of type mac_addr
- name¶
- A symbolic name for this port.String value expected.Can be updated without replacement.
- no_fixed_ips¶
Available since 16.0.0
Flag to disable all fixed ips on the port.Boolean value expected.Can be updated without replacement.Defaults tofalse
- port_security_enabled¶
Available since 5.0.0 (Liberty)
Flag to enable/disable port security on the port. When disable this feature(set it to False), there will be no packages filtering, like security-group and address-pairs.Boolean value expected.Can be updated without replacement.- propagate_uplink_status¶
Available since 15.0.0 (Victoria)
Flag to enable/disable propagate uplink status on the port.Boolean value expected.Can be updated without replacement.- qos_policy¶
Available since 6.0.0 (Mitaka)
The name or ID of QoS policy to attach to this port.String value expected.Can be updated without replacement.Value must be of type neutron.qos_policy- security_groups¶
- Security group IDs to associate with this port.List value expected.Can be updated without replacement.
- tags¶
Available since 9.0.0 (Pike)
The tags to be added to the port.List value expected.Can be updated without replacement.List contents:- Optional.String value expected.Can be updated without replacement.
- value_specs¶
- Extra parameters to include in the request.Map value expected.Can be updated without replacement.Defaults to
{}
Attributes¶
- admin_state_up¶
The administrative state of this port.
- allowed_address_pairs¶
Additional MAC/IP address pairs allowed to pass through a port.
- device_id¶
Unique identifier for the device.
- device_owner¶
Name of the network owning the port.
- dns_assignment¶
Available since 7.0.0 (Newton)
The DNS assigned to this port.
- fixed_ips¶
Fixed IP addresses.
- mac_address¶
MAC address of the port.
- name¶
Friendly name of the port.
- network¶
Available since 11.0.0 (Rocky)
The attributes of the network owning the port. (The full list of response parameters can be found in the `Openstack Networking service API reference <https://docs.openstack.org/api-ref/network/>`_.) The following examples demonstrate some (not all) possible expressions. (Obtains the network, the MTU (Maximum transmission unit), the network tags and the l2_adjacency property): ``{get_attr: [<port>, network]}``, ``{get_attr: [<port>, network, mtu]}``, ``{get_attr: [<port>, network, tags]}?``, ``{get_attr: [<port>, network, l2_adjacency]}``.
- network_id¶
Unique identifier for the network owning the port.
- port_security_enabled¶
Available since 5.0.0 (Liberty)
Port security enabled of the port.
- propagate_uplink_status¶
Available since 15.0.0 (Victoria)
Enable/Disable propagate uplink status for the port.
- qos_policy_id¶
Available since 6.0.0 (Mitaka)
The QoS policy ID attached to this port.
- security_groups¶
A list of security groups for the port.
- show¶
Detailed information about resource.
- status¶
The status of the port.
- subnets¶
A list of all subnet attributes for the port.
- tenant_id¶
Tenant owning the port.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::Port
properties:
admin_state_up: Boolean
allowed_address_pairs: [{"mac_address": String, "ip_address": String}, {"mac_address": String, "ip_address": String}, ...]
binding:vnic_type: String
device_id: String
device_owner: String
dns_name: String
fixed_ips: [{"subnet_id": String, "subnet": String, "ip_address": String}, {"subnet_id": String, "subnet": String, "ip_address": String}, ...]
mac_address: String
name: String
network: String
no_fixed_ips: Boolean
port_security_enabled: Boolean
propagate_uplink_status: Boolean
qos_policy: String
security_groups: [Value, Value, ...]
tags: [String, String, ...]
value_specs: {...}
OS::Neutron::ProviderNet¶
Available since 2014.1 (Icehouse)
A resource for managing Neutron provider networks.
Provider networks specify details of physical realisation of the existing network.
The default policy usage of this resource is limited to administrators only.
Required Properties¶
- network_type¶
- A string specifying the provider network type for the network.String value expected.Can be updated without replacement.Allowed values: “local”, “vlan”, “vxlan”, “gre”, “geneve”, “flat”
Optional Properties¶
- admin_state_up¶
- A boolean value specifying the administrative status of the network.Boolean value expected.Can be updated without replacement.Defaults to
true
- dns_domain¶
Available since 15.0.0 (Victoria)
DNS domain associated with this network.String value expected.Can be updated without replacement.Value must be of type dns_domain- name¶
- A string specifying a symbolic name for the network, which is not required to be unique.String value expected.Can be updated without replacement.
- physical_network¶
- A string specifying physical network mapping for the network.String value expected.Can be updated without replacement.
- port_security_enabled¶
Available since 8.0.0 (Ocata)
Flag to enable/disable port security on the network. It provides the default value for the attribute of the ports created on this network.Boolean value expected.Can be updated without replacement.- router_external¶
Available since 6.0.0 (Mitaka)
Whether the network contains an external router.Boolean value expected.Can be updated without replacement.Defaults tofalse
- segmentation_id¶
- A string specifying the segmentation id for the network.String value expected.Can be updated without replacement.
- tags¶
Available since 12.0.0 (Stein)
The tags to be added to the provider network.List value expected.Can be updated without replacement.List contents:- Optional.String value expected.Can be updated without replacement.
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::ProviderNet
properties:
admin_state_up: Boolean
dns_domain: String
name: String
network_type: String
physical_network: String
port_security_enabled: Boolean
router_external: Boolean
segmentation_id: String
shared: Boolean
tags: [String, String, ...]
OS::Neutron::QoSBandwidthLimitRule¶
Available since 6.0.0 (Mitaka)
A resource for Neutron QoS bandwidth limit rule.
This rule can be associated with QoS policy, and then the policy can be used by neutron port and network, to provide bandwidth limit QoS capabilities.
The default policy usage of this resource is limited to administrators only.
Required Properties¶
Optional Properties¶
- direction¶
Available since 13.0.0 (Train)
Traffic direction from the point of view of the port.String value expected.Can be updated without replacement.Defaults to"egress"
Allowed values: “egress”, “ingress”- max_burst_kbps¶
- Max burst bandwidth in kbps.Integer value expected.Can be updated without replacement.Defaults to
0
The value must be at least 0. - tenant_id¶
- The owner tenant ID of this rule.String value expected.Updates cause replacement.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::QoSBandwidthLimitRule
properties:
direction: String
max_burst_kbps: Integer
max_kbps: Integer
policy: String
tenant_id: String
OS::Neutron::QoSDscpMarkingRule¶
Available since 7.0.0 (Newton)
A resource for Neutron QoS DSCP marking rule.
This rule can be associated with QoS policy, and then the policy can be used by neutron port and network, to provide DSCP marking QoS capabilities.
The default policy usage of this resource is limited to administrators only.
Required Properties¶
- dscp_mark¶
- DSCP mark between 0 and 56, except 2-6, 42, 44, and 50-54.Integer value expected.Can be updated without replacement.Allowed values: 0, 8, 10, 12, 14, 16, 18, 20, 22, 24, 26, 28, 30, 32, 34, 36, 38, 40, 46, 48, 56
- policy¶
- ID or name of the QoS policy.String value expected.Updates cause replacement.Value must be of type neutron.qos_policy
Optional Properties¶
- tenant_id¶
- The owner tenant ID of this rule.String value expected.Updates cause replacement.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::QoSDscpMarkingRule
properties:
dscp_mark: Integer
policy: String
tenant_id: String
OS::Neutron::QoSMinimumBandwidthRule¶
Available since 14.0.0 (Ussuri)
A resource for guaranteeing bandwidth.
This rule can be associated with a QoS policy, and then the policy can be used by a neutron port to provide guaranteed bandwidth QoS capabilities.
Depending on drivers the guarantee may be enforced on two levels. First when a server is placed (scheduled) on physical infrastructure and/or second in the data plane of the physical hypervisor. For details please see Neutron documentation:
https://docs.openstack.org/neutron/latest/admin/config-qos-min-bw.html
The default policy usage of this resource is limited to administrators only.
Required Properties¶
Optional Properties¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::QoSMinimumBandwidthRule
properties:
direction: String
min_kbps: Integer
policy: String
tenant_id: String
OS::Neutron::QoSPolicy¶
Available since 6.0.0 (Mitaka)
A resource for Neutron QoS Policy.
This QoS policy can be associated with neutron resources, such as port and network, to provide QoS capabilities.
The default policy usage of this resource is limited to administrators only.
Optional Properties¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::QoSPolicy
properties:
description: String
name: String
shared: Boolean
tenant_id: String
OS::Neutron::Quota¶
Available since 8.0.0 (Ocata)
A resource for managing neutron quotas.
Neutron Quota is used to manage operational limits for projects. Currently, this resource can manage Neutron’s quotas for:
subnet
network
floatingip
security_group_rule
security_group
router
port
subnetpool
rbac_policy
Note that default neutron security policy usage of this resource is limited to being used by administrators only. Administrators should be careful to create only one Neutron Quota resource per project, otherwise it will be hard for them to manage the quota properly.
Required Properties¶
- project¶
- Name or id of the project to set the quota for.String value expected.Updates cause replacement.Value must be of type keystone.project
Optional Properties¶
- floatingip¶
- Quota for the number of floating IPs. Setting -1 means unlimited.Integer value expected.Can be updated without replacement.The value must be at least -1.
- network¶
- Quota for the number of networks. Setting -1 means unlimited.Integer value expected.Can be updated without replacement.The value must be at least -1.
- port¶
- Quota for the number of ports. Setting -1 means unlimited.Integer value expected.Can be updated without replacement.The value must be at least -1.
- rbac_policy¶
Available since 12.0.0 (Stein)
Quota for the number of rbac policies. Setting -1 means unlimited.Integer value expected.Can be updated without replacement.The value must be at least -1.- router¶
- Quota for the number of routers. Setting -1 means unlimited.Integer value expected.Can be updated without replacement.The value must be at least -1.
- security_group¶
- Quota for the number of security groups. Setting -1 means unlimited.Integer value expected.Can be updated without replacement.The value must be at least -1.
- security_group_rule¶
- Quota for the number of security group rules. Setting -1 means unlimited.Integer value expected.Can be updated without replacement.The value must be at least -1.
- subnet¶
- Quota for the number of subnets. Setting -1 means unlimited.Integer value expected.Can be updated without replacement.The value must be at least -1.
- subnetpool¶
Available since 12.0.0 (Stein)
Quota for the number of subnet pools. Setting -1 means unlimited.Integer value expected.Can be updated without replacement.The value must be at least -1.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::Quota
properties:
floatingip: Integer
network: Integer
port: Integer
project: String
rbac_policy: Integer
router: Integer
security_group: Integer
security_group_rule: Integer
subnet: Integer
subnetpool: Integer
OS::Neutron::RBACPolicy¶
Available since 6.0.0 (Mitaka)
A Resource for managing RBAC policy in Neutron.
This resource creates and manages Neutron RBAC policy, which allows to share Neutron networks and qos-policies to subsets of tenants.
Required Properties¶
- action¶
- Action for the RBAC policy. The allowed actions differ for different object types - only network objects can have an access_as_external action.String value expected.Updates cause replacement.Allowed values: “access_as_shared”, “access_as_external”
- object_id¶
- ID or name of the RBAC object.String value expected.Updates cause replacement.
- object_type¶
- Type of the object that RBAC policy affects.String value expected.Updates cause replacement.Allowed values: “network”, “qos_policy”
- target_tenant¶
- ID of the tenant to which the RBAC policy will be enforced.String value expected.Can be updated without replacement.
Optional Properties¶
- tenant_id¶
- The owner tenant ID. Only required if the caller has an administrative role and wants to create a RBAC for another tenant.String value expected.Updates cause replacement.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::RBACPolicy
properties:
action: String
object_id: String
object_type: String
target_tenant: String
tenant_id: String
OS::Neutron::Router¶
A resource that implements Neutron router.
Router is a physical or virtual network device that passes network traffic between different networks.
Optional Properties¶
- admin_state_up¶
- The administrative state of the router.Boolean value expected.Can be updated without replacement.Defaults to
true
- distributed¶
Available since 2015.1 (Kilo)
Indicates whether or not to create a distributed router. NOTE: The default policy setting in Neutron restricts usage of this property to administrative users only. This property can not be used in conjunction with the L3 agent ID.Boolean value expected.Updates cause replacement.- external_gateway_info¶
- External network gateway configuration for a router.Map value expected.Can be updated without replacement.Map properties:
- enable_snat¶
- Optional.Enables Source NAT on the router gateway. NOTE: The default policy setting in Neutron restricts usage of this property to administrative users only.Boolean value expected.Can be updated without replacement.
- external_fixed_ips¶
Available since 6.0.0 (Mitaka)
External fixed IP addresses for the gateway.List value expected.Can be updated without replacement.List contents:- Map value expected.Can be updated without replacement.Map properties:
- network¶
- Required.ID or name of the external network for the gateway.String value expected.Can be updated without replacement.
- ha¶
Available since 2015.1 (Kilo)
Indicates whether or not to create a highly available router. NOTE: The default policy setting in Neutron restricts usage of this property to administrative users only. And now neutron do not support distributed and ha at the same time.Boolean value expected.Updates cause replacement.- l3_agent_ids¶
Available since 2015.1 (Kilo)
ID list of the L3 agent. User can specify multi-agents for highly available router. NOTE: The default policy setting in Neutron restricts usage of this property to administrative users only.List value expected.Can be updated without replacement.List contents:- Optional.String value expected.Can be updated without replacement.
- name¶
- The name of the router.String value expected.Can be updated without replacement.
- tags¶
Available since 9.0.0 (Pike)
The tags to be added to the router.List value expected.Can be updated without replacement.List contents:- Optional.String value expected.Can be updated without replacement.
- value_specs¶
- Extra parameters to include in the creation request.Map value expected.Can be updated without replacement.Defaults to
{}
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::Router
properties:
admin_state_up: Boolean
distributed: Boolean
external_gateway_info: {"network": String, "enable_snat": Boolean, "external_fixed_ips": [{"ip_address": String, "subnet": String}, {"ip_address": String, "subnet": String}, ...]}
ha: Boolean
l3_agent_ids: [String, String, ...]
name: String
tags: [String, String, ...]
value_specs: {...}
OS::Neutron::RouterInterface¶
A resource for managing Neutron router interfaces.
Router interfaces associate routers with existing subnets or ports.
Required Properties¶
- router¶
- The router.String value expected.Updates cause replacement.Value must be of type neutron.router
Optional Properties¶
- port¶
Available since 2015.1 (Kilo)
The port, either subnet or port should be specified.String value expected.Updates cause replacement.Value must be of type neutron.port- subnet¶
- The subnet, either subnet or port should be specified.String value expected.Updates cause replacement.Value must be of type neutron.subnet
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::RouterInterface
properties:
port: String
router: String
subnet: String
OS::Neutron::SecurityGroup¶
Available since 2014.1 (Icehouse)
A resource for managing Neutron security groups.
Security groups are sets of IP filter rules that are applied to an instance’s networking. They are project specific, and project members can edit the default rules for their group and add new rules sets. All projects have a “default” security group, which is applied to instances that have no other security group defined.
Optional Properties¶
- description¶
- Description of the security group.String value expected.Can be updated without replacement.
- name¶
- A string specifying a symbolic name for the security group, which is not required to be unique.String value expected.Can be updated without replacement.
- rules¶
- List of security group rules.List value expected.Can be updated without replacement.Defaults to
[]
List contents:- Map value expected.Can be updated without replacement.Map properties:
- direction¶
- Optional.The direction in which the security group rule is applied. For a compute instance, an ingress security group rule matches traffic that is incoming (ingress) for that instance. An egress rule is applied to traffic leaving the instance.String value expected.Can be updated without replacement.Defaults to
"ingress"
Allowed values: “ingress”, “egress” - ethertype¶
- Optional.Ethertype of the traffic.String value expected.Can be updated without replacement.Defaults to
"IPv4"
Allowed values: “IPv4”, “IPv6” - port_range_max¶
- Optional.The maximum port number in the range that is matched by the security group rule. The port_range_min attribute constrains the port_range_max attribute. If the protocol is ICMP, this value must be an ICMP type.Integer value expected.Can be updated without replacement.The value must be in the range 0 to 65535.
- port_range_min¶
- Optional.The minimum port number in the range that is matched by the security group rule. If the protocol is TCP or UDP, this value must be less than or equal to the value of the port_range_max attribute. If the protocol is ICMP, this value must be an ICMP type.Integer value expected.Can be updated without replacement.The value must be in the range 0 to 65535.
- protocol¶
- Optional.The protocol that is matched by the security group rule. Valid values include tcp, udp, and icmp.String value expected.Can be updated without replacement.
- remote_group_id¶
- Optional.The remote group ID to be associated with this security group rule. If no value is specified then this rule will use this security group for the remote_group_id. The remote mode parameter must be set to “remote_group_id”.String value expected.Can be updated without replacement.Value must be of type neutron.security_group
- remote_ip_prefix¶
- Optional.The remote IP prefix (CIDR) to be associated with this security group rule.String value expected.Can be updated without replacement.Value must be of type net_cidr
- remote_mode¶
- Optional.Whether to specify a remote group or a remote IP prefix.String value expected.Can be updated without replacement.Defaults to
"remote_ip_prefix"
Allowed values: “remote_ip_prefix”, “remote_group_id”
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::SecurityGroup
properties:
description: String
name: String
rules: [{"direction": String, "ethertype": String, "port_range_min": Integer, "port_range_max": Integer, "protocol": String, "remote_mode": String, "remote_group_id": String, "remote_ip_prefix": String}, {"direction": String, "ethertype": String, "port_range_min": Integer, "port_range_max": Integer, "protocol": String, "remote_mode": String, "remote_group_id": String, "remote_ip_prefix": String}, ...]
OS::Neutron::SecurityGroupRule¶
Available since 7.0.0 (Newton)
A resource for managing Neutron security group rules.
Rules to use in security group resource.
Required Properties¶
- security_group¶
- Security group name or ID to add rule.String value expected.Updates cause replacement.Value must be of type neutron.security_group
Optional Properties¶
- description¶
- Description of the security group rule.String value expected.Updates cause replacement.
- direction¶
- The direction in which the security group rule is applied. For a compute instance, an ingress security group rule matches traffic that is incoming (ingress) for that instance. An egress rule is applied to traffic leaving the instance.String value expected.Updates cause replacement.Defaults to
"ingress"
Allowed values: “ingress”, “egress” - ethertype¶
- Ethertype of the traffic.String value expected.Updates cause replacement.Defaults to
"IPv4"
Allowed values: “IPv4”, “IPv6” - port_range_max¶
- The maximum port number in the range that is matched by the security group rule. The port_range_min attribute constrains the port_range_max attribute. If the protocol is ICMP, this value must be an ICMP code.Integer value expected.Updates cause replacement.The value must be in the range 0 to 65535.
- port_range_min¶
- The minimum port number in the range that is matched by the security group rule. If the protocol is TCP or UDP, this value must be less than or equal to the value of the port_range_max attribute. If the protocol is ICMP, this value must be an ICMP type.Integer value expected.Updates cause replacement.The value must be in the range 0 to 65535.
- protocol¶
- The protocol that is matched by the security group rule. Allowed values are ah, dccp, egp, esp, gre, icmp, icmpv6, igmp, ipv6-encap, ipv6-frag, ipv6-icmp, ipv6-nonxt, ipv6-opts, ipv6-route, ospf, pgm, rsvp, sctp, tcp, udp, udplite, vrrp and integer representations [0-255].String value expected.Updates cause replacement.Defaults to
"tcp"
Allowed values: 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 98, 99, 100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122, 123, 124, 125, 126, 127, 128, 129, 130, 131, 132, 133, 134, 135, 136, 137, 138, 139, 140, 141, 142, 143, 144, 145, 146, 147, 148, 149, 150, 151, 152, 153, 154, 155, 156, 157, 158, 159, 160, 161, 162, 163, 164, 165, 166, 167, 168, 169, 170, 171, 172, 173, 174, 175, 176, 177, 178, 179, 180, 181, 182, 183, 184, 185, 186, 187, 188, 189, 190, 191, 192, 193, 194, 195, 196, 197, 198, 199, 200, 201, 202, 203, 204, 205, 206, 207, 208, 209, 210, 211, 212, 213, 214, 215, 216, 217, 218, 219, 220, 221, 222, 223, 224, 225, 226, 227, 228, 229, 230, 231, 232, 233, 234, 235, 236, 237, 238, 239, 240, 241, 242, 243, 244, 245, 246, 247, 248, 249, 250, 251, 252, 253, 254, 255, “ah”, “dccp”, “egp”, “esp”, “gre”, “icmp”, “icmpv6”, “igmp”, “ipv6-encap”, “ipv6-frag”, “ipv6-icmp”, “ipv6-nonxt”, “ipv6-opts”, “ipv6-route”, “ospf”, “pgm”, “rsvp”, “sctp”, “tcp”, “udp”, “udplite”, “vrrp” - remote_group¶
- The remote group name or ID to be associated with this security group rule.String value expected.Updates cause replacement.Value must be of type neutron.security_group
- remote_ip_prefix¶
- The remote IP prefix (CIDR) to be associated with this security group rule.String value expected.Updates cause replacement.Value must be of type net_cidr
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::SecurityGroupRule
properties:
description: String
direction: String
ethertype: String
port_range_max: Integer
port_range_min: Integer
protocol: String
remote_group: String
remote_ip_prefix: String
security_group: String
OS::Neutron::Segment¶
Available since 9.0.0 (Pike)
A resource for Neutron Segment.
This requires enabling the segments service plug-in by appending ‘segments’ to the list of service_plugins in the neutron.conf.
The default policy usage of this resource is limited to administrators only.
Required Properties¶
- network¶
- The name/id of network to associate with this segment.String value expected.Updates cause replacement.Value must be of type neutron.network
- network_type¶
- Type of network to associate with this segment.String value expected.Updates cause replacement.Allowed values: “local”, “vlan”, “vxlan”, “gre”, “geneve”, “flat”
Optional Properties¶
- description¶
- Description of the segment.String value expected.Can be updated without replacement.
- name¶
- Name of the segment.String value expected.Can be updated without replacement.
- physical_network¶
- Name of physical network to associate with this segment.String value expected.Updates cause replacement.
- segmentation_id¶
- Segmentation ID for this segment.Integer value expected.Updates cause replacement.The value must be at least 1.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::Segment
properties:
description: String
name: String
network: String
network_type: String
physical_network: String
segmentation_id: Integer
OS::Neutron::Subnet¶
A resource for managing Neutron subnets.
A subnet represents an IP address block that can be used for assigning IP addresses to virtual instances. Each subnet must have a CIDR and must be associated with a network. IPs can be either selected from the whole subnet CIDR, or from “allocation pools” that can be specified by the user.
Required Properties¶
- network¶
Available since 2014.2 (Juno)
The ID of the attached network.String value expected.Updates cause replacement.Value must be of type neutron.network
Optional Properties¶
- allocation_pools¶
- The start and end addresses for the allocation pools.List value expected.Can be updated without replacement.List contents:
- Map value expected.Can be updated without replacement.Map properties:
- cidr¶
- The CIDR.String value expected.Updates cause replacement.Value must be of type net_cidr
- dns_nameservers¶
- A specified set of DNS name servers to be used.List value expected.Can be updated without replacement.Defaults to
[]
- enable_dhcp¶
- Set to true if DHCP is enabled and false if DHCP is disabled.Boolean value expected.Can be updated without replacement.Defaults to
true
- gateway_ip¶
- The gateway IP address. Set to any of [ null | ~ | “” ] to create/update a subnet without a gateway. If omitted when creation, neutron will assign the first free IP address within the subnet to the gateway automatically. If remove this from template when update, the old gateway IP address will be detached.String value expected.Can be updated without replacement.
- host_routes¶
- A list of host route dictionaries for the subnet.List value expected.Can be updated without replacement.List contents:
- Map value expected.Can be updated without replacement.Map properties:
- ip_version¶
- The IP version, which is 4 or 6.Integer value expected.Updates cause replacement.Defaults to
4
Allowed values: 4, 6 - ipv6_address_mode¶
Available since 2015.1 (Kilo)
IPv6 address mode.String value expected.Updates cause replacement.Allowed values: “dhcpv6-stateful”, “dhcpv6-stateless”, “slaac”- ipv6_ra_mode¶
Available since 2015.1 (Kilo)
IPv6 RA (Router Advertisement) mode.String value expected.Updates cause replacement.Allowed values: “dhcpv6-stateful”, “dhcpv6-stateless”, “slaac”- name¶
- The name of the subnet.String value expected.Can be updated without replacement.
- prefixlen¶
Available since 6.0.0 (Mitaka)
Prefix length for subnet allocation from subnet pool.Integer value expected.Updates cause replacement.The value must be at least 0.- segment¶
Available since 11.0.0 (Rocky) - Update allowed since version 11.0.0.
Available since 9.0.0 (Pike)
The name/ID of the segment to associate.String value expected.Can be updated without replacement.Value must be of type neutron.segment- subnetpool¶
Available since 6.0.0 (Mitaka)
The name or ID of the subnet pool.String value expected.Updates cause replacement.Value must be of type neutron.subnetpool- tags¶
Available since 9.0.0 (Pike)
The tags to be added to the subnet.List value expected.Can be updated without replacement.List contents:- Optional.String value expected.Can be updated without replacement.
- tenant_id¶
- The ID of the tenant who owns the network. Only administrative users can specify a tenant ID other than their own.String value expected.Updates cause replacement.
- value_specs¶
- Extra parameters to include in the request.Map value expected.Can be updated without replacement.Defaults to
{}
Attributes¶
- allocation_pools¶
Ip allocation pools and their ranges.
- cidr¶
CIDR block notation for this subnet.
- dns_nameservers¶
List of dns nameservers.
- enable_dhcp¶
‘true’ if DHCP is enabled for this subnet; ‘false’ otherwise.
- gateway_ip¶
Ip of the subnet’s gateway.
- host_routes¶
Additional routes for this subnet.
- ip_version¶
Ip version for the subnet.
- name¶
Friendly name of the subnet.
- network_id¶
Parent network of the subnet.
- show¶
Detailed information about resource.
- tenant_id¶
Tenant owning the subnet.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::Subnet
properties:
allocation_pools: [{"start": String, "end": String}, {"start": String, "end": String}, ...]
cidr: String
dns_nameservers: [Value, Value, ...]
enable_dhcp: Boolean
gateway_ip: String
host_routes: [{"destination": String, "nexthop": String}, {"destination": String, "nexthop": String}, ...]
ip_version: Integer
ipv6_address_mode: String
ipv6_ra_mode: String
name: String
network: String
prefixlen: Integer
segment: String
subnetpool: String
tags: [String, String, ...]
tenant_id: String
value_specs: {...}
OS::Neutron::SubnetPool¶
Available since 6.0.0 (Mitaka)
A resource that implements neutron subnet pool.
This resource can be used to create a subnet pool with a large block of addresses and create subnets from it.
Required Properties¶
- prefixes¶
- List of subnet prefixes to assign.List value expected.Can be updated without replacement.The length must be at least 1.List contents:
- Optional.String value expected.Can be updated without replacement.Value must be of type net_cidr
Optional Properties¶
- address_scope¶
- An address scope ID to assign to the subnet pool.String value expected.Can be updated without replacement.Value must be of type neutron.address_scope
- default_prefixlen¶
- The size of the prefix to allocate when the cidr or prefixlen attributes are not specified while creating a subnet.Integer value expected.Can be updated without replacement.The value must be at least 0.
- default_quota¶
- A per-tenant quota on the prefix space that can be allocated from the subnet pool for tenant subnets.Integer value expected.Can be updated without replacement.The value must be at least 0.
- is_default¶
- Whether this is default IPv4/IPv6 subnet pool. There can only be one default subnet pool for each IP family. Note that the default policy setting restricts administrative users to set this to True.Boolean value expected.Can be updated without replacement.Defaults to
false
- max_prefixlen¶
- Maximum prefix size that can be allocated from the subnet pool.Integer value expected.Can be updated without replacement.The value must be at least 0.
- min_prefixlen¶
- Smallest prefix size that can be allocated from the subnet pool.Integer value expected.Can be updated without replacement.The value must be at least 0.
- name¶
- Name of the subnet pool.String value expected.Can be updated without replacement.
- tags¶
Available since 9.0.0 (Pike)
The tags to be added to the subnetpool.List value expected.Can be updated without replacement.List contents:- Optional.String value expected.Can be updated without replacement.
- tenant_id¶
- The ID of the tenant who owns the subnet pool. Only administrative users can specify a tenant ID other than their own.String value expected.Updates cause replacement.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::SubnetPool
properties:
address_scope: String
default_prefixlen: Integer
default_quota: Integer
is_default: Boolean
max_prefixlen: Integer
min_prefixlen: Integer
name: String
prefixes: [String, String, ...]
shared: Boolean
tags: [String, String, ...]
tenant_id: String
OS::Neutron::TaaS::TapFlow¶
Available since 12.0.0 (Stein)
A resource for neutron tap-as-a-service tap-flow.
This plug-in requires neutron-taas. So to enable this plug-in, install this library and restart the heat-engine.
A Tap-Flow represents the port from which the traffic needs to be mirrored.
Required Properties¶
Optional Properties¶
- description¶
- Description for the Tap-Flow.String value expected.Can be updated without replacement.Defaults to
""
- direction¶
- The Direction to capture the traffic on.String value expected.Updates cause replacement.Defaults to
"BOTH"
Allowed values: “IN”, “OUT”, “BOTH” - name¶
- Name for the Tap-Flow.String value expected.Can be updated without replacement.Defaults to
""
- vlan_filter¶
- Comma separated list of VLANs, data for which needs to be captured on probe VM.String value expected.Updates cause replacement.Value must match pattern: ^([0-9]+(-[0-9]+)?)(,([0-9]+(-[0-9]+)?))*$
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::TaaS::TapFlow
properties:
description: String
direction: String
name: String
port: String
tap_service: String
vlan_filter: String
OS::Neutron::TaaS::TapService¶
Available since 12.0.0 (Stein)
A resource for neutron tap-as-a-service tap-service.
This plug-in requires neutron-taas. So to enable this plug-in, install this library and restart the heat-engine.
A Tap-Service represents the port on which the mirrored traffic is delivered. Any VM that uses the mirrored data is attached to this port.
Required Properties¶
- port¶
- ID or name of the tap-service neutron port.String value expected.Updates cause replacement.Value must be of type neutron.port
Optional Properties¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::TaaS::TapService
properties:
description: String
name: String
port: String
OS::Neutron::Trunk¶
Available since 9.0.0 (Pike)
A resource for managing Neutron trunks.
Requires Neutron Trunk Extension to be enabled:
$ openstack extension show trunk
The network trunk service allows multiple networks to be connected to an instance using a single virtual NIC (vNIC). Multiple networks can be presented to an instance by connecting the instance to a single port.
Users can create a port, associate it with a trunk (as the trunk’s parent) and launch an instance on that port. Users can dynamically attach and detach additional networks without disrupting operation of the instance.
Every trunk has a parent port and can have any number (0, 1, …) of subports. The parent port is the port that the instance is directly associated with and its traffic is always untagged inside the instance. Users must specify the parent port of the trunk when launching an instance attached to a trunk.
A network presented by a subport is the network of the associated port.
When creating a subport, a segmentation_type
and segmentation_id
may be required by the driver so the user can distinguish the networks
inside the instance. As of release Pike only segmentation_type
vlan
is supported. segmentation_id
defines the segmentation ID
on which the subport network is presented to the instance.
Note that some Neutron backends (primarily Open vSwitch) only allow
trunk creation before an instance is booted on the parent port. To avoid
a possible race condition when booting an instance with a trunk it is
strongly recommended to refer to the trunk’s parent port indirectly in
the template via get_attr
. For example:
trunk:
type: OS::Neutron::Trunk
properties:
port: ...
instance:
type: OS::Nova::Server
properties:
networks:
- { port: { get_attr: [trunk, port_id] } }
Though other Neutron backends may tolerate the direct port reference (and the possible reverse ordering of API requests implied) it’s a good idea to avoid writing Neutron backend specific templates.
Required Properties¶
- port¶
- ID or name of a port to be used as a parent port.String value expected.Updates are not supported. Resource update will fail on any attempt to update this property.Value must be of type neutron.port
Optional Properties¶
- admin_state_up¶
- Enable/disable subport addition, removal and trunk delete.Boolean value expected.Can be updated without replacement.
- description¶
- Description for the trunk.String value expected.Can be updated without replacement.
- name¶
- A string specifying a symbolic name for the trunk, which is not required to be uniqe.String value expected.Can be updated without replacement.
- sub_ports¶
- List with 0 or more map elements containing subport details.List value expected.Can be updated without replacement.List contents:
- Map value expected.Can be updated without replacement.Map properties:
- port¶
- Required.ID or name of a port to be used as a subport.String value expected.Can be updated without replacement.Value must be of type neutron.port
- segmentation_id¶
- Required.The segmentation ID on which the subport network is presented to the instance.Integer value expected.Can be updated without replacement.The value must be in the range 1 to 4094.
- segmentation_type¶
- Required.Segmentation type to be used on the subport.String value expected.Can be updated without replacement.Allowed values: “vlan”
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::Trunk
properties:
admin_state_up: Boolean
description: String
name: String
port: String
sub_ports: [{"port": String, "segmentation_type": String, "segmentation_id": Integer}, {"port": String, "segmentation_type": String, "segmentation_id": Integer}, ...]
OS::Neutron::VPNService¶
A resource for VPN service in Neutron.
VPN service is a high level object that associates VPN with a specific subnet and router.
Required Properties¶
- router¶
Available since 2015.1 (Kilo)
The router to which the vpn service will be inserted.String value expected.Updates cause replacement.Value must be of type neutron.router- subnet¶
Available since 2014.2 (Juno)
Subnet in which the vpn service will be created.String value expected.Updates cause replacement.Value must be of type neutron.subnet
Optional Properties¶
- admin_state_up¶
- Administrative state for the vpn service.Boolean value expected.Can be updated without replacement.Defaults to
true
- description¶
- Description for the vpn service.String value expected.Can be updated without replacement.
- name¶
- Name for the vpn service.String value expected.Can be updated without replacement.
Attributes¶
- admin_state_up¶
The administrative state of the vpn service.
- description¶
The description of the vpn service.
- name¶
The name of the vpn service.
- router_id¶
The unique identifier of the router to which the vpn service was inserted.
- show¶
Detailed information about resource.
- status¶
The status of the vpn service.
- subnet_id¶
The unique identifier of the subnet in which the vpn service was created.
- tenant_id¶
The unique identifier of the tenant owning the vpn service.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Neutron::VPNService
properties:
admin_state_up: Boolean
description: String
name: String
router: String
subnet: String
OS::Nova::Flavor¶
Available since 2014.2 (Juno)
A resource for creating OpenStack virtual hardware templates.
Due to default nova security policy usage of this resource is limited to being used by administrators only. The rights may also be delegated to other users by redefining the access controls on the nova-api server.
Note that the current implementation of the Nova Flavor resource does not allow specifying the name and flavorid properties for the resource. This is done to avoid potential naming collision upon flavor creation as all flavor have a global scope.
Required Properties¶
Optional Properties¶
- disk¶
- Size of local disk in GB. The “0” size is a special case that uses the native base image size as the size of the ephemeral root volume.Integer value expected.Updates cause replacement.Defaults to
0
- ephemeral¶
- Size of a secondary ephemeral data disk in GB.Integer value expected.Updates cause replacement.Defaults to
0
- extra_specs¶
- Key/Value pairs to extend the capabilities of the flavor.Map value expected.Can be updated without replacement.
- flavorid¶
Available since 7.0.0 (Newton)
Unique ID of the flavor. If not specified, an UUID will be auto generated and used.String value expected.Updates cause replacement.- is_public¶
Available since 6.0.0 (Mitaka)
Scope of flavor accessibility. Public or private. Default value is True, means public, shared across all projects.Boolean value expected.Updates cause replacement.Defaults totrue
- name¶
Available since 7.0.0 (Newton)
Name of the flavor.String value expected.Updates cause replacement.- rxtx_factor¶
- RX/TX factor.Number value expected.Updates cause replacement.Defaults to
1.0
- swap¶
- Swap space in MB.Integer value expected.Updates cause replacement.Defaults to
0
- tenants¶
Available since 8.0.0 (Ocata)
List of tenants.List value expected.Can be updated without replacement.Defaults to[]
List contents:- Optional.String value expected.Can be updated without replacement.Value must be of type keystone.project
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Nova::Flavor
properties:
disk: Integer
ephemeral: Integer
extra_specs: {...}
flavorid: String
is_public: Boolean
name: String
ram: Integer
rxtx_factor: Number
swap: Integer
tenants: [String, String, ...]
vcpus: Integer
OS::Nova::HostAggregate¶
Available since 6.0.0 (Mitaka)
A resource for further partition an availability zone with hosts.
While availability zones are visible to users, host aggregates are only visible to administrators. Host aggregates started out as a way to use Xen hypervisor resource pools, but has been generalized to provide a mechanism to allow administrators to assign key-value pairs to groups of machines. Each node can have multiple aggregates, each aggregate can have multiple key-value pairs, and the same key-value pair can be assigned to multiple aggregate. This information can be used in the scheduler to enable advanced scheduling, to set up xen hypervisor resources pools or to define logical groups for migration.
Required Properties¶
- name¶
- Name for the aggregate.String value expected.Can be updated without replacement.
Optional Properties¶
- availability_zone¶
- Name for the availability zone.String value expected.Can be updated without replacement.
- hosts¶
- List of hosts to join aggregate.List value expected.Can be updated without replacement.List contents:
- Optional.String value expected.Can be updated without replacement.Value must be of type nova.host
- metadata¶
- Arbitrary key/value metadata to store information for aggregate.Map value expected.Can be updated without replacement.Defaults to
{}
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Nova::HostAggregate
properties:
availability_zone: String
hosts: [String, String, ...]
metadata: {...}
name: String
OS::Nova::KeyPair¶
Available since 2014.1 (Icehouse)
A resource for creating Nova key pairs.
A keypair is a ssh key that can be injected into a server on launch.
Note that if a new key is generated setting save_private_key to True results in the system saving the private key which can then be retrieved via the private_key attribute of this resource.
Setting the public_key property means that the private_key attribute of this resource will always return an empty string regardless of the save_private_key setting since there will be no private key data to save.
Required Properties¶
- name¶
- The name of the key pair.String value expected.Updates cause replacement.The length must be in the range 1 to 255.
Optional Properties¶
- public_key¶
- The optional public key. This allows users to supply the public key from a pre-existing key pair. If not supplied, a new key pair will be generated.String value expected.Updates cause replacement.
- save_private_key¶
- True if the system should remember a generated private key; False otherwise.Boolean value expected.Updates cause replacement.Defaults to
false
- type¶
Available since 8.0.0 (Ocata)
Keypair type. Supported since Nova api version 2.2.String value expected.Updates cause replacement.Allowed values: “ssh”, “x509”- user¶
Available since 9.0.0 (Pike)
ID or name of user to whom to add key-pair. The usage of this property is limited to being used by administrators only. Supported since Nova api version 2.10.String value expected.Updates cause replacement.Value must be of type keystone.user
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Nova::KeyPair
properties:
name: String
public_key: String
save_private_key: Boolean
type: String
user: String
OS::Nova::Quota¶
Available since 8.0.0 (Ocata)
A resource for creating nova quotas.
Nova Quota is used to manage operational limits for projects. Currently, this resource can manage Nova’s quotas for:
cores
fixed_ips
floating_ips
instances
injected_files
injected_file_content_bytes
injected_file_path_bytes
key_pairs
metadata_items
ram
security_groups
security_group_rules
server_groups
server_group_members
Note that default nova security policy usage of this resource is limited to being used by administrators only. Administrators should be careful to create only one Nova Quota resource per project, otherwise it will be hard for them to manage the quota properly.
Required Properties¶
- project¶
- Name or id of the project to set the quota for.String value expected.Updates cause replacement.Value must be of type keystone.project
Optional Properties¶
- cores¶
- Quota for the number of cores. Setting the value to -1 removes the limit.Integer value expected.Can be updated without replacement.The value must be at least -1.
- fixed_ips¶
- Quota for the number of fixed IPs. Setting the value to -1 removes the limit.Integer value expected.Can be updated without replacement.The value must be at least -1.
- floating_ips¶
- Quota for the number of floating IPs. Setting the value to -1 removes the limit.Integer value expected.Can be updated without replacement.The value must be at least -1.
- instances¶
- Quota for the number of instances. Setting the value to -1 removes the limit.Integer value expected.Can be updated without replacement.The value must be at least -1.
- key_pairs¶
- Quota for the number of key pairs. Setting the value to -1 removes the limit.Integer value expected.Can be updated without replacement.The value must be at least -1.
- metadata_items¶
- Quota for the number of metadata items. Setting the value to -1 removes the limit.Integer value expected.Can be updated without replacement.The value must be at least -1.
- ram¶
- Quota for the amount of ram (in megabytes). Setting the value to -1 removes the limit.Integer value expected.Can be updated without replacement.The value must be at least -1.
- security_group_rules¶
- Quota for the number of security group rules. Setting the value to -1 removes the limit.Integer value expected.Can be updated without replacement.The value must be at least -1.
- security_groups¶
- Quota for the number of security groups. Setting the value to -1 removes the limit.Integer value expected.Can be updated without replacement.The value must be at least -1.
- server_group_members¶
- Quota for the number of server group members. Setting the value to -1 removes the limit.Integer value expected.Can be updated without replacement.The value must be at least -1.
- server_groups¶
- Quota for the number of server groups. Setting the value to -1 removes the limit.Integer value expected.Can be updated without replacement.The value must be at least -1.
- injected_file_content_bytes¶
DEPRECATED since 14.0.0 (Ussuri) - File injection is deprecated from compute REST API OS::Nova::Quota resource will not support it in the future.
Quota for the number of injected file content bytes. Setting the value to -1 removes the limit.Integer value expected.Can be updated without replacement.The value must be at least -1.- injected_file_path_bytes¶
DEPRECATED since 14.0.0 (Ussuri) - File injection is deprecated from compute REST API OS::Nova::Quota resource will not support it in the future.
Quota for the number of injected file path bytes. Setting the value to -1 removes the limit.Integer value expected.Can be updated without replacement.The value must be at least -1.- injected_files¶
DEPRECATED since 14.0.0 (Ussuri) - File injection is deprecated from compute REST API OS::Nova::Quota resource will not support it in the future.
Quota for the number of injected files. Setting the value to -1 removes the limit.Integer value expected.Can be updated without replacement.The value must be at least -1.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Nova::Quota
properties:
cores: Integer
fixed_ips: Integer
floating_ips: Integer
instances: Integer
key_pairs: Integer
metadata_items: Integer
project: String
ram: Integer
security_group_rules: Integer
security_groups: Integer
server_group_members: Integer
server_groups: Integer
OS::Nova::Server¶
A resource for managing Nova instances.
A Server resource manages the running virtual machine instance within an OpenStack cloud.
Required Properties¶
- flavor¶
- The ID or name of the flavor to boot onto.String value expected.Can be updated without replacement.Value must be of type nova.flavor
Optional Properties¶
- admin_pass¶
- The administrator password for the server.String value expected.Can be updated without replacement.
- availability_zone¶
- Name of the availability zone for server placement.String value expected.Updates cause replacement.
- block_device_mapping¶
- Block device mappings for this server.List value expected.Updates cause replacement.List contents:
- Map value expected.Updates cause replacement.Map properties:
- delete_on_termination¶
- Optional.Indicate whether the volume should be deleted when the server is terminated.Boolean value expected.Updates cause replacement.
- device_name¶
- Required.A device name where the volume will be attached in the system at /dev/device_name. This value is typically vda.String value expected.Updates cause replacement.
- snapshot_id¶
- Optional.The ID of the snapshot to create a volume from.String value expected.Updates cause replacement.Value must be of type cinder.snapshot
- volume_id¶
- Optional.The ID of the volume to boot from. Only one of volume_id or snapshot_id should be provided.String value expected.Updates cause replacement.Value must be of type cinder.volume
- volume_size¶
- Optional.The size of the volume, in GB. It is safe to leave this blank and have the Compute service infer the size.Integer value expected.Updates cause replacement.
- block_device_mapping_v2¶
Available since 2015.1 (Kilo)
Block device mappings v2 for this server.List value expected.Updates cause replacement.List contents:- Map value expected.Updates cause replacement.Map properties:
- boot_index¶
- Optional.Integer used for ordering the boot disks. If it is not specified, value “0” will be set for bootable sources (volume, snapshot, image); value “-1” will be set for non-bootable sources.Integer value expected.Updates cause replacement.
- delete_on_termination¶
- Optional.Indicate whether the volume should be deleted when the server is terminated. Defaults to “False” in case of a volume, snapshot or image and to “True” in case of swap or ephemeral.Boolean value expected.Updates cause replacement.
- device_name¶
- Optional.A device name where the volume will be attached in the system at /dev/device_name. This value is typically vda.String value expected.Updates cause replacement.
- device_type¶
- Optional.Device type: at the moment we can make distinction only between disk and cdrom.String value expected.Updates cause replacement.Allowed values: “cdrom”, “disk”
- disk_bus¶
- Optional.Bus of the device: hypervisor driver chooses a suitable default if omitted.String value expected.Updates cause replacement.Allowed values: “ide”, “lame_bus”, “scsi”, “usb”, “virtio”
- ephemeral_format¶
Available since 8.0.0 (Ocata)
Optional.The format of the local ephemeral block device. If no format is specified, uses default value, defined in nova configuration file.String value expected.Updates cause replacement.Allowed values: “ext2”, “ext3”, “ext4”, “xfs”, “ntfs”- ephemeral_size¶
Available since 8.0.0 (Ocata)
Optional.The size of the local ephemeral block device, in GB.Integer value expected.Updates cause replacement.The value must be at least 1.- image¶
Available since 7.0.0 (Newton)
Optional.The ID or name of the image to create a volume from.String value expected.Updates cause replacement.Value must be of type glance.image- snapshot_id¶
- Optional.The ID of the snapshot to create a volume from.String value expected.Updates cause replacement.Value must be of type cinder.snapshot
- swap_size¶
- Optional.The size of the swap, in MB.Integer value expected.Updates cause replacement.
- volume_id¶
- Optional.The volume_id can be boot or non-boot device to the server.String value expected.Updates cause replacement.Value must be of type cinder.volume
- volume_size¶
- Optional.Size of the block device in GB. If it is omitted, hypervisor driver calculates size.Integer value expected.Updates cause replacement.
- config_drive¶
- If True, enable config drive on the server.Boolean value expected.Updates cause replacement.
- deployment_swift_data¶
Available since 9.0.0 (Pike)
Swift container and object to use for storing deployment data for the server resource. The parameter is a map value with the keys “container” and “object”, and the values are the corresponding container and object names. The software_config_transport parameter must be set to POLL_TEMP_URL for swift to be used. If not specified, and software_config_transport is set to POLL_TEMP_URL, a container will be automatically created from the resource name, and the object name will be a generated uuid.Map value expected.Can be updated without replacement.Defaults to{}
Map properties:- diskConfig¶
- Control how the disk is partitioned when the server is created.String value expected.Updates cause replacement.Allowed values: “AUTO”, “MANUAL”
- flavor_update_policy¶
- Policy on how to apply a flavor update; either by requesting a server resize or by replacing the entire server.String value expected.Can be updated without replacement.Defaults to
"RESIZE"
Allowed values: “RESIZE”, “REPLACE” - image¶
- The ID or name of the image to boot with.String value expected.Can be updated without replacement.Value must be of type glance.image
- image_update_policy¶
- Policy on how to apply an image-id update; either by requesting a server rebuild or by replacing the entire server.String value expected.Can be updated without replacement.Defaults to
"REBUILD"
Allowed values: “REBUILD”, “REPLACE”, “REBUILD_PRESERVE_EPHEMERAL” - key_name¶
- Name of keypair to inject into the server.String value expected.Updates cause replacement.Value must be of type nova.keypair
- metadata¶
- Arbitrary key/value metadata to store for this server. Both keys and values must be 255 characters or less. Non-string values will be serialized to JSON (and the serialized string must be 255 characters or less).Map value expected.Can be updated without replacement.Defaults to
{}
- name¶
- Server name.String value expected.Can be updated without replacement.
- networks¶
- An ordered list of nics to be added to this server, with information about connected networks, fixed ips, port etc.List value expected.Can be updated without replacement.List contents:
- Map value expected.Can be updated without replacement.Map properties:
- allocate_network¶
Available since 9.0.0 (Pike)
Optional.The special string values of network, auto: means either a network that is already available to the project will be used, or if one does not exist, will be automatically created for the project; none: means no networking will be allocated for the created server. Supported by Nova API since version “2.37”. This property can not be used with other network keys.String value expected.Can be updated without replacement.Allowed values: “none”, “auto”- fixed_ip¶
- Optional.Fixed IP address to specify for the port created on the requested network.String value expected.Can be updated without replacement.Value must be of type ip_addr
- floating_ip¶
Available since 6.0.0 (Mitaka)
Optional.ID of the floating IP to associate.String value expected.Can be updated without replacement.- network¶
- Optional.Name or ID of network to create a port on.String value expected.Can be updated without replacement.Value must be of type neutron.network
- port¶
- Optional.ID of an existing port to associate with this server.String value expected.Can be updated without replacement.Value must be of type neutron.port
- port_extra_properties¶
Available since 6.0.0 (Mitaka)
Dict, which has expand properties for port. Used only if port property is not specified for creating port.Map value expected.Can be updated without replacement.Map properties:- admin_state_up¶
- Optional.The administrative state of this port.Boolean value expected.Can be updated without replacement.Defaults to
true
- allowed_address_pairs¶
- Additional MAC/IP address pairs allowed to pass through the port.List value expected.Can be updated without replacement.List contents:
- Map value expected.Can be updated without replacement.Map properties:
- ip_address¶
- Required.IP address to allow through this port.String value expected.Can be updated without replacement.Value must be of type ip_or_cidr
- mac_address¶
- Optional.MAC address to allow through this port.String value expected.Can be updated without replacement.Value must be of type mac_addr
- binding:vnic_type¶
Available since 2015.1 (Kilo)
Optional.The vnic type to be bound on the neutron port. To support SR-IOV PCI passthrough networking, you can request that the neutron port to be realized as normal (virtual nic), direct (pci passthrough), or macvtap (virtual interface with a tap-like software interface). Note that this only works for Neutron deployments that support the bindings extension.String value expected.Can be updated without replacement.Defaults to"normal"
Allowed values: “normal”, “direct”, “macvtap”, “direct-physical”, “baremetal”, “virtio-forwarder”, “smart-nic”- mac_address¶
- Optional.MAC address to give to this port. The default update policy of this property in neutron is that allow admin role only.String value expected.Can be updated without replacement.Value must be of type mac_addr
- no_fixed_ips¶
Available since 16.0.0
Optional.Flag to disable all fixed ips on the port.Boolean value expected.Can be updated without replacement.Defaults tofalse
- port_security_enabled¶
Available since 5.0.0 (Liberty)
Optional.Flag to enable/disable port security on the port. When disable this feature(set it to False), there will be no packages filtering, like security-group and address-pairs.Boolean value expected.Can be updated without replacement.- propagate_uplink_status¶
Available since 15.0.0 (Victoria)
Optional.Flag to enable/disable propagate uplink status on the port.Boolean value expected.Can be updated without replacement.- qos_policy¶
Available since 6.0.0 (Mitaka)
Optional.The name or ID of QoS policy to attach to this port.String value expected.Can be updated without replacement.Value must be of type neutron.qos_policy- value_specs¶
- Extra parameters to include in the request.Map value expected.Can be updated without replacement.Defaults to
{}
- subnet¶
Available since 5.0.0 (Liberty)
Optional.Subnet in which to allocate the IP address for port. Used for creating port, based on derived properties. If subnet is specified, network property becomes optional.String value expected.Can be updated without replacement.- tag¶
Available since 9.0.0 (Pike)
Optional.Port tag. Heat ignores any update on this property as nova does not support it.String value expected.Can be updated without replacement.
- reservation_id¶
- A UUID for the set of servers being requested.String value expected.Updates cause replacement.
- scheduler_hints¶
- Arbitrary key-value pairs specified by the client to help boot a server.Map value expected.Updates cause replacement.
- security_groups¶
- List of security group names or IDs. Cannot be used if neutron ports are associated with this server; assign security groups to the ports instead.List value expected.Updates cause replacement.Defaults to
[]
- software_config_transport¶
- How the server should receive the metadata required for software configuration. POLL_SERVER_CFN will allow calls to the cfn API action DescribeStackResource authenticated with the provided keypair. POLL_SERVER_HEAT will allow calls to the Heat API resource-show using the provided keystone credentials. POLL_TEMP_URL will create and populate a Swift TempURL with metadata for polling. ZAQAR_MESSAGE will create a dedicated zaqar queue and post the metadata for polling.String value expected.Can be updated without replacement.Defaults to
"POLL_SERVER_CFN"
Allowed values: “POLL_SERVER_CFN”, “POLL_SERVER_HEAT”, “POLL_TEMP_URL”, “ZAQAR_MESSAGE” - tags¶
Available since 8.0.0 (Ocata)
Server tags. Supported since client version 2.26.List value expected.Can be updated without replacement.List contents:- Optional.String value expected.Can be updated without replacement.
- user_data¶
- User data script to be executed by cloud-init or CoreOS ignition. Changes cause replacement of the resource by default, but can be ignored altogether by setting the `user_data_update_policy` property.String value expected.Can be updated without replacement.Defaults to
""
- user_data_format¶
- How the user_data should be formatted for the server. For HEAT_CFNTOOLS, the user_data is bundled as part of the heat-cfntools cloud-init boot configuration data. For RAW the user_data is passed to Nova unmodified. For SOFTWARE_CONFIG user_data is bundled as part of the software config data, and metadata is derived from any associated SoftwareDeployment resources. And if the user_data is in CoreOS ignition(json) format, the metadata will be injected into the user_data automatically by Heat.String value expected.Updates cause replacement.Defaults to
"HEAT_CFNTOOLS"
Allowed values: “HEAT_CFNTOOLS”, “RAW”, “SOFTWARE_CONFIG” - user_data_update_policy¶
Available since 6.0.0 (Mitaka)
Policy on how to apply a user_data update; either by ignoring it or by replacing the entire server.String value expected.Can be updated without replacement.Defaults to"REPLACE"
Allowed values: “REPLACE”, “IGNORE”- personality¶
DEPRECATED since 12.0.0 (Stein) - This is not supported with nova api microversion 2.57 and above. OS::Nova::Server resource will not support it in the future. Please use user_data or metadata instead. However, you can set heat config option max_nova_api_microversion < 2.57 to use this property in the meantime.
A map of files to create/overwrite on the server upon boot. Keys are file names and values are the file contents.Map value expected.Updates cause replacement.Defaults to{}
Attributes¶
- accessIPv4¶
DEPRECATED since 14.0.0 (Ussuri)
Available since 2015.1 (Kilo)
The manually assigned alternative public IPv4 address of the server.
- accessIPv6¶
DEPRECATED since 14.0.0 (Ussuri)
Available since 2015.1 (Kilo)
The manually assigned alternative public IPv6 address of the server.
- addresses¶
Available since 11.0.0 (Rocky) - The attribute was extended to include subnets and network with version 11.0.0.
A dict of all network addresses with corresponding port_id and subnets. Each network will have two keys in dict, they are network name and network id. The port ID may be obtained through the following expression: ``{get_attr: [<server>, addresses, <network name_or_id>, 0, port]}``. The subnets may be obtained trough the following expression: ``{get_attr: [<server>, addresses, <network name_or_id>, 0, subnets]}``. The network may be obtained through the following expression: ``{get_attr: [<server>, addresses, <network name_or_id>, 0, network]}``.
- console_urls¶
Available since 2015.1 (Kilo)
URLs of server’s consoles. To get a specific console type, the requested type can be specified as parameter to the get_attr function, e.g. get_attr: [ <server>, console_urls, novnc ]. Currently supported types are novnc, xvpvnc, spice-html5, rdp-html5, serial and webmks.
- instance_name¶
AWS compatible instance name.
- name¶
Name of the server.
- networks¶
A dict of assigned network addresses of the form: {“public”: [ip1, ip2…], “private”: [ip3, ip4], “public_uuid”: [ip1, ip2…], “private_uuid”: [ip3, ip4]}. Each network will have two keys in dict, they are network name and network id.
- os_collect_config¶
Available since 9.0.0 (Pike)
The os-collect-config configuration for the server’s local agent to be configured to connect to Heat to retrieve deployment data.
- show¶
Detailed information about resource.
- tags¶
Available since 8.0.0 (Ocata)
Tags from the server. Supported since client version 2.26.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Nova::Server
properties:
admin_pass: String
availability_zone: String
block_device_mapping: [{"device_name": String, "volume_id": String, "snapshot_id": String, "volume_size": Integer, "delete_on_termination": Boolean}, {"device_name": String, "volume_id": String, "snapshot_id": String, "volume_size": Integer, "delete_on_termination": Boolean}, ...]
block_device_mapping_v2: [{"device_name": String, "volume_id": String, "image_id": String, "image": String, "snapshot_id": String, "swap_size": Integer, "ephemeral_size": Integer, "ephemeral_format": String, "device_type": String, "disk_bus": String, "boot_index": Integer, "volume_size": Integer, "delete_on_termination": Boolean}, {"device_name": String, "volume_id": String, "image_id": String, "image": String, "snapshot_id": String, "swap_size": Integer, "ephemeral_size": Integer, "ephemeral_format": String, "device_type": String, "disk_bus": String, "boot_index": Integer, "volume_size": Integer, "delete_on_termination": Boolean}, ...]
config_drive: Boolean
deployment_swift_data: {"container": String, "object": String}
diskConfig: String
flavor: String
flavor_update_policy: String
image: String
image_update_policy: String
key_name: String
metadata: {...}
name: String
networks: [{"uuid": String, "network": String, "allocate_network": String, "fixed_ip": String, "port": String, "port_extra_properties": {"value_specs": {...}, "admin_state_up": Boolean, "mac_address": String, "allowed_address_pairs": [{"mac_address": String, "ip_address": String}, {"mac_address": String, "ip_address": String}, ...], "binding:vnic_type": String, "port_security_enabled": Boolean, "qos_policy": String, "propagate_uplink_status": Boolean, "no_fixed_ips": Boolean}, "subnet": String, "floating_ip": String, "tag": String}, {"uuid": String, "network": String, "allocate_network": String, "fixed_ip": String, "port": String, "port_extra_properties": {"value_specs": {...}, "admin_state_up": Boolean, "mac_address": String, "allowed_address_pairs": [{"mac_address": String, "ip_address": String}, {"mac_address": String, "ip_address": String}, ...], "binding:vnic_type": String, "port_security_enabled": Boolean, "qos_policy": String, "propagate_uplink_status": Boolean, "no_fixed_ips": Boolean}, "subnet": String, "floating_ip": String, "tag": String}, ...]
reservation_id: String
scheduler_hints: {...}
security_groups: [Value, Value, ...]
software_config_transport: String
tags: [String, String, ...]
user_data: String
user_data_format: String
user_data_update_policy: String
OS::Nova::ServerGroup¶
Available since 2014.2 (Juno)
A resource for managing a Nova server group.
Server groups allow you to make sure instances (VM/VPS) are on the same hypervisor host or on a different one.
Optional Properties¶
- name¶
- Server Group name.String value expected.Updates cause replacement.
- policies¶
- A list of string policies to apply. Defaults to anti-affinity.List value expected.Updates cause replacement.Defaults to
["anti-affinity"]
Allowed values: “anti-affinity”, “affinity”, “soft-anti-affinity”, “soft-affinity”List contents:- Optional.String value expected.Updates cause replacement.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Nova::ServerGroup
properties:
name: String
policies: [String, String, ...]
OS::Octavia::Flavor¶
Available since 14.0.0 (Ussuri)
A resource for creating octavia Flavors.
This resource creates and manages octavia Flavors, which allows to tune Load Balancers’ capabilities.
Required Properties¶
- flavor_profile¶
- The ID or the name of the Flavor Profile.String value expected.Updates cause replacement.Value must be of type octavia.flavorprofile
Optional Properties¶
- description¶
- Description of this Flavor.String value expected.Can be updated without replacement.Defaults to
""
- enabled¶
- If the resource if available for use.Boolean value expected.Can be updated without replacement.Defaults to
true
- name¶
- Name of this Flavor.String value expected.Can be updated without replacement.
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Octavia::Flavor
properties:
description: String
enabled: Boolean
flavor_profile: String
name: String
OS::Octavia::FlavorProfile¶
Available since 14.0.0 (Ussuri)
A resource for creating octavia Flavor Profiles.
This resource creates and manages octavia Flavor Profiles, which allows to tune Load Balancers’ capabilities.
Required Properties¶
- flavor_data¶
- JSON string containing the flavor metadata.String value expected.Can be updated without replacement.
Optional Properties¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Octavia::FlavorProfile
properties:
flavor_data: String
name: String
provider_name: String
OS::Octavia::HealthMonitor¶
Available since 10.0.0 (Queens)
A resource to handle load balancer health monitors.
This resource creates and manages octavia healthmonitors, which watches status of the load balanced servers.
Required Properties¶
- delay¶
- The minimum time in seconds between regular connections of the member.Integer value expected.Can be updated without replacement.The value must be at least 0.
- max_retries¶
- Number of permissible connection failures before changing the member status to INACTIVE.Integer value expected.Can be updated without replacement.The value must be in the range 1 to 10.
- pool¶
- ID or name of the load balancing pool.String value expected.Updates cause replacement.Value must be of type octavia.pool
- timeout¶
- Maximum number of seconds for a monitor to wait for a connection to be established before it times out.Integer value expected.Can be updated without replacement.The value must be at least 0.
- type¶
- One of predefined health monitor types.String value expected.Updates cause replacement.Allowed values: “PING”, “TCP”, “HTTP”, “HTTPS”, “UDP-CONNECT”
Optional Properties¶
- admin_state_up¶
- The administrative state of the health monitor.Boolean value expected.Can be updated without replacement.Defaults to
true
- expected_codes¶
- The HTTP status codes expected in response from the member to declare it healthy. Specify one of the following values: a single value, such as 200. a list, such as 200, 202. a range, such as 200-204.String value expected.Can be updated without replacement.
- http_method¶
- The HTTP method used for requests by the monitor of type HTTP.String value expected.Can be updated without replacement.Allowed values: “GET”, “HEAD”, “POST”, “PUT”, “DELETE”, “TRACE”, “OPTIONS”, “CONNECT”, “PATCH”
- tenant_id¶
- ID of the tenant who owns the health monitor.String value expected.Updates cause replacement.
- url_path¶
- The HTTP path used in the HTTP request used by the monitor to test a member health. A valid value is a string the begins with a forward slash (/).String value expected.Can be updated without replacement.
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Octavia::HealthMonitor
properties:
admin_state_up: Boolean
delay: Integer
expected_codes: String
http_method: String
max_retries: Integer
pool: String
tenant_id: String
timeout: Integer
type: String
url_path: String
OS::Octavia::L7Policy¶
Available since 10.0.0 (Queens)
A resource for managing octavia L7Policies.
This resource manages L7Policies, which represent a collection of L7Rules. L7Policy holds the action that should be performed when the rules are matched (Redirect to Pool, Redirect to URL, Reject). L7Policy holds a Listener id, so a Listener can evaluate a collection of L7Policies. L7Policy will return True when all of the L7Rules that belong to this L7Policy are matched. L7Policies under a specific Listener are ordered and the first l7Policy that returns a match will be executed. When none of the policies match the request gets forwarded to listener.default_pool_id.
Required Properties¶
- action¶
- Action type of the policy.String value expected.Can be updated without replacement.Allowed values: “REJECT”, “REDIRECT_TO_POOL”, “REDIRECT_TO_URL”
- listener¶
- ID or name of the listener this policy belongs to.String value expected.Updates cause replacement.Value must be of type octavia.listener
Optional Properties¶
- admin_state_up¶
- The administrative state of the policy.Boolean value expected.Can be updated without replacement.Defaults to
true
- description¶
- Description of the policy.String value expected.Can be updated without replacement.
- name¶
- Name of the policy.String value expected.Can be updated without replacement.
- position¶
- L7 policy position in ordered policies list. This must be an integer starting from 1. If not specified, policy will be placed at the tail of existing policies list.Number value expected.Can be updated without replacement.The value must be at least 1.
- redirect_pool¶
- ID or name of the pool for REDIRECT_TO_POOL action type.String value expected.Can be updated without replacement.Value must be of type octavia.pool
- redirect_url¶
- URL for REDIRECT_TO_URL action type. This should be a valid URL string.String value expected.Can be updated without replacement.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Octavia::L7Policy
properties:
action: String
admin_state_up: Boolean
description: String
listener: String
name: String
position: Number
redirect_pool: String
redirect_url: String
OS::Octavia::L7Rule¶
Available since 10.0.0 (Queens)
A resource for managing octavia L7Rules.
This resource manages L7Rules, which represent a set of attributes that defines which part of the request should be matched and how it should be matched.
Required Properties¶
- compare_type¶
- Rule compare type.String value expected.Can be updated without replacement.Allowed values: “REGEX”, “STARTS_WITH”, “ENDS_WITH”, “CONTAINS”, “EQUAL_TO”
- l7policy¶
- ID or name of L7 policy this rule belongs to.String value expected.Updates cause replacement.Value must be of type octavia.l7policy
- type¶
- Rule type.String value expected.Can be updated without replacement.Allowed values: “HOST_NAME”, “PATH”, “FILE_TYPE”, “HEADER”, “COOKIE”
- value¶
- Value to compare.String value expected.Can be updated without replacement.
Optional Properties¶
- admin_state_up¶
- The administrative state of the rule.Boolean value expected.Can be updated without replacement.Defaults to
true
- invert¶
- Invert the compare type.Boolean value expected.Can be updated without replacement.Defaults to
false
- key¶
- Key to compare. Relevant for HEADER and COOKIE types only.String value expected.Can be updated without replacement.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Octavia::L7Rule
properties:
admin_state_up: Boolean
compare_type: String
invert: Boolean
key: String
l7policy: String
type: String
value: String
OS::Octavia::Listener¶
Available since 10.0.0 (Queens)
A resource for managing octavia Listeners.
This resource creates and manages Neutron octavia Listeners, which represent a listening endpoint for the vip.
Required Properties¶
- protocol¶
- Protocol on which to listen for the client traffic.String value expected.Updates cause replacement.Allowed values: “TCP”, “HTTP”, “HTTPS”, “TERMINATED_HTTPS”, “PROXY”, “UDP”
- protocol_port¶
- TCP or UDP port on which to listen for client traffic.Integer value expected.Updates cause replacement.The value must be in the range 1 to 65535.
Optional Properties¶
- admin_state_up¶
- The administrative state of this listener.Boolean value expected.Can be updated without replacement.Defaults to
true
- allowed_cidrs¶
Available since 14.0.0 (Ussuri)
A list of IPv4, IPv6 or mix of both CIDRs. The default is all allowed. When a list of CIDRs is provided, the default switches to deny all.List value expected.Can be updated without replacement.List contents:- Optional.String value expected.Can be updated without replacement.Value must be of type net_cidr
- connection_limit¶
- The maximum number of connections permitted for this load balancer. Defaults to -1, which is infinite.Integer value expected.Can be updated without replacement.Defaults to
-1
The value must be at least -1. - default_pool¶
- ID or name of the default pool for the listener.String value expected.Can be updated without replacement.Value must be of type octavia.pool
- default_tls_container_ref¶
- Default TLS container reference to retrieve TLS information.String value expected.Can be updated without replacement.
- description¶
- Description of this listener.String value expected.Can be updated without replacement.Defaults to
""
- loadbalancer¶
- ID or name of the load balancer with which listener is associated.String value expected.Updates cause replacement.Value must be of type octavia.loadbalancer
- name¶
- Name of this listener.String value expected.Can be updated without replacement.
- sni_container_refs¶
- List of TLS container references for SNI.List value expected.Can be updated without replacement.
- tenant_id¶
- The ID of the tenant who owns the listener.String value expected.Updates cause replacement.
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Octavia::Listener
properties:
admin_state_up: Boolean
allowed_cidrs: [String, String, ...]
connection_limit: Integer
default_pool: String
default_tls_container_ref: String
description: String
loadbalancer: String
name: String
protocol: String
protocol_port: Integer
sni_container_refs: [Value, Value, ...]
tenant_id: String
OS::Octavia::LoadBalancer¶
Available since 10.0.0 (Queens)
A resource for creating octavia Load Balancers.
This resource creates and manages octavia Load Balancers, which allows traffic to be directed between servers.
Required Properties¶
- vip_subnet¶
- The name or ID of the subnet on which to allocate the VIP address.String value expected.Updates cause replacement.Value must be of type neutron.subnet
Optional Properties¶
- admin_state_up¶
- The administrative state of this Load Balancer.Boolean value expected.Can be updated without replacement.Defaults to
true
- description¶
- Description of this Load Balancer.String value expected.Can be updated without replacement.Defaults to
""
- flavor¶
Available since 14.0.0 (Ussuri)
The name or ID of the flavor of the Load Balancer.String value expected.Updates cause replacement.Value must be of type octavia.flavor- name¶
- Name of this Load Balancer.String value expected.Can be updated without replacement.
- provider¶
- Provider for this Load Balancer.String value expected.Updates cause replacement.
- tenant_id¶
- The ID of the tenant who owns the Load Balancer. Only administrative users can specify a tenant ID other than their own.String value expected.Updates cause replacement.Value must be of type keystone.project
- vip_address¶
- IP address for the VIP.String value expected.Updates cause replacement.Value must be of type ip_addr
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Octavia::LoadBalancer
properties:
admin_state_up: Boolean
description: String
flavor: String
name: String
provider: String
tenant_id: String
vip_address: String
vip_subnet: String
OS::Octavia::Pool¶
Available since 10.0.0 (Queens)
A resource for managing Octavia Pools.
This resources manages octavia LBaaS Pools, which represent a group of nodes. Pools define the subnet where nodes reside, balancing algorithm, and the nodes themselves.
Required Properties¶
- lb_algorithm¶
- The algorithm used to distribute load between the members of the pool.String value expected.Can be updated without replacement.Allowed values: “ROUND_ROBIN”, “LEAST_CONNECTIONS”, “SOURCE_IP”, “SOURCE_IP_PORT”
- protocol¶
- Protocol of the pool.String value expected.Updates cause replacement.Allowed values: “TCP”, “HTTP”, “HTTPS”, “TERMINATED_HTTPS”, “PROXY”, “UDP”
Optional Properties¶
- admin_state_up¶
- The administrative state of this pool.Boolean value expected.Can be updated without replacement.Defaults to
true
- description¶
- Description of this pool.String value expected.Can be updated without replacement.Defaults to
""
- listener¶
- Listener name or ID to be associated with this pool.String value expected.Updates cause replacement.Value must be of type octavia.listener
- loadbalancer¶
- Loadbalancer name or ID to be associated with this pool.String value expected.Updates cause replacement.Value must be of type octavia.loadbalancer
- name¶
- Name of this pool.String value expected.Can be updated without replacement.
- session_persistence¶
- Configuration of session persistence.Map value expected.Updates cause replacement.Map properties:
- cookie_name¶
- Optional.Name of the cookie, required if type is APP_COOKIE.String value expected.Updates cause replacement.
- type¶
- Required.Method of implementation of session persistence feature.String value expected.Updates cause replacement.Allowed values: “SOURCE_IP”, “HTTP_COOKIE”, “APP_COOKIE”
- tls_enabled¶
Available since 14.0.0 (Ussuri)
Enable backend member re-encryption.Boolean value expected.Can be updated without replacement.Defaults tofalse
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Octavia::Pool
properties:
admin_state_up: Boolean
description: String
lb_algorithm: String
listener: String
loadbalancer: String
name: String
protocol: String
session_persistence: {"type": String, "cookie_name": String}
tls_enabled: Boolean
OS::Octavia::PoolMember¶
Available since 10.0.0 (Queens)
A resource for managing Octavia Pool Members.
A pool member represents a single backend node.
Required Properties¶
- address¶
- IP address of the pool member on the pool network.String value expected.Updates cause replacement.Value must be of type ip_addr
- pool¶
- Name or ID of the load balancing pool.String value expected.Updates cause replacement.Value must be of type octavia.pool
- protocol_port¶
- Port on which the pool member listens for requests or connections.Integer value expected.Updates cause replacement.The value must be in the range 1 to 65535.
Optional Properties¶
- admin_state_up¶
- The administrative state of the pool member.Boolean value expected.Can be updated without replacement.Defaults to
true
- monitor_address¶
- Alternate IP address which health monitor can use for health check.String value expected.Updates cause replacement.Value must be of type ip_addr
- monitor_port¶
- Alternate Port which health monitor can use for health check.Integer value expected.Updates cause replacement.The value must be in the range 1 to 65535.
- subnet¶
- Subnet name or ID of this member.String value expected.Updates cause replacement.Value must be of type neutron.subnet
- tags¶
Available since 13.0.0 (Train)
A list of simple strings assigned to the member. The property is supported with Stein Octavia or newer version.List value expected.Can be updated without replacement.- weight¶
- Weight of pool member in the pool (default to 1).Integer value expected.Can be updated without replacement.Defaults to
1
The value must be in the range 0 to 256.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Octavia::PoolMember
properties:
address: String
admin_state_up: Boolean
monitor_address: String
monitor_port: Integer
pool: String
protocol_port: Integer
subnet: String
tags: [Value, Value, ...]
weight: Integer
OS::Octavia::Quota¶
Available since 14.0.0 (Ussuri)
A resource for creating Octavia quotas.
Ocatavia Quota is used to manage operational limits for Octavia. Currently, this resource can manage Octavia’s quotas for:
healthmonitor
listener
loadbalancer
pool
member
Note that default octavia security policy usage of this resource is limited to being used by administrators only. Administrators should be careful to create only one Octavia Quota resource per project, otherwise it will be hard for them to manage the quota properly.
Required Properties¶
- project¶
- Name or id of the project to set the quota for.String value expected.Updates cause replacement.Value must be of type keystone.project
Optional Properties¶
- healthmonitor¶
- Quota for the number of healthmonitors. Setting the value to -1 removes the limit.Integer value expected.Can be updated without replacement.The value must be at least -1.
- listener¶
- Quota for the number of listeners. Setting the value to -1 removes the limit.Integer value expected.Can be updated without replacement.The value must be at least -1.
- loadbalancer¶
- Quota for the number of load balancers. Setting the value to -1 removes the limit.Integer value expected.Can be updated without replacement.The value must be at least -1.
- member¶
- Quota for the number of m. Setting the value to -1 removes the limit.Integer value expected.Can be updated without replacement.The value must be at least -1.
- pool¶
- Quota for the number of pools. Setting the value to -1 removes the limit.Integer value expected.Can be updated without replacement.The value must be at least -1.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Octavia::Quota
properties:
healthmonitor: Integer
listener: Integer
loadbalancer: Integer
member: Integer
pool: Integer
project: String
OS::Sahara::Cluster¶
A resource for managing Sahara clusters.
The Cluster entity represents a collection of VM instances that all have the same data processing framework installed. It is mainly characterized by a VM image with a pre-installed framework which will be used for cluster deployment. Users may choose one of the pre-configured Cluster Templates to start a Cluster. To get access to VMs after a Cluster has started, the user should specify a keypair.
Required Properties¶
- cluster_template_id¶
- ID of the Cluster Template used for Node Groups and configurations.String value expected.Updates cause replacement.Value must be of type sahara.cluster_template
- hadoop_version¶
- Version of Hadoop running on instances.String value expected.Updates cause replacement.
- neutron_management_network¶
- Name or UUID of network.String value expected.Updates cause replacement.Value must be of type neutron.network
- plugin_name¶
- Plugin name.String value expected.Updates cause replacement.Value must be of type sahara.plugin
Optional Properties¶
- default_image_id¶
Available since 2015.1 (Kilo)
Default name or UUID of the image used to boot Hadoop nodes.String value expected.Updates cause replacement.Value must be of type sahara.image- key_name¶
- Keypair added to instances to make them accessible for user.String value expected.Updates cause replacement.Value must be of type nova.keypair
- name¶
- Hadoop cluster name.String value expected.Updates cause replacement.The length must be in the range 1 to 80.Value must match pattern: ^(([a-zA-Z]|[a-zA-Z][a-zA-Z0-9-]*[a-zA-Z0-9]).)*([A-Za-z]|[A-Za-z][A-Za-z0-9-]*[A-Za-z0-9])$
- use_autoconfig¶
Available since 5.0.0 (Liberty)
Configure most important configs automatically.Boolean value expected.Updates cause replacement.
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Sahara::Cluster
properties:
cluster_template_id: String
default_image_id: String
hadoop_version: String
key_name: String
name: String
neutron_management_network: String
plugin_name: String
shares: [{"id": String, "path": String, "access_level": String}, {"id": String, "path": String, "access_level": String}, ...]
use_autoconfig: Boolean
OS::Sahara::ClusterTemplate¶
Available since 2014.2 (Juno)
A resource for managing Sahara cluster templates.
A Cluster Template is designed to bring Node Group Templates together to form a Cluster. A Cluster Template defines what Node Groups will be included and how many instances will be created in each. Some data processing framework configurations can not be applied to a single node, but to a whole Cluster. A user can specify these kinds of configurations in a Cluster Template. Sahara enables users to specify which processes should be added to an anti-affinity group within a Cluster Template. If a process is included into an anti-affinity group, it means that VMs where this process is going to be launched should be scheduled to different hardware hosts.
Required Properties¶
Optional Properties¶
- anti_affinity¶
- List of processes to enable anti-affinity for.List value expected.Can be updated without replacement.List contents:
- Optional.String value expected.Can be updated without replacement.
- cluster_configs¶
- Cluster configs dictionary.Map value expected.Can be updated without replacement.
- default_image_id¶
- ID of the default image to use for the template.String value expected.Can be updated without replacement.Value must be of type sahara.image
- description¶
- Description of the Sahara Group Template.String value expected.Can be updated without replacement.Defaults to
""
- name¶
- Name for the Sahara Cluster Template.String value expected.Can be updated without replacement.The length must be in the range 1 to 50.Value must match pattern: ^(([a-zA-Z]|[a-zA-Z][a-zA-Z0-9-]*[a-zA-Z0-9]).)*([A-Za-z]|[A-Za-z][A-Za-z0-9-]*[A-Za-z0-9])$
- neutron_management_network¶
- Name or UUID of network.String value expected.Can be updated without replacement.Value must be of type neutron.network
- node_groups¶
- Node groups.List value expected.Can be updated without replacement.List contents:
- Map value expected.Can be updated without replacement.Map properties:
- count¶
- Required.Number of instances in the Node group.Integer value expected.Can be updated without replacement.The value must be at least 1.
- name¶
- Required.Name of the Node group.String value expected.Can be updated without replacement.
- node_group_template_id¶
- Required.ID of the Node Group Template.String value expected.Can be updated without replacement.
- use_autoconfig¶
Available since 5.0.0 (Liberty)
Configure most important configs automatically.Boolean value expected.Updates cause replacement.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Sahara::ClusterTemplate
properties:
anti_affinity: [String, String, ...]
cluster_configs: {...}
default_image_id: String
description: String
hadoop_version: String
name: String
neutron_management_network: String
node_groups: [{"name": String, "count": Integer, "node_group_template_id": String}, {"name": String, "count": Integer, "node_group_template_id": String}, ...]
plugin_name: String
shares: [{"id": String, "path": String, "access_level": String}, {"id": String, "path": String, "access_level": String}, ...]
use_autoconfig: Boolean
OS::Sahara::DataSource¶
Available since 5.0.0 (Liberty)
A resource for creating sahara data source.
A data source stores an URL which designates the location of input or output data and any credentials needed to access the location.
Required Properties¶
Optional Properties¶
- credentials¶
- Credentials used for swift. Not required if sahara is configured to use proxy users and delegated trusts for access.Map value expected.Can be updated without replacement.Map properties:
- description¶
- Description of the data source.String value expected.Can be updated without replacement.Defaults to
""
- name¶
- Name of the data source.String value expected.Can be updated without replacement.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Sahara::DataSource
properties:
credentials: {"user": String, "password": String}
description: String
name: String
type: String
url: String
OS::Sahara::ImageRegistry¶
Available since 6.0.0 (Mitaka)
A resource for registering an image in sahara.
Allows to register an image in the sahara image registry and add tags.
Required Properties¶
Optional Properties¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Sahara::ImageRegistry
properties:
description: String
image: String
tags: [String, String, ...]
username: String
OS::Sahara::Job¶
Available since 8.0.0 (Ocata)
A resource for creating Sahara Job.
A job specifies the type of the job and lists all of the individual job binary objects. Can be launched using resource-signal.
Required Properties¶
- type¶
- Type of the job.String value expected.Updates cause replacement.Value must be of type sahara.job_type
Optional Properties¶
- default_execution_data¶
- Default execution data to use when run signal.Map value expected.Can be updated without replacement.Map properties:
- args¶
- Arguments to add to the job.List value expected.Can be updated without replacement.Defaults to
[]
List contents:- Optional.String value expected.Can be updated without replacement.
- cluster¶
- Required.ID or name of the cluster to run the job in.String value expected.Can be updated without replacement.Value must be of type sahara.cluster
- configs¶
- Config parameters to add to the job.Map value expected.Can be updated without replacement.Defaults to
{}
- input¶
- Optional.ID or name of the input data source.String value expected.Can be updated without replacement.Value must be of type sahara.data_source
- interface¶
- Interface arguments to add to the job.Map value expected.Can be updated without replacement.Defaults to
{}
- is_public¶
- Optional.If True, execution will be shared across the tenants.Boolean value expected.Can be updated without replacement.Defaults to
false
- output¶
- Optional.ID or name of the output data source.String value expected.Can be updated without replacement.Value must be of type sahara.data_source
- params¶
- Parameters to add to the job.Map value expected.Can be updated without replacement.Defaults to
{}
- description¶
- Description of the job.String value expected.Can be updated without replacement.
- is_protected¶
- If True, job will be protected from modifications and can not be deleted until this property is set to False.Boolean value expected.Can be updated without replacement.Defaults to
false
- is_public¶
- If True, job will be shared across the tenants.Boolean value expected.Can be updated without replacement.Defaults to
false
- libs¶
- IDs or names of job’s lib job binaries.List value expected.Updates cause replacement.Defaults to
[]
List contents:- Optional.String value expected.Updates cause replacement.Value must be of type sahara.job_binary
- mains¶
- IDs or names of job’s main job binary. In case of specific Sahara service, this property designed as a list, but accepts only one item.List value expected.Updates cause replacement.Defaults to
[]
The length must be no greater than 1.List contents:- Optional.ID of job’s main job binary.String value expected.Updates cause replacement.Value must be of type sahara.job_binary
- name¶
- Name of the job.String value expected.Can be updated without replacement.The length must be in the range 1 to 50.Value must match pattern: ^[a-zA-Z0-9][a-zA-Z0-9-_.]*$
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Sahara::Job
properties:
default_execution_data: {"cluster": String, "input": String, "output": String, "configs": {...}, "params": {...}, "args": [String, String, ...], "is_public": Boolean, "interface": {...}}
description: String
is_protected: Boolean
is_public: Boolean
libs: [String, String, ...]
mains: [String, String, ...]
name: String
type: String
OS::Sahara::JobBinary¶
Available since 5.0.0 (Liberty)
A resource for creating sahara job binary.
A job binary stores an URL to a single script or Jar file and any credentials needed to retrieve the file.
Required Properties¶
- url¶
- URL for the job binary. Must be in the format swift://<container>/<path> or internal-db://<uuid>.String value expected.Can be updated without replacement.
Optional Properties¶
- credentials¶
- Credentials used for swift. Not required if sahara is configured to use proxy users and delegated trusts for access.Map value expected.Can be updated without replacement.Map properties:
- description¶
- Description of the job binary.String value expected.Can be updated without replacement.Defaults to
""
- name¶
- Name of the job binary.String value expected.Can be updated without replacement.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Sahara::JobBinary
properties:
credentials: {"user": String, "password": String}
description: String
name: String
url: String
OS::Sahara::NodeGroupTemplate¶
Available since 2014.2 (Juno)
A resource for managing Sahara node group templates.
A Node Group Template describes a group of nodes within cluster. It contains a list of hadoop processes that will be launched on each instance in a group. Also a Node Group Template may provide node scoped configurations for those processes.
Required Properties¶
- flavor¶
- Name or ID Nova flavor for the nodes.String value expected.Can be updated without replacement.Value must be of type nova.flavor
- hadoop_version¶
- Version of Hadoop running on instances.String value expected.Can be updated without replacement.
- node_processes¶
- List of processes to run on every node.List value expected.Can be updated without replacement.The length must be at least 1.List contents:
- Optional.String value expected.Can be updated without replacement.
- plugin_name¶
- Plugin name.String value expected.Can be updated without replacement.Value must be of type sahara.plugin
Optional Properties¶
- auto_security_group¶
- Defines whether auto-assign security group to this Node Group template.Boolean value expected.Can be updated without replacement.
- availability_zone¶
- Availability zone to create servers in.String value expected.Can be updated without replacement.
- description¶
- Description of the Node Group Template.String value expected.Can be updated without replacement.Defaults to
""
- floating_ip_pool¶
- Name or UUID of the Neutron floating IP network or name of the Nova floating ip pool to use. Should not be provided when used with Nova-network that auto-assign floating IPs.String value expected.Can be updated without replacement.
- image_id¶
- ID of the image to use for the template.String value expected.Can be updated without replacement.Value must be of type sahara.image
- is_proxy_gateway¶
Available since 5.0.0 (Liberty)
Provide access to nodes using other nodes of the cluster as proxy gateways.Boolean value expected.Can be updated without replacement.- name¶
- Name for the Sahara Node Group Template.String value expected.Can be updated without replacement.The length must be in the range 1 to 50.Value must match pattern: ^(([a-zA-Z]|[a-zA-Z][a-zA-Z0-9-]*[a-zA-Z0-9]).)*([A-Za-z]|[A-Za-z][A-Za-z0-9-]*[A-Za-z0-9])$
- node_configs¶
- Dictionary of node configurations.Map value expected.Can be updated without replacement.
- security_groups¶
- List of security group names or IDs to assign to this Node Group template.List value expected.Can be updated without replacement.List contents:
- Optional.String value expected.Can be updated without replacement.
- use_autoconfig¶
Available since 5.0.0 (Liberty)
Configure most important configs automatically.Boolean value expected.Can be updated without replacement.- volume_local_to_instance¶
Available since 5.0.0 (Liberty)
Create volumes on the same physical port as an instance.Boolean value expected.Can be updated without replacement.- volume_type¶
- Type of the volume to create on Cinder backend.String value expected.Can be updated without replacement.Value must be of type cinder.vtype
- volumes_availability_zone¶
- Availability zone to create volumes in.String value expected.Can be updated without replacement.
- volumes_per_node¶
- Volumes per node.Integer value expected.Can be updated without replacement.Defaults to
0
The value must be at least 0. - volumes_size¶
- Size of the volumes, in GB.Integer value expected.Can be updated without replacement.The value must be at least 1.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Sahara::NodeGroupTemplate
properties:
auto_security_group: Boolean
availability_zone: String
description: String
flavor: String
floating_ip_pool: String
hadoop_version: String
image_id: String
is_proxy_gateway: Boolean
name: String
node_configs: {...}
node_processes: [String, String, ...]
plugin_name: String
security_groups: [String, String, ...]
shares: [{"id": String, "path": String, "access_level": String}, {"id": String, "path": String, "access_level": String}, ...]
use_autoconfig: Boolean
volume_local_to_instance: Boolean
volume_type: String
volumes_availability_zone: String
volumes_per_node: Integer
volumes_size: Integer
OS::Senlin::Cluster¶
Available since 6.0.0 (Mitaka)
A resource that creates a Senlin Cluster.
Cluster resource in senlin can create and manage objects of the same nature, e.g. Nova servers, Heat stacks, Cinder volumes, etc. The collection of these objects is referred to as a cluster.
Required Properties¶
- profile¶
- The name or id of the Senlin profile.String value expected.Can be updated without replacement.Value must be of type senlin.profile
Optional Properties¶
- desired_capacity¶
- Desired initial number of resources in cluster.Integer value expected.Can be updated without replacement.Defaults to
0
- max_size¶
- Maximum number of resources in the cluster. -1 means unlimited.Integer value expected.Can be updated without replacement.Defaults to
-1
The value must be at least -1. - metadata¶
- Metadata key-values defined for cluster.Map value expected.Can be updated without replacement.Defaults to
{}
- min_size¶
- Minimum number of resources in the cluster.Integer value expected.Can be updated without replacement.Defaults to
0
The value must be at least 0. - name¶
- Name of the cluster. By default, physical resource name is used.String value expected.Can be updated without replacement.
- policies¶
Available since 8.0.0 (Ocata)
A list of policies to attach to this cluster.List value expected.Can be updated without replacement.Defaults to[]
List contents:- Map value expected.Can be updated without replacement.Map properties:
- timeout¶
- The number of seconds to wait for the cluster actions.Integer value expected.Can be updated without replacement.The value must be at least 0.
Attributes¶
- collect¶
Available since 8.0.0 (Ocata)
Attributes collected from cluster. According to the jsonpath following this attribute, it will return a list of attributes collected from the nodes of this cluster.
- desired_capacity¶
Desired capacity of the cluster.
- max_size¶
Max size of the cluster.
- metadata¶
Cluster metadata.
- min_size¶
Min size of the cluster.
- name¶
Cluster name.
- nodes¶
Nodes list in the cluster.
- policies¶
Available since 8.0.0 (Ocata)
Policies attached to the cluster.
- show¶
Detailed information about resource.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Senlin::Cluster
properties:
desired_capacity: Integer
max_size: Integer
metadata: {...}
min_size: Integer
name: String
policies: [{"policy": String, "enabled": Boolean}, {"policy": String, "enabled": Boolean}, ...]
profile: String
timeout: Integer
OS::Senlin::Node¶
Available since 6.0.0 (Mitaka)
A resource that creates a Senlin Node.
Node is an object that belongs to at most one Cluster, it can be created based on a profile.
Required Properties¶
- profile¶
- Name or ID of senlin profile to create this node.String value expected.Can be updated without replacement.Value must be of type senlin.profile
Optional Properties¶
- cluster¶
Available since 8.0.0 (Ocata)
The name of senlin cluster to attach to.String value expected.Can be updated without replacement.Value must be of type senlin.cluster- metadata¶
- Metadata key-values defined for node.Map value expected.Can be updated without replacement.
- name¶
- Name of the senlin node. By default, physical resource name is used.String value expected.Can be updated without replacement.
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Senlin::Node
properties:
cluster: String
metadata: {...}
name: String
profile: String
OS::Senlin::Policy¶
Available since 6.0.0 (Mitaka)
A resource that creates a Senlin Policy.
A policy is a set of rules that can be checked and/or enforced when an action is performed on a Cluster.
Required Properties¶
- type¶
- The type of senlin policy.String value expected.Updates cause replacement.Value must be of type senlin.policy_type
Optional Properties¶
- bindings¶
- A list of clusters to which this policy is attached.List value expected.Can be updated without replacement.List contents:
- Map value expected.Can be updated without replacement.Map properties:
- name¶
- Name of the senlin policy. By default, physical resource name is used.String value expected.Can be updated without replacement.
- properties¶
- Properties of this policy.Map value expected.Updates cause replacement.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Senlin::Policy
properties:
bindings: [{"cluster": String, "enabled": Boolean}, {"cluster": String, "enabled": Boolean}, ...]
name: String
properties: {...}
type: String
OS::Senlin::Profile¶
Available since 6.0.0 (Mitaka)
A resource that creates a Senlin Profile.
Profile resource in senlin is a template describing how to create nodes in cluster.
Required Properties¶
- type¶
- The type of profile.String value expected.Updates cause replacement.Value must be of type senlin.profile_type
Optional Properties¶
- metadata¶
- Metadata key-values defined for profile.Map value expected.Can be updated without replacement.
- name¶
- Name of the senlin profile. By default, physical resource name is used.String value expected.Can be updated without replacement.
- properties¶
- Properties for profile.Map value expected.Updates cause replacement.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Senlin::Profile
properties:
metadata: {...}
name: String
properties: {...}
type: String
OS::Senlin::Receiver¶
Available since 6.0.0 (Mitaka)
A resource that creates Senlin Receiver.
Receiver is an abstract resource created at the senlin engine that can be used to hook the engine to some external event/alarm sources.
Required Properties¶
Optional Properties¶
- name¶
- Name of the senlin receiver. By default, physical resource name is used.String value expected.Updates cause replacement.
- params¶
- The parameters passed to action when the receiver is signaled.Map value expected.Updates cause replacement.
- type¶
- Type of receiver.String value expected.Updates cause replacement.Defaults to
"webhook"
Allowed values: “webhook”
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Senlin::Receiver
properties:
action: String
cluster: String
name: String
params: {...}
type: String
OS::Swift::Container¶
A resource for managing Swift containers.
A container defines a namespace for objects. An object with the same name in two different containers represents two different objects.
Optional Properties¶
- PurgeOnDelete¶
Available since 2015.1 (Kilo)
If True, delete any objects in the container when the container is deleted. Otherwise, deleting a non-empty container will result in an error.Boolean value expected.Updates cause replacement.Defaults tofalse
- X-Account-Meta¶
- A map of user-defined meta data to associate with the account. Each key in the map will set the header X-Account-Meta-{key} with the corresponding value.Map value expected.Updates cause replacement.Defaults to
{}
- X-Container-Meta¶
- A map of user-defined meta data to associate with the container. Each key in the map will set the header X-Container-Meta-{key} with the corresponding value.Map value expected.Updates cause replacement.Defaults to
{}
- X-Container-Read¶
- Specify the ACL permissions on who can read objects in the container.String value expected.Updates cause replacement.
- X-Container-Write¶
- Specify the ACL permissions on who can write objects to the container.String value expected.Updates cause replacement.
- name¶
- Name for the container. If not specified, a unique name will be generated.String value expected.Updates cause replacement.
Attributes¶
- BytesUsed¶
The number of bytes stored in the container.
- DomainName¶
The host from the container URL.
- HeadContainer¶
A map containing all headers for the container.
- ObjectCount¶
The number of objects stored in the container.
- RootURL¶
The parent URL of the container.
- WebsiteURL¶
The URL of the container.
- show¶
Detailed information about resource.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Swift::Container
properties:
PurgeOnDelete: Boolean
X-Account-Meta: {...}
X-Container-Meta: {...}
X-Container-Read: String
X-Container-Write: String
name: String
OS::Trove::Cluster¶
Available since 2015.1 (Kilo)
A resource for managing Trove clusters.
A Cluster is an opaque cluster used to store Database clusters.
Required Properties¶
- datastore_type¶
- Name of registered datastore type.String value expected.Updates cause replacement.The length must be no greater than 255.
- datastore_version¶
- Name of the registered datastore version. It must exist for provided datastore type. Defaults to using single active version. If several active versions exist for provided datastore type, explicit value for this parameter must be specified.String value expected.Updates cause replacement.The length must be no greater than 255.
- instances¶
- List of database instances.List value expected.Updates cause replacement.List contents:
- Map value expected.Updates cause replacement.Map properties:
- availability_zone¶
Available since 14.0.0 (Ussuri)
Optional.Name of the availability zone for DB instance.String value expected.Updates cause replacement.- flavor¶
- Required.Flavor of the instance.String value expected.Updates cause replacement.Value must be of type trove.flavor
- networks¶
Available since 10.0.0 (Queens)
List of network interfaces to create on instance.List value expected.Updates cause replacement.Defaults to[]
List contents:- Map value expected.Updates cause replacement.Map properties:
- fixed_ip¶
- Optional.Fixed IPv4 address for this NIC.String value expected.Updates cause replacement.Value must be of type ip_addr
- network¶
- Optional.Name or UUID of the network to attach this NIC to. Either port or network must be specified.String value expected.Updates cause replacement.Value must be of type neutron.network
- port¶
- Optional.Name or UUID of Neutron port to attach this NIC to. Either port or network must be specified.String value expected.Updates cause replacement.Value must be of type neutron.port
- volume_size¶
- Required.Size of the instance disk volume in GB.Integer value expected.Updates cause replacement.The value must be in the range 1 to 150.
Optional Properties¶
- name¶
- Name of the cluster to create.String value expected.Updates cause replacement.The length must be no greater than 255.
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Trove::Cluster
properties:
datastore_type: String
datastore_version: String
instances: [{"flavor": String, "volume_size": Integer, "networks": [{"network": String, "port": String, "fixed_ip": String}, {"network": String, "port": String, "fixed_ip": String}, ...], "availability_zone": String}, {"flavor": String, "volume_size": Integer, "networks": [{"network": String, "port": String, "fixed_ip": String}, {"network": String, "port": String, "fixed_ip": String}, ...], "availability_zone": String}, ...]
name: String
OS::Trove::Instance¶
Available since 2014.1 (Icehouse)
OpenStack cloud database instance resource.
Trove is Database as a Service for OpenStack. It’s designed to run entirely on OpenStack, with the goal of allowing users to quickly and easily utilize the features of a relational or non-relational database without the burden of handling complex administrative tasks.
Required Properties¶
Optional Properties¶
- availability_zone¶
- Name of the availability zone for DB instance.String value expected.Updates cause replacement.
- databases¶
- List of databases to be created on DB instance creation.List value expected.Can be updated without replacement.Defaults to
[]
List contents:- Map value expected.Can be updated without replacement.Map properties:
- character_set¶
- Optional.Set of symbols and encodings.String value expected.Can be updated without replacement.Defaults to
"utf8"
- collate¶
- Optional.Set of rules for comparing characters in a character set.String value expected.Can be updated without replacement.Defaults to
"utf8_general_ci"
- name¶
- Required.Specifies database names for creating databases on instance creation.String value expected.Can be updated without replacement.The length must be no greater than 64.Value must match pattern: [a-zA-Z0-9_-]+[a-zA-Z0-9_@?#\s-]*[a-zA-Z0-9_-]+
- datastore_type¶
- Name of registered datastore type.String value expected.Updates cause replacement.The length must be no greater than 255.
- datastore_version¶
- Name of the registered datastore version. It must exist for provided datastore type. Defaults to using single active version. If several active versions exist for provided datastore type, explicit value for this parameter must be specified.String value expected.Updates cause replacement.The length must be no greater than 255.
- name¶
- Name of the DB instance to create.String value expected.Can be updated without replacement.The length must be no greater than 255.
- networks¶
- List of network interfaces to create on instance.List value expected.Updates cause replacement.Defaults to
[]
List contents:- Map value expected.Updates cause replacement.Map properties:
- fixed_ip¶
- Optional.Fixed IPv4 address for this NIC.String value expected.Updates cause replacement.Value must be of type ip_addr
- network¶
- Optional.Name or UUID of the network to attach this NIC to. Either port or network must be specified.String value expected.Updates cause replacement.Value must be of type neutron.network
- port¶
- Optional.Name or UUID of Neutron port to attach this NIC to. Either port or network must be specified.String value expected.Updates cause replacement.Value must be of type neutron.port
- replica_count¶
Available since 5.0.0 (Liberty)
The number of replicas to be created.Integer value expected.Updates cause replacement.- replica_of¶
Available since 5.0.0 (Liberty)
Identifier of the source instance to replicate.String value expected.Updates cause replacement.- restore_point¶
- DB instance restore point.String value expected.Updates cause replacement.
- users¶
- List of users to be created on DB instance creation.List value expected.Can be updated without replacement.Defaults to
[]
List contents:- Map value expected.Can be updated without replacement.Map properties:
- databases¶
- Names of databases that those users can access on instance creation.List value expected.Can be updated without replacement.The length must be at least 1.List contents:
- Optional.String value expected.Can be updated without replacement.
- host¶
- Optional.The host from which a user is allowed to connect to the database.String value expected.Can be updated without replacement.Defaults to
"%"
- name¶
- Required.User name to create a user on instance creation.String value expected.Can be updated without replacement.The length must be no greater than 16.Value must match pattern: [a-zA-Z0-9_]+[a-zA-Z0-9_@?#\s]*[a-zA-Z0-9_]+
- password¶
- Required.Password for those users on instance creation.String value expected.Can be updated without replacement.Value must match pattern: [a-zA-Z0-9_]+[a-zA-Z0-9_@?#\s]*[a-zA-Z0-9_]+
Attributes¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Trove::Instance
properties:
availability_zone: String
databases: [{"character_set": String, "collate": String, "name": String}, {"character_set": String, "collate": String, "name": String}, ...]
datastore_type: String
datastore_version: String
flavor: String
name: String
networks: [{"network": String, "port": String, "fixed_ip": String}, {"network": String, "port": String, "fixed_ip": String}, ...]
replica_count: Integer
replica_of: String
restore_point: String
size: Integer
users: [{"name": String, "password": String, "host": String, "databases": [String, String, ...]}, {"name": String, "password": String, "host": String, "databases": [String, String, ...]}, ...]
OS::Vitrage::Template¶
Available since 16.0.0
A resource for managing Vitrage templates.
A Vitrage template defines conditions and actions, based on the Vitrage topology graph. For example, if there is an “instance down” alarm on an instance, then execute a Mistral healing workflow.
The VitrageTemplate resource generates and adds to Vitrage a template based on the input parameters.
Required Properties¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Vitrage::Template
properties:
template_file: String
template_params: {...}
OS::Zaqar::MistralTrigger¶
Available since 8.0.0 (Ocata)
A Zaqar subscription for triggering Mistral workflows.
This Zaqar subscription type listens for messages in a queue and triggers a Mistral workflow execution each time one is received.
The content of the Zaqar message is passed to the workflow in the environment with the name “notification”, and thus is accessible from within the workflow as:
<% env().notification %>
Other environment variables can be set using the ‘env’ key in the params property.
Required Properties¶
Optional Properties¶
- input¶
- Input values to pass to the Mistral workflow.Map value expected.Can be updated without replacement.Defaults to
{}
- params¶
- Parameters to pass to the Mistral workflow execution. The parameters depend on the workflow type.Map value expected.Can be updated without replacement.Defaults to
{}
- ttl¶
- Time to live of the subscription in seconds.Integer value expected.Can be updated without replacement.Defaults to
220367260800
The value must be at least 60.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Zaqar::MistralTrigger
properties:
input: {...}
params: {...}
queue_name: String
ttl: Integer
workflow_id: String
OS::Zaqar::Queue¶
Available since 2014.2 (Juno)
A resource for managing Zaqar queues.
Queue is a logical entity that groups messages. Ideally a queue is created per work type. For example, if you want to compress files, you would create a queue dedicated for this job. Any application that reads from this queue would only compress files.
Optional Properties¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Zaqar::Queue
properties:
metadata: {...}
name: String
OS::Zaqar::SignedQueueURL¶
Available since 8.0.0 (Ocata)
A resource for managing signed URLs of Zaqar queues.
Signed URLs allow to give specific access to queues, for example to be used as alarm notifications. To supply a signed queue URL to Aodh as an action URL, pass “zaqar://?” followed by the query_str attribute of the signed queue URL resource.
Required Properties¶
- queue¶
- Name of the queue instance to create a URL for.String value expected.Updates cause replacement.
Optional Properties¶
- methods¶
- List of allowed HTTP methods to be used. Default to allow GET.List value expected.Updates cause replacement.List contents:
- Optional.String value expected.Updates cause replacement.Allowed values: “GET”, “DELETE”, “PATCH”, “POST”, “PUT”
- paths¶
- List of allowed paths to be accessed. Default to allow queue messages URL.List value expected.Updates cause replacement.
- ttl¶
- Time validity of the URL, in seconds. Default to one day.Integer value expected.Updates cause replacement.
Attributes¶
- expires¶
Expiration date of the URL.
- methods¶
Comma-delimited list of methods for convenience.
- paths¶
Comma-delimited list of paths for convenience.
- project¶
The ID of the Keystone project containing the queue.
- query_str¶
An HTTP URI query fragment.
- show¶
Detailed information about resource.
- signature¶
Signature of the URL built by Zaqar.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Zaqar::SignedQueueURL
properties:
methods: [String, String, ...]
paths: [Value, Value, ...]
queue: String
ttl: Integer
OS::Zaqar::Subscription¶
Available since 8.0.0 (Ocata)
A resource for managing Zaqar subscriptions.
A Zaqar subscription listens for messages in a queue and sends a notification over email or webhook.
Required Properties¶
Optional Properties¶
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Zaqar::Subscription
properties:
options: {...}
queue_name: String
subscriber: String
ttl: Integer
OS::Zun::Container¶
Available since 9.0.0 (Pike)
A resource that creates a Zun Container.
This resource creates a Zun container.
Required Properties¶
- image¶
- Name or ID of the image.String value expected.Updates cause replacement.
Optional Properties¶
- command¶
- Send command to the container.String value expected.Updates cause replacement.
- cpu¶
- The number of virtual cpus.Number value expected.Can be updated without replacement.
- environment¶
- The environment variables.Map value expected.Updates cause replacement.
- hints¶
Available since 10.0.0 (Queens)
Arbitrary key-value pairs for scheduler to select host.Map value expected.Updates cause replacement.- hostname¶
Available since 10.0.0 (Queens)
The hostname of the container.String value expected.Updates cause replacement.- image_driver¶
- The image driver to use to pull container image.String value expected.Updates cause replacement.Allowed values: “docker”, “glance”
- image_pull_policy¶
- The policy which determines if the image should be pulled prior to starting the container.String value expected.Updates cause replacement.Allowed values: “ifnotpresent”, “always”, “never”
- interactive¶
- Keep STDIN open even if not attached.Boolean value expected.Updates cause replacement.
- labels¶
- Adds a map of labels to a container. May be used multiple times.Map value expected.Updates cause replacement.
- memory¶
- The container memory size in MiB.Integer value expected.Can be updated without replacement.
- mounts¶
- A list of volumes mounted inside the container.List value expected.Updates cause replacement.List contents:
- Map value expected.Updates cause replacement.Map properties:
- mount_path¶
- Required.The filesystem path inside the container.String value expected.Updates cause replacement.
- volume_id¶
- Optional.The ID or name of the cinder volume mount to the container.String value expected.Updates cause replacement.Value must be of type cinder.volume
- volume_size¶
- Optional.The size of the cinder volume to create.Integer value expected.Updates cause replacement.
- name¶
- Name of the container.String value expected.Can be updated without replacement.
- networks¶
Available since 11.0.0 (Rocky)
An ordered list of nics to be added to this server, with information about connected networks, fixed ips, port etc.List value expected.Can be updated without replacement.List contents:- Map value expected.Can be updated without replacement.Map properties:
- fixed_ip¶
- Optional.Fixed IP address to specify for the port created on the requested network.String value expected.Can be updated without replacement.Value must be of type ip_addr
- network¶
- Optional.Name or ID of network to create a port on.String value expected.Can be updated without replacement.Value must be of type neutron.network
- port¶
- Optional.ID of an existing port to associate with this container.String value expected.Can be updated without replacement.Value must be of type neutron.port
- restart_policy¶
- Restart policy to apply when a container exits. Possible values are “no”, “on-failure[:max-retry]”, “always”, and “unless-stopped”.String value expected.Updates cause replacement.
- security_groups¶
Available since 10.0.0 (Queens)
List of security group names or IDs.List value expected.Updates cause replacement.Defaults to[]
- tty¶
Available since 14.0.0 (Ussuri)
Whether the container allocates a TTY for itself.Boolean value expected.Updates cause replacement.- workdir¶
- The working directory for commands to run in.String value expected.Updates cause replacement.
Attributes¶
- addresses¶
A dict of all network addresses with corresponding port_id. Each network will have two keys in dict, they are network name and network id. The port ID may be obtained through the following expression: “{get_attr: [<container>, addresses, <network name_or_id>, 0, port]}”.
- name¶
Name of the container.
- show¶
Detailed information about resource.
HOT Syntax¶
heat_template_version: 2015-04-30
...
resources:
...
the_resource:
type: OS::Zun::Container
properties:
command: String
cpu: Number
environment: {...}
hints: {...}
hostname: String
image: String
image_driver: String
image_pull_policy: String
interactive: Boolean
labels: {...}
memory: Integer
mounts: [{"volume_id": String, "volume_size": Integer, "mount_path": String}, {"volume_id": String, "volume_size": Integer, "mount_path": String}, ...]
name: String
networks: [{"network": String, "fixed_ip": String, "port": String}, {"network": String, "fixed_ip": String, "port": String}, ...]
restart_policy: String
security_groups: [Value, Value, ...]
tty: Boolean
workdir: String