diff options
Diffstat (limited to 'environments')
-rw-r--r-- | environments/cinder-dellemc-vmax-iscsi-config.yaml | 9 | ||||
-rw-r--r-- | environments/enable-internal-tls.yaml | 4 | ||||
-rw-r--r-- | environments/manila-cephfsnative-config-docker.yaml | 20 | ||||
-rw-r--r-- | environments/manila-netapp-config-docker.yaml | 32 | ||||
-rw-r--r-- | environments/network-environment-v6.yaml | 60 | ||||
-rw-r--r-- | environments/ssl/enable-internal-tls.yaml | 36 |
6 files changed, 161 insertions, 0 deletions
diff --git a/environments/cinder-dellemc-vmax-iscsi-config.yaml b/environments/cinder-dellemc-vmax-iscsi-config.yaml new file mode 100644 index 00000000..3832dada --- /dev/null +++ b/environments/cinder-dellemc-vmax-iscsi-config.yaml @@ -0,0 +1,9 @@ +# A Heat environment file which can be used to enable a +# Cinder Dell EMC VMAX backend, configured via puppet +resource_registry: + OS::TripleO::Services::CinderBackendDellEMCVMAXISCSI: ../puppet/services/cinder-backend-dellemc-vmax-iscsi.yaml + +parameter_defaults: + CinderEnableDellEMCVMAXISCSIBackend: true + CinderDellEMCVMAXISCSIBackendName: 'tripleo_dellemc_vmax_iscsi' + CinderDellEMCVMAXISCSIConfigFile: '' diff --git a/environments/enable-internal-tls.yaml b/environments/enable-internal-tls.yaml index 2fdecb4f..e85185d6 100644 --- a/environments/enable-internal-tls.yaml +++ b/environments/enable-internal-tls.yaml @@ -1,3 +1,7 @@ +# ******************************************************************************** +# DEPRECATED: Use tripleo-heat-templates/environments/ssl/enable-internal-tls.yaml +# instead. +# ******************************************************************************** # A Heat environment file which can be used to enable a # a TLS for in the internal network via certmonger parameter_defaults: diff --git a/environments/manila-cephfsnative-config-docker.yaml b/environments/manila-cephfsnative-config-docker.yaml new file mode 100644 index 00000000..8c822918 --- /dev/null +++ b/environments/manila-cephfsnative-config-docker.yaml @@ -0,0 +1,20 @@ +# EXPERIMENTAL: The configuration enabled by this environment +# is not considered production-ready. +# +# A Heat environment file which can be used to enable a +# a Manila CephFS Native driver backend. +resource_registry: + OS::TripleO::Services::ManilaApi: ../docker/services/manila-api.yaml + OS::TripleO::Services::ManilaScheduler: ../docker/services/manila-scheduler.yaml + # Only manila-share is pacemaker managed: + OS::TripleO::Services::ManilaShare: ../docker/services/pacemaker/manila-share.yaml + OS::TripleO::Services::ManilaBackendCephFs: ../puppet/services/manila-backend-cephfs.yaml + + +parameter_defaults: + ManilaCephFSNativeBackendName: cephfsnative + ManilaCephFSNativeDriverHandlesShareServers: false + ManilaCephFSNativeCephFSConfPath: '/etc/ceph/ceph.conf' + ManilaCephFSNativeCephFSAuthId: 'manila' + ManilaCephFSNativeCephFSClusterName: 'ceph' + ManilaCephFSNativeCephFSEnableSnapshots: false diff --git a/environments/manila-netapp-config-docker.yaml b/environments/manila-netapp-config-docker.yaml new file mode 100644 index 00000000..6db6dff4 --- /dev/null +++ b/environments/manila-netapp-config-docker.yaml @@ -0,0 +1,32 @@ +# EXPERIMENTAL: The configuration enabled by this environment +# is not considered production-ready. +# +# This environment file enables Manila with the Netapp backend. +resource_registry: + OS::TripleO::Services::ManilaApi: ../docker/services/manila-api.yaml + OS::TripleO::Services::ManilaScheduler: ../docker/services/manila-scheduler.yaml + # Only manila-share is pacemaker managed: + OS::TripleO::Services::ManilaShare: ../docker/services/pacemaker/manila-share.yaml + OS::TripleO::Services::ManilaBackendNetapp: ../puppet/services/manila-backend-netapp.yaml + +parameter_defaults: + ManilaNetappBackendName: tripleo_netapp + ManilaNetappDriverHandlesShareServers: true + ManilaNetappLogin: '' + ManilaNetappPassword: '' + ManilaNetappServerHostname: '' + ManilaNetappTransportType: 'http' + ManilaNetappStorageFamily: 'ontap_cluster' + ManilaNetappServerPort: 80 + ManilaNetappVolumeNameTemplate: 'share_%(share_id)s' + ManilaNetappVserver: '' + ManilaNetappVserverNameTemplate: 'os_%s' + ManilaNetappLifNameTemplate: 'os_%(net_allocation_id)s' + ManilaNetappAggrNameSearchPattern: '(.*)' + ManilaNetappRootVolumeAggr: '' + ManilaNetappRootVolume: 'root' + ManilaNetappPortNameSearchPattern: '(.*)' + ManilaNetappTraceFlags: '' + ManilaNetappEnabledShareProtocols: 'nfs3, nfs4.0' + ManilaNetappVolumeSnapshotReservePercent: 5 + ManilaNetappSnapmirrorQuiesceTimeout: 3600 diff --git a/environments/network-environment-v6.yaml b/environments/network-environment-v6.yaml new file mode 100644 index 00000000..1617f897 --- /dev/null +++ b/environments/network-environment-v6.yaml @@ -0,0 +1,60 @@ +#This file is an example of an environment file for defining the isolated +#networks and related parameters. +resource_registry: + # Network Interface templates to use (these files must exist) + OS::TripleO::BlockStorage::Net::SoftwareConfig: + ../network/config/single-nic-vlans/cinder-storage.yaml + OS::TripleO::Compute::Net::SoftwareConfig: + ../network/config/single-nic-vlans/compute.yaml + OS::TripleO::Controller::Net::SoftwareConfig: + ../network/config/single-nic-vlans/controller.yaml + OS::TripleO::ObjectStorage::Net::SoftwareConfig: + ../network/config/single-nic-vlans/swift-storage.yaml + OS::TripleO::CephStorage::Net::SoftwareConfig: + ../network/config/single-nic-vlans/ceph-storage.yaml + +parameter_defaults: + # This section is where deployment-specific configuration is done + # CIDR subnet mask length for provisioning network + ControlPlaneSubnetCidr: '24' + # Gateway router for the provisioning network (or Undercloud IP) + ControlPlaneDefaultRoute: 192.168.24.254 + EC2MetadataIp: 192.168.24.1 # Generally the IP of the Undercloud + # Customize the IP subnets to match the local environment + InternalApiNetCidr: 'fd00:fd00:fd00:2000::/64' + StorageNetCidr: 'fd00:fd00:fd00:3000::/64' + StorageMgmtNetCidr: 'fd00:fd00:fd00:4000::/64' + # Tenant tunneling network is IPv4 until IPv6 is fully supported + TenantNetCidr: 172.16.0.0/24 + ExternalNetCidr: '2001:db8:fd00:1000::/64' + # Customize the VLAN IDs to match the local environment + InternalApiNetworkVlanID: 20 + StorageNetworkVlanID: 30 + StorageMgmtNetworkVlanID: 40 + TenantNetworkVlanID: 50 + ExternalNetworkVlanID: 10 + # Customize the IP ranges on each network to use for static IPs and VIPs + InternalApiAllocationPools: [{'start': 'fd00:fd00:fd00:2000::10', 'end': 'fd00:fd00:fd00:2000:ffff:ffff:ffff:fffe'}] + StorageAllocationPools: [{'start': 'fd00:fd00:fd00:3000::10', 'end': 'fd00:fd00:fd00:3000:ffff:ffff:ffff:fffe'}] + StorageMgmtAllocationPools: [{'start': 'fd00:fd00:fd00:4000::10', 'end': 'fd00:fd00:fd00:4000:ffff:ffff:ffff:fffe'}] + TenantAllocationPools: [{'start': '172.16.0.10', 'end': '172.16.0.200'}] + # Leave room if the external network is also used for floating IPs + ExternalAllocationPools: [{'start': '2001:db8:fd00:1000::10', 'end': '2001:db8:fd00:1000:ffff:ffff:ffff:fffe'}] + # Gateway router for the external network + ExternalInterfaceDefaultRoute: '2001:db8:fd00:1000::1' + # Uncomment if using the Management Network (see network-management-v6.yaml) + # ManagementNetCidr: 'fd00:fd00:fd00:6000::/64' + # ManagementAllocationPools: [{'start': 'fd00:fd00:fd00:6000::10', 'end': 'fd00:fd00:fd00:6000:ffff:ffff:ffff:fffe'}] + # Use either this parameter or ControlPlaneDefaultRoute in the NIC templates + # ManagementInterfaceDefaultRoute: 'fd00:fd00:fd00:6000::1' + # Define the DNS servers (maximum 2) for the overcloud nodes + DnsServers: ["8.8.8.8","8.8.4.4"] + # List of Neutron network types for tenant networks (will be used in order) + NeutronNetworkType: 'vxlan,vlan' + # The tunnel type for the tenant network (vxlan or gre). Set to '' to disable tunneling. + NeutronTunnelTypes: 'vxlan' + # Neutron VLAN ranges per network, for example 'datacentre:1:499,tenant:500:1000': + NeutronNetworkVLANRanges: 'datacentre:1:1000' + # Customize bonding options, e.g. "mode=4 lacp_rate=1 updelay=1000 miimon=100" + # for Linux bonds w/LACP, or "bond_mode=active-backup" for OVS active/backup. + BondInterfaceOvsOptions: "bond_mode=active-backup" diff --git a/environments/ssl/enable-internal-tls.yaml b/environments/ssl/enable-internal-tls.yaml new file mode 100644 index 00000000..287ed19f --- /dev/null +++ b/environments/ssl/enable-internal-tls.yaml @@ -0,0 +1,36 @@ +# ******************************************************************* +# This file was created automatically by the sample environment +# generator. Developers should use `tox -e genconfig` to update it. +# Users are recommended to make changes to a copy of the file instead +# of the original, if any customizations are needed. +# ******************************************************************* +# title: Enable SSL on OpenStack Internal Endpoints +# description: | +# A Heat environment file which can be used to enable TLS for the internal +# network via certmonger +parameter_defaults: + # ****************************************************** + # Static parameters - these are values that must be + # included in the environment but should not be changed. + # ****************************************************** + # + # Type: boolean + EnableInternalTLS: True + + # Rabbit client subscriber parameter to specify an SSL connection to the RabbitMQ host. + # Type: string + RabbitClientUseSSL: True + + # Extra properties or metadata passed to Nova for the created nodes in the overcloud. It's accessible via the Nova metadata API. + # Type: json + ServerMetadata: + ipa_enroll: True + + # ********************* + # End static parameters + # ********************* +resource_registry: + OS::TripleO::ServiceServerMetadataHook: ../extraconfig/nova_metadata/krb-service-principals.yaml + OS::TripleO::Services::CertmongerUser: ../puppet/services/certmonger-user.yaml + OS::TripleO::Services::HAProxyInternalTLS: ../puppet/services/haproxy-internal-tls-certmonger.yaml + OS::TripleO::Services::TLSProxyBase: ../puppet/services/apache.yaml |