diff options
Diffstat (limited to 'environments')
-rw-r--r-- | environments/ceph-ansible/ceph-rgw.yaml | 5 | ||||
-rw-r--r-- | environments/cinder-dellemc-vmax-iscsi-config.yaml | 9 | ||||
-rw-r--r-- | environments/contrail/roles_data_contrail.yaml | 2 | ||||
-rw-r--r-- | environments/docker.yaml | 1 | ||||
-rw-r--r-- | environments/enable-internal-tls.yaml | 4 | ||||
-rw-r--r-- | environments/manila-cephfsnative-config-docker.yaml | 20 | ||||
-rw-r--r-- | environments/manila-isilon-config.yaml | 17 | ||||
-rw-r--r-- | environments/manila-netapp-config-docker.yaml | 32 | ||||
-rw-r--r-- | environments/manila-vmax-config.yaml | 19 | ||||
-rw-r--r-- | environments/network-environment-v6.yaml | 60 | ||||
-rw-r--r-- | environments/neutron-opendaylight-dpdk.yaml | 1 | ||||
-rw-r--r-- | environments/services-docker/neutron-opendaylight.yaml | 2 | ||||
-rw-r--r-- | environments/ssl/enable-internal-tls.yaml | 36 | ||||
-rw-r--r-- | environments/ssl/enable-tls.yaml | 1 |
14 files changed, 205 insertions, 4 deletions
diff --git a/environments/ceph-ansible/ceph-rgw.yaml b/environments/ceph-ansible/ceph-rgw.yaml new file mode 100644 index 00000000..4b09a703 --- /dev/null +++ b/environments/ceph-ansible/ceph-rgw.yaml @@ -0,0 +1,5 @@ +resource_registry: + OS::TripleO::Services::CephRgw: ../../docker/services/ceph-ansible/ceph-rgw.yaml + OS::TripleO::Services::SwiftProxy: OS::Heat::None + OS::TripleO::Services::SwiftStorage: OS::Heat::None + OS::TripleO::Services::SwiftRingBuilder: OS::Heat::None diff --git a/environments/cinder-dellemc-vmax-iscsi-config.yaml b/environments/cinder-dellemc-vmax-iscsi-config.yaml new file mode 100644 index 00000000..3832dada --- /dev/null +++ b/environments/cinder-dellemc-vmax-iscsi-config.yaml @@ -0,0 +1,9 @@ +# A Heat environment file which can be used to enable a +# Cinder Dell EMC VMAX backend, configured via puppet +resource_registry: + OS::TripleO::Services::CinderBackendDellEMCVMAXISCSI: ../puppet/services/cinder-backend-dellemc-vmax-iscsi.yaml + +parameter_defaults: + CinderEnableDellEMCVMAXISCSIBackend: true + CinderDellEMCVMAXISCSIBackendName: 'tripleo_dellemc_vmax_iscsi' + CinderDellEMCVMAXISCSIConfigFile: '' diff --git a/environments/contrail/roles_data_contrail.yaml b/environments/contrail/roles_data_contrail.yaml index 38b70e53..bd697160 100644 --- a/environments/contrail/roles_data_contrail.yaml +++ b/environments/contrail/roles_data_contrail.yaml @@ -87,8 +87,10 @@ - OS::TripleO::Services::ManilaBackendGeneric - OS::TripleO::Services::ManilaBackendNetapp - OS::TripleO::Services::ManilaBackendUnity + - OS::TripleO::Services::ManilaBackendIsilon - OS::TripleO::Services::ManilaBackendCephFs - OS::TripleO::Services::ManilaBackendVNX + - OS::TripleO::Services::ManilaBackendVMAX - OS::TripleO::Services::ManilaShare - OS::TripleO::Services::AodhApi - OS::TripleO::Services::AodhEvaluator diff --git a/environments/docker.yaml b/environments/docker.yaml index dfa30b08..67e8a496 100644 --- a/environments/docker.yaml +++ b/environments/docker.yaml @@ -30,7 +30,6 @@ resource_registry: OS::TripleO::Services::HAproxy: ../docker/services/haproxy.yaml OS::TripleO::Services::MySQL: ../docker/services/database/mysql.yaml OS::TripleO::Services::RabbitMQ: ../docker/services/rabbitmq.yaml - OS::TripleO::Services::MongoDb: ../docker/services/database/mongodb.yaml OS::TripleO::Services::Redis: ../docker/services/database/redis.yaml OS::TripleO::Services::Memcached: ../docker/services/memcached.yaml OS::TripleO::Services::SwiftProxy: ../docker/services/swift-proxy.yaml diff --git a/environments/enable-internal-tls.yaml b/environments/enable-internal-tls.yaml index 2fdecb4f..e85185d6 100644 --- a/environments/enable-internal-tls.yaml +++ b/environments/enable-internal-tls.yaml @@ -1,3 +1,7 @@ +# ******************************************************************************** +# DEPRECATED: Use tripleo-heat-templates/environments/ssl/enable-internal-tls.yaml +# instead. +# ******************************************************************************** # A Heat environment file which can be used to enable a # a TLS for in the internal network via certmonger parameter_defaults: diff --git a/environments/manila-cephfsnative-config-docker.yaml b/environments/manila-cephfsnative-config-docker.yaml new file mode 100644 index 00000000..8c822918 --- /dev/null +++ b/environments/manila-cephfsnative-config-docker.yaml @@ -0,0 +1,20 @@ +# EXPERIMENTAL: The configuration enabled by this environment +# is not considered production-ready. +# +# A Heat environment file which can be used to enable a +# a Manila CephFS Native driver backend. +resource_registry: + OS::TripleO::Services::ManilaApi: ../docker/services/manila-api.yaml + OS::TripleO::Services::ManilaScheduler: ../docker/services/manila-scheduler.yaml + # Only manila-share is pacemaker managed: + OS::TripleO::Services::ManilaShare: ../docker/services/pacemaker/manila-share.yaml + OS::TripleO::Services::ManilaBackendCephFs: ../puppet/services/manila-backend-cephfs.yaml + + +parameter_defaults: + ManilaCephFSNativeBackendName: cephfsnative + ManilaCephFSNativeDriverHandlesShareServers: false + ManilaCephFSNativeCephFSConfPath: '/etc/ceph/ceph.conf' + ManilaCephFSNativeCephFSAuthId: 'manila' + ManilaCephFSNativeCephFSClusterName: 'ceph' + ManilaCephFSNativeCephFSEnableSnapshots: false diff --git a/environments/manila-isilon-config.yaml b/environments/manila-isilon-config.yaml new file mode 100644 index 00000000..809900c8 --- /dev/null +++ b/environments/manila-isilon-config.yaml @@ -0,0 +1,17 @@ +# This environment file enables Manila with the Isilon backend. +resource_registry: + OS::TripleO::Services::ManilaApi: ../puppet/services/manila-api.yaml + OS::TripleO::Services::ManilaScheduler: ../puppet/services/manila-scheduler.yaml + # Only manila-share is pacemaker managed: + OS::TripleO::Services::ManilaShare: ../puppet/services/pacemaker/manila-share.yaml + OS::TripleO::Services::ManilaBackendIsilon: ../puppet/services/manila-backend-isilon.yaml + +parameter_defaults: + ManilaIsilonBackendName: tripleo_isilon + ManilaIsilonDriverHandlesShareServers: true + ManilaIsilonNasLogin: '' + ManilaIsilonNasPassword: '' + ManilaIsilonNasServer: '' + ManilaIsilonNasRootDir: '' + ManilaIsilonNasServerPort: 8080 + ManilaIsilonNasServerSecure: '' diff --git a/environments/manila-netapp-config-docker.yaml b/environments/manila-netapp-config-docker.yaml new file mode 100644 index 00000000..6db6dff4 --- /dev/null +++ b/environments/manila-netapp-config-docker.yaml @@ -0,0 +1,32 @@ +# EXPERIMENTAL: The configuration enabled by this environment +# is not considered production-ready. +# +# This environment file enables Manila with the Netapp backend. +resource_registry: + OS::TripleO::Services::ManilaApi: ../docker/services/manila-api.yaml + OS::TripleO::Services::ManilaScheduler: ../docker/services/manila-scheduler.yaml + # Only manila-share is pacemaker managed: + OS::TripleO::Services::ManilaShare: ../docker/services/pacemaker/manila-share.yaml + OS::TripleO::Services::ManilaBackendNetapp: ../puppet/services/manila-backend-netapp.yaml + +parameter_defaults: + ManilaNetappBackendName: tripleo_netapp + ManilaNetappDriverHandlesShareServers: true + ManilaNetappLogin: '' + ManilaNetappPassword: '' + ManilaNetappServerHostname: '' + ManilaNetappTransportType: 'http' + ManilaNetappStorageFamily: 'ontap_cluster' + ManilaNetappServerPort: 80 + ManilaNetappVolumeNameTemplate: 'share_%(share_id)s' + ManilaNetappVserver: '' + ManilaNetappVserverNameTemplate: 'os_%s' + ManilaNetappLifNameTemplate: 'os_%(net_allocation_id)s' + ManilaNetappAggrNameSearchPattern: '(.*)' + ManilaNetappRootVolumeAggr: '' + ManilaNetappRootVolume: 'root' + ManilaNetappPortNameSearchPattern: '(.*)' + ManilaNetappTraceFlags: '' + ManilaNetappEnabledShareProtocols: 'nfs3, nfs4.0' + ManilaNetappVolumeSnapshotReservePercent: 5 + ManilaNetappSnapmirrorQuiesceTimeout: 3600 diff --git a/environments/manila-vmax-config.yaml b/environments/manila-vmax-config.yaml new file mode 100644 index 00000000..8c9946ca --- /dev/null +++ b/environments/manila-vmax-config.yaml @@ -0,0 +1,19 @@ +# This environment file enables Manila with the VMAX backend. +resource_registry: + OS::TripleO::Services::ManilaApi: ../puppet/services/manila-api.yaml + OS::TripleO::Services::ManilaScheduler: ../puppet/services/manila-scheduler.yaml + # Only manila-share is pacemaker managed: + OS::TripleO::Services::ManilaShare: ../puppet/services/pacemaker/manila-share.yaml + OS::TripleO::Services::ManilaBackendVMAX: ../puppet/services/manila-backend-vmax.yaml + +parameter_defaults: + ManilaVMAXBackendName: tripleo_manila_vmax + ManilaVMAXDriverHandlesShareServers: true + ManilaVMAXNasLogin: '' + ManilaVMAXNasPassword: '' + ManilaVMAXNasServer: '' + ManilaVMAXServerContainer: '' + ManilaVMAXShareDataPools: '' + ManilaVMAXEthernetPorts: '' + + diff --git a/environments/network-environment-v6.yaml b/environments/network-environment-v6.yaml new file mode 100644 index 00000000..1617f897 --- /dev/null +++ b/environments/network-environment-v6.yaml @@ -0,0 +1,60 @@ +#This file is an example of an environment file for defining the isolated +#networks and related parameters. +resource_registry: + # Network Interface templates to use (these files must exist) + OS::TripleO::BlockStorage::Net::SoftwareConfig: + ../network/config/single-nic-vlans/cinder-storage.yaml + OS::TripleO::Compute::Net::SoftwareConfig: + ../network/config/single-nic-vlans/compute.yaml + OS::TripleO::Controller::Net::SoftwareConfig: + ../network/config/single-nic-vlans/controller.yaml + OS::TripleO::ObjectStorage::Net::SoftwareConfig: + ../network/config/single-nic-vlans/swift-storage.yaml + OS::TripleO::CephStorage::Net::SoftwareConfig: + ../network/config/single-nic-vlans/ceph-storage.yaml + +parameter_defaults: + # This section is where deployment-specific configuration is done + # CIDR subnet mask length for provisioning network + ControlPlaneSubnetCidr: '24' + # Gateway router for the provisioning network (or Undercloud IP) + ControlPlaneDefaultRoute: 192.168.24.254 + EC2MetadataIp: 192.168.24.1 # Generally the IP of the Undercloud + # Customize the IP subnets to match the local environment + InternalApiNetCidr: 'fd00:fd00:fd00:2000::/64' + StorageNetCidr: 'fd00:fd00:fd00:3000::/64' + StorageMgmtNetCidr: 'fd00:fd00:fd00:4000::/64' + # Tenant tunneling network is IPv4 until IPv6 is fully supported + TenantNetCidr: 172.16.0.0/24 + ExternalNetCidr: '2001:db8:fd00:1000::/64' + # Customize the VLAN IDs to match the local environment + InternalApiNetworkVlanID: 20 + StorageNetworkVlanID: 30 + StorageMgmtNetworkVlanID: 40 + TenantNetworkVlanID: 50 + ExternalNetworkVlanID: 10 + # Customize the IP ranges on each network to use for static IPs and VIPs + InternalApiAllocationPools: [{'start': 'fd00:fd00:fd00:2000::10', 'end': 'fd00:fd00:fd00:2000:ffff:ffff:ffff:fffe'}] + StorageAllocationPools: [{'start': 'fd00:fd00:fd00:3000::10', 'end': 'fd00:fd00:fd00:3000:ffff:ffff:ffff:fffe'}] + StorageMgmtAllocationPools: [{'start': 'fd00:fd00:fd00:4000::10', 'end': 'fd00:fd00:fd00:4000:ffff:ffff:ffff:fffe'}] + TenantAllocationPools: [{'start': '172.16.0.10', 'end': '172.16.0.200'}] + # Leave room if the external network is also used for floating IPs + ExternalAllocationPools: [{'start': '2001:db8:fd00:1000::10', 'end': '2001:db8:fd00:1000:ffff:ffff:ffff:fffe'}] + # Gateway router for the external network + ExternalInterfaceDefaultRoute: '2001:db8:fd00:1000::1' + # Uncomment if using the Management Network (see network-management-v6.yaml) + # ManagementNetCidr: 'fd00:fd00:fd00:6000::/64' + # ManagementAllocationPools: [{'start': 'fd00:fd00:fd00:6000::10', 'end': 'fd00:fd00:fd00:6000:ffff:ffff:ffff:fffe'}] + # Use either this parameter or ControlPlaneDefaultRoute in the NIC templates + # ManagementInterfaceDefaultRoute: 'fd00:fd00:fd00:6000::1' + # Define the DNS servers (maximum 2) for the overcloud nodes + DnsServers: ["8.8.8.8","8.8.4.4"] + # List of Neutron network types for tenant networks (will be used in order) + NeutronNetworkType: 'vxlan,vlan' + # The tunnel type for the tenant network (vxlan or gre). Set to '' to disable tunneling. + NeutronTunnelTypes: 'vxlan' + # Neutron VLAN ranges per network, for example 'datacentre:1:499,tenant:500:1000': + NeutronNetworkVLANRanges: 'datacentre:1:1000' + # Customize bonding options, e.g. "mode=4 lacp_rate=1 updelay=1000 miimon=100" + # for Linux bonds w/LACP, or "bond_mode=active-backup" for OVS active/backup. + BondInterfaceOvsOptions: "bond_mode=active-backup" diff --git a/environments/neutron-opendaylight-dpdk.yaml b/environments/neutron-opendaylight-dpdk.yaml index d675252d..236b2fb9 100644 --- a/environments/neutron-opendaylight-dpdk.yaml +++ b/environments/neutron-opendaylight-dpdk.yaml @@ -12,6 +12,7 @@ parameter_defaults: NeutronMechanismDrivers: 'opendaylight_v2' NeutronServicePlugins: 'odl-router_v2' NovaSchedulerDefaultFilters: "RamFilter,ComputeFilter,AvailabilityZoneFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,NUMATopologyFilter" + OpenDaylightSNATMechanism: 'controller' ComputeOvsDpdkParameters: OvsEnableDpdk: True diff --git a/environments/services-docker/neutron-opendaylight.yaml b/environments/services-docker/neutron-opendaylight.yaml index b749cb69..31d5790e 100644 --- a/environments/services-docker/neutron-opendaylight.yaml +++ b/environments/services-docker/neutron-opendaylight.yaml @@ -12,5 +12,3 @@ parameter_defaults: NeutronEnableForceMetadata: true NeutronMechanismDrivers: 'opendaylight_v2' NeutronServicePlugins: 'odl-router_v2,trunk' - DockerNeutronApiImage: 'centos-binary-neutron-server-opendaylight:latest' - DockerNeutronConfigImage: 'centos-binary-neutron-server-opendaylight:latest' diff --git a/environments/ssl/enable-internal-tls.yaml b/environments/ssl/enable-internal-tls.yaml new file mode 100644 index 00000000..287ed19f --- /dev/null +++ b/environments/ssl/enable-internal-tls.yaml @@ -0,0 +1,36 @@ +# ******************************************************************* +# This file was created automatically by the sample environment +# generator. Developers should use `tox -e genconfig` to update it. +# Users are recommended to make changes to a copy of the file instead +# of the original, if any customizations are needed. +# ******************************************************************* +# title: Enable SSL on OpenStack Internal Endpoints +# description: | +# A Heat environment file which can be used to enable TLS for the internal +# network via certmonger +parameter_defaults: + # ****************************************************** + # Static parameters - these are values that must be + # included in the environment but should not be changed. + # ****************************************************** + # + # Type: boolean + EnableInternalTLS: True + + # Rabbit client subscriber parameter to specify an SSL connection to the RabbitMQ host. + # Type: string + RabbitClientUseSSL: True + + # Extra properties or metadata passed to Nova for the created nodes in the overcloud. It's accessible via the Nova metadata API. + # Type: json + ServerMetadata: + ipa_enroll: True + + # ********************* + # End static parameters + # ********************* +resource_registry: + OS::TripleO::ServiceServerMetadataHook: ../extraconfig/nova_metadata/krb-service-principals.yaml + OS::TripleO::Services::CertmongerUser: ../puppet/services/certmonger-user.yaml + OS::TripleO::Services::HAProxyInternalTLS: ../puppet/services/haproxy-internal-tls-certmonger.yaml + OS::TripleO::Services::TLSProxyBase: ../puppet/services/apache.yaml diff --git a/environments/ssl/enable-tls.yaml b/environments/ssl/enable-tls.yaml index c8ed2bd2..e5ef8563 100644 --- a/environments/ssl/enable-tls.yaml +++ b/environments/ssl/enable-tls.yaml @@ -11,7 +11,6 @@ # must also be used. parameter_defaults: # The content of the SSL certificate (without Key) in PEM format. - # Mandatory. This parameter must be set by the user. # Type: string SSLCertificate: | The contents of your certificate go here |