# Hiera data here applies to all controller nodes nova::api::enabled: true nova::conductor::enabled: true nova::consoleauth::enabled: true nova::vncproxy::enabled: true nova::scheduler::enabled: true # rabbitmq rabbitmq::delete_guest_user: false rabbitmq::wipe_db_on_cookie_change: true rabbitmq::port: '5672' rabbitmq::package_source: undef rabbitmq::repos_ensure: false rabbitmq_environment: RABBITMQ_NODENAME: "rabbit@%{::hostname}" RABBITMQ_SERVER_ERL_ARGS: '"+K true +A30 +P 1048576 -kernel inet_default_connect_options [{nodelay,true},{raw,6,18,<<5000:64/native>>}] -kernel inet_default_listen_options [{raw,6,18,<<5000:64/native>>}]"' rabbitmq_kernel_variables: inet_dist_listen_min: '35672' inet_dist_listen_max: '35672' rabbitmq_config_variables: tcp_listen_options: '[binary, {packet, raw}, {reuseaddr, true}, {backlog, 128}, {nodelay, true}, {exit_on_close, false}, {keepalive, true}]' cluster_partition_handling: 'pause_minority' mongodb::server::replset: tripleo mongodb::server::journal: false redis::port: 6379 redis::sentinel::master_name: "%{hiera('bootstrap_nodeid')}" redis::sentinel::redis_host: "%{hiera('bootstrap_nodeid_ip')}" redis::sentinel::notification_script: '/usr/local/bin/redis-notifications.sh' # service tenant glance::api::keystone_tenant: 'service' glance::registry::keystone_tenant: 'service' neutron::server::auth_tenant: 'service' neutron::agents::metadata::auth_tenant: 'service' cinder::api::keystone_tenant: 'service' swift::proxy::authtoken::admin_tenant_name: 'service' ceilometer::api::keystone_tenant: 'service' heat::keystone_tenant: 'service' # keystone keystone::cron::token_flush::maxdelay: 3600 keystone::roles::admin::service_tenant: 'service' keystone::roles::admin::admin_tenant: 'admin' keystone::cron::token_flush::destination: '/dev/null' #swift swift::proxy::pipeline: - 'catch_errors' - 'healthcheck' - 'cache' - 'ratelimit' - 'tempurl' - 'formpost' - 'authtoken' - 'keystone' - 'staticweb' - 'proxy-logging' - 'proxy-server' swift::proxy::account_autocreate: true # glance glance::api::pipeline: 'keystone' glance::api::show_image_direct_url: true glance::registry::pipeline: 'keystone' glance::backend::swift::swift_store_create_container_on_put: true glance::backend::rbd::rbd_store_user: 'openstack' glance_file_pcmk_directory: '/var/lib/glance/images' # neutron neutron::server::sync_db: true neutron::agents::dhcp::dnsmasq_config_file: /etc/neutron/dnsmasq-neutron.conf # nova nova::notify_on_state_change: 'vm_and_task_state' nova::api::default_floating_pool: 'public' nova::api::osapi_v3: true nova::scheduler::filter::ram_allocation_ratio: '1.0' nova::cron::archive_deleted_rows::hour: '*/12' nova::cron::archive_deleted_rows::destination: '/dev/null' # ceilometer ceilometer::agent::auth::auth_endpoint_type: 'internalURL' # cinder cinder::scheduler::scheduler_driver: cinder.scheduler.filter_scheduler.FilterScheduler cinder::cron::db_purge::destination: '/dev/null' # heat heat::engine::configure_delegated_roles: false heat::engine::trusts_delegated_roles: [] heat::instance_user: '' # pacemaker pacemaker::corosync::cluster_name: 'tripleo_cluster' pacemaker::corosync::manage_fw: false pacemaker::resource_defaults::defaults: resource-stickiness: { value: INFINITY } # horizon horizon::cache_backend: django.core.cache.backends.memcached.MemcachedCache horizon::django_session_engine: 'django.contrib.sessions.backends.cache' horizon::vhost_extra_params: add_listen: false priority: 10 # mysql mysql::server::manage_config_file: true tripleo::loadbalancer::keystone_admin: true tripleo::loadbalancer::keystone_public: true tripleo::loadbalancer::neutron: true tripleo::loadbalancer::cinder: true tripleo::loadbalancer::glance_api: true tripleo::loadbalancer::glance_registry: true tripleo::loadbalancer::nova_ec2: true tripleo::loadbalancer::nova_osapi: true tripleo::loadbalancer::nova_metadata: true tripleo::loadbalancer::nova_novncproxy: true tripleo::loadbalancer::mysql: true tripleo::loadbalancer::redis: true tripleo::loadbalancer::swift_proxy_server: true tripleo::loadbalancer::ceilometer: true tripleo::loadbalancer::heat_api: true tripleo::loadbalancer::heat_cloudwatch: true tripleo::loadbalancer::heat_cfn: true tripleo::loadbalancer::horizon: true controller_classes: [] # firewall tripleo::firewall::firewall_rules: '101 mongodb_config': port: 27019 '102 mongodb_sharding': port: 27018 '103 mongod': port: 27017 '104 mysql galera': port: - 873 - 3306 - 4444 - 4567 - 4568 - 9200 '105 ntp': port: 123 proto: udp '106 vrrp': proto: vrrp '107 haproxy stats': port: 1993 '108 redis': port: - 6379 - 26379 '109 rabbitmq': port: - 5672 - 35672 '110 ceph': port: - 6789 - '6800-6810' '111 keystone': port: - 5000 - 13000 - 35357 - 13357 '112 glance': port: - 9292 - 9191 - 13292 '113 nova': port: - 6080 - 13080 - 8773 - 3773 - 8774 - 13774 - 8775 '114 neutron server': port: - 9696 - 13696 '115 neutron dhcp input': proto: 'udp' port: 67 '116 neutron dhcp output': proto: 'udp' chain: 'OUTPUT' port: 68 '118 neutron vxlan networks': proto: 'udp' port: 4789 '119 cinder': port: - 8776 - 13776 '120 iscsi initiator': port: 3260 '121 memcached': port: 11211 '122 swift proxy': port: - 8080 - 13808 '123 swift storage': port: - 873 - 6000 - 6001 - 6002 '124 ceilometer': port: - 8777 - 13777 '125 heat': port: - 8000 - 13800 - 8003 - 13003 - 8004 - 13004 '126 horizon': port: - 80 - 443 '127 snmp': port: 161 proto: 'udp'