# Hiera data here applies to all controller nodes nova::api::enabled: true nova::vncproxy::enabled: true # gnocchi gnocchi::storage::swift::swift_user: 'service:gnocchi' gnocchi::storage::swift::swift_auth_version: 2 gnocchi::statsd::resource_id: '0a8b55df-f90f-491c-8cb9-7cdecec6fc26' gnocchi::statsd::user_id: '27c0d3f8-e7ee-42f0-8317-72237d1c5ae3' gnocchi::statsd::project_id: '6c38cd8d-099a-4cb2-aecf-17be688e8616' gnocchi::statsd::flush_delay: 10 gnocchi::statsd::archive_policy_name: 'low' # rabbitmq rabbitmq::delete_guest_user: false rabbitmq::wipe_db_on_cookie_change: true rabbitmq::port: '5672' rabbitmq::package_source: undef rabbitmq::repos_ensure: false rabbitmq_environment: RABBITMQ_NODENAME: "rabbit@%{::hostname}" RABBITMQ_SERVER_ERL_ARGS: '"+K true +A30 +P 1048576 -kernel inet_default_connect_options [{nodelay,true},{raw,6,18,<<5000:64/native>>}] -kernel inet_default_listen_options [{raw,6,18,<<5000:64/native>>}]"' rabbitmq_kernel_variables: inet_dist_listen_min: '35672' inet_dist_listen_max: '35672' rabbitmq_config_variables: tcp_listen_options: '[binary, {packet, raw}, {reuseaddr, true}, {backlog, 128}, {nodelay, true}, {exit_on_close, false}, {keepalive, true}]' cluster_partition_handling: 'pause_minority' loopback_users: '[]' mongodb::server::replset: tripleo mongodb::server::journal: false redis::port: 6379 redis::sentinel::master_name: "%{hiera('bootstrap_nodeid')}" redis::sentinel::redis_host: "%{hiera('bootstrap_nodeid_ip')}" redis::sentinel::notification_script: '/usr/local/bin/redis-notifications.sh' # keystone keystone::roles::admin::email: 'root@localhost' # service tenant glance::api::keystone_tenant: 'service' aodh::api::keystone_tenant: 'service' glance::registry::keystone_tenant: 'service' neutron::server::auth_tenant: 'service' neutron::agents::metadata::auth_tenant: 'service' neutron::agents::l3::router_delete_namespaces: True cinder::api::keystone_tenant: 'service' swift::proxy::authtoken::admin_tenant_name: 'service' ceilometer::api::keystone_tenant: 'service' gnocchi::api::keystone_tenant: 'service' heat::keystone_tenant: 'service' sahara::admin_tenant_name: 'service' aodh::keystone::auth::tenant: 'service' ceilometer::keystone::auth::tenant: 'service' cinder::keystone::auth::tenant: 'service' glance::keystone::auth::tenant: 'service' gnocchi::keystone::auth::tenant: 'service' heat::keystone::auth::tenant: 'service' neutron::keystone::auth::tenant: 'service' nova::keystone::auth::tenant: 'service' sahara::keystone::auth::tenant: 'service' swift::keystone::auth::tenant: 'service' # keystone keystone::cron::token_flush::maxdelay: 3600 keystone::roles::admin::service_tenant: 'service' keystone::roles::admin::admin_tenant: 'admin' keystone::cron::token_flush::destination: '/dev/null' keystone::config::keystone_config: DEFAULT/secure_proxy_ssl_header: value: 'HTTP_X_FORWARDED_PROTO' ec2/driver: value: 'keystone.contrib.ec2.backends.sql.Ec2' keystone::service_name: 'httpd' keystone::wsgi::apache::ssl: false #swift swift::proxy::pipeline: - 'catch_errors' - 'healthcheck' - 'proxy-logging' - 'cache' - 'ratelimit' - 'bulk' - 'tempurl' - 'formpost' - 'authtoken' - 'keystone' - 'staticweb' - 'proxy-logging' - 'proxy-server' swift::proxy::account_autocreate: true swift::keystone::auth::configure_s3_endpoint: false swift::keystone::auth::operator_roles: - admin - swiftoperator # glance glance::api::pipeline: 'keystone' glance::api::show_image_direct_url: true glance::registry::pipeline: 'keystone' glance::backend::swift::swift_store_create_container_on_put: true glance_file_pcmk_directory: '/var/lib/glance/images' # neutron neutron::server::sync_db: true # nova nova::notify_on_state_change: 'vm_and_task_state' nova::api::default_floating_pool: 'public' nova::api::sync_db_api: true nova::api::enable_proxy_headers_parsing: true nova::notification_driver: messaging # ceilometer ceilometer::agent::auth::auth_endpoint_type: 'internalURL' # cinder cinder::scheduler::scheduler_driver: cinder.scheduler.filter_scheduler.FilterScheduler cinder::cron::db_purge::destination: '/dev/null' cinder::host: hostgroup # TODO(jaosorior): Move to cinder profile once cinder is moved as a composable # service. cinder::api::enable_proxy_headers_parsing: true # heat heat::engine::configure_delegated_roles: false heat::engine::trusts_delegated_roles: [] heat::instance_user: '' heat::cron::purge_deleted::age: 30 heat::cron::purge_deleted::age_type: 'days' heat::cron::purge_deleted::maxdelay: 3600 heat::cron::purge_deleted::destination: '/dev/null' heat::keystone::domain::domain_name: 'heat_stack' heat::keystone::domain::domain_admin: 'heat_stack_domain_admin' heat::keystone::domain::domain_admin_email: 'heat_stack_domain_admin@localhost' heat::auth_plugin: 'password' # pacemaker pacemaker::corosync::cluster_name: 'tripleo_cluster' pacemaker::corosync::manage_fw: false pacemaker::resource_defaults::defaults: resource-stickiness: { value: INFINITY } corosync_token_timeout: 10000 # horizon horizon::cache_backend: django.core.cache.backends.memcached.MemcachedCache horizon::django_session_engine: 'django.contrib.sessions.backends.cache' horizon::vhost_extra_params: add_listen: false priority: 10 access_log_format: '%a %l %u %t \"%r\" %>s %b \"%%{}{Referer}i\" \"%%{}{User-Agent}i\"' # mysql mysql::server::manage_config_file: true tripleo::haproxy::keystone_admin: true tripleo::haproxy::keystone_public: true tripleo::haproxy::neutron: true tripleo::haproxy::cinder: true tripleo::haproxy::glance_api: true tripleo::haproxy::glance_registry: true tripleo::haproxy::nova_osapi: true tripleo::haproxy::nova_metadata: true tripleo::haproxy::nova_novncproxy: true tripleo::haproxy::mysql: true tripleo::haproxy::redis: true tripleo::haproxy::sahara: true tripleo::haproxy::swift_proxy_server: true tripleo::haproxy::ceilometer: true tripleo::haproxy::aodh: true tripleo::haproxy::gnocchi: true tripleo::haproxy::heat_api: true tripleo::haproxy::heat_cloudwatch: true tripleo::haproxy::heat_cfn: true tripleo::haproxy::horizon: true controller_classes: [] # firewall tripleo::firewall::firewall_rules: '128 aodh': dport: - 8042 - 13042