summaryrefslogtreecommitdiffstats
path: root/LICENSE
blob: f4346f82c46562f01eb5b9eccb7f8eb0ad8aee47 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13

Copyright 2015 Open Platform for NFV Project, Inc. and its contributors

   Licensed under the Apache License, Version 2.0 (the "License");
   you may not use this file except in compliance with the License.
   You may obtain a copy of the License at

       http://www.apache.org/licenses/LICENSE-2.0

   Unless required by applicable law or agreed to in writing, software
   distributed under the License is distributed on an "AS IS" BASIS,
   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   See the License for the specific language governing permissions and
   limitations under the License.
f='#n326'>326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 
# This file holds metadata about the capabilities of the tripleo-heat-templates
# repository for deployment using puppet. It groups configuration by topic,
# describes possible combinations of environments and resource capabilities.

# topics:
# High Level grouping by purpose of environments
# Attributes:
#  title: (required)
#  description: (optional)
#  environment_groups: (required)

# environment_groups:
# Identifies a group of environments.
# Attributes:
#  title: (optional)
#  description: (optional)
#  tags: a list of tags to provide additional information for e.g. filtering (optional)
#  environments: (required)
#  mutually_exclusive: (optional) boolean to identify that environments in group are mutually exclusive

# environments:
# List of environments in environment group
# Attributes:
#  file: a file name including path within repository (required)
#  title: (required)
#  description: (optional)
#  requires: an array of environments which are required by this environment (optional)

topics:
  - title: General Deployment Options
    description:
    environment_groups:
      - name: general-deployment-options
        title:
        description: Enables base configuration for all resources required for OpenStack Deployment
        environments:
          - file: overcloud-resource-registry-puppet.yaml
            title: Base resources configuration
            description:
      - title: Containerized Deployment
        description: >
          Configures Deployment to use containerized services
        environments:
          - file: environments/docker.yaml
            title: Containerized Deployment
            description:
            requires:
              - overcloud-resource-registry-puppet.yaml
      - title: High Availability
        description: Enables configuration of an Overcloud Controller with Pacemaker
        environments:
          - file: environments/puppet-pacemaker.yaml
            title: High Availability (Pacemaker)
            description:
            requires:
              - overcloud-resource-registry-puppet.yaml

  - title: Network Configuration
    description:
    environment_groups:
      - title: Network Isolation
        description:
        environments:
          - file: environments/network-isolation.yaml
            title: Network Isolation
            description: >
              Enable the creation of Neutron networks for
              isolated Overcloud traffic and configure each role to assign ports
              (related to that role) on these networks.
            requires:
              - overcloud-resource-registry-puppet.yaml
          - file: environments/network-isolation-v6.yaml
            title: Network Isolation IPv6
            description: >
              Enable the creation of IPv6 Neutron networks for isolated Overcloud
              traffic and configure each role to assign ports (related
              to that role) on these networks.
            requires:
              - overcloud-resource-registry-puppet.yaml
        mutually_exclusive: true
      - title: NICs, Bonding, VLANs Configuration
        description: >
          Choose one of the pre-defined configurations or provide custom
          network-environment.yaml instead. Note that pre-defined configuration work
          only with standard Roles and Networks. These options assume use of Network Isolation.
        environments:
          - file: environments/net-bond-with-vlans.yaml
            title: Bond with Vlans
            description: >
              Configure each role to use a pair of bonded nics (nic2 and
              nic3) and configures an IP address on each relevant isolated network
              for each role. This option assumes use of Network Isolation.
            requires:
              - environments/network-isolation.yaml
          - file: environments/net-bond-with-vlans-no-external.yaml
            title: Bond with Vlans No External Ports
            description: >
              Configure each role to use a pair of bonded nics (nic2 and
              nic3) and configures an IP address on each relevant isolated network
              for each role. This option assumes use of Network Isolation.
              Sets external ports to noop.
            requires:
              - environments/network-isolation.yaml
          - file: environments/net-bond-with-vlans-v6.yaml
            title: Bond with Vlans IPv6
            description: >
              Configure each role to use a pair of bonded nics (nic2 and
              nic3) and configures an IP address on each relevant isolated network
              for each role, with IPv6 on the External network.
              This option assumes use of Network Isolation IPv6.
            requires:
              - environments/network-isolation-v6.yaml
          - file: environments/net-multiple-nics.yaml
            title: Multiple NICs
            description: >
              Configures each role to use a separate NIC for
              each isolated network.
              This option assumes use of Network Isolation.
            requires:
              - environments/network-isolation.yaml
          - file: environments/net-multiple-nics-v6.yaml
            title: Multiple NICs IPv6
            description: >
              Configure each role to use a separate NIC for
              each isolated network with IPv6 on the External network.
              This option assumes use of Network Isolation IPv6.
            requires:
              - environments/network-isolation-v6.yaml
          - file: environments/net-single-nic-with-vlans.yaml
            title: Single NIC with Vlans
            description: >
              Configure each role to use Vlans on a single NIC for
              each isolated network. This option assumes use of Network Isolation.
            requires:
              - environments/network-isolation.yaml
          - file: environments/net-single-nic-with-vlans-no-external.yaml
            title: Single NIC with Vlans No External Ports
            description: >
              Configure each role to use Vlans on a single NIC for
              each isolated network. This option assumes use of Network Isolation.
              Sets external ports to noop.
            requires:
              - environments/network-isolation.yaml
          - file: environments/net-single-nic-linux-bridge-with-vlans.yaml
            title: Single NIC with Linux Bridge Vlans
            description: >
              Configure each role to use Vlans on a single NIC for
              each isolated network. This option assumes use of Network Isolation.
            requires:
              - environments/network-isolation.yaml
          - file: environments/net-single-nic-with-vlans-v6.yaml
            title: Single NIC with Vlans IPv6
            description: >
              Configures each role to use Vlans on a single NIC for
              each isolated network with IPv6 on the External network.
              This option assumes use of Network Isolation IPv6
            requires:
              - environments/network-isolation-v6.yaml
        mutually_exclusive: true
      - title: Management Network
        description: >
          Enable the creation of a system management network. This
          creates a Neutron network for isolated Overcloud
          system management traffic and configures each role to
          assign a port (related to that role) on that network.
        environments:
          - file: environments/network-management.yaml
            title: Management Network
            description:
            requires:
              - overcloud-resource-registry-puppet.yaml
          - file: environments/network-management-v6.yaml
            title: Management Network IPv6
            description:
            requires:
              - overcloud-resource-registry-puppet.yaml
        mutually_exclusive: true

      - title: Docker Network
        description: >
          [Temporary] Use this option when deploying containerized deployment
          without network isolation
        environments:
          - file: environments/docker-network.yaml
            title: Docker network
            description:
            requires:
              - environments/docker.yaml

      - title: External load balancer
        description: >
          Enable external load balancer, requires network Isolation to be enabled.
          Note that this option assumes standard isolated networks set.
        environments:
          - file: environments/external-loadbalancer-vip.yaml
            title: External load balancer IPv4
            description: >
            requires:
              - environments/network-isolation.yaml
          - file: environments/external-loadbalancer-vip-v6.yaml
            title: External load balancer IPv6
            description: >
            requires:
              - environments/network-isolation-v6.yaml
        mutually_exclusive: true

  - title: Neutron Plugin Configuration
    description:
    environment_groups:
      - title: Neutron Plugins
        description: >
          Enable various Neutron plugins and backends
        environments:
          - file: environments/neutron-bgpvpn.yaml
            title: Neutron BGPVPN Service Plugin
            description: Enables Neutron BGPVPN Service Plugin
            requires:
              - overcloud-resource-registry-puppet.yaml
          - file: environments/services/neutron-lbaasv2.yaml
            title: Neutron LBaaSv2 Service Plugin
            description: Enables Neutron LBaaSv2 Service Plugin and Agent
            requires:
              - overcloud-resource-registry-puppet.yaml
          - file: environments/neutron-ml2-bigswitch.yaml
            title: BigSwitch Extensions
            description: >
              Enable Big Switch extensions, configured via puppet
            requires:
              - overcloud-resource-registry-puppet.yaml
          - file: environments/neutron-ml2-cisco-n1kv.yaml
            title: Cisco N1KV backend
            description: >
              Enable a Cisco N1KV backend, configured via puppet
            requires:
              - overcloud-resource-registry-puppet.yaml
          - file: environments/neutron-ml2-cisco-nexus-ucsm.yaml
            title: Cisco Neutron plugin
            description:
            requires:
              - overcloud-resource-registry-puppet.yaml
          - file: environments/networking/neutron-midonet.yaml
            title: Neutron MidoNet Services
            description:
            requires:
              - overcloud-resource-registry-puppet.yaml
          - file: environments/neutron-nuage-config.yaml
            title: Neutron Nuage backend
            description: Enables Neutron Nuage backend on the controller
            requires:
              - overcloud-resource-registry-puppet.yaml
          - file: environments/neutron-opendaylight.yaml
            title: OpenDaylight
            description: Enables OpenDaylight
            requires:
              - overcloud-resource-registry-puppet.yaml
          - file: environments/neutron-ovs-dpdk.yaml
            title: DPDK with OVS
            description: Deploy DPDK with OVS
            requires:
              - overcloud-resource-registry-puppet.yaml
          - file: environments/neutron-ovs-dvr.yaml
            title: DVR
            description: Enables DVR in the Overcloud
            requires:
              - overcloud-resource-registry-puppet.yaml
          - file: environments/neutron-plumgrid.yaml
            title: PLUMgrid extensions
            description: Enables PLUMgrid extensions
            requires:
              - overcloud-resource-registry-puppet.yaml
          - file: environments/neutron-ml2-fujitsu-cfab.yaml
            title: Fujitsu Neutron plugin for C-Fabric
            description: Enable C-Fabric in the overcloud
            requires:
              - overcloud-resource-registry-puppet.yaml
          - file: environments/neutron-ml2-fujitsu-fossw.yaml
            title: Fujitsu Neutron plugin for FOS
            description: Enable FOS in the overcloud
            requires:
              - overcloud-resource-registry-puppet.yaml
          - file: environments/neutron-nsx.yaml
            title: Deploy NSX Services
            description:
            requires:
              - overcloud-resource-registry-puppet.yaml
          - file: environments/neutron-l2gw.yaml
            title: Neutron L2 gateway Service Plugin
            description: Enables Neutron L2 gateway Service Plugin and Agent
            requires:
              - overcloud-resource-registry-puppet.yaml

  - title: Storage
    description:
    environment_groups:
      - title: Cinder backends
        description: >
          Enable various Cinder backends
        environments:
          - file: environments/cinder-pure-config.yaml
            title: Cinder Pure Storage FlashArray backend
            description:
            requires:
              - overcloud-resource-registry-puppet.yaml
          - file: environments/storage/cinder-netapp-config.yaml
            title: Cinder NetApp backend
            description:
            requires:
              - overcloud-resource-registry-puppet.yaml
          - file: environments/cinder-dellsc-config.yaml
            title: Cinder Dell EMC Storage Center ISCSI backend
            description: >
              Enables a Cinder Dell EMC Storage Center ISCSI backend
            requires:
              - overcloud-resource-registry-puppet.yaml
          - file: environments/cinder-dellemc-unity-config.yaml
            title: Cinder Dell EMC Unity backend
            description: >
              Enables a Cinder Dell EMC Unity backend,
              configured via puppet
            requires:
              - overcloud-resource-registry-puppet.yaml
          - file: environments/cinder-hpelefthand-config.yaml
            title: Cinder HPELeftHandISCSI backend
            description: >
              Enables a Cinder HPELeftHandISCSI backend
            requires:
              - overcloud-resource-registry-puppet.yaml
          - file: environments/cinder-dellps-config.yaml
            title: Cinder Dell EMC PS Series backend
            description: >
              Enables a Cinder Dell EMC PS Series backend
            requires:
              - overcloud-resource-registry-puppet.yaml
          - file: environments/cinder-iser.yaml
            title: Cinder iSER backend
            description: >
              Enable a Cinder iSER RDMA backend, configured via puppet
          - file: environments/cinder-scaleio-config.yaml
            title: Cinder Dell EMC ScaleIO backend
            description: >
              Enables a Cinder Dell EMC ScaleIO backend
            requires:
              - overcloud-resource-registry-puppet.yaml
          - file: environments/cinder-veritas-hyperscale-config.yaml
            title: Cinder Veritas HyperScale backend
            description: >
              Enables a Cinder Veritas HyperScale backend,
              configured via puppet
            requires:
              - overcloud-resource-registry-puppet.yaml
      - title: Cinder backup service
        description:
        environments:
          - file: environments/cinder-backup.yaml
            title: Cinder backup service
            description: >
              OpenStack Cinder Backup service with Pacemaker
            requires:
              - environments/puppet-pacemaker.yaml
              - overcloud-resource-registry-puppet.yaml
      - title: Ceph
        description: >
          Enable the use of Ceph in the overcloud
        environments:
          - file: environments/puppet-ceph.yaml
            title: Ceph Storage Backend
            description: >
              Deploys a Ceph cluster via TripleO, requires at lease one CephStorage node or
              use of hyperconverged-ceph.yaml environment for the HCI scenario, where CephOSD is
              colocated with NovaCompute and configures the overcloud to use it, via RBD driver.
            requires:
              - overcloud-resource-registry-puppet.yaml
          - file: environments/storage/external-ceph.yaml
            title: Externally managed Ceph
            description: >
              Configures the overcloud to use an externally managed Ceph cluster, via RBD driver.
            requires:
              - overcloud-resource-registry-puppet.yaml
        mutually_exclusive: true
      - title: Additional Ceph Options
        description:
        environments:
          - file: environments/services/ceph-mds.yaml
            title: Deploys CephMDS
            description: >
              Deploys CephMDS via TripleO, an additional Ceph service needed to create shared
              filesystems hosted in Ceph.
            requires:
              - environments/puppet-ceph.yaml
          - file: environments/ceph-radosgw.yaml
            title: Ceph Rados Gateway
            description: >
              Deploys CephRGW via TripleO, transparently replaces Swift providing a compatible API
              which stores data in the Ceph cluster.
            requires:
              - environments/puppet-ceph.yaml
          - file: environments/manila-cephfsnative-config.yaml
            title: Manila with CephFS
            description: >
              Deploys Manila and configures it with the CephFS driver. This requires the deployment of
              Ceph and CephMDS from TripleO or the use of an external Ceph cluster for the overcloud.
            requires:
              - overcloud-resource-registry-puppet.yaml
      - title: Glance backends
        description:
        environments:
          - file: environments/storage/glance-nfs.yaml
            title: Glance NFS Backend
            description: |
              Configure and enable this option to enable the use of an NFS
              share as the backend for Glance.
            requires:
              - overcloud-resource-registry-puppet.yaml


  - title: Security
    description: Security Hardening Options
    environment_groups:
      - title: TLS
        description:
        environments:
          - file: environments/ssl/enable-tls.yaml
            title: SSL on OpenStack Public Endpoints
            description: >
              Use this option to pass in certificates for SSL deployments.
              For these values to take effect, one of the TLS endpoints
              options must also be used.
            requires:
              - overcloud-resource-registry-puppet.yaml
      - title: TLS Endpoints
        description:
        environments:
          - file: environments/ssl/tls-endpoints-public-dns.yaml
            title: SSL-enabled deployment with DNS name as public endpoint
            description: >
              Use this option when deploying an SSL-enabled overcloud where the public
              endpoint is a DNS name.
            requires:
              - environments/ssl/enable-tls.yaml
          - file: environments/ssl/tls-everywhere-endpoints-dns.yaml
            title: Deploy All SSL Endpoints as DNS names
            description: >
              Use this option when deploying an overcloud where all the endpoints are
              DNS names and there's TLS in all endpoint types.
            requires:
              - environments/ssl/enable-tls.yaml
          - file: environments/ssl/tls-endpoints-public-ip.yaml
            title: SSL-enabled deployment with IP address as public endpoint
            description: >
              Use this option when deploying an SSL-enabled overcloud where the public
              endpoint is an IP address.
            requires:
              - environments/ssl/enable-tls.yaml
        mutually_exclusive: true
      - title: SSH Banner Text
        description: Enables population of SSH Banner Text
        environments:
          - file: environments/sshd-banner.yaml
            title: SSH Banner Text
            description:
            requires:
              - overcloud-resource-registry-puppet.yaml
      - title: Horizon Password Validation
        description: Enable Horizon Password validation
        environments:
          - file: environments/horizon_password_validation.yaml
            title: Horizon Password Validation
            description:
            requires:
              - overcloud-resource-registry-puppet.yaml
      - title: AuditD Rules
        description:  Management of AuditD rules
        environments:
          - file: environments/auditd.yaml
            title: AuditD Rule Management
            description:
            requires:
              - overcloud-resource-registry-puppet.yaml
      - title: Keystone CADF auditing
        description: Enable CADF notifications in Keystone for auditing
        environments:
          - file: environments/cadf.yaml
            title: Keystone CADF auditing
      - title: SecureTTY Values
        description: Set values within /etc/securetty
        environments:
          - file: environments/securetty.yaml
            title: SecureTTY Values

  - title: Additional Services
    description:
    environment_groups:
      - title:
        description: Deploy additional services
        environments:
          - file: environments/services/manila-generic-config.yaml
            title: Barbican
            description: Enable Barbican with the default secret store backend
            requires:
              - overcloud-resource-registry-puppet.yaml
          - file: environments/manila-generic-config.yaml
            title: Manila
            description: Enable Manila with generic driver backend
            requires:
              - overcloud-resource-registry-puppet.yaml
          - file: environments/services/sahara.yaml
            title: Sahara
            description: Deploy Sahara service
            requires:
              - overcloud-resource-registry-puppet.yaml
          - file: environments/services/ironic.yaml
            title: Ironic
            description: Deploy Ironic service
            requires:
              - overcloud-resource-registry-puppet.yaml
          - file: environments/services/mistral.yaml
            title: Mistral
            description: Deploy Mistral service
            requires:
              - overcloud-resource-registry-puppet.yaml
          - file: environments/services/ec2-api.yaml
            title: EC2 API
            description: Enable EC2-API service
            requires:
              - overcloud-resource-registry-puppet.yaml
          - file: environments/services/zaqar.yaml
            title: Zaqar
            description: Deploy Zaqar service
            requires:
              - overcloud-resource-registry-puppet.yaml

  - title: Nova Extensions
    description:
    environment_groups:
      - title: Nova Extensions
        description:
        environments:
          - file: environments/nova-nuage-config.yaml
            title: Nuage backend
            description: >
              Enables Nuage backend on the Compute
            requires:
              - overcloud-resource-registry-puppet.yaml

  - title: Operational Tools
    description:
    environment_groups:
      - title: Monitoring agents
        description: Enable monitoring agents
        environments:
          - file: environments/monitoring-environment.yaml
            title: Monitoring agents
            description:
            requires:
              - overcloud-resource-registry-puppet.yaml
      - title: Centralized logging support
        description: Enable centralized logging clients (fluentd)
        environments:
          - file: environments/logging-environment.yaml
            title: fluentd client
            description:
            requires:
              - overcloud-resource-registry-puppet.yaml
      - title: Performance monitoring
        description: Enable performance monitoring agents
        environments:
          - file: environments/collectd-environment.yaml
            title: Performance monitoring agents
            description:
            requires:
              - overcloud-resource-registry-puppet.yaml

  - title: Utilities
    description:
    environment_groups:
      - title: Config Debug
        description: Enable config management (e.g. Puppet) debugging
        environments:
          - file: environments/config-debug.yaml
            title: Config Debug
            description:
            requires:
              - overcloud-resource-registry-puppet.yaml
      - title: Disable journal in MongoDb
        description: >
          Since, when journaling is enabled, MongoDb will create big journal
          file it can take time. In a CI environment for example journaling is
          not necessary.
        environments:
          - file: environments/mongodb-nojournal.yaml
            title: Disable journal in MongoDb
            description:
            requires:
              - overcloud-resource-registry-puppet.yaml
      - title: Overcloud Steps
        description: >
          Specifies hooks/breakpoints where overcloud deployment should stop
          Allows operator validation between steps, and/or more granular control.
          Note: the wildcards relate to naming convention for some resource suffixes,
          e.g see puppet/*-post.yaml, enabling this will mean we wait for
          a user signal on every *Deployment_StepN resource defined in those files.
        tags:
          - no-gui
        environments:
          - file: environments/overcloud-steps.yaml
            title: Overcloud Steps
            description:
            requires:
              - overcloud-resource-registry-puppet.yaml