diff options
Diffstat (limited to 'scenarios/os-odl-sfc/role/os-odl-sfc/files/tacker_files/all.yml')
| -rw-r--r-- | scenarios/os-odl-sfc/role/os-odl-sfc/files/tacker_files/all.yml | 487 |
1 files changed, 487 insertions, 0 deletions
diff --git a/scenarios/os-odl-sfc/role/os-odl-sfc/files/tacker_files/all.yml b/scenarios/os-odl-sfc/role/os-odl-sfc/files/tacker_files/all.yml new file mode 100644 index 00000000..2af1ba0a --- /dev/null +++ b/scenarios/os-odl-sfc/role/os-odl-sfc/files/tacker_files/all.yml @@ -0,0 +1,487 @@ + +--- +# Copyright 2016, Rackspace US, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +## OpenStack Source Code Release +openstack_release: 15.1.7 + +## Verbosity Options +debug: False + +## SSH connection wait time +ssh_delay: 5 + +# Set the package install state for distribution packages +# Options are 'present' and 'latest' +package_state: "latest" + +# Set "/var/log" to be a bind mount to the physical host. +default_bind_mount_logs: true + +# Set distro variable +os_distro_version: "{{ ansible_distribution | lower }}-{{ ansible_distribution_version.split('.')[:2] | join('.') }}-{{ ansible_architecture | lower }}" + +# Ensure that the package state matches the global setting +ceph_client_package_state: "{{ package_state }}" +galera_client_package_state: "{{ package_state }}" +pip_install_package_state: "{{ package_state }}" +rsyslog_client_package_state: "{{ package_state }}" + +## OpenStack source options +openstack_repo_url: "http://{{ internal_lb_vip_address }}:{{ repo_server_port }}" +openstack_repo_git_url: "git://{{ internal_lb_vip_address }}" + +# URL for the frozen internal openstack repo. +repo_server_port: 8181 +repo_pkg_cache_enabled: true +repo_pkg_cache_port: 3142 +repo_pkg_cache_url: "http://{{ internal_lb_vip_address }}:{{ repo_pkg_cache_port }}" +repo_release_path: "{{ openstack_repo_url }}/os-releases/{{ openstack_release }}/{{ os_distro_version }}" + +# These are pinned to ensure exactly the same behaviour forever! +# These pins are updated through the sources-branch-updater script +pip_packages: + - pip==9.0.1 + - setuptools==33.1.1 + - wheel==0.29.0 + +pip_links: + - { name: "openstack_release", link: "{{ repo_release_path }}/" } +pip_lock_to_internal_repo: "{{ (pip_links | length) >= 1 }}" + +# The upper constraints to apply to all pip installations +pip_install_upper_constraints: "{{ repo_release_path }}/requirements_absolute_requirements.txt" + +# The URL to retrieve the get-pip.py installation script +pip_upstream_url: "{{ (pip_offline_install | bool) | ternary('https://bootstrap.pypa.io/get-pip.py', repo_release_path ~ '/get-pip.py') }}" + +## kernel modules for specific group hosts +# :param name: name of the kernel module +# :param pattern: pattern to search for in /boot/config-$kernel_version to check how module is configured inside kernel +# :param group: group of hosts where the module will be loaded +openstack_host_specific_kernel_modules: + - { name: "ebtables", pattern: "CONFIG_BRIDGE_NF_EBTABLES", group: "network_hosts" } + +## DNS resolution (resolvconf) options +#Group containing resolvers to configure +resolvconf_resolver_group: unbound + +## Memcached options +memcached_port: 11211 +memcached_servers: "{% for host in groups['memcached'] %}{{ hostvars[host]['ansible_host'] }}:{{ memcached_port }}{% if not loop.last %},{% endif %}{% endfor %}" + +## Galera +galera_address: "{{ internal_lb_vip_address }}" +galera_root_user: "root" + +## RabbitMQ +rabbitmq_host_group: "rabbitmq_all" +rabbitmq_port: "{{ (rabbitmq_use_ssl | bool) | ternary(5671, 5672) }}" + +rabbitmq_use_ssl: True +rabbitmq_servers: "{% for host in groups[rabbitmq_host_group] %}{{ hostvars[host]['ansible_host'] }}{% if not loop.last %},{% endif %}{% endfor %}" + +## Enable external SSL handling for general OpenStack services +openstack_external_ssl: true + +## OpenStack global Endpoint Protos +openstack_service_publicuri_proto: https +#openstack_service_adminuri_proto: http +#openstack_service_internaluri_proto: http + +## SSL +# These do not need to be configured unless you're creating certificates for +# services running behind Apache (currently, Horizon and Keystone). +ssl_protocol: "ALL -SSLv2 -SSLv3" +# Cipher suite string from https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/ +ssl_cipher_suite: "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS" + +## Region Name +service_region: RegionOne + +## OpenStack Domain +openstack_domain: openstack.local +lxc_container_domain: "{{ openstack_domain }}" + +## DHCP Domain Name +dhcp_domain: openstacklocal + +## LDAP enabled toggle +service_ldap_backend_enabled: "{{ keystone_ldap is defined and keystone_ldap.Default is defined }}" + +## Base venv configuration +venv_tag: "{{ openstack_release }}" +venv_base_download_url: "{{ openstack_repo_url }}/venvs/{{ openstack_release }}/{{ os_distro_version }}" + +## Aodh +aodh_service_region: "{{ service_region }}" +aodh_galera_user: aodh +aodh_galera_database: aodh +aodh_galera_address: "{{ internal_lb_vip_address }}" +aodh_connection_string: "mysql+pymysql://{{ aodh_galera_user }}:{{ aodh_container_db_password }}@{{ aodh_galera_address }}/{{ aodh_galera_database }}?charset=utf8" +aodh_rabbitmq_host_group: "{{ rabbitmq_host_group }}" + + +## Ceilometer +ceilometer_service_user_name: ceilometer +ceilometer_service_tenant_name: service + +# These are here rather than in ceilometer_all because +# both the os_ceilometer and os_swift roles require them +ceilometer_rabbitmq_userid: ceilometer +ceilometer_rabbitmq_vhost: /ceilometer +ceilometer_rabbitmq_port: "{{ rabbitmq_port }}" +ceilometer_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" +ceilometer_rabbitmq_servers: "{{ rabbitmq_servers }}" +ceilometer_rabbitmq_host_group: "{{ rabbitmq_host_group }}" + + +## Cinder +cinder_service_region: "{{ service_region }}" +cinder_service_port: 8776 +# If there are Swift hosts in the environment, then enable cinder backups to it +cinder_service_backup_program_enabled: "{{ groups['swift_all'] is defined and groups['swift_all'] | length > 0 }}" +cinder_ceph_client: cinder + +# These are here rather than in cinder_all because +# both the os_ceilometer and os_cinder roles require them + +# RPC +cinder_rabbitmq_userid: cinder +cinder_rabbitmq_vhost: /cinder +cinder_rabbitmq_port: "{{ rabbitmq_port }}" +cinder_rabbitmq_servers: "{{ rabbitmq_servers }}" +cinder_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" +cinder_rabbitmq_host_group: "{{ rabbitmq_host_group }}" + +# Telemetry notifications +cinder_rabbitmq_telemetry_userid: "{{ cinder_rabbitmq_userid }}" +cinder_rabbitmq_telemetry_password: "{{ cinder_rabbitmq_password }}" +cinder_rabbitmq_telemetry_vhost: "{{ cinder_rabbitmq_vhost }}" +cinder_rabbitmq_telemetry_port: "{{ cinder_rabbitmq_port }}" +cinder_rabbitmq_telemetry_servers: "{{ cinder_rabbitmq_servers }}" +cinder_rabbitmq_telemetry_use_ssl: "{{ cinder_rabbitmq_use_ssl }}" +cinder_rabbitmq_telemetry_host_group: "{{ cinder_rabbitmq_host_group }}" + +# If there are any Ceilometer hosts in the environment, then enable its usage +cinder_ceilometer_enabled: "{{ (groups['cinder_all'] is defined) and (groups['cinder_all'] | length > 0) and (groups['ceilometer_all'] is defined) and (groups['ceilometer_all'] | length > 0) }}" + +## Glance +glance_service_port: 9292 +glance_service_proto: http +glance_service_publicuri_proto: "{{ openstack_service_publicuri_proto | default(glance_service_proto) }}" +glance_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(glance_service_proto) }}" +glance_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(glance_service_proto) }}" +glance_service_publicuri: "{{ glance_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ glance_service_port }}" +glance_service_publicurl: "{{ glance_service_publicuri }}" +glance_service_internaluri: "{{ glance_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ glance_service_port }}" +glance_service_internalurl: "{{ glance_service_internaluri }}" +glance_service_adminuri: "{{ glance_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ glance_service_port }}" +glance_service_adminurl: "{{ glance_service_adminuri }}" +glance_api_servers: "{{ glance_service_internaluri }}" +glance_service_user_name: glance + +# These are here rather than in glance_all because +# both the os_ceilometer and os_glance roles require them + +## Gnocchi +# Used in both Gnocchi and Swift roles. +gnocchi_service_project_name: "{{ (gnocchi_storage_driver is defined and gnocchi_storage_driver == 'swift') | ternary('gnocchi_swift', 'service') }}" + +# RPC +glance_rabbitmq_userid: glance +glance_rabbitmq_vhost: /glance +glance_rabbitmq_port: "{{ rabbitmq_port }}" +glance_rabbitmq_servers: "{{ rabbitmq_servers }}" +glance_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" +glance_rabbitmq_host_group: "{{ rabbitmq_host_group }}" + +# Telemetry notifications +glance_rabbitmq_telemetry_userid: "{{ glance_rabbitmq_userid }}" +glance_rabbitmq_telemetry_password: "{{ glance_rabbitmq_password }}" +glance_rabbitmq_telemetry_vhost: "{{ glance_rabbitmq_vhost }}" +glance_rabbitmq_telemetry_port: "{{ glance_rabbitmq_port }}" +glance_rabbitmq_telemetry_servers: "{{ glance_rabbitmq_servers }}" +glance_rabbitmq_telemetry_use_ssl: "{{ glance_rabbitmq_use_ssl }}" +glance_rabbitmq_telemetry_host_group: "{{ glance_rabbitmq_host_group }}" + +# If there are any Ceilometer hosts in the environment, then enable its usage +glance_ceilometer_enabled: "{{ (groups['ceilometer_all'] is defined) and (groups['ceilometer_all'] | length > 0) }}" + +## Heat + +# These are here rather than in heat_all because +# both the os_ceilometer and os_heat roles require them + +# RPC +heat_rabbitmq_userid: heat +heat_rabbitmq_vhost: /heat +heat_rabbitmq_port: "{{ rabbitmq_port }}" +heat_rabbitmq_servers: "{{ rabbitmq_servers }}" +heat_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" +heat_rabbitmq_host_group: "{{ rabbitmq_host_group }}" + +# Telemetry notifications +heat_rabbitmq_telemetry_userid: "{{ heat_rabbitmq_userid }}" +heat_rabbitmq_telemetry_password: "{{ heat_rabbitmq_password }}" +heat_rabbitmq_telemetry_vhost: "{{ heat_rabbitmq_vhost }}" +heat_rabbitmq_telemetry_port: "{{ heat_rabbitmq_port }}" +heat_rabbitmq_telemetry_servers: "{{ heat_rabbitmq_servers }}" +heat_rabbitmq_telemetry_use_ssl: "{{ heat_rabbitmq_use_ssl }}" +heat_rabbitmq_telemetry_host_group: "{{ heat_rabbitmq_host_group }}" + +# If there are any Ceilometer hosts in the environment, then enable its usage +heat_ceilometer_enabled: "{{ (groups['ceilometer_all'] is defined) and (groups['ceilometer_all'] | length > 0) }}" + +## Ironic +ironic_keystone_auth_plugin: password +ironic_rabbitmq_userid: ironic +ironic_rabbitmq_vhost: /ironic +ironic_rabbitmq_port: "{{ rabbitmq_port }}" +ironic_rabbitmq_servers: "{{ rabbitmq_servers }}" +ironic_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" +ironic_rabbitmq_host_group: "{{ rabbitmq_host_group }}" +ironic_service_name: ironic +ironic_service_user_name: ironic +ironic_service_proto: http +ironic_service_port: 6385 +ironic_service_project_name: service +ironic_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(ironic_service_proto) }}" +ironic_service_adminurl: "{{ ironic_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ ironic_service_port }}" + +## Keystone +keystone_admin_user_name: admin +keystone_admin_tenant_name: admin +keystone_admin_port: 35357 +keystone_service_port: 5000 +keystone_service_proto: http +keystone_service_region: "{{ service_region }}" + +# These are here rather than in keystone_all because +# both the os_ceilometer and os_keystone roles require them + +# RPC +keystone_rabbitmq_userid: keystone +keystone_rabbitmq_vhost: /keystone +keystone_rabbitmq_port: "{{ rabbitmq_port }}" +keystone_rabbitmq_servers: "{{ rabbitmq_servers }}" +keystone_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" +keystone_rabbitmq_host_group: "{{ rabbitmq_host_group }}" + +# Telemetry notifications +keystone_rabbitmq_telemetry_userid: "{{ keystone_rabbitmq_userid }}" +keystone_rabbitmq_telemetry_password: "{{ keystone_rabbitmq_password }}" +keystone_rabbitmq_telemetry_vhost: "{{ keystone_rabbitmq_vhost }}" +keystone_rabbitmq_telemetry_port: "{{ keystone_rabbitmq_port }}" +keystone_rabbitmq_telemetry_servers: "{{ keystone_rabbitmq_servers }}" +keystone_rabbitmq_telemetry_use_ssl: "{{ keystone_rabbitmq_use_ssl }}" +keystone_rabbitmq_telemetry_host_group: "{{ keystone_rabbitmq_host_group }}" + +# If there are any Ceilometer hosts in the environment, then enable its usage +keystone_ceilometer_enabled: "{{ (groups['ceilometer_all'] is defined) and (groups['ceilometer_all'] | length > 0) }}" + +keystone_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(keystone_service_proto) }}" +keystone_service_adminuri_insecure: "{% if keystone_service_adminuri_proto == 'https' and (keystone_user_ssl_cert is not defined or haproxy_user_ssl_cert is not defined) | bool %}true{% else %}false{% endif %}" +keystone_service_adminuri: "{{ keystone_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ keystone_admin_port }}" +keystone_service_adminurl: "{{ keystone_service_adminuri }}/v3" + +keystone_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(keystone_service_proto) }}" +keystone_service_internaluri_insecure: "{% if keystone_service_internaluri_proto == 'https' and (keystone_user_ssl_cert is not defined or haproxy_user_ssl_cert is not defined) | bool %}true{% else %}false{% endif %}" +keystone_service_internaluri: "{{ keystone_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ keystone_service_port }}" +keystone_service_internalurl: "{{ keystone_service_internaluri }}/v3" + +## Neutron +neutron_service_port: 9696 +neutron_service_proto: http +neutron_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(neutron_service_proto) }}" +neutron_service_adminuri: "{{ neutron_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ neutron_service_port }}" +neutron_service_adminurl: "{{ neutron_service_adminuri }}" +neutron_service_user_name: neutron +neutron_service_project_name: service +neutron_service_region: "{{ service_region }}" + +# These are here rather than in neutron_all because +# both the os_ceilometer and os_neutron roles require them + +# RPC +neutron_rabbitmq_userid: neutron +neutron_rabbitmq_vhost: /neutron +neutron_rabbitmq_port: "{{ rabbitmq_port }}" +neutron_rabbitmq_servers: "{{ rabbitmq_servers }}" +neutron_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" +neutron_rabbitmq_host_group: "{{ rabbitmq_host_group }}" + +# Telemetry notifications +neutron_rabbitmq_telemetry_userid: "{{ neutron_rabbitmq_userid }}" +neutron_rabbitmq_telemetry_password: "{{ neutron_rabbitmq_password }}" +neutron_rabbitmq_telemetry_vhost: "{{ neutron_rabbitmq_vhost }}" +neutron_rabbitmq_telemetry_port: "{{ neutron_rabbitmq_port }}" +neutron_rabbitmq_telemetry_servers: "{{ neutron_rabbitmq_servers }}" +neutron_rabbitmq_telemetry_use_ssl: "{{ neutron_rabbitmq_use_ssl }}" +neutron_rabbitmq_telemetry_host_group: "{{ neutron_rabbitmq_host_group }}" + +# If there are any Designate hosts in the environment, then enable its usage +neutron_designate_enabled: "{{ (groups['designate_all'] is defined) and (groups['designate_all'] | length > 0) }}" +# If there are any Ceilometer hosts in the environment, then enable its usage +neutron_ceilometer_enabled: "{{ (groups['ceilometer_all'] is defined) and (groups['ceilometer_all'] | length > 0) }}" + +neutron_plugin_type: ml2.lxb + +## Nova +nova_service_port: 8774 +nova_metadata_port: 8775 +nova_service_proto: http +nova_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(nova_service_proto) }}" +nova_service_adminuri: "{{ nova_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ nova_service_port }}" +nova_service_adminurl: "{{ nova_service_adminuri }}/v2.1/%(tenant_id)s" +nova_service_region: "{{ service_region }}" +nova_service_user_name: nova +nova_service_project_name: service +nova_service_project_domain_id: default +nova_service_user_domain_id: default +nova_keystone_auth_plugin: password +nova_console_type: spice +nova_novncproxy_port: 6080 +nova_spice_html5proxy_base_port: 6082 +nova_console_port: "{% if nova_console_type == 'spice' %}{{ nova_spice_html5proxy_base_port }}{% else %}{{ nova_novncproxy_port }}{% endif %}" + +# These are here rather than in nova_all because +# both the os_ceilometer and os_nova roles require them + +# RPC +nova_rabbitmq_userid: nova +nova_rabbitmq_vhost: /nova +nova_rabbitmq_port: "{{ rabbitmq_port }}" +nova_rabbitmq_servers: "{{ rabbitmq_servers }}" +nova_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" +nova_rabbitmq_host_group: "{{ rabbitmq_host_group }}" + +# Telemetry notifications +nova_rabbitmq_telemetry_userid: "{{ nova_rabbitmq_userid }}" +nova_rabbitmq_telemetry_password: "{{ nova_rabbitmq_password }}" +nova_rabbitmq_telemetry_vhost: "{{ nova_rabbitmq_vhost }}" +nova_rabbitmq_telemetry_port: "{{ nova_rabbitmq_port }}" +nova_rabbitmq_telemetry_servers: "{{ nova_rabbitmq_servers }}" +nova_rabbitmq_telemetry_use_ssl: "{{ nova_rabbitmq_use_ssl }}" +nova_rabbitmq_telemetry_host_group: "{{ nova_rabbitmq_host_group }}" + +# If there are any Designate hosts in the environment, then enable its usage +nova_designate_enabled: "{{ (groups['designate_all'] is defined) and (groups['designate_all'] | length > 0) }}" +# If there are any Ceilometer hosts in the environment, then enable its usage +nova_ceilometer_enabled: "{{ (groups['ceilometer_all'] is defined) and (groups['ceilometer_all'] | length > 0) }}" +# If there are any Barbican hosts in the environment, then enable its usage +nova_barbican_enabled: "{{ (groups['barbican_all'] is defined) and (groups['barbican_all'] | length > 0) }}" + +## Sahara +#RPC +sahara_rabbitmq_userid: sahara +sahara_rabbitmq_vhost: /sahara +sahara_rabbitmq_port: "{{ rabbitmq_port }}" +sahara_rabbitmq_servers: "{{ rabbitmq_servers }}" +sahara_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" +sahara_rabbitmq_host_group: "{{ rabbitmq_host_group }}" + +# Telemetry notifications +sahara_rabbitmq_telemetry_userid: "{{ sahara_rabbitmq_userid }}" +sahara_rabbitmq_telemetry_password: "{{ sahara_rabbitmq_password }}" +sahara_rabbitmq_telemetry_vhost: "{{ sahara_rabbitmq_vhost }}" +sahara_rabbitmq_telemetry_port: "{{ sahara_rabbitmq_port }}" +sahara_rabbitmq_telemetry_servers: "{{ sahara_rabbitmq_servers }}" +sahara_rabbitmq_telemetry_use_ssl: "{{ sahara_rabbitmq_use_ssl }}" +sahara_rabbitmq_telemetry_host_group: "{{ sahara_rabbitmq_host_group }}" + +# If there are any Ceilometer and Sahara hosts in the environment, then enable its usage +sahara_ceilometer_enabled: "{{ (groups['ceilometer_all'] is defined) and (groups['sahara_all'] is defined) and (groups['ceilometer_all'] | length > 0) and (groups['sahara_all'] | length > 0) }}" + +## Swift +swift_proxy_port: 8080 +swift_system_user_name: swift +swift_system_shell: /bin/bash +swift_system_comment: swift system user +swift_system_home_folder: "/var/lib/{{ swift_system_user_name }}" + +# Swift Telemetry notifications +swift_rabbitmq_telemetry_userid: "swift" +swift_rabbitmq_telemetry_vhost: "/swift" +swift_rabbitmq_telemetry_servers: "{{ rabbitmq_servers }}" +swift_rabbitmq_telemetry_host_group: "{{ rabbitmq_host_group }}" + +# If there are any Ceilometer and Swift hosts in the environment, then enable its usage +swift_ceilometer_enabled: "{{ (groups['ceilometer_all'] is defined) and (groups['swift_proxy'] is defined) and (groups['ceilometer_all'] | length > 0) and (groups['swift_proxy'] | length > 0) }}" + +## OpenStack Openrc +openrc_os_auth_url: "{{ keystone_service_internalurl }}" +openrc_os_password: "{{ keystone_auth_admin_password }}" +openrc_os_domain_name: "Default" +openrc_region_name: "{{ service_region }}" + +## Host security hardening +# The openstack-ansible-security role provides security hardening for hosts +# by applying security configurations from the STIG. Hardening is enabled by +# default, but an option to opt out is available by setting the following +# variable to 'false'. +# Docs: http://docs.openstack.org/developer/openstack-ansible-security/ +apply_security_hardening: true + +## Ansible ssh configuration +ansible_ssh_extra_args: > + -o UserKnownHostsFile=/dev/null + -o StrictHostKeyChecking=no + -o ServerAliveInterval=64 + -o ServerAliveCountMax=1024 + -o Compression=no + -o TCPKeepAlive=yes + -o VerifyHostKeyDNS=no + -o ForwardX11=no + -o ForwardAgent=yes + -T + +# Toggle whether the service is deployed in a container or not +is_metal: "{{ properties.is_metal | default(false) }}" + +## ceph-ansible configuration +mon_group_name: ceph-mon +osd_group_name: ceph-osd +ceph_stable: true +# The _stable_release var is used by both the OSA ceph_client role and the +# ceph-ansible roles. It is defaulted in ceph_client but set here to keep the +# OSA/ceph-ansible integrations in sync. +ceph_stable_release: jewel +fetch_directory: /etc/openstack_deploy/ceph-fetch/ +# tries to create /var/log/ceph as a directory and fails if the log link already +# exists. we handle the log dir creation so this is not something we need +# ceph-common to prepare for us. +rbd_client_directories: false + +# Magnum +magnum_bind_port: 9511 +magnum_service_proto: http +magnum_service_publicuri_proto: "{{ openstack_service_publicuri_proto | default(magnum_service_proto) }}" +magnum_service_publicurl: "{{ magnum_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ magnum_bind_port }}" +magnum_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(magnum_service_proto) }}" +magnum_service_internalurl: "{{ magnum_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ magnum_bind_port }}" +magnum_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(magnum_service_proto) }}" +magnum_service_adminurl: "{{ magnum_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ magnum_bind_port }}" + +# Tacker +tacker_service_user_name: tacker +tacker_service_tenant_name: service + +tacker_rabbitmq_userid: tacker +tacker_rabbitmq_vhost: /tacker +tacker_rabbitmq_port: "{{ rabbitmq_port }}" +tacker_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}" +tacker_rabbitmq_servers: "{{ rabbitmq_servers }}" +tacker_rabbitmq_host_group: "{{ rabbitmq_host_group }}" |