--- ############################################################################### # Kolla installation. # Type of Kolla control installation. One of 'binary' or 'source'. kolla_ctl_install_type: source # Path to directory for kolla source code checkout. kolla_source_path: "{{ source_checkout_path ~ '/kolla' }}" # URL of Kolla source code repository if type is 'source'. kolla_source_url: "https://opendev.org/openstack/kolla" # Version (branch, tag, etc.) of Kolla source code repository if type is # 'source'. Default is {{ openstack_branch }}. kolla_source_version: "{{ openstack_branch }}" # Path to virtualenv in which to install kolla. kolla_venv: "{{ virtualenv_path ~ '/kolla' }}" # Path in which to generate kolla configuration. kolla_build_config_path: "{{ config_path ~ '/kolla' }}" ############################################################################### # Kolla-ansible installation. # Type of Kolla-ansible control installation. One of 'binary' or 'source'. kolla_ansible_ctl_install_type: source # Path to directory for kolla-ansible source code checkout. kolla_ansible_source_path: "{{ lookup('env', 'KOLLA_SOURCE_PATH') | default(lookup('env', 'PWD') ~ '/src/kolla-ansible', true) }}" # URL of Kolla Ansible source code repository if type is 'source'. kolla_ansible_source_url: "https://opendev.org/openstack/kolla-ansible" # Version (branch, tag, etc.) of Kolla Ansible source code repository if type # is 'source'. Default is {{ openstack_branch }}. kolla_ansible_source_version: "{{ openstack_branch }}" # Path to virtualenv in which to install kolla-ansible. kolla_ansible_venv: "{{ lookup('env', 'KOLLA_VENV_PATH') | default(lookup('env', 'PWD') ~ '/venvs/kolla-ansible', true) }}" # Extra requirements to install inside the kolla-ansible virtualenv. kolla_ansible_venv_extra_requirements: [] # Path to Kolla-ansible configuration directory. kolla_config_path: "{{ lookup('env', 'KOLLA_CONFIG_PATH') | default('/etc/kolla', true) }}" # Path to Kolla-ansible node custom configuration directory. kolla_node_custom_config_path: "{{ kolla_config_path }}/config" ############################################################################### # Kolla configuration. # Kolla base container image architecture. Options are "x86_64", "aarch64". # Default is "{{ ansible_facts.architecture }}" kolla_base_arch: "{{ ansible_facts.architecture }}" # Kolla base container image distribution. Options are "centos", "debian", # "rocky", "ubuntu". Default is {{ os_distribution }}. kolla_base_distro: "{{ os_distribution }}" # Kolla base container image distribution version default map. # Defines default versions for each distribution. kolla_base_distro_version_default_map: { "centos": "stream9", "debian": "bullseye", "rocky": "9", "ubuntu": "noble", } # Kolla base container image distribution version. # Default is kolla_base_distro_version_default_map[kolla_base_distro]. kolla_base_distro_version: "{{ kolla_base_distro_version_default_map[kolla_base_distro] }}" # Docker namespace to use for Kolla images. kolla_docker_namespace: "openstack.kolla" # Url of docker registry to use for Kolla images. kolla_docker_registry: "{{ docker_registry }}" # Username to use to access a docker registry. kolla_docker_registry_username: # Password to use to access a docker registry. kolla_docker_registry_password: # Kolla OpenStack release version. This should be a Docker image tag. # Default is {{ openstack_release }}. kolla_openstack_release: "{{ openstack_release }}" # Docker tag applied to built container images. Default is {{ # kolla_openstack_release }}-{{ kolla_base_distro }}-{{ # kolla_base_distro_version }}. kolla_tag: "{{ kolla_openstack_release }}-{{ kolla_base_distro }}-{{ kolla_base_distro_version }}" # Dict mapping names of sources to their definitions. # See kolla.common.config for details. # Example: # kolla_sources: # ironic-base: # type: git # location: https://github.com/openstack/ironic # reference: master kolla_sources: bifrost-base: type: "git" location: "{{ kolla_bifrost_source_url }}" reference: "{{ kolla_bifrost_source_version }}" ############################################################################### # Kolla image build configuration. # List of regular expressions matching names of container images to build for # the seed. seed_container_image_regex_map: - regex: bifrost enabled: True # List of regular expressions matching names of container images to build for # the seed. seed_container_image_regexes: "{{ seed_container_image_regex_map | selectattr('enabled') | map(attribute='regex') | list }}" # List of container image sets for the seed. This is used when building # container images to determine which images to build. seed_container_image_sets: - regexes: "{{ seed_container_image_regexes | join(' ') }}" # List of regular expressions matching names of container images to build for # overcloud hosts. overcloud_container_image_regex_map: - regex: ^aodh enabled: "{{ kolla_enable_aodh | bool }}" - regex: ^barbican enabled: "{{ kolla_enable_barbican | bool }}" - regex: ^blazar enabled: "{{ kolla_enable_blazar | bool }}" - regex: ^ceilometer enabled: "{{ kolla_enable_ceilometer | bool }}" - regex: ^cinder enabled: "{{ kolla_enable_cinder | bool }}" - regex: ^cloudkitty enabled: "{{ kolla_enable_cloudkitty | bool }}" - regex: ^collectd enabled: "{{ kolla_enable_collectd | bool }}" - regex: ^cron enabled: True - regex: ^cyborg enabled: "{{ kolla_enable_cyborg | bool }}" - regex: ^designate enabled: "{{ kolla_enable_designate | bool }}" - regex: ^dnsmasq enabled: "{{ kolla_enable_ironic | bool }}" - regex: ^etcd enabled: "{{ kolla_enable_etcd | bool }}" - regex: ^fluentd enabled: "{{ kolla_enable_fluentd | bool }}" - regex: ^glance enabled: "{{ kolla_enable_glance | bool }}" - regex: ^gnocchi enabled: "{{ kolla_enable_gnocchi | bool }}" - regex: ^grafana enabled: "{{ kolla_enable_grafana | bool }}" - regex: ^hacluster enabled: "{{ kolla_enable_hacluster | bool }}" - regex: ^haproxy$ enabled: "{{ kolla_enable_haproxy | bool }}" - regex: ^haproxy-ssh$ enabled: "{{ kolla_enable_letsencrypt | bool }}" - regex: ^heat enabled: "{{ kolla_enable_heat | bool }}" - regex: ^horizon enabled: "{{ kolla_enable_horizon | bool }}" - regex: ^influxdb enabled: "{{ kolla_enable_influxdb | bool }}" - regex: ^ironic enabled: "{{ kolla_enable_ironic | bool }}" - regex: ironic-neutron-agent enabled: "{{ kolla_enable_ironic_neutron_agent | bool }}" - regex: ^iscsid enabled: "{{ kolla_enable_iscsid | bool }}" - regex: ^keepalived enabled: "{{ kolla_enable_keepalived | bool }}" - regex: ^keystone enabled: "{{ kolla_enable_keystone | bool }}" - regex: kolla-toolbox enabled: True - regex: ^kuryr enabled: "{{ kolla_enable_kuryr | bool }}" - regex: ^letsencrypt enabled: "{{ kolla_enable_letsencrypt | bool }}" - regex: ^magnum enabled: "{{ kolla_enable_magnum | bool }}" - regex: ^manila enabled: "{{ kolla_enable_manila | bool }}" - regex: ^mariadb enabled: "{{ kolla_enable_mariadb | bool }}" - regex: ^masakari enabled: "{{ kolla_enable_masakari | bool }}" - regex: ^memcached enabled: "{{ kolla_enable_memcached | bool }}" - regex: ^mistral enabled: "{{ kolla_enable_mistral | bool }}" - regex: ^multipathd enabled: "{{ kolla_enable_multipathd | bool }}" - regex: "neutron-\\(server\\|metadata-agent\\)" enabled: "{{ kolla_enable_neutron | bool }}" - regex: "neutron-\\(dhcp\\|l3\\|linuxbridge\\|openvswitch\\)-agent" enabled: "{{ kolla_build_neutron_ovs | default(kolla_enable_neutron | bool and not kolla_enable_ovn | bool) }}" - regex: neutron-mlnx-agent enabled: "{{ kolla_enable_neutron_mlnx | bool }}" - regex: neutron-ovn-agent enabled: "{{ kolla_enable_neutron | bool and kolla_enable_ovn | bool }}" - regex: neutron-sriov-agent enabled: "{{ kolla_enable_neutron_sriov | bool }}" - regex: ^nova enabled: "{{ kolla_enable_nova | bool }}" - regex: ^octavia enabled: "{{ kolla_enable_octavia | bool }}" - regex: ^opensearch$ enabled: "{{ kolla_enable_opensearch | bool }}" - regex: ^opensearch-dashboards$ enabled: "{{ kolla_enable_opensearch_dashboards | bool }}" - regex: ^openvswitch enabled: "{{ kolla_enable_openvswitch | bool }}" - regex: ^ovn enabled: "{{ kolla_enable_ovn | bool }}" - regex: ^ovsdpdk enabled: "{{ kolla_enable_ovs_dpdk | bool }}" - regex: ^placement enabled: "{{ kolla_enable_placement | bool }}" - regex: ^prometheus enabled: "{{ kolla_enable_prometheus | bool }}" - regex: ^proxysql enabled: "{{ kolla_enable_proxysql | bool }}" - regex: ^qdrouterd enabled: "{{ kolla_enable_qdrouterd | bool }}" - regex: ^rabbitmq enabled: "{{ kolla_enable_rabbitmq | bool }}" - regex: ^redis enabled: "{{ kolla_enable_redis | bool }}" - regex: ^skyline enabled: "{{ kolla_enable_skyline | bool }}" - regex: ^swift enabled: "{{ kolla_enable_swift | bool }}" - regex: ^tacker enabled: "{{ kolla_enable_tacker | bool }}" - regex: ^telegraf enabled: "{{ kolla_enable_telegraf | bool }}" - regex: ^tgtd enabled: "{{ kolla_enable_cinder | bool or kolla_enable_ironic | bool }}" - regex: ^trove enabled: "{{ kolla_enable_trove | bool }}" - regex: ^watcher enabled: "{{ kolla_enable_watcher | bool }}" - regex: ^zun enabled: "{{ kolla_enable_zun | bool }}" # List of regular expressions matching names of container images to build for # overcloud hosts. overcloud_container_image_regexes: "{{ overcloud_container_image_regex_map | selectattr('enabled') | map(attribute='regex') | list }}" # List of container image sets for overcloud hosts. This is used when building # container images to determine which images to build. overcloud_container_image_sets: - regexes: "{{ overcloud_container_image_regexes | join(' ') }}" # Dict mapping Jinja2 block names in kolla's Docker images to their contents. kolla_build_blocks: {} # Dict mapping image customization variable names to their values. # Each variable takes the form: # __ # Hyphens in the image name must be replaced with underscores. The # customization is most commonly packages. The operation should be one of # override, append or remove. The value should be a list. kolla_build_customizations: {} ############################################################################### # Kolla-ansible inventory configuration. # Full custom seed inventory contents. kolla_seed_inventory_custom: # List of names of default host variables to pass through from kayobe hosts to # the kolla-ansible seed host, if set. See also # kolla_seed_inventory_pass_through_host_vars_map. kolla_seed_inventory_pass_through_host_vars_default: - "ansible_host" - "ansible_port" - "ansible_ssh_private_key_file" - "kolla_api_interface" - "kolla_bifrost_network_interface" # List of names of additional host variables to pass through from kayobe hosts # to the kolla-ansible seed host, if set. See also # kolla_seed_inventory_pass_through_host_vars_map. kolla_seed_inventory_pass_through_host_vars_extra: [] # List of names of host variables to pass through from kayobe hosts to # the kolla-ansible seed host, if set. See also # kolla_seed_inventory_pass_through_host_vars_map. kolla_seed_inventory_pass_through_host_vars: >- {{ kolla_seed_inventory_pass_through_host_vars_default + kolla_seed_inventory_pass_through_host_vars_extra }} # Dict mapping names of default variables in # kolla_seed_inventory_pass_through_host_vars to the variable to use in # kolla-ansible. If a variable name is not in this mapping the kayobe name is # used. kolla_seed_inventory_pass_through_host_vars_map_default: kolla_api_interface: "api_interface" kolla_bifrost_network_interface: "bifrost_network_interface" # Dict mapping names of extra variables in # kolla_seed_inventory_pass_through_host_vars to the variable to use in # kolla-ansible. If a variable name is not in this mapping the kayobe name is # used. kolla_seed_inventory_pass_through_host_vars_map_extra: {} # Dict mapping names of variables in # kolla_seed_inventory_pass_through_host_vars to the variable to use in # kolla-ansible. If a variable name is not in this mapping the kayobe name is # used. kolla_seed_inventory_pass_through_host_vars_map: >- {{ kolla_seed_inventory_pass_through_host_vars_map_default | combine(kolla_seed_inventory_pass_through_host_vars_map_extra) }} # Custom overcloud inventory containing a mapping from top level groups to # hosts. kolla_overcloud_inventory_custom_top_level: # Custom overcloud inventory containing a mapping from components to top level # groups. kolla_overcloud_inventory_custom_components: # Custom overcloud inventory containing a mapping from services to components. kolla_overcloud_inventory_custom_services: # Full custom overcloud inventory contents. By default this will be the # concatenation of the top level, component, and service inventories. kolla_overcloud_inventory_custom: # List of groups mapped to kolla storage group. kolla_overcloud_inventory_storage_groups: - "storage" # Dict mapping from kolla-ansible groups to kayobe groups and variables. Each # item is a dict with the following items: # * groups: A list of kayobe ansible groups to map to this kolla-ansible group. # * vars: A dict mapping variable names to values for hosts in this # kolla-ansible group. kolla_overcloud_inventory_top_level_group_map: control: groups: - controllers network: groups: - network compute: groups: - compute compute-vgpu: groups: - compute-vgpu monitoring: groups: - monitoring storage: groups: "{{ kolla_overcloud_inventory_storage_groups }}" # List of names of top level kolla-ansible groups. Any of these groups which # have no hosts mapped to them will be provided with an empty group definition. kolla_overcloud_inventory_kolla_top_level_groups: - "control" - "network" - "compute" - "monitoring" - "storage" - "deployment" # List of names of default host variables to pass through from kayobe hosts to # kolla-ansible hosts, if set. See also # kolla_overcloud_inventory_pass_through_host_vars_map. kolla_overcloud_inventory_pass_through_host_vars_default: - "ansible_host" - "ansible_port" - "ansible_ssh_private_key_file" - "kolla_network_interface" - "kolla_api_interface" - "kolla_storage_interface" - "kolla_cluster_interface" - "kolla_swift_storage_interface" - "kolla_swift_replication_interface" - "kolla_provision_interface" - "kolla_inspector_dnsmasq_interface" - "kolla_dns_interface" - "kolla_tunnel_interface" - "kolla_external_vip_interface" - "kolla_neutron_external_interfaces" - "kolla_neutron_bridge_names" - "kolla_neutron_physical_networks" # List of names of additional host variables to pass through from kayobe hosts # to kolla-ansible hosts, if set. See also # kolla_overcloud_inventory_pass_through_host_vars_map. kolla_overcloud_inventory_pass_through_host_vars_extra: [] # List of names of host variables to pass through from kayobe hosts to # kolla-ansible hosts, if set. See also # kolla_overcloud_inventory_pass_through_host_vars_map. kolla_overcloud_inventory_pass_through_host_vars: >- {{ kolla_overcloud_inventory_pass_through_host_vars_default + kolla_overcloud_inventory_pass_through_host_vars_extra }} # Dict mapping names of default variables in # kolla_overcloud_inventory_pass_through_host_vars to the variable to use in # kolla-ansible. If a variable name is not in this mapping the kayobe name is # used. kolla_overcloud_inventory_pass_through_host_vars_map_default: kolla_network_interface: "network_interface" kolla_api_interface: "api_interface" kolla_storage_interface: "storage_interface" kolla_cluster_interface: "cluster_interface" kolla_swift_storage_interface: "swift_storage_interface" kolla_swift_replication_interface: "swift_replication_interface" kolla_provision_interface: "provision_interface" kolla_inspector_dnsmasq_interface: "ironic_dnsmasq_interface" kolla_dns_interface: "dns_interface" kolla_tunnel_interface: "tunnel_interface" kolla_neutron_external_interfaces: "neutron_external_interface" kolla_neutron_bridge_names: "neutron_bridge_name" kolla_neutron_physical_networks: "neutron_physical_networks" # Dict mapping names of additional variables in # kolla_overcloud_inventory_pass_through_host_vars to the variable to use in # kolla-ansible. If a variable name is not in this mapping the kayobe name is # used. kolla_overcloud_inventory_pass_through_host_vars_map_extra: {} # Dict mapping names of variables in # kolla_overcloud_inventory_pass_through_host_vars to the variable to use in # kolla-ansible. If a variable name is not in this mapping the kayobe name is # used. kolla_overcloud_inventory_pass_through_host_vars_map: >- {{ kolla_overcloud_inventory_pass_through_host_vars_map_default | combine(kolla_overcloud_inventory_pass_through_host_vars_map_extra) }} ############################################################################### # Kolla-ansible configuration. # Virtualenv directory where Kolla-ansible's ansible modules will execute # remotely on the target nodes. If None, no virtualenv will be used. kolla_ansible_target_venv: "{{ virtualenv_path ~ '/kolla-ansible' }}" # Password to use to encrypt the kolla-ansible passwords.yml file. kolla_ansible_vault_password: "{{ lookup('env', 'KAYOBE_VAULT_PASSWORD') | default }}" # Hashi Vault kolla_ansible_vault_addr: "{{ lookup('env', 'KAYOBE_VAULT_ADDR') | default }}" kolla_ansible_vault_mount_point: "{{ lookup('env', 'KAYOBE_VAULT_MOUNT_POINT') | default }}" kolla_ansible_vault_kv_path: "{{ lookup('env', 'KAYOBE_VAULT_KV_PATH') | default }}" kolla_ansible_vault_namespace: "{{ lookup('env', 'KAYOBE_VAULT_NAMESPACE') | default }}" kolla_ansible_vault_role_id: "{{ lookup('env', 'KAYOBE_VAULT_ROLE_ID') | default }}" kolla_ansible_vault_secret_id: "{{ lookup('env', 'KAYOBE_VAULT_SECRET_ID') | default }}" kolla_ansible_vault_token: "{{ lookup('env', 'KAYOBE_VAULT_TOKEN') | default }}" kolla_ansible_vault_cacert: "{{ lookup('env', 'KAYOBE_VAULT_CACERT') | default }}" # Whether TLS is enabled for the external API endpoints. kolla_enable_tls_external: "{{ kolla_enable_tls_internal if public_net_name == internal_net_name else 'no' }}" # Whether TLS is enabled for the internal API endpoints. kolla_enable_tls_internal: "no" # Whether debug logging is enabled. kolla_openstack_logging_debug: "False" # Upper constraints file for installation of Kolla. kolla_upper_constraints_file: "{{ pip_upper_constraints_file }}" # User account to use for Kolla SSH access. kolla_ansible_user: kolla # Primary group of Kolla SSH user. kolla_ansible_group: kolla # Whether to use privilege escalation for all operations performed via Kolla # Ansible. kolla_ansible_become: false # Whether to create a user account, configure passwordless sudo and authorise # an SSH key for Kolla Ansible. Default is 'true'. kolla_ansible_create_user: true ############################################################################### # Kolla feature flag configuration. # Enable core OpenStack services. This includes: # glance, keystone, neutron, nova, heat, and horizon. kolla_enable_openstack_core: "yes" # These roles are required for Kolla to be operation, however a savvy deployer # could disable some of these required roles and run their own services. kolla_enable_glance: "{{ kolla_enable_openstack_core | bool }}" kolla_enable_haproxy: "yes" kolla_enable_keepalived: "{{ kolla_enable_haproxy | bool }}" kolla_enable_keystone: "{{ kolla_enable_openstack_core | bool }}" kolla_enable_mariadb: "yes" kolla_enable_memcached: "yes" kolla_enable_neutron: "{{ kolla_enable_openstack_core | bool }}" kolla_enable_nova: "{{ kolla_enable_openstack_core | bool }}" kolla_enable_proxysql: "yes" kolla_enable_rabbitmq: "yes" # OpenStack services can be enabled or disabled with these options kolla_enable_aodh: "no" kolla_enable_barbican: "no" kolla_enable_blazar: "no" kolla_enable_ceilometer: "no" kolla_enable_central_logging: "no" kolla_enable_cinder: "no" kolla_enable_cinder_backend_iscsi: "{{ kolla_enable_cinder_backend_lvm | bool }}" kolla_enable_cinder_backend_lvm: "no" kolla_enable_cloudkitty: "no" kolla_enable_collectd: "no" kolla_enable_cyborg: "no" kolla_enable_designate: "no" kolla_enable_etcd: "no" kolla_enable_fluentd: "yes" kolla_enable_gnocchi: "no" kolla_enable_grafana: "no" kolla_enable_hacluster: "no" kolla_enable_heat: "{{ kolla_enable_openstack_core | bool }}" kolla_enable_horizon: "{{ kolla_enable_openstack_core | bool }}" kolla_enable_influxdb: "{{ kolla_enable_cloudkitty | bool }}" kolla_enable_ironic: "no" kolla_enable_ironic_neutron_agent: "{{ kolla_enable_neutron | bool and kolla_enable_ironic | bool }}" kolla_enable_iscsid: "{{ kolla_enable_cinder | bool and kolla_enable_cinder_backend_iscsi | bool }}" kolla_enable_kuryr: "no" kolla_enable_letsencrypt: "no" kolla_enable_magnum: "no" kolla_enable_manila: "no" kolla_enable_masakari: "no" kolla_enable_mistral: "no" kolla_enable_multipathd: "no" kolla_enable_neutron_mlnx: "no" kolla_enable_neutron_provider_networks: "no" kolla_enable_neutron_sriov: "no" kolla_enable_nova_libvirt_container: "yes" kolla_enable_octavia: "no" kolla_enable_openvswitch: "{{ kolla_enable_neutron | bool }}" kolla_enable_ovn: "no" kolla_enable_ovs_dpdk: "no" kolla_enable_opensearch: "{{ kolla_enable_central_logging | bool or kolla_enable_osprofiler | bool }}" kolla_enable_opensearch_dashboards: "{{ kolla_enable_opensearch | bool }}" kolla_enable_osprofiler: "no" kolla_enable_placement: "{{ kolla_enable_nova | bool or kolla_enable_zun | bool }}" kolla_enable_prometheus: "no" kolla_enable_qdrouterd: "no" kolla_enable_redis: "no" kolla_enable_skyline: "no" kolla_enable_swift: "no" kolla_enable_tacker: "no" kolla_enable_telegraf: "no" kolla_enable_trove: "no" kolla_enable_vitrage: "no" kolla_enable_watcher: "no" kolla_enable_zun: "no" ############################################################################### # Kolla custom config generation. # Feature flag to add $KAYOBE_CONFIG_PATH to the list of search paths used # when searching for Kolla custom service configuration. Only has an effect in # a multiple environments setup. This allows you to configure merging between # your environment and the base layer. Defaults to true. Set to false for # backwards compatibility. kolla_openstack_custom_config_environment_merging_enabled: true ############################################################################### # Passwords and credentials. # Dictionary containing base custom passwords to add or override in the # Kolla passwords file. kolla_ansible_base_custom_passwords: # SSH key authorized in hosts deployed by Bifrost. bifrost_ssh_key: private_key: "{{ lookup('file', ssh_private_key_path) }}" public_key: "{{ lookup('file', ssh_public_key_path) }}" # SSH key authorized by kolla user on Kolla hosts. kolla_ssh_key: private_key: "{{ lookup('file', ssh_private_key_path) }}" public_key: "{{ lookup('file', ssh_public_key_path) }}" docker_registry_password: "{{ kolla_docker_registry_password }}" # Dictionary containing libvirt custom passwords to add or override in the # Kolla passwords file. kolla_ansible_libvirt_custom_passwords: libvirt_sasl_password: "{{ compute_libvirt_sasl_password }}" # Dictionary containing default custom passwords to add or override in the # Kolla passwords file. kolla_ansible_default_custom_passwords: >- {{ kolla_ansible_base_custom_passwords | combine(kolla_ansible_libvirt_custom_passwords if compute_libvirt_enabled | bool and compute_libvirt_enable_sasl | bool else {}) }} # Dictionary containing extra custom passwords to add or override in the Kolla # passwords file. kolla_ansible_extra_custom_passwords: {} # Dictionary containing custom passwords to add or override in the Kolla # passwords file. kolla_ansible_custom_passwords: >- {{ kolla_ansible_default_custom_passwords | combine(kolla_ansible_extra_custom_passwords) }} ############################################################################### # OpenStack API addresses. # Virtual IP address of OpenStack internal API. Default is the vip_address # attribute of the internal network. kolla_internal_vip_address: "{{ internal_net_name | net_vip_address }}" # Fully Qualified Domain Name (FQDN) of OpenStack internal API. Default is the # fqdn attribute of the internal network if set, otherwise # kolla_internal_vip_address. kolla_internal_fqdn: "{{ internal_net_name | net_fqdn or kolla_internal_vip_address }}" # Virtual IP address of OpenStack external API. Default is the vip_address # attribute of the external network. kolla_external_vip_address: "{{ public_net_name | net_vip_address }}" # Fully Qualified Domain Name (FQDN) of OpenStack external API. Default is the # fqdn attribute of the external network if set, otherwise # kolla_external_vip_address. kolla_external_fqdn: "{{ public_net_name | net_fqdn or kolla_external_vip_address }}" ############################################################################### # TLS certificate bundle management # External API certificate bundle. # # When kolla_enable_tls_external is true, this should contain an X.509 # certificate bundle for the external API. # # Note that this should be formatted as a literal style block scalar. kolla_external_tls_cert: # Path to a CA certificate file to use for the OS_CACERT environment variable # in public-openrc.sh file when TLS is enabled, instead of Kolla-Ansible's # default. kolla_public_openrc_cacert: "{{ kolla_external_fqdn_cacert | default }}" # Internal API certificate bundle. # # When kolla_enable_tls_internal is true, this should contain an X.509 # certificate bundle for the internal API. # # Note that this should be formatted as a literal style block scalar. kolla_internal_tls_cert: # Path to a CA certificate file to use for the OS_CACERT environment variable # in admin-openrc.sh file when TLS is enabled, instead of Kolla-Ansible's # default. kolla_admin_openrc_cacert: "{{ kolla_internal_fqdn_cacert | default }}" ############################################################################### # Proxy configuration # HTTP proxy URL (format: http(s)://[user:password@]proxy_name:port) used by # Kolla. Default value is "{{ http_proxy }}". kolla_http_proxy: "{{ http_proxy }}" # HTTPS proxy URL (format: http(s)://[user:password@]proxy_name:port) used by # Kolla. Default value is "{{ https_proxy }}". kolla_https_proxy: "{{ https_proxy }}" # List of domains, hostnames, IP addresses and networks for which no proxy is # used. Default value is "{{ no_proxy }}". kolla_no_proxy: "{{ no_proxy }}"