84ac7b3096
The chrony container is deprecated in Wallaby, and disabled by default. This change allows to remove the container if chrony is disabled. Change-Id: I1c4436072c2d47a95625e64b731edb473384b395
195 lines
5.5 KiB
Django/Jinja
195 lines
5.5 KiB
Django/Jinja
---
|
|
{% if ansible_os_family == 'Debian' %}
|
|
# Force the use of python3 on Debian and Ubuntu remote hosts. These distros
|
|
# typically have an unversioned Python interpreter which links to python2.7.
|
|
ansible_python_interpreter: /usr/bin/python3
|
|
{% endif %}
|
|
|
|
kolla_base_distro: "{{ base_distro }}"
|
|
kolla_install_type: "{{ install_type }}"
|
|
network_interface: "{{ api_interface_name }}"
|
|
network_address_family: "{{ address_family }}"
|
|
docker_restart_policy: "no"
|
|
docker_custom_config:
|
|
debug: true
|
|
registry-mirrors:
|
|
- {{ infra_dockerhub_mirror }}
|
|
|
|
{% if kolla_python_version is defined and not is_previous_release %}
|
|
distro_python_version: "{{ kolla_python_version }}"
|
|
{% endif %}
|
|
|
|
# Use a random router id, otherwise it may result in the same router id
|
|
# in the CI gate.
|
|
keepalived_virtual_router_id: "{{ 250 | random(1) }}"
|
|
|
|
# MariaDB/Galera - fine tune gmcast.peer_timeout
|
|
mariadb_wsrep_extra_provider_options:
|
|
- "gmcast.peer_timeout=PT15S"
|
|
|
|
nova_compute_virt_type: "{{ virt_type }}"
|
|
|
|
enable_openstack_core: "{{ openstack_core_enabled }}"
|
|
enable_horizon: "{{ dashboard_enabled }}"
|
|
enable_heat: "{{ openstack_core_tested }}"
|
|
|
|
{% if scenario != 'bifrost' %}
|
|
kolla_internal_vip_address: "{{ kolla_internal_vip_address }}"
|
|
neutron_external_interface: "{{ neutron_external_interface_name }}"
|
|
openstack_logging_debug: "True"
|
|
nova_libvirt_logging_debug: "False"
|
|
openstack_service_workers: "1"
|
|
{% endif %}
|
|
|
|
{% if need_build_image and not is_previous_release %}
|
|
# NOTE(Jeffrey4l): use different a docker namespace name in case it pull image from hub.docker.io when deplying
|
|
docker_namespace: "lokolla"
|
|
# NOTE(yoctozepto): use hostname or FQDN to be compatible between IPv4 and IPv6
|
|
# docker does not support referencing registry via an IPv6 address
|
|
# see: https://github.com/moby/moby/issues/39033
|
|
docker_registry: "primary:4000"
|
|
openstack_tag: "{{ build_image_tag }}"
|
|
{% else %}
|
|
# use the published images from a site mirror of quay.io
|
|
docker_registry: "{{ zuul_site_mirror_fqdn }}:4447"
|
|
docker_registry_insecure: no
|
|
docker_namespace: openstack.kolla
|
|
{% if docker_image_tag_suffix %}
|
|
openstack_tag_suffix: "{{ docker_image_tag_suffix }}"
|
|
{% endif %}
|
|
{% if need_build_image and is_previous_release %}
|
|
# NOTE(mgoddard): Ensure that the insecure local registry is trusted, since it
|
|
# will be the source of images during the upgrade.
|
|
# NOTE(yoctozepto): this is required here for CI because we run templating
|
|
# of docker systemd command only once
|
|
docker_custom_option: "--insecure-registry primary:4000"
|
|
{% endif %}
|
|
{% endif %}
|
|
|
|
{% if scenario == "zun" %}
|
|
enable_zun: "yes"
|
|
enable_kuryr: "yes"
|
|
enable_etcd: "yes"
|
|
docker_configure_for_zun: "yes"
|
|
containerd_configure_for_zun: "yes"
|
|
enable_cinder: "yes"
|
|
# lvm backup driver for cinder-backup does not exist
|
|
enable_cinder_backup: "no"
|
|
enable_cinder_backend_lvm: "yes"
|
|
{% endif %}
|
|
|
|
{% if scenario == "swift" %}
|
|
enable_swift: "yes"
|
|
{% endif %}
|
|
|
|
{% if scenario == "scenario_nfv" %}
|
|
enable_tacker: "yes"
|
|
enable_neutron_sfc: "yes"
|
|
enable_mistral: "yes"
|
|
enable_redis: "yes"
|
|
enable_barbican: "yes"
|
|
enable_heat: "yes"
|
|
# NOTE(yoctozepto): see https://bugs.launchpad.net/kolla-ansible/+bug/1906299
|
|
enable_aodh: "yes"
|
|
{% endif %}
|
|
|
|
{% if scenario == "ironic" %}
|
|
enable_ironic: "yes"
|
|
ironic_dnsmasq_dhcp_range: "10.42.0.2,10.42.0.254"
|
|
{% endif %}
|
|
|
|
{% if scenario == "masakari" %}
|
|
enable_masakari: "yes"
|
|
enable_hacluster: "yes"
|
|
{% endif %}
|
|
|
|
{% if scenario == "cells" %}
|
|
enable_cells: "yes"
|
|
{% endif %}
|
|
|
|
{% if scenario == "mariadb" %}
|
|
enable_fluentd: "yes"
|
|
enable_mariadb: "yes"
|
|
enable_memcached: "no"
|
|
enable_rabbitmq: "no"
|
|
{% endif %}
|
|
|
|
{% if scenario == "cephadm" %}
|
|
# kolla-ansible vars
|
|
enable_cinder: "yes"
|
|
# External Ceph
|
|
glance_backend_ceph: "yes"
|
|
cinder_backend_ceph: "yes"
|
|
nova_backend_ceph: "yes"
|
|
ceph_nova_user: "cinder"
|
|
|
|
# TODO(yoctozepto): Remove this in the Xena cycle.
|
|
# cephadm doesn't support chrony in a container (checks for chrony.service)
|
|
enable_chrony: "no"
|
|
{% endif %}
|
|
|
|
{% if tls_enabled %}
|
|
kolla_enable_tls_external: "yes"
|
|
kolla_enable_tls_internal: "yes"
|
|
kolla_copy_ca_into_containers: "yes"
|
|
kolla_enable_tls_backend: "yes"
|
|
{% if base_distro == "ubuntu" or base_distro == "debian" %}
|
|
openstack_cacert: "/etc/ssl/certs/ca-certificates.crt"
|
|
{% endif %}
|
|
{% if base_distro == "centos" %}
|
|
openstack_cacert: "/etc/pki/tls/certs/ca-bundle.crt"
|
|
{% endif %}
|
|
kolla_admin_openrc_cacert: "{% raw %}{{ kolla_certificates_dir }}{% endraw %}/ca/root.crt"
|
|
# TODO(mgoddard): Remove the condition when Victoria supports RabbitMQ TLS,
|
|
# or the previous release is no longer Victoria.
|
|
{% if not is_upgrade or previous_release != "victoria" %}
|
|
rabbitmq_enable_tls: "yes"
|
|
{% endif %}
|
|
{% endif %}
|
|
|
|
{% if scenario == 'linuxbridge' %}
|
|
neutron_plugin_agent: "linuxbridge"
|
|
{% endif %}
|
|
|
|
{% if scenario == "ovn" %}
|
|
neutron_plugin_agent: "ovn"
|
|
neutron_ovn_distributed_fip: "yes"
|
|
enable_octavia: "yes"
|
|
octavia_auto_configure: "no"
|
|
octavia_provider_drivers: "ovn:OVN provider"
|
|
octavia_provider_agents: "ovn"
|
|
{% endif %}
|
|
|
|
{% if scenario == "prometheus-efk" %}
|
|
enable_central_logging: "yes"
|
|
enable_grafana: "yes"
|
|
enable_prometheus: "yes"
|
|
enable_prometheus_openstack_exporter: "no"
|
|
{% endif %}
|
|
|
|
{% if scenario == "magnum" %}
|
|
enable_designate: "yes"
|
|
enable_magnum: "yes"
|
|
enable_trove: "yes"
|
|
{% endif %}
|
|
|
|
{% if scenario == "monasca" %}
|
|
enable_keystone: "yes"
|
|
enable_monasca: "yes"
|
|
enable_rabbitmq: "no"
|
|
{% endif %}
|
|
|
|
{% if scenario == "octavia" %}
|
|
enable_octavia: "yes"
|
|
# NOTE(wuchunyang): work around for qemu-kvm 5.1 can not attach second NIC.
|
|
# more: http://lists.openstack.org/pipermail/openstack-discuss/2021-February/020218.html
|
|
octavia_amp_flavor:
|
|
name: "amphora"
|
|
is_public: no
|
|
vcpus: 2
|
|
ram: 1024
|
|
disk: 5
|
|
octavia_network_type: "tenant"
|
|
{% endif %}
|
|
|