openstack/openstack-ansible
Code Issues Proposed changes
Files
d057e9522f37fbbe446aa79cbff5f6c23150d944
openstack-ansible/inventory/group_vars/all/all.yml
Jimmy McCrory c5551f2c8c Move inventory files to folder in root of repo 
Move the playbooks/inventory folder, group_vars, and host_vars to
inventory/ in the root of the OpenStack-Ansible repo. This helps better
organize the repo structure since playbooks/ will now only contain
playbooks, shared task files, and included repo package var files.

group_vars and host_vars are moved alongside the inventory since that's
the default place that Ansible expects those folders and to help better
prepare for Ansible 2.4 where multiple inventories can be loaded,
automatically including relative group and host var files.

Effected docs, scripts, and variables have been updated with the new
paths.

Change-Id: If50e2412c3fd6575d7041deb8ecc9480b04184cc
2017-12-16 02:34:33 -08:00

114 lines
3.9 KiB
YAML
Raw Blame History

---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
## OpenStack Source Code Release
openstack_release: 17.0.0.0b2
## Verbosity Options
debug: False
## SSH connection wait time
ssh_delay: 5
# Set the package install state for distribution packages
# Options are 'present' and 'latest'
package_state: "latest"
# Set "/var/log" to be a bind mount to the physical host.
default_bind_mount_logs: true
# Set distro variable
# NOTE(hwoarang): ansible_distribution may return a string with spaces
# such as "openSUSE Leap" so we need to replace the space with underscore
# in order to create a more sensible repo name for the distro.
os_distro_version: "{{ (ansible_distribution | lower) | replace(' ', '_') }}-{{ ansible_distribution_version.split('.')[:2] | join('.') }}-{{ ansible_architecture | lower }}"
# Ensure that the package state matches the global setting
rsyslog_client_package_state: "{{ package_state }}"
## OpenStack source options
openstack_repo_url: "http://{{ internal_lb_vip_address }}:{{ repo_server_port }}"
openstack_repo_git_url: "git://{{ internal_lb_vip_address }}"
# URL for the frozen internal openstack repo.
repo_server_port: 8181
repo_pkg_cache_enabled: true
repo_pkg_cache_port: 3142
repo_pkg_cache_url: "http://{{ internal_lb_vip_address }}:{{ repo_pkg_cache_port }}"
repo_release_path: "{{ openstack_repo_url }}/os-releases/{{ openstack_release }}/{{ os_distro_version }}"
## DNS resolution (resolvconf) options
#Group containing resolvers to configure
resolvconf_resolver_group: unbound
## Enable external SSL handling for general OpenStack services
openstack_external_ssl: true
## OpenStack global Endpoint Protos
openstack_service_publicuri_proto: https
#openstack_service_adminuri_proto: http
#openstack_service_internaluri_proto: http
## Region Name
service_region: RegionOne
## OpenStack Domain
openstack_domain: openstack.local
lxc_container_domain: "{{ openstack_domain }}"
## DHCP Domain Name
dhcp_domain: openstacklocal
## LDAP enabled toggle
service_ldap_backend_enabled: "{{ keystone_ldap is defined and keystone_ldap.Default is defined }}"
## Base venv configuration
venv_tag: "{{ openstack_release }}"
venv_base_download_url: "{{ openstack_repo_url }}/venvs/{{ openstack_release }}/{{ os_distro_version }}"
## Gnocchi
# Used in both Gnocchi and Swift roles.
gnocchi_service_project_name: "{{ (gnocchi_storage_driver is defined and gnocchi_storage_driver == 'swift') | ternary('gnocchi_swift', 'service') }}"
## OpenStack Openrc
openrc_os_auth_url: "{{ keystone_service_internalurl }}"
openrc_os_password: "{{ keystone_auth_admin_password }}"
openrc_os_domain_name: "Default"
openrc_region_name: "{{ service_region }}"
## Host security hardening
# The ansible-hardening role provides security hardening for hosts
# by applying security configurations from the STIG. Hardening is enabled by
# default, but an option to opt out is available by setting the following
# variable to 'false'.
# Docs: https://docs.openstack.org/ansible-hardening/latest/
apply_security_hardening: true
## Ansible ssh configuration
ansible_ssh_extra_args: >
-o UserKnownHostsFile=/dev/null
-o StrictHostKeyChecking=no
-o ServerAliveInterval=64
-o ServerAliveCountMax=1024
-o Compression=no
-o TCPKeepAlive=yes
-o VerifyHostKeyDNS=no
-o ForwardX11=no
-o ForwardAgent=yes
-T
# Toggle whether the service is deployed in a container or not
is_metal: "{{ properties.is_metal | default(false) }}"
View Git Blame Copy Permalink