81d4dfa7e0
When using the BlockStorage role there is one cinder volume per node and those are not managed by pcmk. So when we force the property for all nodes that have cinder_volume we will fail because pcmk is not running on those nodes. Let's not set properties for nodes that are not running pacemaker. While we're at it let's remove *_nodes_count which are not used anyway. Closes-Bug: #1786412 Change-Id: I42e9f3244bad60b5df2dfa940f132f72c606620e
133 lines
4.5 KiB
YAML
133 lines
4.5 KiB
YAML
---
|
|
my_hash:
|
|
network: '127.0.0.1'
|
|
not_hash: string
|
|
# aodh profile required hieradata
|
|
aodh::rabbit_password: 'password'
|
|
aodh_redis_password: 'password'
|
|
redis_vip: '127.0.0.1'
|
|
redis::bind: '10.0.0.1'
|
|
aodh::auth::auth_password: 'password'
|
|
aodh::db::mysql::password: 'password'
|
|
aodh::keystone::authtoken::password: 'password'
|
|
# barbican profile required hieradata
|
|
barbican::api::rabbit_password: 'password'
|
|
barbican::db::mysql::password: 'password'
|
|
barbican::keystone::authtoken::password: 'password'
|
|
# ceilometer related items
|
|
ceilometer::rabbit_password: 'password'
|
|
ceilometer::keystone::authtoken::password: 'password'
|
|
# ceph related items
|
|
# NOTE(gfidente): we want to use keystone v3 API for RGW so the following are
|
|
# needed to comply with the if condition:
|
|
# https://github.com/openstack/puppet-ceph/blob/master/manifests/rgw/keystone.pp#L111
|
|
ceph::profile::params::rgw_keystone_admin_domain: 'keystone_domain'
|
|
ceph::profile::params::rgw_keystone_admin_project: 'keystone_project'
|
|
ceph::profile::params::rgw_keystone_admin_user: 'keystone_admin_user'
|
|
ceph::profile::params::rgw_keystone_admin_password: 'keystone_admin_password'
|
|
# cinder related items
|
|
cinder_backup_short_bootstrap_node_name: 'node.example.com'
|
|
cinder_backup_short_node_names:
|
|
- 'node.example.com'
|
|
- 'c-bak-2'
|
|
cinder_volume_short_bootstrap_node_name: 'node.example.com'
|
|
cinder_volume_short_node_names:
|
|
- 'node.example.com'
|
|
- 'c-vol-2'
|
|
cinder::backup::nfs::backup_share: '/mnt/backup'
|
|
cinder::rabbit_password: 'password'
|
|
cinder::keystone::authtoken::password: 'password'
|
|
# gnocchi related items
|
|
gnocchi::keystone::authtoken::password: 'password'
|
|
gnocchi::storage::ceph::ceph_username: 'gnocchi'
|
|
gnocchi::storage::ceph::ceph_secret: 'password'
|
|
# haproxy related items
|
|
mysql_enabled: true
|
|
controller_node_ips: '10.1.0.1,10.1.0.2'
|
|
# manila related items
|
|
manila::rabbit_password: 'password'
|
|
manila::backend::cephfs::cephfs_protocol_helper_type: 'NFS'
|
|
manila_share_short_bootstrap_node_name: 'node.example.com'
|
|
manila_share_short_node_names:
|
|
- 'manila-1'
|
|
- 'manila-2'
|
|
# nova related items
|
|
nova::rabbit_password: 'password'
|
|
nova::keystone::authtoken::password: 'password'
|
|
nova::network::neutron::neutron_password: 'password'
|
|
# memcache related items
|
|
memcached_node_ips_v6:
|
|
- '::1'
|
|
memcached_node_ips:
|
|
- '127.0.0.1'
|
|
# octavia related items
|
|
octavia::rabbit_password: 'password'
|
|
horizon::secret_key: 'secrete'
|
|
horizon_node_ips:
|
|
- '127.0.0.1'
|
|
horizon_node_names:
|
|
- 'controller-1'
|
|
#Neutron related
|
|
neutron::rabbit_password: 'password'
|
|
# oslo.messaging related
|
|
oslo_messaging_rpc_password: 'password'
|
|
oslo_messaging_notify_password: 'password'
|
|
# Pacemaker related
|
|
pacemaker_short_bootstrap_node_name: 'node.example.com'
|
|
pacemaker_short_node_names:
|
|
- 'node.example.com'
|
|
hacluster_pwd: 'password'
|
|
pacemaker::resource_defaults::defaults:
|
|
test-default:
|
|
name: 'requires'
|
|
value: 'noop'
|
|
# pcmk instance ha
|
|
keystone::endpoint::public_url: 'localhost:5000'
|
|
keystone::admin_password: 'password'
|
|
# tripleo firewall service_rules
|
|
tripleo::dynamic_rules::firewall_rules:
|
|
'11-neutron':
|
|
port: 1138
|
|
# HAProxy endpoints
|
|
tripleo::dynamic_stuff::haproxy_endpoints:
|
|
neutron:
|
|
public_virtual_ip: '192.168.0.1'
|
|
internal_ip: '10.0.0.1'
|
|
service_port: 9696
|
|
ip_addresses: ['10.0.0.2', '10.0.0.3', '10.0.0.4']
|
|
server_names: ['controller1', 'controller2', 'controller3']
|
|
public_ssl_port: 19696
|
|
member_options: [ 'check', 'inter 2000', 'rise 2', 'fall 5' ]
|
|
haproxy_listen_bind_param: ['transparent']
|
|
tripleo::haproxy::neutron::options:
|
|
'timeout client': '90m'
|
|
'timeout server': '90m'
|
|
|
|
tripleo::haproxy_basic_auth::haproxy_endpoints:
|
|
starwars:
|
|
public_virtual_ip: '192.168.0.1'
|
|
internal_ip: '10.0.0.1'
|
|
service_port: 9696
|
|
ip_addresses: ['10.0.0.2', '10.0.0.3', '10.0.0.4']
|
|
server_names: ['controller1', 'controller2', 'controller3']
|
|
public_ssl_port: 19696
|
|
member_options: [ 'check', 'inter 2000', 'rise 2', 'fall 5' ]
|
|
haproxy_listen_bind_param: ['transparent']
|
|
authorized_userlist: 'starwars'
|
|
# HAProxy userlists
|
|
tripleo::haproxy_basic_auth::haproxy_userlists:
|
|
starwars:
|
|
groups:
|
|
- 'aldebaran users leia,luke'
|
|
- 'deathstar users anakin,sith'
|
|
users:
|
|
- 'leia insecure-password sister'
|
|
- 'luke insecure-password jedi'
|
|
- 'anakin insecure-password darthvador'
|
|
- 'sith password $5$h9LsKUOeCr$UlD62CNEpuZQkGYdBoiFJLsM6TlXluRLBlhEnpjDdaC'
|
|
# OpenDaylight
|
|
neutron::plugins::ovs::opendaylight::odl_port: '8081'
|
|
neutron::plugins::ovs::opendaylight::odl_username: 'admin'
|
|
neutron::plugins::ovs::opendaylight::odl_password: 'admin'
|
|
|