# This file holds metadata about the capabilities of the tripleo-heat-templates # repository for deployment using puppet. It groups configuration by topic, # describes possible combinations of environments and resource capabilities. # topics: # High Level grouping by purpose of environments # Attributes: # title: (required) # description: (optional) # environment_groups: (required) # environment_groups: # Identifies a group of environments. # Attributes: # title: (optional) # description: (optional) # tags: a list of tags to provide additional information for e.g. filtering (optional) # environments: (required) # mutually_exclusive: (optional) boolean to identify that environments in group are mutually exclusive # environments: # List of environments in environment group # Attributes: # file: a file name including path within repository (required) # title: (required) # description: (optional) # requires: an array of environments which are required by this environment (optional) topics: - title: General Deployment Options description: environment_groups: - name: general-deployment-options title: description: Enables base configuration for all resources required for OpenStack Deployment environments: - file: overcloud-resource-registry-puppet.yaml title: Base resources configuration description: - title: Containerized Deployment Configuration description: > Configures Deployment to use containerized services environments: - file: environments/containers-default-parameters.yaml title: Default Container Images description: Use Default Container Images requires: - overcloud-resource-registry-puppet.yaml - title: High Availability description: Enables configuration of an Overcloud Controller with Pacemaker environments: - file: environments/docker-ha.yaml title: HA services via Docker description: Deploy the HA services via Docker requires: - overcloud-resource-registry-puppet.yaml mutually_exclusive: true - title: Network Configuration description: environment_groups: - title: Network Isolation description: environments: - file: environments/network-isolation.yaml title: Network Isolation description: > Enable the creation of Neutron networks for isolated Overcloud traffic and configure each role to assign ports (related to that role) on these networks. requires: - overcloud-resource-registry-puppet.yaml - file: environments/network-isolation-v6.yaml title: Network Isolation IPv6 description: > Enable the creation of IPv6 Neutron networks for isolated Overcloud traffic and configure each role to assign ports (related to that role) on these networks. requires: - overcloud-resource-registry-puppet.yaml mutually_exclusive: true - title: NICs, Bonding, VLANs Configuration description: > Choose one of the pre-defined configurations or provide custom network-environment.yaml instead. Note that pre-defined configuration work only with standard Roles and Networks. These options assume use of Network Isolation. environments: - file: environments/net-bond-with-vlans.yaml title: Bond with Vlans description: > Configure each role to use a pair of bonded nics (nic2 and nic3) and configures an IP address on each relevant isolated network for each role. This option assumes use of Network Isolation. requires: - environments/network-isolation.yaml - file: environments/net-bond-with-vlans-no-external.yaml title: Bond with Vlans No External Ports description: > Configure each role to use a pair of bonded nics (nic2 and nic3) and configures an IP address on each relevant isolated network for each role. This option assumes use of Network Isolation. Sets external ports to noop. requires: - environments/network-isolation.yaml - file: environments/net-bond-with-vlans-v6.yaml title: Bond with Vlans IPv6 description: > Configure each role to use a pair of bonded nics (nic2 and nic3) and configures an IP address on each relevant isolated network for each role, with IPv6 on the External network. This option assumes use of Network Isolation IPv6. requires: - environments/network-isolation-v6.yaml - file: environments/net-multiple-nics.yaml title: Multiple NICs description: > Configures each role to use a separate NIC for each isolated network. This option assumes use of Network Isolation. requires: - environments/network-isolation.yaml - file: environments/net-multiple-nics-v6.yaml title: Multiple NICs IPv6 description: > Configure each role to use a separate NIC for each isolated network with IPv6 on the External network. This option assumes use of Network Isolation IPv6. requires: - environments/network-isolation-v6.yaml - file: environments/net-single-nic-with-vlans.yaml title: Single NIC with Vlans description: > Configure each role to use Vlans on a single NIC for each isolated network. This option assumes use of Network Isolation. requires: - environments/network-isolation.yaml - file: environments/net-single-nic-with-vlans-no-external.yaml title: Single NIC with Vlans No External Ports description: > Configure each role to use Vlans on a single NIC for each isolated network. This option assumes use of Network Isolation. Sets external ports to noop. requires: - environments/network-isolation.yaml - file: environments/net-single-nic-linux-bridge-with-vlans.yaml title: Single NIC with Linux Bridge Vlans description: > Configure each role to use Vlans on a single NIC for each isolated network. This option assumes use of Network Isolation. requires: - environments/network-isolation.yaml - file: environments/net-single-nic-with-vlans-v6.yaml title: Single NIC with Vlans IPv6 description: > Configures each role to use Vlans on a single NIC for each isolated network with IPv6 on the External network. This option assumes use of Network Isolation IPv6 requires: - environments/network-isolation-v6.yaml mutually_exclusive: true - title: Management Network description: > Enable the creation of a system management network. This creates a Neutron network for isolated Overcloud system management traffic and configures each role to assign a port (related to that role) on that network. environments: - file: environments/network-management.yaml title: Management Network description: requires: - overcloud-resource-registry-puppet.yaml - file: environments/network-management-v6.yaml title: Management Network IPv6 description: requires: - overcloud-resource-registry-puppet.yaml mutually_exclusive: true - title: External load balancer description: > Enable external load balancer, requires network Isolation to be enabled. Note that this option assumes standard isolated networks set. environments: - file: environments/external-loadbalancer-vip.yaml title: External load balancer IPv4 description: > requires: - environments/network-isolation.yaml - file: environments/external-loadbalancer-vip-v6.yaml title: External load balancer IPv6 description: > requires: - environments/network-isolation-v6.yaml mutually_exclusive: true - title: Neutron Plugin Configuration description: environment_groups: - title: Neutron Plugins description: > Enable various Neutron plugins and backends environments: - file: environments/neutron-sfc.yaml title: Neutron SFC Service Plugin description: Enables Neutron SFC Service Plugin requires: - overcloud-resource-registry-puppet.yaml - file: environments/neutron-bgpvpn.yaml title: Neutron BGPVPN Service Plugin description: Enables Neutron BGPVPN Service Plugin requires: - overcloud-resource-registry-puppet.yaml - file: environments/services/neutron-lbaasv2.yaml title: Neutron LBaaSv2 Service Plugin description: Enables Neutron LBaaSv2 Service Plugin and Agent requires: - overcloud-resource-registry-puppet.yaml - file: environments/neutron-bgpvpn-bagpipe.yaml title: Neutron Bagpipe Driver for BGPVPN Service Plugin description: Enables Neutron Bagpipe Driver as BGPVPN backend requires: - environments/neutron-bgpvpn.yaml - overcloud-resource-registry-puppet.yaml - file: environments/neutron-ml2-bigswitch.yaml title: BigSwitch Extensions description: > Enable Big Switch extensions, configured via puppet requires: - overcloud-resource-registry-puppet.yaml - file: environments/neutron-ml2-cisco-n1kv.yaml title: Cisco N1KV backend description: > Enable a Cisco N1KV backend, configured via puppet requires: - overcloud-resource-registry-puppet.yaml - file: environments/neutron-ml2-cisco-nexus-ucsm.yaml title: Cisco Neutron plugin description: requires: - overcloud-resource-registry-puppet.yaml - file: environments/networking/neutron-midonet.yaml title: Neutron MidoNet Services description: requires: - overcloud-resource-registry-puppet.yaml - file: environments/neutron-nuage-config.yaml title: Neutron Nuage backend description: Enables Neutron Nuage backend on the controller requires: - overcloud-resource-registry-puppet.yaml - file: environments/neutron-opendaylight.yaml title: OpenDaylight description: Enables OpenDaylight requires: - overcloud-resource-registry-puppet.yaml - file: environments/neutron-ovs-dpdk.yaml title: DPDK with OVS description: Deploy DPDK with OVS requires: - overcloud-resource-registry-puppet.yaml - file: environments/neutron-ovs-dvr.yaml title: DVR description: Enables DVR in the Overcloud requires: - overcloud-resource-registry-puppet.yaml - file: environments/neutron-plumgrid.yaml title: PLUMgrid extensions description: Enables PLUMgrid extensions requires: - overcloud-resource-registry-puppet.yaml - file: environments/neutron-ml2-fujitsu-cfab.yaml title: Fujitsu Neutron plugin for C-Fabric description: Enable C-Fabric in the overcloud requires: - overcloud-resource-registry-puppet.yaml - file: environments/neutron-ml2-fujitsu-fossw.yaml title: Fujitsu Neutron plugin for FOS description: Enable FOS in the overcloud requires: - overcloud-resource-registry-puppet.yaml - file: environments/neutron-nsx.yaml title: Deploy NSX Services description: requires: - overcloud-resource-registry-puppet.yaml - file: environments/neutron-l2gw.yaml title: Neutron L2 gateway Service Plugin description: Enables Neutron L2 gateway Service Plugin and Agent requires: - overcloud-resource-registry-puppet.yaml - file: environments/neutron-ml2-cisco-vts.yaml title: Cisco VTS ML2 Plugin description: Enables Cisco VTS ML2 Plugin requires: - overcloud-resource-registry-puppet.yaml - title: Storage description: environment_groups: - title: Cinder backends description: > Enable various Cinder backends environments: - file: environments/cinder-pure-config.yaml title: Cinder Pure Storage FlashArray backend description: requires: - overcloud-resource-registry-puppet.yaml - file: environments/cinder-netapp-config.yaml title: Cinder NetApp backend description: requires: - overcloud-resource-registry-puppet.yaml - file: environments/cinder-dellsc-config.yaml title: Cinder Dell EMC Storage Center ISCSI backend description: > Enables a Cinder Dell EMC Storage Center ISCSI backend requires: - overcloud-resource-registry-puppet.yaml - file: environments/cinder-dellemc-unity-config.yaml title: Cinder Dell EMC Unity backend description: > Enables a Cinder Dell EMC Unity backend, - file: environments/cinder-dellemc-vmax-iscsi-config.yaml title: Cinder Dell EMC VMAX ISCSI backend description: > Enables a Cinder Dell EMC VMAX ISCSI backend requires: - overcloud-resource-registry-puppet.yaml - file: environments/cinder-dellemc-vnx-config.yaml title: Cinder Dell EMC VNX backend description: > Enables a Cinder Dell EMC VNX backend requires: - overcloud-resource-registry-puppet.yaml - file: environments/cinder-dellemc-xtremio-iscsi-config.yaml title: Cinder Dell EMC XTREMIO Iscsi backend description: > Enables a Cinder Dell EMC XTREMIO Iscsi backend requires: - overcloud-resource-registry-puppet.yaml - file: environments/cinder-hpelefthand-config.yaml title: Cinder HPELeftHandISCSI backend description: > Enables a Cinder HPELeftHandISCSI backend requires: - overcloud-resource-registry-puppet.yaml - file: environments/cinder-dellps-config.yaml title: Cinder Dell EMC PS Series backend description: > Enables a Cinder Dell EMC PS Series backend requires: - overcloud-resource-registry-puppet.yaml - file: environments/cinder-iser.yaml title: Cinder iSER backend description: > Enable a Cinder iSER RDMA backend - file: environments/cinder-scaleio-config.yaml title: Cinder Dell EMC ScaleIO backend description: > Enables a Cinder Dell EMC ScaleIO backend requires: - overcloud-resource-registry-puppet.yaml - file: environments/veritas-hyperscale/cinder-veritas-hyperscale-config.yaml title: Cinder Veritas HyperScale backend description: > Enables a Cinder Veritas HyperScale backend requires: - overcloud-resource-registry-puppet.yaml - file: environments/cinder-nvmeof-config.yaml title: Cinder NVMeOF backend description: > Enable a Cinder NVMeOF backend, configured via puppet - title: Cinder backup service description: environments: - file: environments/cinder-backup.yaml title: Cinder backup service description: > OpenStack Cinder Backup service with Pacemaker requires: - environments/puppet-pacemaker.yaml - overcloud-resource-registry-puppet.yaml - title: Ceph description: > Enable the use of Ceph in the overcloud environments: - file: environments/ceph-ansible/ceph-ansible.yaml title: Ceph Storage Backend description: > Include this option to enable Ceph as the backend for Cinder, Nova, Gnocchi, and Glance. requires: - overcloud-resource-registry-puppet.yaml - file: environments/ceph-ansible/ceph-ansible-external.yaml title: Externally managed Ceph description: > Configures the overcloud to use an externally managed Ceph cluster, via RBD driver. requires: - overcloud-resource-registry-puppet.yaml mutually_exclusive: true - title: Additional Ceph Options description: environments: - file: environments/ceph-ansible/ceph-mds.yaml title: Deploys CephMDS description: > Deploys CephMDS via TripleO, an additional Ceph service needed to create shared filesystems hosted in Ceph. requires: - environments/ceph-ansible/ceph-ansible.yaml - file: environments/ceph-ansible/ceph-rgw.yaml title: Ceph Rados Gateway description: > Deploys CephRGW via TripleO, transparently replaces Swift providing a compatible API which stores data in the Ceph cluster. requires: - environments/ceph-ansible/ceph-ansible.yaml - file: environments/manila-cephfsnative-config-docker.yaml title: Manila with CephFS description: > Deploys Manila and configures it with the CephFS driver. This requires the deployment of Ceph and CephMDS from TripleO or the use of an external Ceph cluster for the overcloud. requires: - overcloud-resource-registry-puppet.yaml - title: Manila with Unity description: > Deploys Manila and configures it with the Unity driver. environments: - file: environments/manila-unity-config.yaml title: Deploys Manila with Unity driver description: Deploys Manila and configures Unity as its default backend. - title: Manila with VNX description: > Deploys Manila and configures it with the VNX driver. environments: - file: environments/manila-vnx-config.yaml title: Deploys Manila with VNX driver description: Deploys Manila and configures VNX as its default backend. - title: Manila with VMAX description: > Deploys Manila and configures it with the VMAX driver. environments: - file: environments/manila-vmax-config.yaml title: Deploys Manila with VMAX driver description: Deploys Manila and configures VMAX as its default backend. - title: Manila with Isilon description: > Deploys Manila and configures it with the Isilon driver. environments: - file: environments/manila-isilon-config.yaml title: Deploys Manila with Isilon driver description: Deploys Manila and configures Isilon as its default backend. requires: - overcloud-resource-registry-puppet.yaml - title: Glance backends description: environments: - file: environments/storage/glance-nfs.yaml title: Glance NFS Backend description: | Configure and enable this option to enable the use of an NFS share as the backend for Glance. requires: - overcloud-resource-registry-puppet.yaml - title: Security description: Security Hardening Options environment_groups: - title: TLS description: environments: - file: environments/ssl/enable-tls.yaml title: SSL on OpenStack Public Endpoints description: > Use this option to pass in certificates for SSL deployments. For these values to take effect, one of the TLS endpoints options must also be used. requires: - overcloud-resource-registry-puppet.yaml - title: TLS Endpoints description: environments: - file: environments/ssl/tls-endpoints-public-dns.yaml title: SSL-enabled deployment with DNS name as public endpoint description: > Use this option when deploying an SSL-enabled overcloud where the public endpoint is a DNS name. requires: - environments/ssl/enable-tls.yaml - file: environments/ssl/tls-everywhere-endpoints-dns.yaml title: Deploy All SSL Endpoints as DNS names description: > Use this option when deploying an overcloud where all the endpoints are DNS names and there's TLS in all endpoint types. requires: - environments/ssl/enable-tls.yaml - file: environments/ssl/tls-endpoints-public-ip.yaml title: SSL-enabled deployment with IP address as public endpoint description: > Use this option when deploying an SSL-enabled overcloud where the public endpoint is an IP address. requires: - environments/ssl/enable-tls.yaml mutually_exclusive: true - title: Inject SSL Trust Anchor description: environments: - file: environments/ssl/inject-trust-anchor.yaml title: Inject SSL Trust Anchor on Overcloud Nodes description: > When using an SSL certificate signed by a CA that is not in the default list of CAs, this option allows adding a custom CA certificate to the overcloud nodes. requires: - environments/ssl/enable-tls.yaml - title: SSH Banner Text description: Enables population of SSH Banner Text environments: - file: environments/sshd-banner.yaml title: SSH Banner Text description: requires: - overcloud-resource-registry-puppet.yaml - title: Horizon Password Validation description: Enable Horizon Password validation environments: - file: environments/horizon_password_validation.yaml title: Horizon Password Validation description: requires: - overcloud-resource-registry-puppet.yaml - title: AuditD Rules description: Management of AuditD rules environments: - file: environments/auditd.yaml title: AuditD Rule Management description: requires: - overcloud-resource-registry-puppet.yaml - title: Keystone CADF auditing description: Enable CADF notifications in Keystone for auditing environments: - file: environments/cadf.yaml title: Keystone CADF auditing - title: SecureTTY Values description: Set values within /etc/securetty environments: - file: environments/securetty.yaml title: SecureTTY Values - title: login.defs values description: Set values within /etc/login.defs environments: - file: environments/login-defs.yaml title: login.defs Values - title: Advanced Intrusion Detection Environment description: Enable AIDE - Advanced Intrusion Detection Environment environments: - file: environments/aide.yaml title: AIDE Values - title: Additional Services description: environment_groups: - title: description: Deploy additional services environments: - file: environments/services/sahara.yaml title: Sahara description: Deploy Sahara service requires: - overcloud-resource-registry-puppet.yaml - file: environments/services/ironic.yaml title: Ironic description: Deploy Ironic service requires: - overcloud-resource-registry-puppet.yaml - file: environments/services/mistral.yaml title: Mistral description: Deploy Mistral service requires: - overcloud-resource-registry-puppet.yaml - file: environments/services/ec2-api.yaml title: EC2 API description: Enable EC2-API service requires: - overcloud-resource-registry-puppet.yaml - file: environments/services/zaqar.yaml title: Zaqar description: Deploy Zaqar service requires: - overcloud-resource-registry-puppet.yaml - title: Nova Extensions description: environment_groups: - title: Nova Extensions description: environments: - file: environments/nova-nuage-config.yaml title: Nuage backend description: > Enables Nuage backend on the Compute requires: - overcloud-resource-registry-puppet.yaml - title: Operational Tools description: environment_groups: - title: Monitoring agents description: Enable monitoring agents environments: - file: environments/monitoring-environment.yaml title: Monitoring agents description: requires: - overcloud-resource-registry-puppet.yaml - title: Centralized logging support description: Enable centralized logging clients (fluentd) environments: - file: environments/logging-environment.yaml title: fluentd client description: requires: - overcloud-resource-registry-puppet.yaml - title: Performance monitoring description: Enable performance monitoring agents environments: - file: environments/collectd-environment.yaml title: Performance monitoring agents description: requires: - overcloud-resource-registry-puppet.yaml - title: Utilities description: environment_groups: - title: Config Debug description: Enable config management (e.g. Puppet) debugging environments: - file: environments/config-debug.yaml title: Config Debug description: requires: - overcloud-resource-registry-puppet.yaml - title: Disable journal in MongoDb description: > Since, when journaling is enabled, MongoDb will create big journal file it can take time. In a CI environment for example journaling is not necessary. environments: - file: environments/mongodb-nojournal.yaml title: Disable journal in MongoDb description: requires: - overcloud-resource-registry-puppet.yaml - title: Overcloud Steps description: > Specifies hooks/breakpoints where overcloud deployment should stop Allows operator validation between steps, and/or more granular control. Note: the wildcards relate to naming convention for some resource suffixes, e.g see puppet/*-post.yaml, enabling this will mean we wait for a user signal on every *Deployment_StepN resource defined in those files. tags: - no-gui environments: - file: environments/overcloud-steps.yaml title: Overcloud Steps description: requires: - overcloud-resource-registry-puppet.yaml