openstack
/
tripleo-heat-templates
Code Issues Proposed changes
tripleo-heat-templates/environments
History
Emilien Macchi 2b7cb19876 Allow ssh from all for undercloud 
I89cff59947dda3f51482486c41a3d67c4aa36a3e broke SSH access on the
Undercloud, we shouldn't be that restrictive by default for the
undercloud and standalone (as deployed via tripleo deploy).

This change adds a new parameter called SshFirewallAllowAll that can be
used to include an allow all for ssh. By default it is disabled when
deploying the overcloud but is used by the undercloud and standalone to
allow access after installation.

Change-Id: Ie548f7216610e15af24c96f65a58cc8de603235c
Co-Authored-By: Alex Schultz <aschultz@redhat.com>
 		2019-01-18 11:14:12 -07:00
..
ceph-ansible Ceph update and upgrade in config-download era 2018-08-02 15:04:22 +02:00
composable-roles Specify multiple NtpServers by default 2018-12-04 08:31:55 -07:00
lifecycle Remove MongoDB 2019-01-04 15:17:00 +00:00
messaging Support separate oslo.messaging services for RPC and Notification 2018-04-22 04:33:44 +00:00
networking Add neutron-midonet sample environment 2017-06-12 15:02:50 -05:00
predictable-placement Revert "Switch public endpoints to use FQDNs by default" 2018-05-16 21:45:42 +00:00
services flatten sahara service configuration 2019-01-17 09:43:11 -05:00
services-baremetal flatten sahara service configuration 2019-01-17 09:43:11 -05:00
ssl Add HorizonSecureCookies to environments/ssl/enable-tls.yaml 2019-01-17 14:40:49 +02:00
standalone Allow ssh from all for undercloud 2019-01-18 11:14:12 -07:00
storage Add parameters for cinder storage availability zones 2018-10-23 09:18:53 -04:00
updates FFU: Add update-from-ceph-newton.yaml 2018-02-21 15:40:14 -05:00
veritas-hyperscale Switch remaining env files to containers defaults 2018-04-26 23:45:01 +00:00
README.md Add a directory for overcloud heat environments 2015-05-15 12:28:00 +02:00
auditd.yaml Switch remaining env files to containers defaults 2018-04-26 23:45:01 +00:00
barbican-backend-dogtag.yaml Add multiple secret store backends for barbican 2017-12-05 13:07:50 -05:00
barbican-backend-kmip.yaml Add multiple secret store backends for barbican 2017-12-05 13:07:50 -05:00
barbican-backend-pkcs11-atos.yaml Added Barbican option BarbicanPkcs11AlwaysSetCkaSensitive 2019-01-17 08:50:24 -06:00
barbican-backend-pkcs11-thales.yaml Added Barbican option BarbicanPkcs11AlwaysSetCkaSensitive 2019-01-17 08:50:24 -06:00
barbican-backend-pkcs11.yaml Added Barbican option BarbicanPkcs11AlwaysSetCkaSensitive 2019-01-17 08:50:24 -06:00
barbican-backend-simple-crypto.yaml Add multiple secret store backends for barbican 2017-12-05 13:07:50 -05:00
baremetal-services.yaml Flatten Keystone service configuration 2019-01-08 10:13:43 -05:00
cadf.yaml Enable keystone cadf notifications 2017-03-06 18:10:55 +01:00
cavium-liquidio.yaml Merge "Implements: liquidio-containerization" 2018-10-23 04:07:49 +00:00
cinder-backup.yaml Switch remaining env files to containers defaults 2018-04-26 23:45:01 +00:00
cinder-dellemc-unity-config.yaml Add support for Dell EMC Unity Cinder backend 2017-08-17 08:36:14 +00:00
cinder-dellemc-vmax-iscsi-config.yaml Add support for Dell EMC VMAX ISCSI Backend 2017-08-30 04:41:47 +00:00
cinder-dellemc-vnx-config.yaml Update yaml files for Dell EMC VNX, Unity drivers 2018-07-09 22:15:16 +00:00
cinder-dellemc-xtremio-iscsi-config.yaml Rename Dell EMC XTREMIO iSCSI environment file 2018-05-23 12:42:02 -04:00
cinder-dellps-config.yaml Ps Cinder: Added support for password less login 2017-07-18 12:49:53 -05:00
cinder-dellsc-config.yaml Added Dell EMC SC multipath support 2018-11-05 12:48:41 -06:00
cinder-hpelefthand-config.yaml HPELeftHandISCSIDriver support for Cinder 2017-01-13 16:48:59 +00:00
cinder-iser.yaml Added support for pass-through iSER configuration 2016-09-23 09:51:41 -04:00
cinder-netapp-config.yaml Clean up env files for Cinder's Netapp backend 2018-06-29 13:58:57 -04:00
cinder-nvmeof-config.yaml Add support for NVMeOF cinder backend 2018-05-07 15:45:42 +03:00
cinder-pure-config.yaml Enables support for configuring Cinder with Pure Storage 2017-04-04 22:11:34 -04:00
cinder-scaleio-config.yaml Containerized control plane with Dell EMC ScaleIO storage 2018-05-29 13:41:29 -04:00
collectd-environment.yaml Collectd documentation refactor 2018-10-02 11:55:37 +02:00
compute-instanceha.yaml Switch remaining env files to containers defaults 2018-04-26 23:45:01 +00:00
compute-real-time-example.yaml Add custom role for realtime compute 2018-01-24 22:43:00 +00:00
computealt.yaml Add ComputeAlt role and environment 2017-11-29 14:28:05 +11:00
config-debug.yaml Fix paunch logs verbosity control 2019-01-16 15:06:32 +00:00
config-download-environment.yaml Update/upgrade prepare/converge in config-download era 2018-07-17 20:01:12 +02:00
containerized-control-plane-dellemc-scaleio.yaml Containerized control plane with Dell EMC ScaleIO storage 2018-05-29 13:41:29 -04:00
debug.yaml Add new environment for debug 2016-10-07 17:27:22 +00:00
deployed-server-bootstrap-environment-centos.yaml Deployed server bootstrap via Heat 2017-01-16 10:48:00 -05:00
deployed-server-bootstrap-environment-rhel.yaml Add deployed server bootstrap for RHEL 2017-01-26 15:06:46 -05:00
deployed-server-deployed-neutron-ports.yaml Use static environment for deployed-server neutron mappings 2017-07-18 20:01:06 -04:00
deployed-server-environment.j2.yaml Nic config mappings for deployed-server 2017-03-22 20:08:38 +00:00
deployed-server-noop-ctlplane.yaml Add deployed server bootstrap to noop-ctlplane 2017-01-17 18:34:47 -05:00
designate-config-ha.yaml Split designate envs 2018-10-11 15:15:16 +00:00
designate-config.yaml Split designate envs 2018-10-11 15:15:16 +00:00
disable-config-download-environment.yaml NFV: Support for config-download to deploy node with kernel args 2018-05-15 11:01:06 +05:30
disable-panko.yaml Remove ties between ceilometer and panko 2018-11-28 15:29:48 +00:00
disable-telemetry.yaml Set default application for Ceph Luminous openstack_pools 2018-05-24 18:08:16 +00:00
disable-workflow-tasks.yaml Environment to disable workflow_tasks 2018-04-16 17:52:45 -04:00
docker-ha.yaml Switch remaining env files to containers defaults 2018-04-26 23:45:01 +00:00
docker-network.yaml container ovs-agent, ensure br-ex exists 2017-08-28 19:47:16 +00:00
docker-uc-light.yaml Merge "Move docker into deployment directory" 2019-01-10 23:35:05 +00:00
docker.yaml Deprecate environments/docker.yaml 2018-11-01 22:39:40 +00:00
enable-designate.yaml Split designate envs 2018-10-11 15:15:16 +00:00
enable-federation-openidc.yaml Add horizon WebSSO support for OpenID Connect 2019-01-09 11:55:34 +00:00
enable-internal-tls.yaml Switch remaining env files to containers defaults 2018-04-26 23:45:01 +00:00
enable-swap-partition.yaml Fix for AllNodesExtraConfig and fix environment files to create swap files/partitions 2017-01-16 15:47:50 +01:00
enable-swap.yaml Fix for AllNodesExtraConfig and fix environment files to create swap files/partitions 2017-01-16 15:47:50 +01:00
enable-tls.yaml Manage public certificate with ansible 2018-05-31 14:50:00 +02:00
enable_congress.yaml Switch remaining env files to containers defaults 2018-04-26 23:45:01 +00:00
enable_tacker.yaml Switch remaining env files to containers defaults 2018-04-26 23:45:01 +00:00
enable_tempest.yaml Switch remaining env files to containers defaults 2018-04-26 23:45:01 +00:00
external-loadbalancer-vip-v6-all.yaml Allow overlay tunnel endpoints on IPv6 address 2019-01-10 10:26:24 +00:00
external-loadbalancer-vip-v6.yaml Replace references to the 192.0.2 network 2017-04-10 14:05:50 +02:00
external-loadbalancer-vip.yaml Replace references to the 192.0.2 network 2017-04-10 14:05:50 +02:00
fixed-ip-vips-v6.yaml Fix incorrect Redis VIP declaration in fixed-ip-vips-v6.yaml 2018-06-21 11:45:57 -07:00
fixed-ip-vips.yaml Fix PublicVirtualFixedIPs in envs 2018-02-15 05:52:07 +00:00
horizon_password_validation.yaml Manage password_validator regex 2017-01-25 16:45:22 +00:00
host-config-and-reboot.j2.yaml Add a new role for ComputeOvsDpdk and clean-up parameters 2017-07-14 11:09:13 +05:30
hyperconverged-ceph.yaml Add bootparams service for all roles 2018-11-19 05:02:07 -05:00
inject-trust-anchor-hiera.yaml Add nested sample environments for inject-trust-anchor 2017-06-12 15:02:50 -05:00
inject-trust-anchor.yaml Add nested sample environments for inject-trust-anchor 2017-06-12 15:02:50 -05:00
ips-from-pool-all.yaml Fix networking settings for ObjectStorage role 2017-10-25 20:57:17 +02:00
ips-from-pool-ctlplane.yaml Remove invalid comment in ips-from-pool-ctlplane 2018-12-10 10:14:27 -05:00
ips-from-pool.yaml Add sample environment file to document usage of predictable IPs 2015-12-15 12:52:15 +01:00
ipsec.yaml Add IPSEC composable service 2017-12-05 13:10:18 +00:00
kubernetes.yaml Move docker into deployment directory 2019-01-09 22:58:50 +00:00
logging-environment.yaml Switch remaining env files to containers defaults 2018-04-26 23:45:01 +00:00
login-defs.yaml Implements management of `/etc/login.defs` 2017-11-29 09:23:25 +00:00
low-memory-usage.yaml low-memory-usage: configure NovaSchedulerWorkers to 1 2018-11-01 15:53:32 +00:00
manila-cephfsganesha-config.yaml Update manila environment file names 2018-07-19 18:46:10 +00:00
manila-cephfsnative-config.yaml Update manila environment file names 2018-07-19 18:46:10 +00:00
manila-isilon-config.yaml Switch remaining env files to containers defaults 2018-04-26 23:45:01 +00:00
manila-netapp-config.yaml Switch remaining env files to containers defaults 2018-04-26 23:45:01 +00:00
manila-unity-config.yaml Merge "[DellEMC]Update Manila Unity driver" 2018-05-06 20:40:15 +00:00
manila-vmax-config.yaml Switch remaining env files to containers defaults 2018-04-26 23:45:01 +00:00
manila-vnx-config.yaml Update yaml files for Dell EMC VNX, Unity drivers 2018-07-09 22:15:16 +00:00
metrics-collectd-qdr.yaml Collectd documentation refactor 2018-10-02 11:55:37 +02:00
monitoring-environment.yaml Switch remaining env files to containers defaults 2018-04-26 23:45:01 +00:00
net-2-linux-bonds-with-vlans.j2.yaml Add a dual-bond example NIC config template 2018-12-12 02:19:38 -08:00
net-bond-with-vlans-no-external.j2.yaml Fix default nic config file names 2018-03-06 17:49:56 +01:00
net-bond-with-vlans-v6.j2.yaml Fix default nic config file names 2018-03-06 17:49:56 +01:00
net-bond-with-vlans.j2.yaml Fix default nic config file names 2018-03-06 17:49:56 +01:00
net-dpdkbond-with-vlans.j2.yaml Fix default nic config file names 2018-03-06 17:49:56 +01:00
net-multiple-nics-v6.j2.yaml Fix default nic config file names 2018-03-06 17:49:56 +01:00
net-multiple-nics.j2.yaml Fix default nic config file names 2018-03-06 17:49:56 +01:00
net-noop.j2.yaml Add environments/net-noop.yaml 2018-06-12 21:52:39 +00:00
net-single-nic-linux-bridge-with-vlans.j2.yaml Fix default nic config file names 2018-03-06 17:49:56 +01:00
net-single-nic-with-vlans-no-external.j2.yaml Fix default nic config file names 2018-03-06 17:49:56 +01:00
net-single-nic-with-vlans-v6.j2.yaml Fix default nic config file names 2018-03-06 17:49:56 +01:00
net-single-nic-with-vlans.j2.yaml Fix default nic config file names 2018-03-06 17:49:56 +01:00
network-environment-v6-all.j2.yaml Allow overlay tunnel endpoints on IPv6 address 2019-01-10 10:26:24 +00:00
network-environment-v6.j2.yaml L3 routed networks - data + env (1/3) 2018-12-30 19:24:29 +01:00
network-environment.j2.yaml L3 routed networks - data + env (1/3) 2018-12-30 19:24:29 +01:00
network-isolation-no-tunneling.j2.yaml L3 routed networks - subnet fixed_ips (3/3) 2019-01-03 19:07:20 +01:00
network-isolation-v6-all.j2.yaml Allow overlay tunnel endpoints on IPv6 address 2019-01-10 10:26:24 +00:00
network-isolation-v6.j2.yaml Remove unused jinja code in network-isolation environment 2019-01-14 12:49:56 +00:00
network-isolation.j2.yaml Remove unused jinja code in network-isolation environment 2019-01-14 12:49:56 +00:00
network-management-v6.yaml Fix networking settings for ObjectStorage role 2017-10-25 20:57:17 +02:00
network-management.yaml Fix networking settings for ObjectStorage role 2017-10-25 20:57:17 +02:00
networks-disable.j2.yaml Environment to disable Neutron networks 2018-01-24 20:59:14 -05:00
neutron-bgpvpn-bagpipe.yaml Switch remaining env files to containers defaults 2018-04-26 23:45:01 +00:00
neutron-bgpvpn.yaml Switch remaining env files to containers defaults 2018-04-26 23:45:01 +00:00
neutron-l2gw.yaml Switch remaining env files to containers defaults 2018-04-26 23:45:01 +00:00
neutron-linuxbridge.yaml Switch remaining env files to containers defaults 2018-04-26 23:45:01 +00:00
neutron-midonet.yaml Add neutron-midonet sample environment 2017-06-12 15:02:50 -05:00
neutron-ml2-ansible.yaml adding vxlan into Neutuon drivers for networking-ansible 2018-08-02 02:13:11 +00:00
neutron-ml2-bigswitch.yaml Switch remaining env files to containers defaults 2018-04-26 23:45:01 +00:00
neutron-ml2-cisco-n1kv.yaml Replace references to the 192.0.2 network 2017-04-10 14:05:50 +02:00
neutron-ml2-cisco-nexus-ucsm.yaml CiscoNexus: Update and Remove deprecated vars 2018-11-06 15:52:30 +00:00
neutron-ml2-cisco-vts.yaml Add cisco VTS ML2 template for a dockerized service and default environment settings 2018-02-20 21:11:19 +01:00
neutron-ml2-fujitsu-cfab.yaml Add THT for networking-fujitsu 2017-01-10 10:54:02 -05:00
neutron-ml2-fujitsu-fossw.yaml Add THT for fossw ML2 plugin in networking-fujitsu 2017-01-19 12:55:47 -05:00
neutron-ml2-mlnx-sdn.yaml Add environment file for Mellanox SDN 2018-04-18 17:20:28 +03:00
neutron-ml2-ovn-dvr-ha.yaml Remove unused parameter NeutronEnableDHCPAgent 2018-10-01 12:43:01 +02:00
neutron-ml2-ovn-ha.yaml Remove unused parameter NeutronEnableDHCPAgent 2018-10-01 12:43:01 +02:00
neutron-ml2-vpp.yaml Switch remaining env files to containers defaults 2018-04-26 23:45:01 +00:00
neutron-nsx.yaml Add config files/templates to integrate nsx plugin with container 2018-11-21 03:06:25 +00:00
neutron-nuage-config.yaml Parameterizing Puppet Tags 2018-04-23 21:24:52 -04:00
neutron-ovs-dpdk.yaml Deprecate duplicate NFV environment files 2019-01-07 09:12:11 +05:30
neutron-ovs-dvr.yaml Remove External network from DVR related configuration 2018-08-16 16:51:15 -07:00
neutron-plumgrid.yaml Correct file modes for rpmlint failures 2018-12-14 13:21:28 -07:00
neutron-sfc.yaml Switch remaining env files to containers defaults 2018-04-26 23:45:01 +00:00
neutron-sriov.yaml Deprecate duplicate NFV environment files 2019-01-07 09:12:11 +05:30
no-tls-endpoints-public-ip.yaml Configure haproxy for openshift infra 2018-09-25 16:35:48 +02:00
nonha-arch.yaml Remove obsolete code for handling Pacemakerized resource restarts 2018-10-11 10:41:15 +02:00
noop-deploy-steps.yaml Add noop-deploy-steps.yaml environment 2017-11-22 18:48:21 +00:00
nova-api-policy.yaml Allow to configure policy.json for OpenStack projects 2017-03-28 22:21:28 +00:00
nova-nuage-config.yaml Drop extraconfig for nova-nuage 2017-08-16 07:46:00 -04:00
nsx-config.yaml Add config files/templates to integrate nsx plugin with container 2018-11-21 03:06:25 +00:00
odl-dscp-marking-inheritance.yaml Add flag to enable QoS DSCP marking in ODL 2018-05-30 13:14:32 +00:00
openshift-cns.yaml Introduce OpenShiftGlusterNodeVars heat param 2018-10-03 18:49:33 +00:00
openshift.yaml Move docker into deployment directory 2019-01-09 22:58:50 +00:00
overcloud-baremetal.j2.yaml Consistent hostname format env for split-stack 2017-07-24 14:42:28 -04:00
overcloud-services.yaml Consistent hostname format env for split-stack 2017-07-24 14:42:28 -04:00
overcloud-steps.yaml Rename -puppet.yaml templates. 2015-09-22 08:30:01 -04:00
ovs-dpdk-permissions.yaml Add OVS-DPDK parameter as part of roles file 2018-07-16 09:58:55 +05:30
ovs-hw-offload.yaml Remove deprecated Ram/Disk filters in NovaSchedulerDefaultFilters 2018-10-09 12:09:03 +00:00
podman.yaml Move podman into deployment directory 2018-12-17 11:37:19 +00:00
public-tls-undercloud.yaml Default CertmongerUser to be defined for undercloud setup 2018-04-09 07:46:41 +03:00
puppet-tenant-vlan.yaml Remove NeutronEnableTunnelling from templates 2016-08-12 20:46:38 -02:30
rhsm.yaml RHSM: update parameters in doc 2018-02-06 14:00:13 -08:00
securetty.yaml Adds service for managing securetty 2017-04-06 13:30:50 +01:00
split-stack-consistent-hostname-format.j2.yaml Consistent hostname format env for split-stack 2017-07-24 14:42:28 -04:00
sshd-banner.yaml SSHD Service extensions 2017-04-19 18:03:02 +01:00
standalone.yaml Remove redis from standalone env 2018-12-18 09:56:08 +01:00
stdout-logging.yaml Flatten Glance service configuration 2018-12-14 08:23:32 +01:00
storage-environment-external.yaml Migrates ceph-{radosgw,mds,rbdmirror} to ceph-ansible 2018-01-22 14:45:03 +01:00
storage-environment.yaml Instance create fails due to wrong default secontext with NFS 2018-07-24 08:12:07 +02:00
swift-external.yaml Support for external swift proxy 2017-04-18 09:13:19 +02:00
tls-endpoints-public-dns.yaml Configure haproxy for openshift infra 2018-09-25 16:35:48 +02:00
tls-endpoints-public-ip.yaml Configure haproxy for openshift infra 2018-09-25 16:35:48 +02:00
tls-everywhere-endpoints-dns.yaml Configure haproxy for openshift infra 2018-09-25 16:35:48 +02:00
tripleo-validations.yaml Implement TripleoValidations composable service 2018-06-13 11:35:49 -07:00
tuned-ceph-filestore-hci.yaml Add TunedCustomProfile parameter and HCI Ceph filestore environment 2018-12-10 22:26:06 +00:00
undercloud.yaml Allow ssh from all for undercloud 2019-01-18 11:14:12 -07:00
use-dns-for-vips.yaml Stop using puppet to configure VIPs in /etc/hosts 2016-11-27 13:20:33 -05:00

README.md

This directory contains Heat environment file snippets which can be used to enable features in the Overcloud.

Configuration

These can be enabled using the -e [path to environment yaml] option with heatclient.

Below is an example of how to enable the Ceph template using devtest_overcloud.sh:

export OVERCLOUD\_CUSTOM\_HEAT\_ENV=$TRIPLEO\_ROOT/tripleo-heat-templates/environments/ceph_devel.yaml