31bc6eaa88
This profile will request the certificates for the services on the node. So with this, we will remove the requesting of these certs on the services' profiles themselves. The reasoning for this is that for a containerized environment, the containers won't have credentials to the CA while the baremetal node does. So, with this, we will have this profile that still gets executed in the baremetal nodes, and we can subsequently pass the requested certificates by bind-mounting them on the containers. On the other hand, this approach still works well for the TLS-everywhere case when the services are running on baremetal. Change-Id: Ibf58dfd7d783090e927de6629e487f968f7e05b6 Depends-On: I4d2e62b5c1b893551f9478cf5f69173c334ac81f |
||
---|---|---|
ci | ||
deployed-server | ||
docker | ||
environments | ||
extraconfig | ||
firstboot | ||
network | ||
puppet | ||
releasenotes | ||
scripts | ||
tools | ||
validation-scripts | ||
.gitignore | ||
.gitreview | ||
LICENSE | ||
MANIFEST.in | ||
README.rst | ||
all-nodes-validation.yaml | ||
babel.cfg | ||
bootstrap-config.yaml | ||
capabilities-map.yaml | ||
default_passwords.yaml | ||
hosts-config.yaml | ||
j2_excludes.yaml | ||
net-config-bond.yaml | ||
net-config-bridge.yaml | ||
net-config-linux-bridge.yaml | ||
net-config-noop.yaml | ||
net-config-static-bridge-with-external-dhcp.yaml | ||
net-config-static-bridge.yaml | ||
net-config-static.yaml | ||
net-config-undercloud.yaml | ||
overcloud-resource-registry-puppet.j2.yaml | ||
overcloud.j2.yaml | ||
plan-environment.yaml | ||
requirements.txt | ||
roles_data.yaml | ||
roles_data_undercloud.yaml | ||
setup.cfg | ||
setup.py | ||
test-requirements.txt | ||
tox.ini |
README.rst
Team and repository tags
tripleo-heat-templates
Heat templates to deploy OpenStack using OpenStack.
- Free software: Apache license
- Documentation: http://docs.openstack.org/developer/tripleo-docs
- Source: http://git.openstack.org/cgit/openstack/tripleo-heat-templates
- Bugs: http://bugs.launchpad.net/tripleo
Features
The ability to deploy a multi-node, role based OpenStack deployment using OpenStack Heat. Notable features include:
- Choice of deployment/configuration tooling: puppet, (soon) docker
- Role based deployment: roles for the controller, compute, ceph, swift, and cinder storage
- physical network configuration: support for isolated networks, bonding, and standard ctlplane networking
Directories
A description of the directory layout in TripleO Heat Templates.
- environments: contains heat environment files that can be used with -e
on the command like to enable features, etc.
- extraconfig: templates used to enable 'extra' functionality. Includes
functionality for distro specific registration and upgrades.
- firstboot: example first_boot scripts that can be used when initially
creating instances.
- network: heat templates to help create isolated networks and ports
- puppet: templates mostly driven by configuration with puppet. To use these
templates you can use the overcloud-resource-registry-puppet.yaml.
- validation-scripts: validation scripts useful to all deployment
configurations
Service testing matrix
The configuration for the CI scenarios will be defined in tripleo-heat-templates/ci/ and should be executed according to the following table:
- | scenario001 | scenario002 | scenario003 | scenario004 | multinode-nonha |
---|---|---|---|---|---|
keystone |
|
|
|
|
|
glance |
|
|
|
|
|
cinder |
|
|
|
||
heat |
|
|
|
|
|
mysql |
|
|
|
|
|
neutron |
|
|
|
|
|
rabbitmq |
|
|
|
|
|
mongodb |
|
|
|||
redis |
|
||||
haproxy |
|
|
|
|
|
keepalived |
|
|
|
|
|
memcached |
|
|
|
|
|
pacemaker |
|
|
|
|
|
nova |
|
|
|
|
|
ntp |
|
|
|
|
|
snmp |
|
|
|
|
|
timezone |
|
|
|
|
|
sahara |
|
||||
mistral |
|
||||
swift |
|
|
|||
aodh |
|
||||
ceilometer |
|
||||
gnocchi |
|
||||
panko |
|
||||
barbican |
|
||||
zaqar |
|
||||
ec2api |
|
||||
cephrgw |
|
|
|||
tacker |
|
||||
congress |
|
||||
cephmds |
|
||||
manila |
|