afdc138987
This patch allows the management of the AuditD service and its associated files (such as `audit.rules`) This is achieved by means of the `puppet-auditd` puppet module. Also places ssh banner capabilities map on top of patch Change-Id: Ib8bb52dde88304cb58b051bced9779c97a314d0d Depends-On: Ie31c063b674075e35e1bfa28d1fc07f3f897407b
192 lines
7.4 KiB
YAML
192 lines
7.4 KiB
YAML
# Specifies which roles (groups of nodes) will be deployed
|
|
# Note this is used as an input to the various *.j2.yaml
|
|
# jinja2 templates, so that they are converted into *.yaml
|
|
# during the plan creation (via a mistral action/workflow).
|
|
#
|
|
# The format is a list, with the following format:
|
|
#
|
|
# * name: (string) mandatory, name of the role, must be unique
|
|
#
|
|
# CountDefault: (number) optional, default number of nodes, defaults to 0
|
|
# sets the default for the {{role.name}}Count parameter in overcloud.yaml
|
|
#
|
|
# HostnameFormatDefault: (string) optional default format string for hostname
|
|
# defaults to '%stackname%-{{role.name.lower()}}-%index%'
|
|
# sets the default for {{role.name}}HostnameFormat parameter in overcloud.yaml
|
|
#
|
|
# disable_constraints: (boolean) optional, whether to disable Nova and Glance
|
|
# constraints for each role specified in the templates.
|
|
#
|
|
# upgrade_batch_size: (number): batch size for upgrades where tasks are
|
|
# specified by services to run in batches vs all nodes at once.
|
|
# This defaults to 1, but larger batches may be specified here.
|
|
#
|
|
# ServicesDefault: (list) optional default list of services to be deployed
|
|
# on the role, defaults to an empty list. Sets the default for the
|
|
# {{role.name}}Services parameter in overcloud.yaml
|
|
|
|
- name: Controller # the 'primary' role goes first
|
|
CountDefault: 1
|
|
ServicesDefault:
|
|
- OS::TripleO::Services::CACerts
|
|
- OS::TripleO::Services::CephMds
|
|
- OS::TripleO::Services::CephMon
|
|
- OS::TripleO::Services::CephExternal
|
|
- OS::TripleO::Services::CephRbdMirror
|
|
- OS::TripleO::Services::CephRgw
|
|
- OS::TripleO::Services::CinderApi
|
|
- OS::TripleO::Services::CinderBackup
|
|
- OS::TripleO::Services::CinderScheduler
|
|
- OS::TripleO::Services::CinderVolume
|
|
- OS::TripleO::Services::Kernel
|
|
- OS::TripleO::Services::Keystone
|
|
- OS::TripleO::Services::GlanceApi
|
|
- OS::TripleO::Services::HeatApi
|
|
- OS::TripleO::Services::HeatApiCfn
|
|
- OS::TripleO::Services::HeatApiCloudwatch
|
|
- OS::TripleO::Services::HeatEngine
|
|
- OS::TripleO::Services::MySQL
|
|
- OS::TripleO::Services::NeutronDhcpAgent
|
|
- OS::TripleO::Services::NeutronL3Agent
|
|
- OS::TripleO::Services::NeutronMetadataAgent
|
|
- OS::TripleO::Services::NeutronApi
|
|
- OS::TripleO::Services::NeutronCorePlugin
|
|
- OS::TripleO::Services::NeutronOvsAgent
|
|
- OS::TripleO::Services::RabbitMQ
|
|
- OS::TripleO::Services::HAproxy
|
|
- OS::TripleO::Services::Keepalived
|
|
- OS::TripleO::Services::Memcached
|
|
- OS::TripleO::Services::Pacemaker
|
|
- OS::TripleO::Services::Redis
|
|
- OS::TripleO::Services::NovaConductor
|
|
- OS::TripleO::Services::MongoDb
|
|
- OS::TripleO::Services::NovaApi
|
|
- OS::TripleO::Services::NovaPlacement
|
|
- OS::TripleO::Services::NovaMetadata
|
|
- OS::TripleO::Services::NovaScheduler
|
|
- OS::TripleO::Services::NovaConsoleauth
|
|
- OS::TripleO::Services::NovaVncProxy
|
|
- OS::TripleO::Services::Ec2Api
|
|
- OS::TripleO::Services::Ntp
|
|
- OS::TripleO::Services::SwiftProxy
|
|
- OS::TripleO::Services::SwiftStorage
|
|
- OS::TripleO::Services::SwiftRingBuilder
|
|
- OS::TripleO::Services::Snmp
|
|
- OS::TripleO::Services::Sshd
|
|
- OS::TripleO::Services::Timezone
|
|
- OS::TripleO::Services::CeilometerApi
|
|
- OS::TripleO::Services::CeilometerCollector
|
|
- OS::TripleO::Services::CeilometerExpirer
|
|
- OS::TripleO::Services::CeilometerAgentCentral
|
|
- OS::TripleO::Services::CeilometerAgentNotification
|
|
- OS::TripleO::Services::Horizon
|
|
- OS::TripleO::Services::GnocchiApi
|
|
- OS::TripleO::Services::GnocchiMetricd
|
|
- OS::TripleO::Services::GnocchiStatsd
|
|
- OS::TripleO::Services::ManilaApi
|
|
- OS::TripleO::Services::ManilaScheduler
|
|
- OS::TripleO::Services::ManilaBackendGeneric
|
|
- OS::TripleO::Services::ManilaBackendNetapp
|
|
- OS::TripleO::Services::ManilaBackendCephFs
|
|
- OS::TripleO::Services::ManilaShare
|
|
- OS::TripleO::Services::AodhApi
|
|
- OS::TripleO::Services::AodhEvaluator
|
|
- OS::TripleO::Services::AodhNotifier
|
|
- OS::TripleO::Services::AodhListener
|
|
- OS::TripleO::Services::SaharaApi
|
|
- OS::TripleO::Services::SaharaEngine
|
|
- OS::TripleO::Services::IronicApi
|
|
- OS::TripleO::Services::IronicConductor
|
|
- OS::TripleO::Services::NovaIronic
|
|
- OS::TripleO::Services::TripleoPackages
|
|
- OS::TripleO::Services::TripleoFirewall
|
|
- OS::TripleO::Services::OpenDaylightApi
|
|
- OS::TripleO::Services::OpenDaylightOvs
|
|
- OS::TripleO::Services::SensuClient
|
|
- OS::TripleO::Services::FluentdClient
|
|
- OS::TripleO::Services::BarbicanApi
|
|
- OS::TripleO::Services::PankoApi
|
|
- OS::TripleO::Services::Zaqar
|
|
- OS::TripleO::Services::OVNDBs
|
|
- OS::TripleO::Services::NeutronML2FujitsuCfab
|
|
- OS::TripleO::Services::NeutronML2FujitsuFossw
|
|
- OS::TripleO::Services::CinderHPELeftHandISCSI
|
|
- OS::TripleO::Services::Etcd
|
|
- OS::TripleO::Services::AuditD
|
|
|
|
- name: Compute
|
|
CountDefault: 1
|
|
HostnameFormatDefault: '%stackname%-novacompute-%index%'
|
|
disable_upgrade_deployment: True
|
|
ServicesDefault:
|
|
- OS::TripleO::Services::CACerts
|
|
- OS::TripleO::Services::CephClient
|
|
- OS::TripleO::Services::CephExternal
|
|
- OS::TripleO::Services::Timezone
|
|
- OS::TripleO::Services::Ntp
|
|
- OS::TripleO::Services::Snmp
|
|
- OS::TripleO::Services::Sshd
|
|
- OS::TripleO::Services::NovaCompute
|
|
- OS::TripleO::Services::NovaLibvirt
|
|
- OS::TripleO::Services::Kernel
|
|
- OS::TripleO::Services::ComputeNeutronCorePlugin
|
|
- OS::TripleO::Services::ComputeNeutronOvsAgent
|
|
- OS::TripleO::Services::ComputeCeilometerAgent
|
|
- OS::TripleO::Services::ComputeNeutronL3Agent
|
|
- OS::TripleO::Services::ComputeNeutronMetadataAgent
|
|
- OS::TripleO::Services::TripleoPackages
|
|
- OS::TripleO::Services::TripleoFirewall
|
|
- OS::TripleO::Services::NeutronSriovAgent
|
|
- OS::TripleO::Services::OpenDaylightOvs
|
|
- OS::TripleO::Services::SensuClient
|
|
- OS::TripleO::Services::FluentdClient
|
|
- OS::TripleO::Services::AuditD
|
|
|
|
- name: BlockStorage
|
|
ServicesDefault:
|
|
- OS::TripleO::Services::CACerts
|
|
- OS::TripleO::Services::BlockStorageCinderVolume
|
|
- OS::TripleO::Services::Kernel
|
|
- OS::TripleO::Services::Ntp
|
|
- OS::TripleO::Services::Timezone
|
|
- OS::TripleO::Services::Snmp
|
|
- OS::TripleO::Services::Sshd
|
|
- OS::TripleO::Services::TripleoPackages
|
|
- OS::TripleO::Services::TripleoFirewall
|
|
- OS::TripleO::Services::SensuClient
|
|
- OS::TripleO::Services::FluentdClient
|
|
- OS::TripleO::Services::AuditD
|
|
|
|
- name: ObjectStorage
|
|
disable_upgrade_deployment: True
|
|
ServicesDefault:
|
|
- OS::TripleO::Services::CACerts
|
|
- OS::TripleO::Services::Kernel
|
|
- OS::TripleO::Services::Ntp
|
|
- OS::TripleO::Services::SwiftStorage
|
|
- OS::TripleO::Services::SwiftRingBuilder
|
|
- OS::TripleO::Services::Snmp
|
|
- OS::TripleO::Services::Sshd
|
|
- OS::TripleO::Services::Timezone
|
|
- OS::TripleO::Services::TripleoPackages
|
|
- OS::TripleO::Services::TripleoFirewall
|
|
- OS::TripleO::Services::SensuClient
|
|
- OS::TripleO::Services::FluentdClient
|
|
- OS::TripleO::Services::AuditD
|
|
|
|
- name: CephStorage
|
|
disable_upgrade_deployment: True
|
|
ServicesDefault:
|
|
- OS::TripleO::Services::CACerts
|
|
- OS::TripleO::Services::CephOSD
|
|
- OS::TripleO::Services::Kernel
|
|
- OS::TripleO::Services::Ntp
|
|
- OS::TripleO::Services::Snmp
|
|
- OS::TripleO::Services::Sshd
|
|
- OS::TripleO::Services::Timezone
|
|
- OS::TripleO::Services::TripleoPackages
|
|
- OS::TripleO::Services::TripleoFirewall
|
|
- OS::TripleO::Services::SensuClient
|
|
- OS::TripleO::Services::FluentdClient
|
|
- OS::TripleO::Services::AuditD
|