tripleo-heat-templates/environments
Giulio Fidente 89e35393db Add parameter and CI config to enable Ceph OTW encryption
Starting with Ceph Nautilus it is possible to enable on-wire
encryption between daemons and clients.

This change adds a setting to optionally configure Ceph with OTW
encryption and a setting in scenario001-standalone to test it.

Change-Id: I5d046b814a211aec9051f5278f98a3e81580057c
2020-09-04 06:27:53 +00:00
..
backup-and-restore Adding ReaR THT 2019-11-21 11:07:51 -03:00
ceph-ansible Add parameter and CI config to enable Ceph OTW encryption 2020-09-04 06:27:53 +00:00
composable-roles Specify multiple NtpServers by default 2018-12-04 08:31:55 -07:00
lifecycle Remove ffwd-upgrade leftovers from THT. 2020-07-23 15:33:25 +00:00
messaging flatten qdrouterd service configs 2019-02-15 12:53:15 -07:00
metrics Disable presettled metrics 2020-06-11 15:26:24 -04:00
predictable-placement Revert "Switch public endpoints to use FQDNs by default" 2018-05-16 21:45:42 +00:00
services Remove usage of RetryFilter 2020-08-28 21:06:30 +05:30
services-baremetal Remove usage of RetryFilter 2020-08-28 21:06:30 +05:30
ssl Remove all UIConfig endpoints 2020-08-22 00:16:39 +09:00
standalone Deprecate Keepalived service 2020-05-05 10:16:52 -04:00
storage Use container_file_t for Cinder*NfsMountOptions by default 2020-08-26 13:04:10 +02:00
undercloud Merge "Remove support for Neutron FUJITSU plugin" 2020-06-18 10:28:56 +00:00
updates Switch default neutron ML2 mechanism driver to OVN 2019-02-14 15:58:27 +01:00
veritas-hyperscale Move vpp, and veritas-hyperscale into deployment 2019-05-30 20:37:33 +00:00
README.md
auditd.yaml Move auditd, ca-cert, certmonger to deployment 2019-05-30 20:37:25 +00:00
barbican-backend-dogtag.yaml flatten the barbican service configurations 2019-02-18 08:06:21 -05:00
barbican-backend-kmip.yaml flatten the barbican service configurations 2019-02-18 08:06:21 -05:00
barbican-backend-pkcs11-atos.yaml flatten the barbican service configurations 2019-02-18 08:06:21 -05:00
barbican-backend-pkcs11-lunasa.yaml Add new Luna HSM parameter for Barbican 2020-07-31 15:50:28 +00:00
barbican-backend-pkcs11-thales.yaml flatten the barbican service configurations 2019-02-18 08:06:21 -05:00
barbican-backend-pkcs11.yaml flatten the barbican service configurations 2019-02-18 08:06:21 -05:00
barbican-backend-simple-crypto.yaml flatten the barbican service configurations 2019-02-18 08:06:21 -05:00
cadf.yaml Enable keystone cadf notifications 2017-03-06 18:10:55 +01:00
cavium-liquidio.yaml Remove usage of RetryFilter 2020-08-28 21:06:30 +05:30
cinder-backup.yaml flatten cinder service configuration 2019-01-18 08:55:26 -05:00
cinder-dellemc-powerflex-config.yaml Support for PowerFlex Cinder Backend 2020-07-31 15:57:10 -05:00
cinder-dellemc-powermax-config.yaml Support for PowerMax Cinder Backend 2020-04-08 16:17:41 -05:00
cinder-dellemc-powerstore-config.yaml Support for PowerStore Cinder Backend 2020-07-29 16:52:08 -05:00
cinder-dellemc-sc-config.yaml Support for SC Cinder Backend 2020-05-01 10:33:32 -05:00
cinder-dellemc-unity-config.yaml flatten cinder service configuration 2019-01-18 08:55:26 -05:00
cinder-dellemc-vmax-iscsi-config.yaml Deprecating VMax Volume Config 2020-04-01 10:55:18 -05:00
cinder-dellemc-vnx-config.yaml flatten cinder service configuration 2019-01-18 08:55:26 -05:00
cinder-dellemc-vxflexos-config.yaml Deprecating VxFlex OS Cinder Config 2020-08-10 10:42:31 -05:00
cinder-dellemc-xtremio-config.yaml Support for Xtremio Cinder Backend 2020-05-01 10:22:12 -05:00
cinder-dellemc-xtremio-iscsi-config.yaml Deprecating Old Dell EMC Xtremio Iscsi Volume Config 2020-04-24 16:24:34 -05:00
cinder-dellsc-config.yaml Deprecating Old Dell SC Iscsi Volume Config 2020-04-24 16:26:13 -05:00
cinder-hpelefthand-config.yaml flatten cinder service configuration 2019-01-18 08:55:26 -05:00
cinder-iser.yaml Added support for pass-through iSER configuration 2016-09-23 09:51:41 -04:00
cinder-netapp-config.yaml Use container_file_t for Cinder*NfsMountOptions by default 2020-08-26 13:04:10 +02:00
cinder-nvmeof-config.yaml flatten cinder service configuration 2019-01-18 08:55:26 -05:00
cinder-pure-config.yaml Support deploying multiple Cinder Pure Storage backends 2019-09-13 07:36:42 -07:00
cinder-scaleio-config.yaml Deprecating Old ScaleIO Volume Config 2020-06-01 14:42:03 -05:00
cinder-volume-active-active.yaml Support cinder-volume running active-active 2019-03-04 14:58:51 -05:00
compute-instanceha.yaml Move compute-instanceha, neutron-ovn-dvr-ha to deployments 2019-05-30 20:37:36 +00:00
compute-real-time-example.yaml roles: Remove use of NovaVcpuPinSet from ComputeRealTime 2020-01-16 16:17:04 +00:00
computealt.yaml Remove all broken references to ./puppet/services 2020-08-06 08:50:51 +05:30
config-debug.yaml Deprecate EnablePaunch and remove Paunch support 2020-06-03 17:53:40 +00:00
container-image-prepare-debug.yaml Introduce ContainerImagePrepareDebug parameter 2019-02-14 09:06:33 -05:00
containerized-control-plane-dellemc-scaleio.yaml Containerized control plane with Dell EMC ScaleIO storage 2018-05-29 13:41:29 -04:00
dcn-hci.yaml Include copy-image for GlanceEnabledImportMethods for dcn-hci 2020-05-20 14:41:05 -04:00
dcn.yaml Include copy-image for GlanceEnabledImportMethods for dcn-hci 2020-05-20 14:41:05 -04:00
debug.yaml Add new environment for debug 2016-10-07 17:27:22 +00:00
deployed-server-deployed-neutron-ports.yaml Use static environment for deployed-server neutron mappings 2017-07-18 20:01:06 -04:00
deployed-server-environment.j2.yaml Default all roles for deployed-server to net-config-static-bridge 2020-01-20 12:24:56 -05:00
deployed-server-noop-ctlplane.yaml Add deployed server bootstrap to noop-ctlplane 2017-01-17 18:34:47 -05:00
designate-config-ha.yaml Split designate envs 2018-10-11 15:15:16 +00:00
designate-config.yaml Split designate envs 2018-10-11 15:15:16 +00:00
disable-paunch.yaml Deprecate EnablePaunch and remove Paunch support 2020-06-03 17:53:40 +00:00
disable-swift.yaml Introduce environments/disable-swift.yaml 2020-03-23 12:37:23 -04:00
disable-telemetry.yaml Disable legacy telemetry by default 2019-11-19 08:09:57 -05:00
docker-ha.yaml Deprecate EnablePaunch and remove Paunch support 2020-06-03 17:53:40 +00:00
docker-network.yaml container ovs-agent, ensure br-ex exists 2017-08-28 19:47:16 +00:00
enable-designate.yaml Merge "Trim whitespace in multi-line env descriptions" 2019-04-16 05:28:25 +00:00
enable-federation-openidc.yaml add support for enabling oauth in keystone openidc integration 2019-07-02 10:21:36 -03:00
enable-legacy-telemetry.yaml Remove ceph backend by default for gnocchi 2019-12-10 15:37:08 +01:00
enable-stf.yaml Disable presettled metrics 2020-06-11 15:26:24 -04:00
enable-swap-partition.yaml Fix for AllNodesExtraConfig and fix environment files to create swap files/partitions 2017-01-16 15:47:50 +01:00
enable-swap.yaml Fix for AllNodesExtraConfig and fix environment files to create swap files/partitions 2017-01-16 15:47:50 +01:00
enable_tempest.yaml move tempest to deployment 2019-03-21 07:29:46 -04:00
external-loadbalancer-vip-v6-all.yaml Disable haproxy when using external LB 2019-11-05 07:36:12 +10:00
external-loadbalancer-vip-v6.yaml Disable haproxy when using external LB 2019-11-05 07:36:12 +10:00
external-loadbalancer-vip.yaml Disable haproxy when using external LB 2019-11-05 07:36:12 +10:00
fixed-ip-vips-v6.yaml Give the OVN DBS service a separate Vip 2019-09-23 13:05:39 +00:00
fixed-ip-vips.yaml Give the OVN DBS service a separate Vip 2019-09-23 13:05:39 +00:00
horizon_password_validation.yaml Fix a spelling mistake 2018-09-15 14:42:07 +08:00
hyperconverged-ceph.yaml Switch to Podman by default 2020-03-18 09:27:36 -04:00
ips-from-pool-all.yaml Drop resource registry override in ip-from-pool 2020-03-12 18:44:44 +00:00
ips-from-pool-ctlplane.yaml Remove invalid comment in ips-from-pool-ctlplane 2018-12-10 10:14:27 -05:00
ips-from-pool.yaml Drop resource registry override in ip-from-pool 2020-03-12 18:44:44 +00:00
ipsec.yaml Remove extraconfig/services directory 2019-07-18 14:44:14 -04:00
logging-environment-rsyslog.yaml Rsyslog composable service 2019-07-18 15:41:28 +00:00
login-defs.yaml Use login-defs role from tripleo-ansible in sc004 2019-08-10 13:25:16 +03:00
low-memory-usage.yaml Remove deprecated Manila PGNum parameters 2020-08-21 13:26:46 -04:00
manila-cephfsganesha-config.yaml Allow for configuration of the Manila CephFS backend with a remote Ceph 2019-07-19 08:31:02 +00:00
manila-cephfsnative-config.yaml Move Manila backends into deployment 2019-04-22 08:44:39 -04:00
manila-isilon-config.yaml Move Manila backends into deployment 2019-04-22 08:44:39 -04:00
manila-netapp-config.yaml Fix netapp deployment manifest 2019-05-30 16:03:55 -04:00
manila-unity-config.yaml Move Manila backends into deployment 2019-04-22 08:44:39 -04:00
manila-vmax-config.yaml Move Manila backends into deployment 2019-04-22 08:44:39 -04:00
manila-vnx-config.yaml Move Manila backends into deployment 2019-04-22 08:44:39 -04:00
multipathd.yaml Use multipath in nova when multipathd is enabled 2020-03-26 23:32:46 +09:00
net-2-linux-bonds-with-vlans.j2.yaml Fix comments in environments/net-* network configuration envs 2019-04-01 17:12:28 -07:00
net-bond-with-vlans-no-external.j2.yaml Fix comments in environments/net-* network configuration envs 2019-04-01 17:12:28 -07:00
net-bond-with-vlans.j2.yaml Remove legacy controller-v6.yaml NIC config templates 2019-07-26 14:07:29 -04:00
net-dpdkbond-with-vlans.j2.yaml Fix comments in environments/net-* network configuration envs 2019-04-01 17:12:28 -07:00
net-multiple-nics-vlans.j2.yaml Add a version of the multiple-nics templates with tagged VLANs 2019-11-15 13:12:29 -08:00
net-multiple-nics.j2.yaml Remove legacy controller-v6.yaml NIC config templates 2019-07-26 14:07:29 -04:00
net-noop.j2.yaml Add environments/net-noop.yaml 2018-06-12 21:52:39 +00:00
net-single-nic-linux-bridge-with-vlans.j2.yaml Fix comments in environments/net-* network configuration envs 2019-04-01 17:12:28 -07:00
net-single-nic-with-vlans-no-external.j2.yaml Fix comments in environments/net-* network configuration envs 2019-04-01 17:12:28 -07:00
net-single-nic-with-vlans.j2.yaml Remove legacy controller-v6.yaml NIC config templates 2019-07-26 14:07:29 -04:00
network-environment-v6-all.j2.yaml Deprecate service ipv6 params 2020-05-12 07:25:11 +00:00
network-environment-v6.j2.yaml Fix TenantInterfaceDefaultRoute in net-env-v6 2020-03-13 00:40:04 +00:00
network-environment.j2.yaml Change vxlan to geneve for network environment files 2019-02-20 16:59:12 -03:30
network-isolation-no-tunneling.j2.yaml Give the OVN DBS service a separate Vip 2019-09-23 13:05:39 +00:00
network-isolation-v6-all.j2.yaml Deprecate service ipv6 params 2020-05-12 07:25:11 +00:00
network-isolation-v6.j2.yaml Deprecate service ipv6 params 2020-05-12 07:25:11 +00:00
network-isolation.j2.yaml Give the OVN DBS service a separate Vip 2019-09-23 13:05:39 +00:00
network-management-v6.yaml Fix networking settings for ObjectStorage role 2017-10-25 20:57:17 +02:00
network-management.yaml Fix networking settings for ObjectStorage role 2017-10-25 20:57:17 +02:00
networks-disable.j2.yaml Environment to disable Neutron networks 2018-01-24 20:59:14 -05:00
neutron-bgpvpn-bagpipe.yaml step3: flatten the neutron service configurations 2019-02-27 15:17:32 -05:00
neutron-bgpvpn.yaml step3: flatten the neutron service configurations 2019-02-27 15:17:32 -05:00
neutron-l2gw.yaml step3: flatten the neutron service configurations 2019-02-27 15:17:32 -05:00
neutron-linuxbridge.yaml Move neutron base, plugins to deployment 2019-05-13 10:05:46 -04:00
neutron-ml2-ansible.yaml Sync neutron-ml2-ansible.yaml files 2020-02-26 16:38:51 -03:30
neutron-ml2-bigswitch.yaml Move neutron base, plugins to deployment 2019-05-13 10:05:46 -04:00
neutron-ml2-cisco-vts.yaml Add cisco VTS ML2 template for a dockerized service and default environment settings 2018-02-20 21:11:19 +01:00
neutron-ml2-mlnx-sdn.yaml Added the ability to disable Mellanox SDN sync 2019-11-07 14:55:10 +02:00
neutron-ml2-vpp.yaml Move vpp, and veritas-hyperscale into deployment 2019-05-30 20:37:33 +00:00
neutron-nsx.yaml Remove Neutron LBaaS 2019-06-04 15:12:38 +02:00
neutron-nuage-config.yaml Parameterizing Puppet Tags 2018-04-23 21:24:52 -04:00
neutron-ovs-dvr.yaml Resolve FIXME for NeutronServer mapping 2019-11-14 11:28:41 -05:00
neutron-sfc.yaml step5: flatten the neutron service configurations 2019-02-28 10:24:51 -05:00
nonha-arch.yaml Deprecate Keepalived service 2020-05-05 10:16:52 -04:00
noop-deploy-steps.yaml Add noop-deploy-steps.yaml environment 2017-11-22 18:48:21 +00:00
nova-api-policy.yaml Allow to configure policy.json for OpenStack projects 2017-03-28 22:21:28 +00:00
nova-az-config.yaml Add OS::TripleO::NovaAZConfig 2019-04-15 17:46:22 -04:00
nova-nuage-config.yaml Remove Nova parameters that are no longer used 2020-03-28 22:07:33 +01:00
nsx-config.yaml step5: flatten the neutron service configurations 2019-02-28 10:24:51 -05:00
overcloud-baremetal.j2.yaml Consistent hostname format env for split-stack 2017-07-24 14:42:28 -04:00
overcloud-services.yaml Consistent hostname format env for split-stack 2017-07-24 14:42:28 -04:00
overcloud-steps.yaml
ovs-hw-offload.yaml Remove usage of RetryFilter 2020-08-28 21:06:30 +05:30
podman.yaml Disable docker template in podman env 2019-08-14 19:38:06 +03:00
public-tls-undercloud.yaml Add new parameter PublicTLSCACert 2020-06-25 09:31:00 -04:00
puppet-tenant-vlan.yaml Remove NeutronEnableTunnelling from templates 2016-08-12 20:46:38 -02:30
rhsm.yaml rhsm: add rhsm_release in environment for doc purpose 2020-05-22 19:03:10 +00:00
securetty.yaml Configure securetty using tripleo-ansible 2019-09-04 01:22:40 +00:00
split-stack-consistent-hostname-format.j2.yaml Consistent hostname format env for split-stack 2017-07-24 14:42:28 -04:00
sshd-banner.yaml SSHD Service extensions 2017-04-19 18:03:02 +01:00
stdout-logging.yaml Move glance logging templates to logging directory 2020-02-25 22:36:57 +09:00
storage-environment-external.yaml Disable legacy telemetry by default 2019-11-19 08:09:57 -05:00
storage-environment.yaml Use container_file_t for Cinder*NfsMountOptions by default 2020-08-26 13:04:10 +02:00
swift-external.yaml swift-external: deprecate External*Url 2019-12-09 18:19:51 -05:00
tripleo-validations.yaml Use tripleo-validations-package role instead of puppet 2019-08-26 08:56:35 +00:00
tuned-ceph-filestore-hci.yaml Add TunedCustomProfile parameter and HCI Ceph filestore environment 2018-12-10 22:26:06 +00:00
undercloud-disable-nova.yaml Revert "Revert "Fixes for deploying nova-less undercloud"" 2019-09-02 01:38:30 +00:00
undercloud.yaml Remove usage of RetryFilter 2020-08-28 21:06:30 +05:30
use-dns-for-vips.yaml Stop using puppet to configure VIPs in /etc/hosts 2016-11-27 13:20:33 -05:00

README.md

This directory contains Heat environment file snippets which can be used to enable features in the Overcloud.

Configuration

These can be enabled using the -e [path to environment yaml] option with heatclient.

Below is an example of how to enable the Ceph template using devtest_overcloud.sh:

export OVERCLOUD\_CUSTOM\_HEAT\_ENV=$TRIPLEO\_ROOT/tripleo-heat-templates/environments/ceph_devel.yaml