97b12afbad
This is a first implementation of adding TLS termination to the load balancer in the controllers. The implementation was made so that the appropriate certificate/private key in PEM format is copied to the appropriate controller(s) via a software deployment resource. And the path is then referenced on the HAProxy configuration, but this part was left commented out because we need to be able to configure the keystone endpoints in order for this to work properly. Change-Id: I0ba8e38d75a0c628d8132a66dc25a30fc5183c79
102 lines
5.3 KiB
YAML
102 lines
5.3 KiB
YAML
resource_registry:
|
|
OS::TripleO::BlockStorage: puppet/cinder-storage.yaml
|
|
OS::TripleO::BlockStorage::Net::SoftwareConfig: net-config-noop.yaml
|
|
OS::TripleO::Compute: puppet/compute.yaml
|
|
OS::TripleO::Compute::Net::SoftwareConfig: net-config-noop.yaml
|
|
OS::TripleO::SoftwareDeployment: OS::Heat::StructuredDeployment
|
|
OS::TripleO::Controller: puppet/controller.yaml
|
|
OS::TripleO::Controller::Net::SoftwareConfig: net-config-bridge.yaml
|
|
OS::TripleO::ObjectStorage: puppet/swift-storage.yaml
|
|
OS::TripleO::ObjectStorage::Net::SoftwareConfig: net-config-noop.yaml
|
|
OS::TripleO::CephStorage: puppet/ceph-storage.yaml
|
|
OS::TripleO::CephStorage::Net::SoftwareConfig: net-config-noop.yaml
|
|
OS::TripleO::ControllerPostDeployment: puppet/controller-post.yaml
|
|
# set to controller-config-pacemaker.yaml to enable pacemaker
|
|
OS::TripleO::ControllerConfig: puppet/controller-config.yaml
|
|
OS::TripleO::ComputePostDeployment: puppet/compute-post.yaml
|
|
OS::TripleO::ObjectStoragePostDeployment: puppet/swift-storage-post.yaml
|
|
OS::TripleO::BlockStoragePostDeployment: puppet/cinder-storage-post.yaml
|
|
OS::TripleO::CephStoragePostDeployment: puppet/ceph-storage-post.yaml
|
|
OS::TripleO::SwiftDevicesAndProxy::SoftwareConfig: puppet/swift-devices-and-proxy-config.yaml
|
|
OS::TripleO::CephClusterConfig::SoftwareConfig: puppet/ceph-cluster-config.yaml
|
|
OS::TripleO::AllNodes::SoftwareConfig: puppet/all-nodes-config.yaml
|
|
OS::TripleO::BootstrapNode::SoftwareConfig: puppet/bootstrap-config.yaml
|
|
OS::TripleO::Tasks::PackageUpdate: extraconfig/tasks/yum_update.yaml
|
|
|
|
# This creates the "heat-admin" user for all OS images by default
|
|
# To disable, replace with firstboot/userdata_default.yaml
|
|
OS::TripleO::NodeAdminUserData: firstboot/userdata_heat_admin.yaml
|
|
|
|
# Hooks for operator extra config
|
|
# NodeUserData == Cloud-init additional user-data, e.g cloud-config
|
|
# ControllerExtraConfigPre == Controller configuration pre service deployment
|
|
# NodeExtraConfig == All nodes configuration pre service deployment
|
|
# NodeExtraConfigPost == All nodes configuration post service deployment
|
|
OS::TripleO::NodeUserData: firstboot/userdata_default.yaml
|
|
OS::TripleO::NodeTLSData: puppet/extraconfig/tls/no-tls.yaml
|
|
OS::TripleO::ControllerExtraConfigPre: puppet/extraconfig/pre_deploy/default.yaml
|
|
OS::TripleO::ComputeExtraConfigPre: puppet/extraconfig/pre_deploy/default.yaml
|
|
OS::TripleO::CephStorageExtraConfigPre: puppet/extraconfig/pre_deploy/default.yaml
|
|
OS::TripleO::NodeExtraConfig: puppet/extraconfig/pre_deploy/default.yaml
|
|
OS::TripleO::NodeExtraConfigPost: extraconfig/post_deploy/default.yaml
|
|
|
|
# "AllNodes" Extra cluster config, runs on all nodes prior to the post_deploy
|
|
# phase, e.g when puppet is applied, but after the pre_deploy phase. Useful when
|
|
# configuration with knowledge of all nodes in the cluster is required vs single
|
|
# node configuration in the pre_deploy step.
|
|
OS::TripleO::AllNodesExtraConfig: extraconfig/all_nodes/default.yaml
|
|
|
|
# TripleO overcloud networks
|
|
OS::TripleO::Network: network/networks.yaml
|
|
OS::TripleO::VipConfig: puppet/vip-config.yaml
|
|
|
|
|
|
OS::TripleO::Network::External: network/noop.yaml
|
|
OS::TripleO::Network::InternalApi: network/noop.yaml
|
|
OS::TripleO::Network::StorageMgmt: network/noop.yaml
|
|
OS::TripleO::Network::Storage: network/noop.yaml
|
|
OS::TripleO::Network::Tenant: network/noop.yaml
|
|
|
|
OS::TripleO::Network::Ports::NetIpMap: network/ports/net_ip_map.yaml
|
|
OS::TripleO::Network::Ports::NetIpSubnetMap: network/ports/net_ip_subnet_map.yaml
|
|
OS::TripleO::Network::Ports::NetIpListMap: network/ports/net_ip_list_map.yaml
|
|
|
|
# Port assignments for the controller role
|
|
OS::TripleO::Controller::Ports::ExternalPort: network/ports/noop.yaml
|
|
OS::TripleO::Controller::Ports::InternalApiPort: network/ports/noop.yaml
|
|
OS::TripleO::Controller::Ports::StoragePort: network/ports/noop.yaml
|
|
OS::TripleO::Controller::Ports::StorageMgmtPort: network/ports/noop.yaml
|
|
OS::TripleO::Controller::Ports::TenantPort: network/ports/noop.yaml
|
|
|
|
# Port assignments for the compute role
|
|
OS::TripleO::Compute::Ports::InternalApiPort: network/ports/noop.yaml
|
|
OS::TripleO::Compute::Ports::StoragePort: network/ports/noop.yaml
|
|
OS::TripleO::Compute::Ports::TenantPort: network/ports/noop.yaml
|
|
|
|
# Port assignments for the ceph storage role
|
|
OS::TripleO::CephStorage::Ports::StoragePort: network/ports/noop.yaml
|
|
OS::TripleO::CephStorage::Ports::StorageMgmtPort: network/ports/noop.yaml
|
|
|
|
# Port assignments for the swift storage role
|
|
OS::TripleO::SwiftStorage::Ports::InternalApiPort: network/ports/noop.yaml
|
|
OS::TripleO::SwiftStorage::Ports::StoragePort: network/ports/noop.yaml
|
|
OS::TripleO::SwiftStorage::Ports::StorageMgmtPort: network/ports/noop.yaml
|
|
|
|
# Port assignments for the block storage role
|
|
OS::TripleO::BlockStorage::Ports::InternalApiPort: network/ports/noop.yaml
|
|
OS::TripleO::BlockStorage::Ports::StoragePort: network/ports/noop.yaml
|
|
OS::TripleO::BlockStorage::Ports::StorageMgmtPort: network/ports/noop.yaml
|
|
|
|
# Port assignments for service virtual IPs for the controller role
|
|
OS::TripleO::Controller::Ports::RedisVipPort: network/ports/ctlplane_vip.yaml
|
|
|
|
# Service Endpoint Mappings
|
|
OS::TripleO::Endpoint: network/endpoints/endpoint.yaml
|
|
OS::TripleO::EndpointMap: network/endpoints/endpoint_map.yaml
|
|
|
|
# validation resources
|
|
OS::TripleO::AllNodes::Validation: all-nodes-validation.yaml
|
|
|
|
parameter_defaults:
|
|
EnablePackageInstall: false
|