6a3ad6fa45
This change updates capabilities-map.yaml to properly map existing environments Closes-Bug: 1708159 Change-Id: I4104b6b59b3e9b19a06cdc233dae4f68fe033580
603 lines
25 KiB
YAML
603 lines
25 KiB
YAML
# This file holds metadata about the capabilities of the tripleo-heat-templates
|
|
# repository for deployment using puppet. It groups configuration by topic,
|
|
# describes possible combinations of environments and resource capabilities.
|
|
|
|
# topics:
|
|
# High Level grouping by purpose of environments
|
|
# Attributes:
|
|
# title: (required)
|
|
# description: (optional)
|
|
# environment_groups: (required)
|
|
|
|
# environment_groups:
|
|
# Identifies a group of environments.
|
|
# Attributes:
|
|
# title: (optional)
|
|
# description: (optional)
|
|
# tags: a list of tags to provide additional information for e.g. filtering (optional)
|
|
# environments: (required)
|
|
# mutually_exclusive: (optional) boolean to identify that environments in group are mutually exclusive
|
|
|
|
# environments:
|
|
# List of environments in environment group
|
|
# Attributes:
|
|
# file: a file name including path within repository (required)
|
|
# title: (required)
|
|
# description: (optional)
|
|
# requires: an array of environments which are required by this environment (optional)
|
|
|
|
topics:
|
|
- title: General Deployment Options
|
|
description:
|
|
environment_groups:
|
|
- name: general-deployment-options
|
|
title:
|
|
description: Enables base configuration for all resources required for OpenStack Deployment
|
|
environments:
|
|
- file: overcloud-resource-registry-puppet.yaml
|
|
title: Base resources configuration
|
|
description:
|
|
- title: Containerized Deployment
|
|
description: >
|
|
Configures Deployment to use containerized services
|
|
environments:
|
|
- file: environments/docker.yaml
|
|
title: Containerized Deployment
|
|
description:
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- title: High Availability
|
|
description: Enables configuration of an Overcloud Controller with Pacemaker
|
|
environments:
|
|
- file: environments/puppet-pacemaker.yaml
|
|
title: High Availability (Pacemaker)
|
|
description:
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
|
|
- title: Network Configuration
|
|
description:
|
|
environment_groups:
|
|
- title: Network Isolation
|
|
description:
|
|
environments:
|
|
- file: environments/network-isolation.yaml
|
|
title: Network Isolation
|
|
description: >
|
|
Enable the creation of Neutron networks for
|
|
isolated Overcloud traffic and configure each role to assign ports
|
|
(related to that role) on these networks.
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- file: environments/network-isolation-v6.yaml
|
|
title: Network Isolation IPv6
|
|
description: >
|
|
Enable the creation of IPv6 Neutron networks for isolated Overcloud
|
|
traffic and configure each role to assign ports (related
|
|
to that role) on these networks.
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
mutually_exclusive: true
|
|
- title: NICs, Bonding, VLANs Configuration
|
|
description: >
|
|
Choose one of the pre-defined configurations or provide custom
|
|
network-environment.yaml instead. Note that pre-defined configuration work
|
|
only with standard Roles and Networks. These options assume use of Network Isolation.
|
|
environments:
|
|
- file: environments/net-bond-with-vlans.yaml
|
|
title: Bond with Vlans
|
|
description: >
|
|
Configure each role to use a pair of bonded nics (nic2 and
|
|
nic3) and configures an IP address on each relevant isolated network
|
|
for each role. This option assumes use of Network Isolation.
|
|
requires:
|
|
- environments/network-isolation.yaml
|
|
- file: environments/net-bond-with-vlans-no-external.yaml
|
|
title: Bond with Vlans No External Ports
|
|
description: >
|
|
Configure each role to use a pair of bonded nics (nic2 and
|
|
nic3) and configures an IP address on each relevant isolated network
|
|
for each role. This option assumes use of Network Isolation.
|
|
Sets external ports to noop.
|
|
requires:
|
|
- environments/network-isolation.yaml
|
|
- file: environments/net-bond-with-vlans-v6.yaml
|
|
title: Bond with Vlans IPv6
|
|
description: >
|
|
Configure each role to use a pair of bonded nics (nic2 and
|
|
nic3) and configures an IP address on each relevant isolated network
|
|
for each role, with IPv6 on the External network.
|
|
This option assumes use of Network Isolation IPv6.
|
|
requires:
|
|
- environments/network-isolation-v6.yaml
|
|
- file: environments/net-multiple-nics.yaml
|
|
title: Multiple NICs
|
|
description: >
|
|
Configures each role to use a separate NIC for
|
|
each isolated network.
|
|
This option assumes use of Network Isolation.
|
|
requires:
|
|
- environments/network-isolation.yaml
|
|
- file: environments/net-multiple-nics-v6.yaml
|
|
title: Multiple NICs IPv6
|
|
description: >
|
|
Configure each role to use a separate NIC for
|
|
each isolated network with IPv6 on the External network.
|
|
This option assumes use of Network Isolation IPv6.
|
|
requires:
|
|
- environments/network-isolation-v6.yaml
|
|
- file: environments/net-single-nic-with-vlans.yaml
|
|
title: Single NIC with Vlans
|
|
description: >
|
|
Configure each role to use Vlans on a single NIC for
|
|
each isolated network. This option assumes use of Network Isolation.
|
|
requires:
|
|
- environments/network-isolation.yaml
|
|
- file: environments/net-single-nic-with-vlans-no-external.yaml
|
|
title: Single NIC with Vlans No External Ports
|
|
description: >
|
|
Configure each role to use Vlans on a single NIC for
|
|
each isolated network. This option assumes use of Network Isolation.
|
|
Sets external ports to noop.
|
|
requires:
|
|
- environments/network-isolation.yaml
|
|
- file: environments/net-single-nic-linux-bridge-with-vlans.yaml
|
|
title: Single NIC with Linux Bridge Vlans
|
|
description: >
|
|
Configure each role to use Vlans on a single NIC for
|
|
each isolated network. This option assumes use of Network Isolation.
|
|
requires:
|
|
- environments/network-isolation.yaml
|
|
- file: environments/net-single-nic-with-vlans-v6.yaml
|
|
title: Single NIC with Vlans IPv6
|
|
description: >
|
|
Configures each role to use Vlans on a single NIC for
|
|
each isolated network with IPv6 on the External network.
|
|
This option assumes use of Network Isolation IPv6
|
|
requires:
|
|
- environments/network-isolation-v6.yaml
|
|
mutually_exclusive: true
|
|
- title: Management Network
|
|
description: >
|
|
Enable the creation of a system management network. This
|
|
creates a Neutron network for isolated Overcloud
|
|
system management traffic and configures each role to
|
|
assign a port (related to that role) on that network.
|
|
environments:
|
|
- file: environments/network-management.yaml
|
|
title: Management Network
|
|
description:
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- file: environments/network-management-v6.yaml
|
|
title: Management Network IPv6
|
|
description:
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
mutually_exclusive: true
|
|
|
|
- title: Docker Network
|
|
description: >
|
|
[Temporary] Use this option when deploying containerized deployment
|
|
without network isolation
|
|
environments:
|
|
- file: environments/docker-network.yaml
|
|
title: Docker network
|
|
description:
|
|
requires:
|
|
- environments/docker.yaml
|
|
|
|
- title: External load balancer
|
|
description: >
|
|
Enable external load balancer, requires network Isolation to be enabled.
|
|
Note that this option assumes standard isolated networks set.
|
|
environments:
|
|
- file: environments/external-loadbalancer-vip.yaml
|
|
title: External load balancer IPv4
|
|
description: >
|
|
requires:
|
|
- environments/network-isolation.yaml
|
|
- file: environments/external-loadbalancer-vip-v6.yaml
|
|
title: External load balancer IPv6
|
|
description: >
|
|
requires:
|
|
- environments/network-isolation-v6.yaml
|
|
mutually_exclusive: true
|
|
|
|
- title: Neutron Plugin Configuration
|
|
description:
|
|
environment_groups:
|
|
- title: Neutron Plugins
|
|
description: >
|
|
Enable various Neutron plugins and backends
|
|
environments:
|
|
- file: environments/neutron-bgpvpn.yaml
|
|
title: Neutron BGPVPN Service Plugin
|
|
description: Enables Neutron BGPVPN Service Plugin
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- file: environments/services/neutron-lbaasv2.yaml
|
|
title: Neutron LBaaSv2 Service Plugin
|
|
description: Enables Neutron LBaaSv2 Service Plugin and Agent
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- file: environments/neutron-ml2-bigswitch.yaml
|
|
title: BigSwitch Extensions
|
|
description: >
|
|
Enable Big Switch extensions, configured via puppet
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- file: environments/neutron-ml2-cisco-n1kv.yaml
|
|
title: Cisco N1KV backend
|
|
description: >
|
|
Enable a Cisco N1KV backend, configured via puppet
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- file: environments/neutron-ml2-cisco-nexus-ucsm.yaml
|
|
title: Cisco Neutron plugin
|
|
description:
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- file: environments/networking/neutron-midonet.yaml
|
|
title: Neutron MidoNet Services
|
|
description:
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- file: environments/neutron-nuage-config.yaml
|
|
title: Neutron Nuage backend
|
|
description: Enables Neutron Nuage backend on the controller
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- file: environments/neutron-opendaylight.yaml
|
|
title: OpenDaylight
|
|
description: Enables OpenDaylight
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- file: environments/neutron-ovs-dpdk.yaml
|
|
title: DPDK with OVS
|
|
description: Deploy DPDK with OVS
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- file: environments/neutron-ovs-dvr.yaml
|
|
title: DVR
|
|
description: Enables DVR in the Overcloud
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- file: environments/neutron-plumgrid.yaml
|
|
title: PLUMgrid extensions
|
|
description: Enables PLUMgrid extensions
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- file: environments/neutron-ml2-fujitsu-cfab.yaml
|
|
title: Fujitsu Neutron plugin for C-Fabric
|
|
description: Enable C-Fabric in the overcloud
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- file: environments/neutron-ml2-fujitsu-fossw.yaml
|
|
title: Fujitsu Neutron plugin for FOS
|
|
description: Enable FOS in the overcloud
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- file: environments/neutron-nsx.yaml
|
|
title: Deploy NSX Services
|
|
description:
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- file: environments/neutron-l2gw.yaml
|
|
title: Neutron L2 gateway Service Plugin
|
|
description: Enables Neutron L2 gateway Service Plugin and Agent
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
|
|
- title: Storage
|
|
description:
|
|
environment_groups:
|
|
- title: Cinder backends
|
|
description: >
|
|
Enable various Cinder backends
|
|
environments:
|
|
- file: environments/cinder-pure-config.yaml
|
|
title: Cinder Pure Storage FlashArray backend
|
|
description:
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- file: environments/storage/cinder-netapp-config.yaml
|
|
title: Cinder NetApp backend
|
|
description:
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- file: environments/cinder-dellsc-config.yaml
|
|
title: Cinder Dell EMC Storage Center ISCSI backend
|
|
description: >
|
|
Enables a Cinder Dell EMC Storage Center ISCSI backend
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- file: environments/cinder-hpelefthand-config.yaml
|
|
title: Cinder HPELeftHandISCSI backend
|
|
description: >
|
|
Enables a Cinder HPELeftHandISCSI backend
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- file: environments/cinder-dellps-config.yaml
|
|
title: Cinder Dell EMC PS Series backend
|
|
description: >
|
|
Enables a Cinder Dell EMC PS Series backend
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- file: environments/cinder-iser.yaml
|
|
title: Cinder iSER backend
|
|
description: >
|
|
Enable a Cinder iSER RDMA backend, configured via puppet
|
|
- file: environments/cinder-scaleio-config.yaml
|
|
title: Cinder Dell EMC ScaleIO backend
|
|
description: >
|
|
Enables a Cinder Dell EMC ScaleIO backend
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- file: environments/cinder-veritas-hyperscale-config.yaml
|
|
title: Cinder Veritas HyperScale backend
|
|
description: >
|
|
Enables a Cinder Veritas HyperScale backend,
|
|
configured via puppet
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- title: Cinder backup service
|
|
description:
|
|
environments:
|
|
- file: environments/cinder-backup.yaml
|
|
title: Cinder backup service
|
|
description: >
|
|
OpenStack Cinder Backup service with Pacemaker
|
|
requires:
|
|
- environments/puppet-pacemaker.yaml
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- title: Ceph
|
|
description: >
|
|
Enable the use of Ceph in the overcloud
|
|
environments:
|
|
- file: environments/puppet-ceph.yaml
|
|
title: Ceph Storage Backend
|
|
description: >
|
|
Deploys a Ceph cluster via TripleO, requires at lease one CephStorage node or
|
|
use of hyperconverged-ceph.yaml environment for the HCI scenario, where CephOSD is
|
|
colocated with NovaCompute and configures the overcloud to use it, via RBD driver.
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- file: environments/storage/external-ceph.yaml
|
|
title: Externally managed Ceph
|
|
description: >
|
|
Configures the overcloud to use an externally managed Ceph cluster, via RBD driver.
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
mutually_exclusive: true
|
|
- title: Additional Ceph Options
|
|
description:
|
|
environments:
|
|
- file: environments/services/ceph-mds.yaml
|
|
title: Deploys CephMDS
|
|
description: >
|
|
Deploys CephMDS via TripleO, an additional Ceph service needed to create shared
|
|
filesystems hosted in Ceph.
|
|
requires:
|
|
- environments/puppet-ceph.yaml
|
|
- file: environments/ceph-radosgw.yaml
|
|
title: Ceph Rados Gateway
|
|
description: >
|
|
Deploys CephRGW via TripleO, transparently replaces Swift providing a compatible API
|
|
which stores data in the Ceph cluster.
|
|
requires:
|
|
- environments/puppet-ceph.yaml
|
|
- file: environments/manila-cephfsnative-config.yaml
|
|
title: Manila with CephFS
|
|
description: >
|
|
Deploys Manila and configures it with the CephFS driver. This requires the deployment of
|
|
Ceph and CephMDS from TripleO or the use of an external Ceph cluster for the overcloud.
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- title: Glance backends
|
|
description:
|
|
environments:
|
|
- file: environments/storage/glance-nfs.yaml
|
|
title: Glance NFS Backend
|
|
description: |
|
|
Configure and enable this option to enable the use of an NFS
|
|
share as the backend for Glance.
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
|
|
|
|
- title: Security
|
|
description: Security Hardening Options
|
|
environment_groups:
|
|
- title: TLS
|
|
description:
|
|
environments:
|
|
- file: environments/ssl/enable-tls.yaml
|
|
title: SSL on OpenStack Public Endpoints
|
|
description: >
|
|
Use this option to pass in certificates for SSL deployments.
|
|
For these values to take effect, one of the TLS endpoints
|
|
options must also be used.
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- title: TLS Endpoints
|
|
description:
|
|
environments:
|
|
- file: environments/ssl/tls-endpoints-public-dns.yaml
|
|
title: SSL-enabled deployment with DNS name as public endpoint
|
|
description: >
|
|
Use this option when deploying an SSL-enabled overcloud where the public
|
|
endpoint is a DNS name.
|
|
requires:
|
|
- environments/ssl/enable-tls.yaml
|
|
- file: environments/ssl/tls-everywhere-endpoints-dns.yaml
|
|
title: Deploy All SSL Endpoints as DNS names
|
|
description: >
|
|
Use this option when deploying an overcloud where all the endpoints are
|
|
DNS names and there's TLS in all endpoint types.
|
|
requires:
|
|
- environments/ssl/enable-tls.yaml
|
|
- file: environments/ssl/tls-endpoints-public-ip.yaml
|
|
title: SSL-enabled deployment with IP address as public endpoint
|
|
description: >
|
|
Use this option when deploying an SSL-enabled overcloud where the public
|
|
endpoint is an IP address.
|
|
requires:
|
|
- environments/ssl/enable-tls.yaml
|
|
mutually_exclusive: true
|
|
- title: SSH Banner Text
|
|
description: Enables population of SSH Banner Text
|
|
environments:
|
|
- file: environments/sshd-banner.yaml
|
|
title: SSH Banner Text
|
|
description:
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- title: Horizon Password Validation
|
|
description: Enable Horizon Password validation
|
|
environments:
|
|
- file: environments/horizon_password_validation.yaml
|
|
title: Horizon Password Validation
|
|
description:
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- title: AuditD Rules
|
|
description: Management of AuditD rules
|
|
environments:
|
|
- file: environments/auditd.yaml
|
|
title: AuditD Rule Management
|
|
description:
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- title: Keystone CADF auditing
|
|
description: Enable CADF notifications in Keystone for auditing
|
|
environments:
|
|
- file: environments/cadf.yaml
|
|
title: Keystone CADF auditing
|
|
- title: SecureTTY Values
|
|
description: Set values within /etc/securetty
|
|
environments:
|
|
- file: environments/securetty.yaml
|
|
title: SecureTTY Values
|
|
|
|
- title: Additional Services
|
|
description:
|
|
environment_groups:
|
|
- title:
|
|
description: Deploy additional services
|
|
environments:
|
|
- file: environments/services/manila-generic-config.yaml
|
|
title: Barbican
|
|
description: Enable Barbican with the default secret store backend
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- file: environments/manila-generic-config.yaml
|
|
title: Manila
|
|
description: Enable Manila with generic driver backend
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- file: environments/services/sahara.yaml
|
|
title: Sahara
|
|
description: Deploy Sahara service
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- file: environments/services/ironic.yaml
|
|
title: Ironic
|
|
description: Deploy Ironic service
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- file: environments/services/mistral.yaml
|
|
title: Mistral
|
|
description: Deploy Mistral service
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- file: environments/services/ec2-api.yaml
|
|
title: EC2 API
|
|
description: Enable EC2-API service
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- file: environments/services/zaqar.yaml
|
|
title: Zaqar
|
|
description: Deploy Zaqar service
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
|
|
- title: Nova Extensions
|
|
description:
|
|
environment_groups:
|
|
- title: Nova Extensions
|
|
description:
|
|
environments:
|
|
- file: environments/nova-nuage-config.yaml
|
|
title: Nuage backend
|
|
description: >
|
|
Enables Nuage backend on the Compute
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
|
|
- title: Operational Tools
|
|
description:
|
|
environment_groups:
|
|
- title: Monitoring agents
|
|
description: Enable monitoring agents
|
|
environments:
|
|
- file: environments/monitoring-environment.yaml
|
|
title: Monitoring agents
|
|
description:
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- title: Centralized logging support
|
|
description: Enable centralized logging clients (fluentd)
|
|
environments:
|
|
- file: environments/logging-environment.yaml
|
|
title: fluentd client
|
|
description:
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- title: Performance monitoring
|
|
description: Enable performance monitoring agents
|
|
environments:
|
|
- file: environments/collectd-environment.yaml
|
|
title: Performance monitoring agents
|
|
description:
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
|
|
- title: Utilities
|
|
description:
|
|
environment_groups:
|
|
- title: Config Debug
|
|
description: Enable config management (e.g. Puppet) debugging
|
|
environments:
|
|
- file: environments/config-debug.yaml
|
|
title: Config Debug
|
|
description:
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- title: Disable journal in MongoDb
|
|
description: >
|
|
Since, when journaling is enabled, MongoDb will create big journal
|
|
file it can take time. In a CI environment for example journaling is
|
|
not necessary.
|
|
environments:
|
|
- file: environments/mongodb-nojournal.yaml
|
|
title: Disable journal in MongoDb
|
|
description:
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|
|
- title: Overcloud Steps
|
|
description: >
|
|
Specifies hooks/breakpoints where overcloud deployment should stop
|
|
Allows operator validation between steps, and/or more granular control.
|
|
Note: the wildcards relate to naming convention for some resource suffixes,
|
|
e.g see puppet/*-post.yaml, enabling this will mean we wait for
|
|
a user signal on every *Deployment_StepN resource defined in those files.
|
|
tags:
|
|
- no-gui
|
|
environments:
|
|
- file: environments/overcloud-steps.yaml
|
|
title: Overcloud Steps
|
|
description:
|
|
requires:
|
|
- overcloud-resource-registry-puppet.yaml
|