8cc6d0bf9d
This option is set to true by default in Neutron but it should be
disabled in case when OVN backend is used.
It should be enabled only when "traditional" dhcp agents are used in
Neutron.
As OVN is default Neutron backend in the Tripleo, this patch sets
DhcpAgentNotification option to be False by default and enables it only
when neutron-dhcp-agent is going to be deployed.
Closes-Bug: #1937035
Change-Id: I5f8ad32a9fa888dec6b26c0185f8b506521bd6e3
(cherry picked from commit 79e24494bf
)
187 lines
8.8 KiB
YAML
187 lines
8.8 KiB
YAML
resource_registry:
|
|
OS::TripleO::Services::Tmpwatch: ../deployment/logrotate/tmpwatch-install.yaml
|
|
OS::TripleO::Network::Ports::ControlPlaneVipPort: ../deployed-server/deployed-neutron-port.yaml
|
|
OS::TripleO::NodeExtraConfigPost: ../extraconfig/post_deploy/undercloud_post.yaml
|
|
OS::TripleO::Services::DockerRegistry: ../deployment/image-serve/image-serve-baremetal-ansible.yaml
|
|
OS::TripleO::Services::ContainerImagePrepare: ../deployment/container-image-prepare/container-image-prepare-baremetal-ansible.yaml
|
|
# Allows us to control the external VIP for Undercloud SSL
|
|
OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/external_from_pool.yaml
|
|
|
|
OS::TripleO::Services::ComputeNeutronOvsAgent: ../deployment/neutron/neutron-ovs-agent-container-puppet.yaml
|
|
OS::TripleO::Services::NeutronOvsAgent: ../deployment/neutron/neutron-ovs-agent-container-puppet.yaml
|
|
OS::TripleO::Services::NeutronDhcpAgent: ../deployment/neutron/neutron-dhcp-container-puppet.yaml
|
|
OS::TripleO::Services::NeutronL3Agent: ../deployment/neutron/neutron-l3-container-puppet.yaml
|
|
OS::TripleO::Services::NeutronCorePlugin: ../deployment/neutron/neutron-plugin-ml2-container-puppet.yaml
|
|
OS::TripleO::Services::NeutronMl2PluginBase: ../deployment/neutron/neutron-plugin-ml2.yaml
|
|
|
|
OS::TripleO::Services::OpenStackClients: ../deployment/clients/openstack-clients-baremetal-ansible.yaml
|
|
|
|
OS::TripleO::Services::HeatEphemeral: ../deployment/heat/heat-ephemeral-container-ansible.yaml
|
|
|
|
# services we disable by default on the undercloud
|
|
OS::TripleO::Services::AodhApi: OS::Heat::None
|
|
OS::TripleO::Services::AodhEvaluator: OS::Heat::None
|
|
OS::TripleO::Services::AodhNotifier: OS::Heat::None
|
|
OS::TripleO::Services::AodhListener: OS::Heat::None
|
|
OS::TripleO::Services::CeilometerAgentCentral: OS::Heat::None
|
|
OS::TripleO::Services::CeilometerAgentNotification: OS::Heat::None
|
|
OS::TripleO::Services::CeilometerAgentIpmi: OS::Heat::None
|
|
OS::TripleO::Services::GnocchiApi: OS::Heat::None
|
|
OS::TripleO::Services::GnocchiMetricd: OS::Heat::None
|
|
OS::TripleO::Services::GnocchiStatsd: OS::Heat::None
|
|
OS::TripleO::Services::Redis: OS::Heat::None
|
|
OS::TripleO::Services::CinderApi: OS::Heat::None
|
|
OS::TripleO::Services::CinderScheduler: OS::Heat::None
|
|
OS::TripleO::Services::CinderVolume: OS::Heat::None
|
|
# Disable traditional heat services now that ephemeral heat
|
|
# is deployed by default
|
|
OS::TripleO::Services::HeatApi: OS::Heat::None
|
|
OS::TripleO::Services::HeatApiCfn: OS::Heat::None
|
|
OS::TripleO::Services::HeatApiCloudwatch: OS::Heat::None
|
|
OS::TripleO::Services::HeatEngine: OS::Heat::None
|
|
OS::TripleO::Services::NovaApi: OS::Heat::None
|
|
OS::TripleO::Services::NovaConductor: OS::Heat::None
|
|
OS::TripleO::Services::NovaIronic: OS::Heat::None
|
|
OS::TripleO::Services::NovaMetadata: OS::Heat::None
|
|
OS::TripleO::Services::NovaScheduler: OS::Heat::None
|
|
OS::TripleO::Services::PlacementApi: OS::Heat::None
|
|
OS::TripleO::Services::Logging::PlacementApi: OS::Heat::None
|
|
OS::TripleO::Services::GlanceApi: OS::Heat::None
|
|
OS::TripleO::Services::NeutronMetadataAgent: OS::Heat::None
|
|
OS::TripleO::Services::SwiftProxy: OS::Heat::None
|
|
OS::TripleO::Services::SwiftStorage: OS::Heat::None
|
|
OS::TripleO::Services::SwiftRingBuilder: OS::Heat::None
|
|
|
|
# Services we don't ever want configured. See LP#1824030
|
|
OS::TripleO::Services::Pacemaker: OS::Heat::None
|
|
OS::TripleO::Services::PacemakerRemote: OS::Heat::None
|
|
OS::TripleO::Services::Clustercheck: OS::Heat::None
|
|
|
|
# Ensure non-pacemaker versions. See LP#1824030
|
|
# CinderVolume is set to None above and OVNdbs is currently not in the list in role_data_undercloud.yaml so
|
|
# avoiding that as well until the UC switches to OVN
|
|
OS::TripleO::Services::MySQL: ../deployment/database/mysql-container-puppet.yaml
|
|
OS::TripleO::Services::OsloMessagingRpc: ../deployment/rabbitmq/rabbitmq-messaging-rpc-container-puppet.yaml
|
|
OS::TripleO::Services::OsloMessagingNotify: ../deployment/rabbitmq/rabbitmq-messaging-notify-shared-puppet.yaml
|
|
|
|
# Enable Podman on the Undercloud.
|
|
# This line will drop in Stein when it becomes the default.
|
|
OS::TripleO::Services::Podman: ../deployment/podman/podman-baremetal-ansible.yaml
|
|
|
|
# https://bugs.launchpad.net/tripleo/+bug/1850562
|
|
OS::TripleO::Services::Rsyslog: ../deployment/logging/rsyslog-baremetal-ansible.yaml
|
|
|
|
# Undercloud HA services
|
|
OS::TripleO::Services::HAproxy: OS::Heat::None
|
|
|
|
parameter_defaults:
|
|
# ensure we enable ip_forward before docker gets run
|
|
KernelIpForward: 1
|
|
KernelIpNonLocalBind: 1
|
|
KeystoneCorsAllowedOrigin: '*'
|
|
KeystoneEnableMember: true
|
|
# Increase the Token expiration time until we fix the actual session bug:
|
|
# https://bugs.launchpad.net/tripleo/+bug/1761050
|
|
TokenExpiration: 14400
|
|
EnablePackageInstall: true
|
|
StackAction: CREATE
|
|
UndercloudNetworkConfigUpdate: True
|
|
NeutronTunnelTypes: []
|
|
NeutronBridgeMappings: ctlplane:br-ctlplane
|
|
NeutronAgentExtensions: []
|
|
NeutronFlatNetworks: '*'
|
|
DhcpAgentNotification: true
|
|
HeatConvergenceEngine: true
|
|
HeatCorsAllowedOrigin: '*'
|
|
HeatMaxNestedStackDepth: 7
|
|
HeatMaxResourcesPerStack: -1
|
|
HeatMaxJsonBodySize: 4194304
|
|
HeatReauthenticationAuthMethod: 'trusts'
|
|
HeatYaqlLimitIterators: 10000
|
|
HeatYaqlMemoryQuota: 200000
|
|
# Disable non-lifecycle stack actions like
|
|
# snapshot, resume, cancel update and stack check.
|
|
HeatApiPolicies:
|
|
heat-deny-action:
|
|
key: 'actions:action'
|
|
value: 'rule:deny_everybody'
|
|
IronicCleaningDiskErase: 'metadata'
|
|
IronicCorsAllowedOrigin: '*'
|
|
IronicDefaultInspectInterface: 'inspector'
|
|
IronicDefaultResourceClass: 'baremetal'
|
|
IronicEnabledHardwareTypes: ['ipmi', 'redfish', 'idrac', 'ilo']
|
|
IronicEnabledBootInterfaces: ['pxe', 'ilo-pxe']
|
|
IronicEnabledConsoleInterfaces: ['ipmitool-socat', 'ilo', 'no-console']
|
|
IronicEnabledDeployInterfaces: ['direct', 'ansible']
|
|
IronicEnabledInspectInterfaces: ['inspector', 'no-inspect']
|
|
IronicEnabledManagementInterfaces: ['ipmitool', 'redfish', 'idrac', 'ilo']
|
|
# NOTE(dtantsur): disabling advanced networking as it's not used (or
|
|
# configured) in the undercloud
|
|
IronicEnabledNetworkInterfaces: ['flat']
|
|
IronicEnabledPowerInterfaces: ['ipmitool', 'redfish', 'idrac', 'ilo']
|
|
# NOTE(dtantsur): disabling the "agent" RAID as our ramdisk does not contain
|
|
# any vendor-specific RAID additions.
|
|
IronicEnabledRaidInterfaces: ['no-raid']
|
|
# NOTE(dtantsur): we don't use boot-from-cinder on the undercloud
|
|
IronicEnabledStorageInterfaces: ['noop']
|
|
IronicEnabledVendorInterfaces: ['ipmitool', 'idrac', 'no-vendor']
|
|
IronicEnableStagingDrivers: true
|
|
IronicCleaningNetwork: 'ctlplane'
|
|
IronicForcePowerStateDuringSync: false
|
|
IronicInspectorCollectors: default,extra-hardware,numa-topology,logs
|
|
IronicInspectorInterface: br-ctlplane
|
|
# IronicInspectorSubnets:
|
|
# - ip_range: '192.168.24.100,192.168.24.200'
|
|
IronicInspectorUseSwift: false
|
|
IronicInspectorStorageBackend: 'database'
|
|
IronicConfigureSwiftTempUrlKey: false
|
|
IronicProvisioningNetwork: 'ctlplane'
|
|
IronicRescuingNetwork: 'ctlplane'
|
|
NeutronServicePlugins: router,segments
|
|
NeutronMechanismDrivers: ['openvswitch', 'baremetal']
|
|
NeutronNetworkVLANRanges: 'physnet1:1000:2999'
|
|
NeutronPluginExtensions: port_security,dns_domain_ports
|
|
NeutronOVSFirewallDriver: ''
|
|
NeutronNetworkType: ['local','flat','vlan','gre','vxlan']
|
|
NeutronTunnelIdRanges: '20:100'
|
|
NeutronTypeDrivers: ['local','flat','vlan','gre','vxlan']
|
|
NeutronVniRanges: '10:100'
|
|
NeutronEnableDVR: false
|
|
NeutronPortQuota: '-1'
|
|
# This allows MTU > 1500 for the overcloud if local_mtu is set to 1500
|
|
# See LP#1826729
|
|
TenantNetPhysnetMtu: 0
|
|
# A list of static routes for the control plane network. Ensure traffic to
|
|
# nodes on remote control plane networks use the correct network path.
|
|
# Example:
|
|
# ControlPlaneStaticRoutes:
|
|
# - ip_netmask: 192.168.25.0/24
|
|
# next_hop: 192.168.24.1
|
|
# - ip_netmask: 192.168.26.0/24
|
|
# next_hop: 192.168.24.1
|
|
ControlPlaneStaticRoutes: []
|
|
# A dictionary of Undercloud ctlplane subnets.
|
|
# NOTE(hjensas): This should be {} in this environment file, otherwise it may
|
|
# results in values set here being merged with the values set in
|
|
# undercloud.conf. See Bug: https://bugs.launchpad.net/tripleo/+bug/1820330
|
|
# Example:
|
|
# UndercloudCtlplaneSubnets:
|
|
# ctlplane-subnet:
|
|
# NetworkCidr: '192.168.24.0/24'
|
|
# NetworkGateway: '192.168.24.1'
|
|
# DhcpRangeStart: '192.168.24.5'
|
|
# DhcpRangeEnd: '192.168.24.24'
|
|
# HostRoutes:
|
|
# - {'destination': '10.10.10.0/24', 'nexthop': '192.168.24.254'}
|
|
UndercloudCtlplaneSubnets: {}
|
|
UndercloudCtlplaneLocalSubnet: 'ctlplane-subnet'
|
|
UndercloudNetworkConfigTemplate: 'templates/undercloud.j2'
|
|
PasswordAuthentication: 'yes'
|
|
HeatEngineOptVolumes:
|
|
- /usr/lib/heat:/usr/lib/heat:ro
|
|
MySQLServerOptions:
|
|
mysqld:
|
|
connect_timeout: 60
|
|
SshFirewallAllowAll: true
|
|
NetworkSafeDefaults: false
|