tripleo-heat-templates/environments
Grzegorz Grasza f3ac958f47 Add TLS support to services using memcached
This patch enables TLS connections to memcached in services which
support it. Specifically the settings are consumed by swift's internal
memcached client through puppet-swift; or oslo.cache, through
puppet-ceilometer, puppet-keystone, puppet-nova, puppet-heat
and puppet-oslo.

NOTE(moguimar): Squashing fixes proposed by Rabi Mirsha in order to
optimize conditions.

Squashes:
- Optimize conditions for TLS support
  (cherry picked from commit cc5eb81771)

Depends-on: https://review.opendev.org/773908
Depends-on: https://review.opendev.org/774121
Depends-on: https://review.opendev.org/775618
Depends-on: https://review.opendev.org/779924
Depends-on: https://review.opendev.org/775647
Change-Id: Ic77ed56c32c7071ce126a1528030094b97894653
(cherry picked from commit 1ceb521805)
2021-03-22 21:17:09 +01:00
..
backup-and-restore Adding ReaR THT 2019-11-21 11:07:51 -03:00
ceph-ansible Add parameter and CI config to enable Ceph OTW encryption 2020-09-04 06:27:53 +00:00
composable-roles Specify multiple NtpServers by default 2018-12-04 08:31:55 -07:00
lifecycle Remove ffwd lifecycle environment files. 2021-02-01 10:37:20 +00:00
messaging flatten qdrouterd service configs 2019-02-15 12:53:15 -07:00
metrics Disable notification from services by default 2020-09-30 09:51:08 +09:00
predictable-placement Revert "Switch public endpoints to use FQDNs by default" 2018-05-16 21:45:42 +00:00
services Configure OVNCMSOptions=enable-chassis-as-gw within neutron-ovn-sriov.yaml 2021-01-19 13:41:50 +00:00
services-baremetal Rename NeutronMl2PluginBase TripleO service 2020-10-20 11:20:41 +10:00
ssl Add TLS support to services using memcached 2021-03-22 21:17:09 +01:00
standalone Make NetworkConfigWithAnsible parameter non-role specific 2020-10-15 19:41:27 +05:30
storage Use container_file_t for Cinder*NfsMountOptions by default 2020-08-26 13:04:10 +02:00
undercloud Make NetworkConfigWithAnsible parameter non-role specific 2020-10-15 19:41:27 +05:30
updates Switch default neutron ML2 mechanism driver to OVN 2019-02-14 15:58:27 +01:00
veritas-hyperscale Move vpp, and veritas-hyperscale into deployment 2019-05-30 20:37:33 +00:00
README.md Add a directory for overcloud heat environments 2015-05-15 12:28:00 +02:00
auditd.yaml Move auditd, ca-cert, certmonger to deployment 2019-05-30 20:37:25 +00:00
barbican-backend-dogtag.yaml flatten the barbican service configurations 2019-02-18 08:06:21 -05:00
barbican-backend-kmip.yaml flatten the barbican service configurations 2019-02-18 08:06:21 -05:00
barbican-backend-pkcs11-atos.yaml flatten the barbican service configurations 2019-02-18 08:06:21 -05:00
barbican-backend-pkcs11-lunasa.yaml Identify HSMs using labels instead of Slot ID 2020-12-01 15:07:44 -06:00
barbican-backend-pkcs11-thales.yaml Add parameters to allow multiple nshield HSMs 2021-02-17 19:12:19 +00:00
barbican-backend-pkcs11.yaml flatten the barbican service configurations 2019-02-18 08:06:21 -05:00
barbican-backend-simple-crypto.yaml flatten the barbican service configurations 2019-02-18 08:06:21 -05:00
cadf.yaml Enable keystone cadf notifications 2017-03-06 18:10:55 +01:00
cavium-liquidio.yaml Remove usage of RetryFilter 2020-08-28 21:06:30 +05:30
cinder-backup.yaml flatten cinder service configuration 2019-01-18 08:55:26 -05:00
cinder-dellemc-powerflex-config.yaml [PowerFlex/VxFlex OS] Fix typos in templates 2020-09-21 13:59:54 -05:00
cinder-dellemc-powermax-config.yaml Support for PowerMax Cinder Backend 2020-04-08 16:17:41 -05:00
cinder-dellemc-powerstore-config.yaml Support for PowerStore Cinder Backend 2020-07-29 16:52:08 -05:00
cinder-dellemc-sc-config.yaml Support for SC Cinder Backend 2020-05-01 10:33:32 -05:00
cinder-dellemc-unity-config.yaml flatten cinder service configuration 2019-01-18 08:55:26 -05:00
cinder-dellemc-vmax-iscsi-config.yaml Deprecating VMax Volume Config 2020-04-01 10:55:18 -05:00
cinder-dellemc-vnx-config.yaml flatten cinder service configuration 2019-01-18 08:55:26 -05:00
cinder-dellemc-vxflexos-config.yaml [PowerFlex/VxFlex OS] Fix typos in templates 2020-09-21 13:59:54 -05:00
cinder-dellemc-xtremio-config.yaml Support for Xtremio Cinder Backend 2020-05-01 10:22:12 -05:00
cinder-dellemc-xtremio-iscsi-config.yaml Deprecating Old Dell EMC Xtremio Iscsi Volume Config 2020-04-24 16:24:34 -05:00
cinder-dellsc-config.yaml Deprecating Old Dell SC Iscsi Volume Config 2020-04-24 16:26:13 -05:00
cinder-hpelefthand-config.yaml flatten cinder service configuration 2019-01-18 08:55:26 -05:00
cinder-iser.yaml Added support for pass-through iSER configuration 2016-09-23 09:51:41 -04:00
cinder-netapp-config.yaml Use container_file_t for Cinder*NfsMountOptions by default 2020-08-26 13:04:10 +02:00
cinder-nvmeof-config.yaml flatten cinder service configuration 2019-01-18 08:55:26 -05:00
cinder-pure-config.yaml Support deploying multiple Cinder Pure Storage backends 2019-09-13 07:36:42 -07:00
cinder-scaleio-config.yaml Deprecating Old ScaleIO Volume Config 2020-06-01 14:42:03 -05:00
cinder-volume-active-active.yaml Support cinder-volume running active-active 2019-03-04 14:58:51 -05:00
compute-instanceha.yaml Move compute-instanceha, neutron-ovn-dvr-ha to deployments 2019-05-30 20:37:36 +00:00
compute-real-time-example.yaml roles: Remove use of NovaVcpuPinSet from ComputeRealTime 2020-01-16 16:17:04 +00:00
computealt.yaml Remove all broken references to ./puppet/services 2020-08-06 08:50:51 +05:30
config-debug.yaml Deprecate EnablePaunch and remove Paunch support 2020-06-03 17:53:40 +00:00
container-image-prepare-debug.yaml Introduce ContainerImagePrepareDebug parameter 2019-02-14 09:06:33 -05:00
containerized-control-plane-dellemc-scaleio.yaml Containerized control plane with Dell EMC ScaleIO storage 2018-05-29 13:41:29 -04:00
dcn-hci.yaml Deprecate environments/dcn-hci.yaml for dcn-storage.yaml 2021-01-31 22:01:12 +00:00
dcn-storage.yaml Deprecate environments/dcn-hci.yaml for dcn-storage.yaml 2021-01-31 22:01:12 +00:00
dcn.yaml Add NovaDisableImageDownloadToRbd parameter 2020-10-23 17:52:58 +01:00
debug.yaml Add new environment for debug 2016-10-07 17:27:22 +00:00
deployed-server-deployed-neutron-ports.yaml Use static environment for deployed-server neutron mappings 2017-07-18 20:01:06 -04:00
deployed-server-environment.j2.yaml Make NetworkConfigWithAnsible parameter non-role specific 2020-10-15 19:41:27 +05:30
deployed-server-noop-ctlplane.yaml Add deployed server bootstrap to noop-ctlplane 2017-01-17 18:34:47 -05:00
designate-config-ha.yaml Split designate envs 2018-10-11 15:15:16 +00:00
designate-config.yaml Split designate envs 2018-10-11 15:15:16 +00:00
disable-paunch.yaml Deprecate EnablePaunch and remove Paunch support 2020-06-03 17:53:40 +00:00
disable-swift.yaml Introduce environments/disable-swift.yaml 2020-03-23 12:37:23 -04:00
disable-telemetry.yaml Disable legacy telemetry by default 2019-11-19 08:09:57 -05:00
docker-ha.yaml Deprecate EnablePaunch and remove Paunch support 2020-06-03 17:53:40 +00:00
docker-network.yaml container ovs-agent, ensure br-ex exists 2017-08-28 19:47:16 +00:00
enable-designate.yaml Add redis to designate environment 2020-09-29 12:38:33 +00:00
enable-federation-openidc.yaml add support for enabling oauth in keystone openidc integration 2019-07-02 10:21:36 -03:00
enable-legacy-telemetry.yaml Disable notification from services by default 2020-09-30 09:51:08 +09:00
enable-stf.yaml Disable notification from services by default 2020-09-30 09:51:08 +09:00
enable-swap-partition.yaml Fix for AllNodesExtraConfig and fix environment files to create swap files/partitions 2017-01-16 15:47:50 +01:00
enable-swap.yaml Fix for AllNodesExtraConfig and fix environment files to create swap files/partitions 2017-01-16 15:47:50 +01:00
enable_tempest.yaml move tempest to deployment 2019-03-21 07:29:46 -04:00
external-loadbalancer-vip-v6-all.yaml Disable haproxy when using external LB 2019-11-05 07:36:12 +10:00
external-loadbalancer-vip-v6.yaml Disable haproxy when using external LB 2019-11-05 07:36:12 +10:00
external-loadbalancer-vip.yaml Disable haproxy when using external LB 2019-11-05 07:36:12 +10:00
firewall.yaml firewall: make ExtraFirewallRules role specific 2020-10-01 01:43:06 +00:00
fixed-ip-vips-v6.yaml Give the OVN DBS service a separate Vip 2019-09-23 13:05:39 +00:00
fixed-ip-vips.yaml Give the OVN DBS service a separate Vip 2019-09-23 13:05:39 +00:00
horizon_password_validation.yaml Fix a spelling mistake 2018-09-15 14:42:07 +08:00
hyperconverged-ceph.yaml Switch to Podman by default 2020-03-18 09:27:36 -04:00
ips-from-pool-all.yaml Drop resource registry override in ip-from-pool 2020-03-12 18:44:44 +00:00
ips-from-pool-ctlplane.yaml Remove invalid comment in ips-from-pool-ctlplane 2018-12-10 10:14:27 -05:00
ips-from-pool.yaml Drop resource registry override in ip-from-pool 2020-03-12 18:44:44 +00:00
ipsec.yaml Remove extraconfig/services directory 2019-07-18 14:44:14 -04:00
logging-environment-rsyslog.yaml Rsyslog composable service 2019-07-18 15:41:28 +00:00
login-defs.yaml Use login-defs role from tripleo-ansible in sc004 2019-08-10 13:25:16 +03:00
low-memory-usage.yaml Remove deprecated Manila PGNum parameters 2020-08-21 13:26:46 -04:00
manila-cephfsganesha-config.yaml Allow for configuration of the Manila CephFS backend with a remote Ceph 2019-07-19 08:31:02 +00:00
manila-cephfsnative-config.yaml Move Manila backends into deployment 2019-04-22 08:44:39 -04:00
manila-isilon-config.yaml Move Manila backends into deployment 2019-04-22 08:44:39 -04:00
manila-netapp-config.yaml Fix netapp deployment manifest 2019-05-30 16:03:55 -04:00
manila-unity-config.yaml Move Manila backends into deployment 2019-04-22 08:44:39 -04:00
manila-vmax-config.yaml Move Manila backends into deployment 2019-04-22 08:44:39 -04:00
manila-vnx-config.yaml Move Manila backends into deployment 2019-04-22 08:44:39 -04:00
multipathd.yaml Deploy multipathd using tripleo_multipathd ansible role 2020-10-22 06:07:15 -07:00
net-2-linux-bonds-with-vlans.j2.yaml Make NetworkConfigWithAnsible parameter non-role specific 2020-10-15 19:41:27 +05:30
net-bond-with-vlans-no-external.j2.yaml Fix comments in environments/net-* network configuration envs 2019-04-01 17:12:28 -07:00
net-bond-with-vlans.j2.yaml Make NetworkConfigWithAnsible parameter non-role specific 2020-10-15 19:41:27 +05:30
net-dpdkbond-with-vlans.j2.yaml Make NetworkConfigWithAnsible parameter non-role specific 2020-10-15 19:41:27 +05:30
net-multiple-nics-vlans.j2.yaml Make NetworkConfigWithAnsible parameter non-role specific 2020-10-15 19:41:27 +05:30
net-multiple-nics.j2.yaml Make NetworkConfigWithAnsible parameter non-role specific 2020-10-15 19:41:27 +05:30
net-noop.j2.yaml Use OS::Heat::None in place of net-config-noop.yaml 2020-10-02 12:41:23 +05:30
net-single-nic-linux-bridge-with-vlans.j2.yaml Make NetworkConfigWithAnsible parameter non-role specific 2020-10-15 19:41:27 +05:30
net-single-nic-with-vlans-no-external.j2.yaml Make NetworkConfigWithAnsible parameter non-role specific 2020-10-15 19:41:27 +05:30
net-single-nic-with-vlans.j2.yaml Make NetworkConfigWithAnsible parameter non-role specific 2020-10-15 19:41:27 +05:30
network-environment-v6-all.j2.yaml Update some more environments to use new ansible nic config 2020-10-27 15:30:10 +05:30
network-environment-v6.j2.yaml Update some more environments to use new ansible nic config 2020-10-27 15:30:10 +05:30
network-environment.j2.yaml Update some more environments to use new ansible nic config 2020-10-27 15:30:10 +05:30
network-isolation-no-tunneling.j2.yaml Give the OVN DBS service a separate Vip 2019-09-23 13:05:39 +00:00
network-isolation-v6-all.j2.yaml Deprecate service ipv6 params 2020-05-12 07:25:11 +00:00
network-isolation-v6.j2.yaml Deprecate service ipv6 params 2020-05-12 07:25:11 +00:00
network-isolation.j2.yaml Give the OVN DBS service a separate Vip 2019-09-23 13:05:39 +00:00
network-management-v6.yaml Fix networking settings for ObjectStorage role 2017-10-25 20:57:17 +02:00
network-management.yaml Fix networking settings for ObjectStorage role 2017-10-25 20:57:17 +02:00
networks-disable.j2.yaml Environment to disable Neutron networks 2018-01-24 20:59:14 -05:00
neutron-bgpvpn-bagpipe.yaml step3: flatten the neutron service configurations 2019-02-27 15:17:32 -05:00
neutron-bgpvpn.yaml step3: flatten the neutron service configurations 2019-02-27 15:17:32 -05:00
neutron-l2gw.yaml step3: flatten the neutron service configurations 2019-02-27 15:17:32 -05:00
neutron-linuxbridge.yaml Move neutron base, plugins to deployment 2019-05-13 10:05:46 -04:00
neutron-ml2-ansible.yaml Sync neutron-ml2-ansible.yaml files 2020-02-26 16:38:51 -03:30
neutron-ml2-bigswitch.yaml Move neutron base, plugins to deployment 2019-05-13 10:05:46 -04:00
neutron-ml2-cisco-vts.yaml Add cisco VTS ML2 template for a dockerized service and default environment settings 2018-02-20 21:11:19 +01:00
neutron-ml2-mlnx-sdn.yaml Added the ability to disable Mellanox SDN sync 2019-11-07 14:55:10 +02:00
neutron-ml2-vpp.yaml Move vpp, and veritas-hyperscale into deployment 2019-05-30 20:37:33 +00:00
neutron-nsx.yaml Remove Neutron LBaaS 2019-06-04 15:12:38 +02:00
neutron-nuage-config.yaml Rename NeutronMl2PluginBase TripleO service 2020-10-20 11:20:41 +10:00
neutron-ovs-dvr.yaml Merge "Rename NeutronMl2PluginBase TripleO service" 2020-10-24 00:08:46 +00:00
neutron-sfc.yaml step5: flatten the neutron service configurations 2019-02-28 10:24:51 -05:00
nonha-arch.yaml Deprecate Keepalived service 2020-05-05 10:16:52 -04:00
noop-deploy-steps.yaml Add noop-deploy-steps.yaml environment 2017-11-22 18:48:21 +00:00
nova-api-policy.yaml Allow to configure policy.json for OpenStack projects 2017-03-28 22:21:28 +00:00
nova-az-config.yaml Add OS::TripleO::NovaAZConfig 2019-04-15 17:46:22 -04:00
nova-nuage-config.yaml Remove Nova parameters that are no longer used 2020-03-28 22:07:33 +01:00
nsx-config.yaml step5: flatten the neutron service configurations 2019-02-28 10:24:51 -05:00
overcloud-baremetal.j2.yaml Consistent hostname format env for split-stack 2017-07-24 14:42:28 -04:00
overcloud-services.yaml Consistent hostname format env for split-stack 2017-07-24 14:42:28 -04:00
overcloud-steps.yaml Rename -puppet.yaml templates. 2015-09-22 08:30:01 -04:00
ovs-hw-offload.yaml Remove usage of RetryFilter 2020-08-28 21:06:30 +05:30
podman.yaml Disable docker template in podman env 2019-08-14 19:38:06 +03:00
public-tls-undercloud.yaml Add new parameter PublicTLSCACert 2020-06-25 09:31:00 -04:00
puppet-tenant-vlan.yaml Remove NeutronEnableTunnelling from templates 2016-08-12 20:46:38 -02:30
rhsm.yaml rhsm: add rhsm_release in environment for doc purpose 2020-05-22 19:03:10 +00:00
securetty.yaml Configure securetty using tripleo-ansible 2019-09-04 01:22:40 +00:00
split-stack-consistent-hostname-format.j2.yaml Consistent hostname format env for split-stack 2017-07-24 14:42:28 -04:00
sshd-banner.yaml SSHD Service extensions 2017-04-19 18:03:02 +01:00
stdout-logging.yaml Move glance logging templates to logging directory 2020-02-25 22:36:57 +09:00
storage-environment-external.yaml Disable legacy telemetry by default 2019-11-19 08:09:57 -05:00
storage-environment.yaml Use container_file_t for Cinder*NfsMountOptions by default 2020-08-26 13:04:10 +02:00
swift-external.yaml swift-external: deprecate External*Url 2019-12-09 18:19:51 -05:00
tripleo-validations.yaml Use tripleo-validations-package role instead of puppet 2019-08-26 08:56:35 +00:00
tuned-ceph-filestore-hci.yaml Add TunedCustomProfile parameter and HCI Ceph filestore environment 2018-12-10 22:26:06 +00:00
undercloud-enable-nova.yaml undercloud: disable placement api by default 2020-10-09 20:06:01 +00:00
undercloud.yaml Merge "Rename NeutronMl2PluginBase TripleO service" 2020-10-24 00:08:46 +00:00
use-dns-for-vips.yaml Stop using puppet to configure VIPs in /etc/hosts 2016-11-27 13:20:33 -05:00

README.md

This directory contains Heat environment file snippets which can be used to enable features in the Overcloud.

Configuration

These can be enabled using the -e [path to environment yaml] option with heatclient.

Below is an example of how to enable the Ceph template using devtest_overcloud.sh:

export OVERCLOUD\_CUSTOM\_HEAT\_ENV=$TRIPLEO\_ROOT/tripleo-heat-templates/environments/ceph_devel.yaml