You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
629 lines
26 KiB
629 lines
26 KiB
# This file holds metadata about the capabilities of the tripleo-heat-templates |
|
# repository for deployment using puppet. It groups configuration by topic, |
|
# describes possible combinations of environments and resource capabilities. |
|
|
|
# topics: |
|
# High Level grouping by purpose of environments |
|
# Attributes: |
|
# title: (required) |
|
# description: (optional) |
|
# environment_groups: (required) |
|
|
|
# environment_groups: |
|
# Identifies a group of environments. |
|
# Attributes: |
|
# title: (optional) |
|
# description: (optional) |
|
# tags: a list of tags to provide additional information for e.g. filtering (optional) |
|
# environments: (required) |
|
# mutually_exclusive: (optional) boolean to identify that environments in group are mutually exclusive |
|
|
|
# environments: |
|
# List of environments in environment group |
|
# Attributes: |
|
# file: a file name including path within repository (required) |
|
# title: (required) |
|
# description: (optional) |
|
# requires: an array of environments which are required by this environment (optional) |
|
|
|
topics: |
|
- title: General Deployment Options |
|
description: |
|
environment_groups: |
|
- name: general-deployment-options |
|
title: |
|
description: Enables base configuration for all resources required for OpenStack Deployment |
|
environments: |
|
- file: overcloud-resource-registry-puppet.yaml |
|
title: Base resources configuration |
|
description: |
|
- title: Containerized Deployment |
|
description: > |
|
Configures Deployment to use containerized services |
|
environments: |
|
- file: environments/docker.yaml |
|
title: Containerized Deployment |
|
description: |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- title: High Availability |
|
description: Enables configuration of an Overcloud Controller with Pacemaker |
|
environments: |
|
- file: environments/puppet-pacemaker.yaml |
|
title: High Availability (Pacemaker) |
|
description: |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
|
|
- title: Network Configuration |
|
description: |
|
environment_groups: |
|
- title: Network Isolation |
|
description: |
|
environments: |
|
- file: environments/network-isolation.yaml |
|
title: Network Isolation |
|
description: > |
|
Enable the creation of Neutron networks for |
|
isolated Overcloud traffic and configure each role to assign ports |
|
(related to that role) on these networks. |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- file: environments/network-isolation-v6.yaml |
|
title: Network Isolation IPv6 |
|
description: > |
|
Enable the creation of IPv6 Neutron networks for isolated Overcloud |
|
traffic and configure each role to assign ports (related |
|
to that role) on these networks. |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
mutually_exclusive: true |
|
- title: NICs, Bonding, VLANs Configuration |
|
description: > |
|
Choose one of the pre-defined configurations or provide custom |
|
network-environment.yaml instead. Note that pre-defined configuration work |
|
only with standard Roles and Networks. These options assume use of Network Isolation. |
|
environments: |
|
- file: environments/net-bond-with-vlans.yaml |
|
title: Bond with Vlans |
|
description: > |
|
Configure each role to use a pair of bonded nics (nic2 and |
|
nic3) and configures an IP address on each relevant isolated network |
|
for each role. This option assumes use of Network Isolation. |
|
requires: |
|
- environments/network-isolation.yaml |
|
- file: environments/net-bond-with-vlans-no-external.yaml |
|
title: Bond with Vlans No External Ports |
|
description: > |
|
Configure each role to use a pair of bonded nics (nic2 and |
|
nic3) and configures an IP address on each relevant isolated network |
|
for each role. This option assumes use of Network Isolation. |
|
Sets external ports to noop. |
|
requires: |
|
- environments/network-isolation.yaml |
|
- file: environments/net-bond-with-vlans-v6.yaml |
|
title: Bond with Vlans IPv6 |
|
description: > |
|
Configure each role to use a pair of bonded nics (nic2 and |
|
nic3) and configures an IP address on each relevant isolated network |
|
for each role, with IPv6 on the External network. |
|
This option assumes use of Network Isolation IPv6. |
|
requires: |
|
- environments/network-isolation-v6.yaml |
|
- file: environments/net-multiple-nics.yaml |
|
title: Multiple NICs |
|
description: > |
|
Configures each role to use a separate NIC for |
|
each isolated network. |
|
This option assumes use of Network Isolation. |
|
requires: |
|
- environments/network-isolation.yaml |
|
- file: environments/net-multiple-nics-v6.yaml |
|
title: Multiple NICs IPv6 |
|
description: > |
|
Configure each role to use a separate NIC for |
|
each isolated network with IPv6 on the External network. |
|
This option assumes use of Network Isolation IPv6. |
|
requires: |
|
- environments/network-isolation-v6.yaml |
|
- file: environments/net-single-nic-with-vlans.yaml |
|
title: Single NIC with Vlans |
|
description: > |
|
Configure each role to use Vlans on a single NIC for |
|
each isolated network. This option assumes use of Network Isolation. |
|
requires: |
|
- environments/network-isolation.yaml |
|
- file: environments/net-single-nic-with-vlans-no-external.yaml |
|
title: Single NIC with Vlans No External Ports |
|
description: > |
|
Configure each role to use Vlans on a single NIC for |
|
each isolated network. This option assumes use of Network Isolation. |
|
Sets external ports to noop. |
|
requires: |
|
- environments/network-isolation.yaml |
|
- file: environments/net-single-nic-linux-bridge-with-vlans.yaml |
|
title: Single NIC with Linux Bridge Vlans |
|
description: > |
|
Configure each role to use Vlans on a single NIC for |
|
each isolated network. This option assumes use of Network Isolation. |
|
requires: |
|
- environments/network-isolation.yaml |
|
- file: environments/net-single-nic-with-vlans-v6.yaml |
|
title: Single NIC with Vlans IPv6 |
|
description: > |
|
Configures each role to use Vlans on a single NIC for |
|
each isolated network with IPv6 on the External network. |
|
This option assumes use of Network Isolation IPv6 |
|
requires: |
|
- environments/network-isolation-v6.yaml |
|
mutually_exclusive: true |
|
- title: Management Network |
|
description: > |
|
Enable the creation of a system management network. This |
|
creates a Neutron network for isolated Overcloud |
|
system management traffic and configures each role to |
|
assign a port (related to that role) on that network. |
|
environments: |
|
- file: environments/network-management.yaml |
|
title: Management Network |
|
description: |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- file: environments/network-management-v6.yaml |
|
title: Management Network IPv6 |
|
description: |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
mutually_exclusive: true |
|
|
|
- title: Docker Network |
|
description: > |
|
[Temporary] Use this option when deploying containerized deployment |
|
without network isolation |
|
environments: |
|
- file: environments/docker-network.yaml |
|
title: Docker network |
|
description: |
|
requires: |
|
- environments/docker.yaml |
|
|
|
- title: External load balancer |
|
description: > |
|
Enable external load balancer, requires network Isolation to be enabled. |
|
Note that this option assumes standard isolated networks set. |
|
environments: |
|
- file: environments/external-loadbalancer-vip.yaml |
|
title: External load balancer IPv4 |
|
description: > |
|
requires: |
|
- environments/network-isolation.yaml |
|
- file: environments/external-loadbalancer-vip-v6.yaml |
|
title: External load balancer IPv6 |
|
description: > |
|
requires: |
|
- environments/network-isolation-v6.yaml |
|
mutually_exclusive: true |
|
|
|
- title: Neutron Plugin Configuration |
|
description: |
|
environment_groups: |
|
- title: Neutron Plugins |
|
description: > |
|
Enable various Neutron plugins and backends |
|
environments: |
|
- file: environments/neutron-bgpvpn.yaml |
|
title: Neutron BGPVPN Service Plugin |
|
description: Enables Neutron BGPVPN Service Plugin |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- file: environments/services/neutron-lbaasv2.yaml |
|
title: Neutron LBaaSv2 Service Plugin |
|
description: Enables Neutron LBaaSv2 Service Plugin and Agent |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- file: environments/neutron-ml2-bigswitch.yaml |
|
title: BigSwitch Extensions |
|
description: > |
|
Enable Big Switch extensions, configured via puppet |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- file: environments/neutron-ml2-cisco-n1kv.yaml |
|
title: Cisco N1KV backend |
|
description: > |
|
Enable a Cisco N1KV backend, configured via puppet |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- file: environments/neutron-ml2-cisco-nexus-ucsm.yaml |
|
title: Cisco Neutron plugin |
|
description: |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- file: environments/networking/neutron-midonet.yaml |
|
title: Neutron MidoNet Services |
|
description: |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- file: environments/neutron-nuage-config.yaml |
|
title: Neutron Nuage backend |
|
description: Enables Neutron Nuage backend on the controller |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- file: environments/neutron-opendaylight.yaml |
|
title: OpenDaylight |
|
description: Enables OpenDaylight |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- file: environments/neutron-ovs-dpdk.yaml |
|
title: DPDK with OVS |
|
description: Deploy DPDK with OVS |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- file: environments/neutron-ovs-dvr.yaml |
|
title: DVR |
|
description: Enables DVR in the Overcloud |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- file: environments/neutron-plumgrid.yaml |
|
title: PLUMgrid extensions |
|
description: Enables PLUMgrid extensions |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- file: environments/neutron-ml2-fujitsu-cfab.yaml |
|
title: Fujitsu Neutron plugin for C-Fabric |
|
description: Enable C-Fabric in the overcloud |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- file: environments/neutron-ml2-fujitsu-fossw.yaml |
|
title: Fujitsu Neutron plugin for FOS |
|
description: Enable FOS in the overcloud |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- file: environments/neutron-nsx.yaml |
|
title: Deploy NSX Services |
|
description: |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- file: environments/neutron-l2gw.yaml |
|
title: Neutron L2 gateway Service Plugin |
|
description: Enables Neutron L2 gateway Service Plugin and Agent |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
|
|
- title: Storage |
|
description: |
|
environment_groups: |
|
- title: Cinder backends |
|
description: > |
|
Enable various Cinder backends |
|
environments: |
|
- file: environments/cinder-pure-config.yaml |
|
title: Cinder Pure Storage FlashArray backend |
|
description: |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- file: environments/storage/cinder-netapp-config.yaml |
|
title: Cinder NetApp backend |
|
description: |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- file: environments/cinder-dellsc-config.yaml |
|
title: Cinder Dell EMC Storage Center ISCSI backend |
|
description: > |
|
Enables a Cinder Dell EMC Storage Center ISCSI backend |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- file: environments/cinder-dellemc-unity-config.yaml |
|
title: Cinder Dell EMC Unity backend |
|
description: > |
|
Enables a Cinder Dell EMC Unity backend, |
|
- file: environments/cinder-dellemc-vmax-iscsi-config.yaml |
|
title: Cinder Dell EMC VMAX ISCSI backend |
|
description: > |
|
Enables a Cinder Dell EMC VMAX ISCSI backend, |
|
configured via puppet |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- file: environments/cinder-hpelefthand-config.yaml |
|
title: Cinder HPELeftHandISCSI backend |
|
description: > |
|
Enables a Cinder HPELeftHandISCSI backend |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- file: environments/cinder-dellps-config.yaml |
|
title: Cinder Dell EMC PS Series backend |
|
description: > |
|
Enables a Cinder Dell EMC PS Series backend |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- file: environments/cinder-iser.yaml |
|
title: Cinder iSER backend |
|
description: > |
|
Enable a Cinder iSER RDMA backend, configured via puppet |
|
- file: environments/cinder-scaleio-config.yaml |
|
title: Cinder Dell EMC ScaleIO backend |
|
description: > |
|
Enables a Cinder Dell EMC ScaleIO backend |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- file: environments/cinder-veritas-hyperscale-config.yaml |
|
title: Cinder Veritas HyperScale backend |
|
description: > |
|
Enables a Cinder Veritas HyperScale backend, |
|
configured via puppet |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- title: Cinder backup service |
|
description: |
|
environments: |
|
- file: environments/cinder-backup.yaml |
|
title: Cinder backup service |
|
description: > |
|
OpenStack Cinder Backup service with Pacemaker |
|
requires: |
|
- environments/puppet-pacemaker.yaml |
|
- overcloud-resource-registry-puppet.yaml |
|
- title: Ceph |
|
description: > |
|
Enable the use of Ceph in the overcloud |
|
environments: |
|
- file: environments/puppet-ceph.yaml |
|
title: Ceph Storage Backend |
|
description: > |
|
Deploys a Ceph cluster via TripleO, requires at lease one CephStorage node or |
|
use of hyperconverged-ceph.yaml environment for the HCI scenario, where CephOSD is |
|
colocated with NovaCompute and configures the overcloud to use it, via RBD driver. |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- file: environments/storage/external-ceph.yaml |
|
title: Externally managed Ceph |
|
description: > |
|
Configures the overcloud to use an externally managed Ceph cluster, via RBD driver. |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
mutually_exclusive: true |
|
- title: Additional Ceph Options |
|
description: |
|
environments: |
|
- file: environments/services/ceph-mds.yaml |
|
title: Deploys CephMDS |
|
description: > |
|
Deploys CephMDS via TripleO, an additional Ceph service needed to create shared |
|
filesystems hosted in Ceph. |
|
requires: |
|
- environments/puppet-ceph.yaml |
|
- file: environments/ceph-radosgw.yaml |
|
title: Ceph Rados Gateway |
|
description: > |
|
Deploys CephRGW via TripleO, transparently replaces Swift providing a compatible API |
|
which stores data in the Ceph cluster. |
|
requires: |
|
- environments/puppet-ceph.yaml |
|
- file: environments/manila-cephfsnative-config.yaml |
|
title: Manila with CephFS |
|
description: > |
|
Deploys Manila and configures it with the CephFS driver. This requires the deployment of |
|
Ceph and CephMDS from TripleO or the use of an external Ceph cluster for the overcloud. |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- title: Manila with Unity |
|
description: > |
|
Deploys Manila and configures it with the Unity driver. |
|
environments: |
|
- file: environments/manila-unity-config.yaml |
|
title: Deploys Manila with Unity driver |
|
description: Deploys Manila and configures Unity as its default backend. |
|
- title: Manila with VNX |
|
description: > |
|
Deploys Manila and configures it with the VNX driver. |
|
environments: |
|
- file: environments/manila-vnx-config.yaml |
|
title: Deploys Manila with VNX driver |
|
description: Deploys Manila and configures VNX as its default backend. |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- title: Glance backends |
|
description: |
|
environments: |
|
- file: environments/storage/glance-nfs.yaml |
|
title: Glance NFS Backend |
|
description: | |
|
Configure and enable this option to enable the use of an NFS |
|
share as the backend for Glance. |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
|
|
|
|
- title: Security |
|
description: Security Hardening Options |
|
environment_groups: |
|
- title: TLS |
|
description: |
|
environments: |
|
- file: environments/ssl/enable-tls.yaml |
|
title: SSL on OpenStack Public Endpoints |
|
description: > |
|
Use this option to pass in certificates for SSL deployments. |
|
For these values to take effect, one of the TLS endpoints |
|
options must also be used. |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- title: TLS Endpoints |
|
description: |
|
environments: |
|
- file: environments/ssl/tls-endpoints-public-dns.yaml |
|
title: SSL-enabled deployment with DNS name as public endpoint |
|
description: > |
|
Use this option when deploying an SSL-enabled overcloud where the public |
|
endpoint is a DNS name. |
|
requires: |
|
- environments/ssl/enable-tls.yaml |
|
- file: environments/ssl/tls-everywhere-endpoints-dns.yaml |
|
title: Deploy All SSL Endpoints as DNS names |
|
description: > |
|
Use this option when deploying an overcloud where all the endpoints are |
|
DNS names and there's TLS in all endpoint types. |
|
requires: |
|
- environments/ssl/enable-tls.yaml |
|
- file: environments/ssl/tls-endpoints-public-ip.yaml |
|
title: SSL-enabled deployment with IP address as public endpoint |
|
description: > |
|
Use this option when deploying an SSL-enabled overcloud where the public |
|
endpoint is an IP address. |
|
requires: |
|
- environments/ssl/enable-tls.yaml |
|
mutually_exclusive: true |
|
- title: SSH Banner Text |
|
description: Enables population of SSH Banner Text |
|
environments: |
|
- file: environments/sshd-banner.yaml |
|
title: SSH Banner Text |
|
description: |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- title: Horizon Password Validation |
|
description: Enable Horizon Password validation |
|
environments: |
|
- file: environments/horizon_password_validation.yaml |
|
title: Horizon Password Validation |
|
description: |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- title: AuditD Rules |
|
description: Management of AuditD rules |
|
environments: |
|
- file: environments/auditd.yaml |
|
title: AuditD Rule Management |
|
description: |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- title: Keystone CADF auditing |
|
description: Enable CADF notifications in Keystone for auditing |
|
environments: |
|
- file: environments/cadf.yaml |
|
title: Keystone CADF auditing |
|
- title: SecureTTY Values |
|
description: Set values within /etc/securetty |
|
environments: |
|
- file: environments/securetty.yaml |
|
title: SecureTTY Values |
|
|
|
- title: Additional Services |
|
description: |
|
environment_groups: |
|
- title: |
|
description: Deploy additional services |
|
environments: |
|
- file: environments/services/manila-generic-config.yaml |
|
title: Barbican |
|
description: Enable Barbican with the default secret store backend |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- file: environments/manila-generic-config.yaml |
|
title: Manila |
|
description: Enable Manila with generic driver backend |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- file: environments/services/sahara.yaml |
|
title: Sahara |
|
description: Deploy Sahara service |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- file: environments/services/ironic.yaml |
|
title: Ironic |
|
description: Deploy Ironic service |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- file: environments/services/mistral.yaml |
|
title: Mistral |
|
description: Deploy Mistral service |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- file: environments/services/ec2-api.yaml |
|
title: EC2 API |
|
description: Enable EC2-API service |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- file: environments/services/zaqar.yaml |
|
title: Zaqar |
|
description: Deploy Zaqar service |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
|
|
- title: Nova Extensions |
|
description: |
|
environment_groups: |
|
- title: Nova Extensions |
|
description: |
|
environments: |
|
- file: environments/nova-nuage-config.yaml |
|
title: Nuage backend |
|
description: > |
|
Enables Nuage backend on the Compute |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
|
|
- title: Operational Tools |
|
description: |
|
environment_groups: |
|
- title: Monitoring agents |
|
description: Enable monitoring agents |
|
environments: |
|
- file: environments/monitoring-environment.yaml |
|
title: Monitoring agents |
|
description: |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- title: Centralized logging support |
|
description: Enable centralized logging clients (fluentd) |
|
environments: |
|
- file: environments/logging-environment.yaml |
|
title: fluentd client |
|
description: |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- title: Performance monitoring |
|
description: Enable performance monitoring agents |
|
environments: |
|
- file: environments/collectd-environment.yaml |
|
title: Performance monitoring agents |
|
description: |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
|
|
- title: Utilities |
|
description: |
|
environment_groups: |
|
- title: Config Debug |
|
description: Enable config management (e.g. Puppet) debugging |
|
environments: |
|
- file: environments/config-debug.yaml |
|
title: Config Debug |
|
description: |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- title: Disable journal in MongoDb |
|
description: > |
|
Since, when journaling is enabled, MongoDb will create big journal |
|
file it can take time. In a CI environment for example journaling is |
|
not necessary. |
|
environments: |
|
- file: environments/mongodb-nojournal.yaml |
|
title: Disable journal in MongoDb |
|
description: |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml |
|
- title: Overcloud Steps |
|
description: > |
|
Specifies hooks/breakpoints where overcloud deployment should stop |
|
Allows operator validation between steps, and/or more granular control. |
|
Note: the wildcards relate to naming convention for some resource suffixes, |
|
e.g see puppet/*-post.yaml, enabling this will mean we wait for |
|
a user signal on every *Deployment_StepN resource defined in those files. |
|
tags: |
|
- no-gui |
|
environments: |
|
- file: environments/overcloud-steps.yaml |
|
title: Overcloud Steps |
|
description: |
|
requires: |
|
- overcloud-resource-registry-puppet.yaml
|
|
|