cb90c8ce48
Some work is being done in I46fce28926cb5a881f7384948480266712ae75e3 to secure SNMP on a specific network but until then we need to stop opening the services so cloud providers won't report any security issue for TripleO jobs. Change-Id: Icd8a6ddda6152186d6be4a227f6449232fecba5e Related-Bug: #1749324
58 lines
2.5 KiB
YAML
58 lines
2.5 KiB
YAML
resource_registry:
|
|
OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml
|
|
OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml
|
|
OS::TripleO::Services::SwiftProxy: OS::Heat::None
|
|
OS::TripleO::Services::SwiftStorage: OS::Heat::None
|
|
OS::TripleO::Services::SwiftRingBuilder: OS::Heat::None
|
|
OS::TripleO::Services::Keystone: OS::Heat::None
|
|
OS::TripleO::Services::GlanceApi: OS::Heat::None
|
|
OS::TripleO::Services::MySQL: OS::Heat::None
|
|
OS::TripleO::Services::MySQLClient: OS::Heat::None
|
|
OS::TripleO::Services::NeutronBgpVpnApi: OS::Heat::None
|
|
OS::TripleO::Services::NeutronDhcpAgent: OS::Heat::None
|
|
OS::TripleO::Services::NeutronL3Agent: OS::Heat::None
|
|
OS::TripleO::Services::NeutronMetadataAgent: OS::Heat::None
|
|
OS::TripleO::Services::NeutronServer: OS::Heat::None
|
|
OS::TripleO::Services::NeutronCorePlugin: OS::Heat::None
|
|
OS::TripleO::Services::NeutronOvsAgent: OS::Heat::None
|
|
OS::TripleO::Services::RabbitMQ: OS::Heat::None
|
|
OS::TripleO::Services::HAproxy: OS::Heat::None
|
|
OS::TripleO::Services::Keepalived: OS::Heat::None
|
|
OS::TripleO::Services::Memcached: OS::Heat::None
|
|
OS::TripleO::Services::NovaConductor: OS::Heat::None
|
|
OS::TripleO::Services::NovaApi: OS::Heat::None
|
|
OS::TripleO::Services::NovaPlacement: OS::Heat::None
|
|
OS::TripleO::Services::NovaMetadata: OS::Heat::None
|
|
OS::TripleO::Services::NovaScheduler: OS::Heat::None
|
|
OS::TripleO::Services::NovaCompute: OS::Heat::None
|
|
OS::TripleO::Services::NovaLibvirt: OS::Heat::None
|
|
OS::TripleO::Services::Docker: ../../puppet/services/docker.yaml
|
|
|
|
|
|
|
|
parameter_defaults:
|
|
# NOTE: CI envs have swap, which by default blocks Kubespray and Kubelet.
|
|
# https://github.com/kubernetes-incubator/kubespray/issues/1787#issuecomment-336155007
|
|
KubesprayIgnoreAssertErrors: true
|
|
|
|
ControllerServices:
|
|
- OS::TripleO::Services::Docker
|
|
- OS::TripleO::Services::Kernel
|
|
- OS::TripleO::Services::Ntp
|
|
- OS::TripleO::Services::Timezone
|
|
- OS::TripleO::Services::TripleoPackages
|
|
- OS::TripleO::Services::TripleoFirewall
|
|
- OS::TripleO::Services::Sshd
|
|
- OS::TripleO::Services::Kubernetes::Master
|
|
- OS::TripleO::Services::Kubernetes::Worker
|
|
ComputeServices:
|
|
- OS::TripleO::Services::Docker
|
|
- OS::TripleO::Services::Kernel
|
|
- OS::TripleO::Services::Ntp
|
|
- OS::TripleO::Services::Timezone
|
|
- OS::TripleO::Services::TripleoPackages
|
|
- OS::TripleO::Services::TripleoFirewall
|
|
- OS::TripleO::Services::Sshd
|
|
- OS::TripleO::Services::Kubernetes::Worker
|
|
Debug: true
|