openstack
/
tripleo-heat-templates
Code Issues Proposed changes
tripleo-heat-templates/environments
History
Juan Antonio Osorio Robles dd43ba1cf2 Bind mount directories that contain the key/certs for keystone 
This is only done when TLS-everywhere is enabled, and depends on those
directories being exclusive for services that run over httpd. Which is
the commit this is on top of.

Also, an environment file was added that's similar to
environments/docker.yaml. The difference is that this one will contain
the services that can run containerized with TLS-everywhere. This file
will be updated as more services get support for this.

bp tls-via-certmonger-containers

Change-Id: I87bf59f2c33de6cf2d4ce0679a5e0e22bc24bf78
 		2017-04-12 09:45:17 +00:00
..
contrail Replace references to the 192.0.2 network 2017-04-10 14:05:50 +02:00
services Replace references to the 192.0.2 network 2017-04-10 14:05:50 +02:00
services-docker Move zaqar into services-docker 2017-03-08 15:29:45 -05:00
updates Replace references to the 192.0.2 network 2017-04-10 14:05:50 +02:00
README.md Add a directory for overcloud heat environments 2015-05-15 12:28:00 +02:00
auditd.yaml Add AuditD composable service 2017-01-27 13:23:18 +00:00
cadf.yaml Enable keystone cadf notifications 2017-03-06 18:10:55 +01:00
ceph-radosgw.yaml Add support for deploying Ceph RGW role 2016-09-10 09:45:25 -04:00
cinder-backup.yaml Disable cinder-backup by default 2016-08-19 12:06:37 +02:00
cinder-dellps-config.yaml Composable services support for Cinder Dell EMC PS Series 2017-02-07 11:54:24 +00:00
cinder-dellsc-config.yaml Composable service support for Cinder Dell EMC Storage Center 2017-02-03 12:07:33 -06:00
cinder-hpelefthand-config.yaml HPELeftHandISCSIDriver support for Cinder 2017-01-13 16:48:59 +00:00
cinder-iser.yaml Added support for pass-through iSER configuration 2016-09-23 09:51:41 -04:00
cinder-netapp-config.yaml Use netapp_host_type instead of netapp_eseries_host_type 2016-09-29 10:52:12 +02:00
cinder-scaleio-config.yaml Enables support for configuring Cinder with Dell EMC 2017-02-07 12:06:47 -06:00
collectd-environment.yaml implement a collectd composable service 2017-02-07 11:54:14 +00:00
config-debug.yaml Allow enabling debug mode for config management (Puppet) 2015-09-30 15:30:22 +02:00
debug.yaml Add new environment for debug 2016-10-07 17:27:22 +00:00
deployed-server-bootstrap-environment-centos.yaml Deployed server bootstrap via Heat 2017-01-16 10:48:00 -05:00
deployed-server-bootstrap-environment-rhel.yaml Add deployed server bootstrap for RHEL 2017-01-26 15:06:46 -05:00
deployed-server-environment.j2.yaml Nic config mappings for deployed-server 2017-03-22 20:08:38 +00:00
deployed-server-noop-ctlplane.yaml Add deployed server bootstrap to noop-ctlplane 2017-01-17 18:34:47 -05:00
deployed-server-pacemaker-environment.yaml Add environment for deployed-server with pacemaker 2017-02-17 09:03:40 -05:00
docker-network.yaml Network Isolation support for containerized compute 2016-01-04 20:41:41 +00:00
docker-services-tls-everywhere.yaml Bind mount directories that contain the key/certs for keystone 2017-04-12 09:45:17 +00:00
docker.yaml Containerize panko api service 2017-03-17 14:30:11 +00:00
enable-internal-tls.yaml MySQL: Use conditional instead of nested stack for TLS-specific bits 2017-03-27 14:00:46 +03:00
enable-swap-partition.yaml Fix for AllNodesExtraConfig and fix environment files to create swap files/partitions 2017-01-16 15:47:50 +01:00
enable-swap.yaml Fix for AllNodesExtraConfig and fix environment files to create swap files/partitions 2017-01-16 15:47:50 +01:00
enable-tls.yaml Move resource registry override to enable-tls.yaml 2016-08-23 08:53:50 +03:00
enable_congress.yaml adding Congress Support 2017-02-10 09:59:38 -05:00
enable_tacker.yaml Adding Tacker Support 2017-02-09 20:23:36 +00:00
external-loadbalancer-vip-v6.yaml Replace references to the 192.0.2 network 2017-04-10 14:05:50 +02:00
external-loadbalancer-vip.yaml Replace references to the 192.0.2 network 2017-04-10 14:05:50 +02:00
horizon_password_validation.yaml Manage password_validator regex 2017-01-25 16:45:22 +00:00
host-config-pre-network.j2.yaml Fix empty parameter_default error in environment file 2017-02-14 11:19:55 +05:30
hyperconverged-ceph.yaml Merge "Add Docker service to all roles" 2017-04-07 16:51:36 +00:00
inject-trust-anchor-hiera.yaml Add deployment of CAs via hieradata 2016-08-22 18:10:26 +03:00
inject-trust-anchor.yaml Enable trust anchor injection 2015-11-25 15:16:08 +02:00
ips-from-pool-all.yaml Add Management net to ips-from-pool-all example 2016-06-29 11:40:36 +01:00
ips-from-pool.yaml Add sample environment file to document usage of predictable IPs 2015-12-15 12:52:15 +01:00
logging-environment.yaml Replace references to the 192.0.2 network 2017-04-10 14:05:50 +02:00
low-memory-usage.yaml Increase apache ServerLimit and workers to 100 2017-02-22 04:11:20 +00:00
major-upgrade-aodh-migration.yaml No-op Puppet for upgrades/migrations according to composable roles 2016-09-22 14:59:20 +02:00
major-upgrade-ceilometer-wsgi-mitaka-newton.yaml Ceilometer Wsgi Mitaka->Newton upgrades 2016-10-07 11:43:33 +03:00
major-upgrade-composable-steps-docker.yaml Only set EnableConfigPurge on major upgrades 2017-03-22 09:20:37 +00:00
major-upgrade-composable-steps.yaml Do not install openstack-heat-agents 2017-03-30 11:23:01 +13:00
major-upgrade-converge-docker.yaml Only set EnableConfigPurge on major upgrades 2017-03-22 09:20:37 +00:00
major-upgrade-converge.yaml Only set EnableConfigPurge on major upgrades 2017-03-22 09:20:37 +00:00
major-upgrade-pacemaker-converge.yaml Adds Environment File for Removing Sahara during M/N upgrade 2016-10-05 16:32:31 +03:00
major-upgrade-pacemaker-init.yaml No-op Puppet for upgrades/migrations according to composable roles 2016-09-22 14:59:20 +02:00
major-upgrade-pacemaker.yaml No-op Puppet for upgrades/migrations according to composable roles 2016-09-22 14:59:20 +02:00
major-upgrade-remove-sahara.yaml Adds Environment File for Removing Sahara during M/N upgrade 2016-10-05 16:32:31 +03:00
manila-cephfsnative-config.yaml Fix inconsistent Manila service naming 2016-11-10 17:06:47 +00:00
manila-generic-config.yaml Fix inconsistent Manila service naming 2016-11-10 17:06:47 +00:00
manila-netapp-config.yaml Fix inconsistent Manila service naming 2016-11-10 17:06:47 +00:00
mongodb-nojournal.yaml Always use parameter_defaults in environment files 2016-04-11 14:15:39 -04:00
monitoring-environment.yaml Prefill Sensu client custom config 2016-10-13 11:53:58 +02:00
net-bond-with-vlans-no-external.yaml neutron: don't set external_network_bridge option by default 2016-12-12 11:26:14 +00:00
net-bond-with-vlans-v6.yaml neutron: don't set external_network_bridge option by default 2016-12-12 11:26:14 +00:00
net-bond-with-vlans.yaml neutron: don't set external_network_bridge option by default 2016-12-12 11:26:14 +00:00
net-multiple-nics-v6.yaml Add IPv6 versions of the Controller NIC configs 2016-03-05 03:22:03 +01:00
net-multiple-nics.yaml Add network templates for multiple NIC configuration 2015-11-05 14:09:45 +00:00
net-single-nic-linux-bridge-with-vlans.yaml neutron: don't set external_network_bridge option by default 2016-12-12 11:26:14 +00:00
net-single-nic-with-vlans-no-external.yaml neutron: don't set external_network_bridge option by default 2016-12-12 11:26:14 +00:00
net-single-nic-with-vlans-v6.yaml neutron: don't set external_network_bridge option by default 2016-12-12 11:26:14 +00:00
net-single-nic-with-vlans.yaml neutron: don't set external_network_bridge option by default 2016-12-12 11:26:14 +00:00
network-environment.yaml Replace references to the 192.0.2 network 2017-04-10 14:05:50 +02:00
network-isolation-no-tunneling.yaml Add missing VIP definitions into -no-tunneling env file 2017-01-03 21:42:42 +01:00
network-isolation-v6.yaml configure horizon with memcached ipv6 when needed 2016-03-23 15:43:10 -04:00
network-isolation.yaml Add missing VIP definitions into -no-tunneling env file 2017-01-03 21:42:42 +01:00
network-management-v6.yaml Add IPv6 support for the management network 2016-06-20 14:02:44 +02:00
network-management.yaml Add IPv6 support for the management network 2016-06-20 14:02:44 +02:00
neutron-bgpvpn.yaml Add BGPVPN services to scenario004 2017-04-07 11:03:50 +02:00
neutron-l2gw-api.yaml Add l2gw neutron service plugin support 2017-03-30 14:42:10 +00:00
neutron-midonet.yaml Composable Midonet compute plugin 2016-07-12 09:48:31 -04:00
neutron-ml2-bigswitch.yaml Re-Add bigswitch agent support 2017-03-17 15:10:39 -06:00
neutron-ml2-cisco-n1kv.yaml Replace references to the 192.0.2 network 2017-04-10 14:05:50 +02:00
neutron-ml2-cisco-nexus-ucsm.yaml Change the default value for NetworkNexusVxlanGlobalConfig 2016-02-24 19:08:07 +03:00
neutron-ml2-fujitsu-cfab.yaml Add THT for networking-fujitsu 2017-01-10 10:54:02 -05:00
neutron-ml2-fujitsu-fossw.yaml Add THT for fossw ML2 plugin in networking-fujitsu 2017-01-19 12:55:47 -05:00
neutron-ml2-ovn.yaml OVN plugin configuration fixes 2017-02-02 21:30:38 +05:30
neutron-nuage-config.yaml Addition of firewall rules for Nuage 2017-04-03 16:49:16 -04:00
neutron-opendaylight.yaml Fixes port binding controller for OpenDaylight 2017-03-27 16:19:48 -04:00
neutron-ovs-dpdk.yaml Added DPDK environment file and nic configs samples 2016-08-30 08:49:05 +05:30
neutron-ovs-dvr.yaml Revert "Set NeutronL3HA to false when deploying DVR" 2016-11-28 11:19:22 +02:00
neutron-plumgrid.yaml Composable Plumgrid compute plugin 2016-07-12 09:48:31 -04:00
neutron-sriov.yaml Remove unused SR-IOV parameter NeutronSupportedPCIVendorDevs 2017-02-02 11:18:07 +05:30
nova-api-policy.yaml Allow to configure policy.json for OpenStack projects 2017-03-28 22:21:28 +00:00
nova-nuage-config.yaml Changes for configuring Nuage 2015-11-30 14:22:08 -05:00
overcloud-steps.yaml Rename -puppet.yaml templates. 2015-09-22 08:30:01 -04:00
puppet-ceph-devel.yaml Add cinder-backup service as role 2016-08-10 19:02:08 +00:00
puppet-ceph-external.yaml Allow user to configure Ceph rbd_default_features 2017-01-16 22:39:47 +00:00
puppet-ceph.yaml Describe use of Manila/CephFS in capabilites_map 2017-01-30 16:41:29 +00:00
puppet-pacemaker-no-restart.yaml Allow to manually disable post-puppet restarts 2016-06-14 16:10:10 +02:00
puppet-pacemaker.yaml pacemaker remote profile support 2017-01-24 12:18:14 +01:00
puppet-tenant-vlan.yaml Remove NeutronEnableTunnelling from templates 2016-08-12 20:46:38 -02:30
securetty.yaml Adds service for managing securetty 2017-04-06 13:30:50 +01:00
sshd-banner.yaml Adds SSH Banner text into sshd_config 2017-01-26 11:04:01 +00:00
storage-environment.yaml Re-add NFS backend for Glance 2016-10-21 16:22:40 +02:00
tls-endpoints-public-dns.yaml adding Congress Support 2017-02-10 09:59:38 -05:00
tls-endpoints-public-ip.yaml adding Congress Support 2017-02-10 09:59:38 -05:00
tls-everywhere-endpoints-dns.yaml adding Congress Support 2017-02-10 09:59:38 -05:00
undercloud.yaml Make heat max_json_body_size configurable 2017-02-24 10:11:37 -05:00
use-dns-for-vips.yaml Stop using puppet to configure VIPs in /etc/hosts 2016-11-27 13:20:33 -05:00

README.md

This directory contains Heat environment file snippets which can be used to enable features in the Overcloud.

Configuration

These can be enabled using the -e [path to environment yaml] option with heatclient.

Below is an example of how to enable the Ceph template using devtest_overcloud.sh:

export OVERCLOUD\_CUSTOM\_HEAT\_ENV=$TRIPLEO\_ROOT/tripleo-heat-templates/environments/ceph_devel.yaml