You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
185 lines
8.8 KiB
185 lines
8.8 KiB
resource_registry: |
|
OS::TripleO::Services::Tmpwatch: ../deployment/logrotate/tmpwatch-install.yaml |
|
OS::TripleO::Network::Ports::RedisVipPort: ../network/ports/noop.yaml |
|
OS::TripleO::Network::Ports::OVNDBsVipPort: ../network/ports/noop.yaml |
|
OS::TripleO::Network::Ports::ControlPlaneVipPort: ../deployed-server/deployed-neutron-port.yaml |
|
OS::TripleO::NodeExtraConfigPost: ../extraconfig/post_deploy/undercloud_post.yaml |
|
OS::TripleO::Services::DockerRegistry: ../deployment/image-serve/image-serve-baremetal-ansible.yaml |
|
OS::TripleO::Services::ContainerImagePrepare: ../deployment/container-image-prepare/container-image-prepare-baremetal-ansible.yaml |
|
# Allows us to control the external VIP for Undercloud SSL |
|
OS::TripleO::Network::Ports::ExternalVipPort: ../network/ports/external_from_pool.yaml |
|
|
|
OS::TripleO::Services::ComputeNeutronOvsAgent: ../deployment/neutron/neutron-ovs-agent-container-puppet.yaml |
|
OS::TripleO::Services::NeutronOvsAgent: ../deployment/neutron/neutron-ovs-agent-container-puppet.yaml |
|
OS::TripleO::Services::NeutronDhcpAgent: ../deployment/neutron/neutron-dhcp-container-puppet.yaml |
|
OS::TripleO::Services::NeutronL3Agent: ../deployment/neutron/neutron-l3-container-puppet.yaml |
|
OS::TripleO::Services::NeutronCorePlugin: ../deployment/neutron/neutron-plugin-ml2-container-puppet.yaml |
|
OS::TripleO::Services::NeutronMl2PluginBase: ../deployment/neutron/neutron-plugin-ml2.yaml |
|
|
|
OS::TripleO::Services::OpenStackClients: ../deployment/clients/openstack-clients-baremetal-ansible.yaml |
|
|
|
# services we disable by default on the undercloud |
|
OS::TripleO::Services::AodhApi: OS::Heat::None |
|
OS::TripleO::Services::AodhEvaluator: OS::Heat::None |
|
OS::TripleO::Services::AodhNotifier: OS::Heat::None |
|
OS::TripleO::Services::AodhListener: OS::Heat::None |
|
OS::TripleO::Services::CeilometerAgentCentral: OS::Heat::None |
|
OS::TripleO::Services::CeilometerAgentNotification: OS::Heat::None |
|
OS::TripleO::Services::CeilometerAgentIpmi: OS::Heat::None |
|
OS::TripleO::Services::GnocchiApi: OS::Heat::None |
|
OS::TripleO::Services::GnocchiMetricd: OS::Heat::None |
|
OS::TripleO::Services::GnocchiStatsd: OS::Heat::None |
|
OS::TripleO::Services::Rear: OS::Heat::None |
|
OS::TripleO::Services::Redis: OS::Heat::None |
|
OS::TripleO::Services::CinderApi: OS::Heat::None |
|
OS::TripleO::Services::CinderScheduler: OS::Heat::None |
|
OS::TripleO::Services::CinderVolume: OS::Heat::None |
|
OS::TripleO::Services::HeatApiCfn: OS::Heat::None |
|
OS::TripleO::Services::NovaApi: OS::Heat::None |
|
OS::TripleO::Services::NovaConductor: OS::Heat::None |
|
OS::TripleO::Services::NovaIronic: OS::Heat::None |
|
OS::TripleO::Services::NovaMetadata: OS::Heat::None |
|
OS::TripleO::Services::NovaScheduler: OS::Heat::None |
|
OS::TripleO::Services::PlacementApi: OS::Heat::None |
|
OS::TripleO::Services::Logging::PlacementApi: OS::Heat::None |
|
OS::TripleO::Services::GlanceApi: OS::Heat::None |
|
OS::TripleO::Services::NeutronMetadataAgent: OS::Heat::None |
|
OS::TripleO::Services::SwiftProxy: OS::Heat::None |
|
OS::TripleO::Services::SwiftStorage: OS::Heat::None |
|
OS::TripleO::Services::SwiftRingBuilder: OS::Heat::None |
|
|
|
# Services we don't ever want configured. See LP#1824030 |
|
OS::TripleO::Services::Pacemaker: OS::Heat::None |
|
OS::TripleO::Services::PacemakerRemote: OS::Heat::None |
|
OS::TripleO::Services::Clustercheck: OS::Heat::None |
|
|
|
# Ensure non-pacemaker versions. See LP#1824030 |
|
# CinderVolume is set to None above and OVNdbs is currently not in the list in role_data_undercloud.yaml so |
|
# avoiding that as well until the UC switches to OVN |
|
OS::TripleO::Services::MySQL: ../deployment/database/mysql-container-puppet.yaml |
|
OS::TripleO::Services::OsloMessagingRpc: ../deployment/rabbitmq/rabbitmq-messaging-rpc-container-puppet.yaml |
|
OS::TripleO::Services::OsloMessagingNotify: ../deployment/rabbitmq/rabbitmq-messaging-notify-shared-puppet.yaml |
|
|
|
# Enable Podman on the Undercloud. |
|
# This line will drop in Stein when it becomes the default. |
|
OS::TripleO::Services::Podman: ../deployment/podman/podman-baremetal-ansible.yaml |
|
|
|
# https://bugs.launchpad.net/tripleo/+bug/1850562 |
|
OS::TripleO::Services::Rsyslog: ../deployment/logging/rsyslog-baremetal-ansible.yaml |
|
|
|
# Undercloud HA services |
|
OS::TripleO::Services::HAproxy: OS::Heat::None |
|
|
|
# Don't create OVN Chassis MAC address nets/ports on the undercloud |
|
OS::TripleO::OVNMacAddressNetwork: OS::Heat::None |
|
OS::TripleO::OVNMacAddressPort: OS::Heat::None |
|
|
|
parameter_defaults: |
|
# ensure we enable ip_forward before docker gets run |
|
KernelIpForward: 1 |
|
KernelIpNonLocalBind: 1 |
|
KeystoneCorsAllowedOrigin: '*' |
|
KeystoneEnableMember: true |
|
# Increase the Token expiration time until we fix the actual session bug: |
|
# https://bugs.launchpad.net/tripleo/+bug/1761050 |
|
TokenExpiration: 14400 |
|
EnablePackageInstall: true |
|
StackAction: CREATE |
|
NeutronTunnelTypes: [] |
|
NeutronBridgeMappings: ctlplane:br-ctlplane |
|
NeutronAgentExtensions: [] |
|
NeutronFlatNetworks: '*' |
|
HeatConvergenceEngine: true |
|
HeatCorsAllowedOrigin: '*' |
|
HeatMaxNestedStackDepth: 7 |
|
HeatMaxResourcesPerStack: -1 |
|
HeatMaxJsonBodySize: 4194304 |
|
HeatReauthenticationAuthMethod: 'trusts' |
|
HeatYaqlLimitIterators: 10000 |
|
HeatYaqlMemoryQuota: 200000 |
|
# Disable non-lifecycle stack actions like |
|
# snapshot, resume, cancel update and stack check. |
|
HeatApiPolicies: |
|
heat-deny-action: |
|
key: 'actions:action' |
|
value: 'rule:deny_everybody' |
|
IronicCleaningDiskErase: 'metadata' |
|
IronicCorsAllowedOrigin: '*' |
|
IronicDefaultInspectInterface: 'inspector' |
|
IronicDefaultResourceClass: 'baremetal' |
|
IronicEnabledHardwareTypes: ['ipmi', 'redfish', 'idrac', 'ilo'] |
|
IronicEnabledBootInterfaces: ['pxe', 'ilo-pxe'] |
|
IronicEnabledConsoleInterfaces: ['ipmitool-socat', 'ilo', 'no-console'] |
|
IronicEnabledDeployInterfaces: ['direct', 'ansible'] |
|
IronicEnabledInspectInterfaces: ['inspector', 'no-inspect'] |
|
IronicEnabledManagementInterfaces: ['ipmitool', 'redfish', 'idrac', 'ilo'] |
|
# NOTE(dtantsur): disabling advanced networking as it's not used (or |
|
# configured) in the undercloud |
|
IronicEnabledNetworkInterfaces: ['flat'] |
|
IronicEnabledPowerInterfaces: ['ipmitool', 'redfish', 'idrac', 'ilo'] |
|
# NOTE(dtantsur): disabling the "agent" RAID as our ramdisk does not contain |
|
# any vendor-specific RAID additions. |
|
IronicEnabledRaidInterfaces: ['no-raid'] |
|
# NOTE(dtantsur): we don't use boot-from-cinder on the undercloud |
|
IronicEnabledStorageInterfaces: ['noop'] |
|
IronicEnabledVendorInterfaces: ['ipmitool', 'idrac', 'no-vendor'] |
|
IronicEnableStagingDrivers: true |
|
IronicCleaningNetwork: 'ctlplane' |
|
IronicForcePowerStateDuringSync: false |
|
# NOTE(dtantsur): remove if/when swift is removed from the undercloud. |
|
IronicImageDownloadSource: swift |
|
IronicInspectorCollectors: default,extra-hardware,numa-topology,logs |
|
IronicInspectorInterface: br-ctlplane |
|
# IronicInspectorSubnets: |
|
# - ip_range: '192.168.24.100,192.168.24.200' |
|
IronicInspectorUseSwift: false |
|
IronicInspectorStorageBackend: 'database' |
|
IronicProvisioningNetwork: 'ctlplane' |
|
IronicRescuingNetwork: 'ctlplane' |
|
NeutronServicePlugins: router,segments |
|
NeutronMechanismDrivers: ['openvswitch', 'baremetal'] |
|
NeutronNetworkVLANRanges: 'physnet1:1000:2999' |
|
NeutronPluginExtensions: port_security,dns_domain_ports |
|
NeutronOVSFirewallDriver: '' |
|
NeutronNetworkType: ['local','flat','vlan','gre','vxlan'] |
|
NeutronTunnelIdRanges: '20:100' |
|
NeutronTypeDrivers: ['local','flat','vlan','gre','vxlan'] |
|
NeutronVniRanges: '10:100' |
|
NeutronEnableDVR: false |
|
NeutronPortQuota: '-1' |
|
# This allows MTU > 1500 for the overcloud if local_mtu is set to 1500 |
|
# See LP#1826729 |
|
TenantNetPhysnetMtu: 0 |
|
# A list of static routes for the control plane network. Ensure traffic to |
|
# nodes on remote control plane networks use the correct network path. |
|
# Example: |
|
# ControlPlaneStaticRoutes: |
|
# - ip_netmask: 192.168.25.0/24 |
|
# next_hop: 192.168.24.1 |
|
# - ip_netmask: 192.168.26.0/24 |
|
# next_hop: 192.168.24.1 |
|
ControlPlaneStaticRoutes: [] |
|
# A dictionary of Undercloud ctlplane subnets. |
|
# NOTE(hjensas): This should be {} in this environment file, otherwise it may |
|
# results in values set here being merged with the values set in |
|
# undercloud.conf. See Bug: https://bugs.launchpad.net/tripleo/+bug/1820330 |
|
# Example: |
|
# UndercloudCtlplaneSubnets: |
|
# ctlplane-subnet: |
|
# NetworkCidr: '192.168.24.0/24' |
|
# NetworkGateway: '192.168.24.1' |
|
# DhcpRangeStart: '192.168.24.5' |
|
# DhcpRangeEnd: '192.168.24.24' |
|
# HostRoutes: |
|
# - {'destination': '10.10.10.0/24', 'nexthop': '192.168.24.254'} |
|
UndercloudCtlplaneSubnets: {} |
|
UndercloudCtlplaneLocalSubnet: 'ctlplane-subnet' |
|
UndercloudNetworkConfigTemplate: 'templates/undercloud.j2' |
|
PasswordAuthentication: 'yes' |
|
HeatEngineOptVolumes: |
|
- /usr/lib/heat:/usr/lib/heat:ro |
|
MySQLServerOptions: |
|
mysqld: |
|
connect_timeout: 60 |
|
SshFirewallAllowAll: true |
|
NetworkSafeDefaults: false
|
|
|