# Deploy an HA openstack environment with an IPA Server.

# TLS everywhere related vars. #
# This enables TLS for the undercloud which will also make haproxy bind to the
# configured public-vip and admin-vip.
undercloud_generate_service_certificate: true
enable_tls_everywhere: true
novajoin_connect_timeout: 60
novajoin_read_timeout: 60
# Set the FreeIPA server IP
freeipa_internal_ip: "{{ external_network_cidr|nthhost(10) }}"
# We'll use FreeIPA as the nameserver
nameserver_from_virthost: false
containerized_overcloud: >-
  {% if release in ['newton', 'ocata'] -%}
  false
  {%- else -%}
  true
  {%- endif -%}

# Extra
undercloud_enable_ui: false
enable_port_forward_for_tripleo_ui: false

# Set node hostnames.
tripleo_domain: ooo.test
freeipa_server_hostname: "ipa.{{ tripleo_domain }}"
undercloud_undercloud_hostname: "undercloud.{{ tripleo_domain }}"
overcloud_cloud_name: "overcloud.{{ tripleo_domain }}"
overcloud_cloud_domain: "{{ tripleo_domain }}"
overcloud_cloud_name_internal: "overcloud.internalapi.{{ tripleo_domain }}"
overcloud_cloud_name_storage: "overcloud.storage.{{ tripleo_domain }}"
overcloud_cloud_name_storage_management: "overcloud.storagemgmt.{{ tripleo_domain }}"
overcloud_cloud_name_ctlplane: "overcloud.ctlplane.{{ tripleo_domain }}"

# Define FreeIPA server as DNS server for under/overcloud.
custom_nameserver:
  - "{{ freeipa_internal_ip }}"
undercloud_undercloud_nameservers: ["{{ freeipa_internal_ip }}"]
overcloud_dns_servers: ["{{ freeipa_internal_ip }}"]

ctlplane_masquerade: >-
  {% if release not in ['newton','ocata','pike','queens'] -%}
  true
  {%- else -%}
  false
  {%- endif -%}

# Supplemental node related vars. #
# Ensure that the FreeIPA server node is provisioned during deployment.
deploy_supplemental_node: true
supplemental_user: stack
supplemental_node_ip: "{{ freeipa_internal_ip }}"
supplemental_image_url: https://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud.qcow2

# We don't need introspection in a virtual environment (because we are
# creating all the "hardware" we really know the necessary information).
step_introspect: false

# Tell tripleo about our environment.
network_isolation: true
network_isolation_type: 'single-nic-vlans'
extra_args: ''
test_ping: true
enable_pacemaker: true
run_tempest: false

# Options below direct automatic doc generation by tripleo-collect-logs.
artcl_gen_docs: true
artcl_create_docs_payload:
  included_deployment_scripts:
    - undercloud-install
    - novajoin_prep
    - install_novajoin
    - overcloud-custom-tht-script
    - overcloud-prep-flavors
    - overcloud-prep-images
    - overcloud-prep-network
    - overcloud-deploy
    - overcloud-deploy-post
    - overcloud-validate
  included_static_docs:
    - env-setup-virt
  table_of_contents:
    - env-setup-virt
    - novajoin_prep
    - install_novajoin
    - undercloud-install
    - overcloud-custom-tht-script
    - overcloud-prep-flavors
    - overcloud-prep-images
    - overcloud-prep-network
    - overcloud-deploy
    - overcloud-deploy-post
    - overcloud-validate