starlingx
/
openstack-armada-app
Code Issues Proposed changes
StarlingX OpenStack Armada App
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
419 Commits
6 Branches
9 Tags
5.0 MiB
 
 
 
 
Tree: 280b90157b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '280b90157b'
${ noResults }
openstack-armada-app/stx-openstack-helm/stx-openstack-helm/manifests/manifest.yaml

4014 lines
137 KiB
Raw Blame History

<
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-psp-rolebinding
data:
chart_name: openstack-psp-rolebinding
dependencies: []
namespace: openstack
release: openstack-psp-rolebinding
source:
location: http://172.17.0.1/helm_charts/starlingx/psp-rolebinding-0.1.0.tgz
subpath: psp-rolebinding
type: tar
reference: master
upgrade:
no_hooks: false
pre:
delete:
- labels:
release_group: osh-openstack-psp-rolebinding
type: job
wait:
labels:
release_group: osh-openstack-psp-rolebinding
resources: []
timeout: 1800
values:
rolebindingNamespace: openstack
serviceAccount: openstack
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: helm-toolkit
data:
chart_name: openstack-helm-toolkit
release: helm-toolkit
namespace: helm-toolkit
values: {}
source:
type: tar
location: http://172.17.0.1/helm_charts/starlingx/helm-toolkit-0.2.19.tgz
subpath: helm-toolkit
reference: master
dependencies: []
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-ingress
data:
chart_name: ingress
release: openstack-ingress
namespace: openstack
wait:
timeout: 1800
labels:
release_group: osh-openstack-ingress
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: osh-openstack-ingress
values:
labels:
server:
node_selector_key: openstack-control-plane
node_selector_value: enabled
error_server:
node_selector_key: openstack-control-plane
node_selector_value: enabled
images:
tags:
image_repo_sync: null
ingress_module_init: null
ingress_routed_vip: null
keepalived: null
pod:
replicas:
error_page: 2
ingress: 2
affinity:
anti:
type:
default: requiredDuringSchedulingIgnoredDuringExecution
conf:
ingress:
worker-processes: '4'
bind-address: "::"
source:
type: tar
location: http://172.17.0.1/helm_charts/starlingx/ingress-0.2.3.tgz
subpath: ingress
reference: master
dependencies:
- helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-nginx-ports-control
data:
chart_name: nginx-ports-control
release: openstack-nginx-ports-control
namespace: openstack
values: {}
wait:
timeout: 1800
resources: []
labels:
release_group: osh-openstack-nginx-ports-control
source:
type: tar
location: http://172.17.0.1/helm_charts/starlingx/nginx-ports-control-0.1.0.tgz
subpath: nginx-ports-control
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: osh-openstack-nginx-ports-control
dependencies: []
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-mariadb
data:
chart_name: mariadb
release: openstack-mariadb
namespace: openstack
wait:
timeout: 1800
labels:
release_group: osh-openstack-mariadb
test:
enabled: false
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: osh-openstack-mariadb
values:
manifests:
pod_test: false
monitoring:
prometheus:
enabled: false
labels:
server:
node_selector_key: openstack-control-plane
node_selector_value: enabled
prometheus_mysql_exporter:
node_selector_key: openstack-control-plane
node_selector_value: enabled
images:
tags:
image_repo_sync: null
prometheus_mysql_exporter: null
prometheus_mysql_exporter_helm_tests: null
mariadb_backup: docker.io/openstackhelm/mariadb:10.2.18
mariadb: docker.io/openstackhelm/mariadb:ubuntu_xenial-20200303
scripted_test: null
pod:
probes:
server:
mariadb:
readiness:
enabled: true
startup:
enabled: true
liveness:
enabled: true
affinity:
anti:
type:
default: requiredDuringSchedulingIgnoredDuringExecution
conf:
ingress_conf:
worker-processes: '4'
database:
config_override: |
[mysqld]
wait_timeout=3600
wsrep_provider_options="gmcast.listen_addr=tcp://0.0.0.0:{{ tuple "oslo_db" "direct" "wsrep" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}"
tolerations:
- effect: NoExecute
operator: Exists
source:
type: tar
location: http://172.17.0.1/helm_charts/starlingx/mariadb-0.2.5.tgz
subpath: mariadb
dependencies:
- helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-garbd
data:
chart_name: garbd
release: openstack-garbd
namespace: openstack
wait:
timeout: 1800
labels:
release_group: osh-openstack-garbd
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: osh-openstack-garbd
values:
labels:
server:
node_selector_key: openstack-compute-node
node_selector_value: enabled
images:
tags:
garbd: docker.io/starlingx/stx-mariadb:master-centos-stable-latest
image_repo_sync: null
source:
type: tar
location: http://172.17.0.1/helm_charts/starlingx/garbd-0.1.0.tgz
subpath: garbd
dependencies:
- helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-memcached
data:
chart_name: memcached
release: openstack-memcached
namespace: openstack
wait:
timeout: 1800
labels:
release_group: osh-openstack-memcached
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: osh-openstack-memcached
values:
labels:
server:
node_selector_key: openstack-control-plane
node_selector_value: enabled
prometheus_memcached_exporter:
node_selector_key: openstack-control-plane
node_selector_value: enabled
monitoring:
prometheus:
enabled: false
images:
tags:
image_repo_sync: null
prometheus_memcached_exporter: null
source:
type: tar
location: http://172.17.0.1/helm_charts/starlingx/memcached-0.1.4.tgz
subpath: memcached
reference: master
dependencies:
- helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-rabbitmq
data:
chart_name: rabbitmq
release: openstack-rabbitmq
namespace: openstack
wait:
timeout: 1800
labels:
release_group: osh-openstack-rabbitmq
test:
enabled: false
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: osh-openstack-rabbitmq
- type: pod
labels:
release_group: osh-openstack-rabbitmq
component: test
values:
monitoring:
prometheus:
enabled: false
labels:
server:
node_selector_key: openstack-control-plane
node_selector_value: enabled
prometheus_rabbitmq_exporter:
node_selector_key: openstack-control-plane
node_selector_value: enabled
images:
tags:
image_repo_sync: null
prometheus_rabbitmq_exporter: null
prometheus_rabbitmq_exporter_helm_tests: null
rabbitmq_init: docker.io/starlingx/stx-heat:master-centos-stable-latest
scripted_test: docker.io/rabbitmq:3.7.24-management
rabbitmq: docker.io/rabbitmq:3.7.24
pod:
affinity:
anti:
type:
default: requiredDuringSchedulingIgnoredDuringExecution
probes:
readiness:
periodSeconds: 30
liveness:
periodSeconds: 30
# TODO: Revert to upstream defaults once the following LP is resolved:
# https://bugs.launchpad.net/starlingx/+bug/1814595. By changing this PV
# size to 1Gi from the default 265Mi, this avoids the kernel hang from the
# filesystem race as seen in the LP.
volume:
size: 1Gi
tolerations:
- effect: NoExecute
operator: Exists
source:
type: tar
location: http://172.17.0.1/helm_charts/starlingx/rabbitmq-0.1.13.tgz
subpath: rabbitmq
reference: master
dependencies:
- helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-keystone
data:
chart_name: keystone
release: openstack-keystone
namespace: openstack
wait:
timeout: 1800
labels:
release_group: osh-openstack-keystone
test:
enabled: false
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: osh-openstack-keystone
- type: pod
labels:
release_group: osh-openstack-keystone
component: test
values:
manifests:
job_credential_cleanup: false
endpoints:
oslo_messaging:
statefulset:
name: osh-openstack-rabbitmq-rabbitmq
identity:
name: keystone
namespace: openstack
force_public_endpoint: true
labels:
api:
node_selector_key: openstack-control-plane
node_selector_value: enabled
job:
node_selector_key: openstack-control-plane
node_selector_value: enabled
images:
tags:
bootstrap: docker.io/starlingx/stx-heat:master-centos-stable-latest
db_drop: docker.io/starlingx/stx-heat:master-centos-stable-latest
db_init: docker.io/starlingx/stx-heat:master-centos-stable-latest
image_repo_sync: null
keystone_api: docker.io/starlingx/stx-keystone:master-centos-stable-latest
keystone_credential_rotate: docker.io/starlingx/stx-keystone:master-centos-stable-latest
keystone_credential_setup: docker.io/starlingx/stx-keystone:master-centos-stable-latest
keystone_credential_cleanup: null
keystone_db_sync: docker.io/starlingx/stx-keystone:master-centos-stable-latest
keystone_domain_manage: docker.io/starlingx/stx-keystone:master-centos-stable-latest
keystone_fernet_rotate: docker.io/starlingx/stx-keystone:master-centos-stable-latest
keystone_fernet_setup: docker.io/starlingx/stx-keystone:master-centos-stable-latest
ks_user: docker.io/starlingx/stx-heat:master-centos-stable-latest
test: null
pod:
user:
keystone:
uid: 0
replicas:
api: 2
affinity:
anti:
type:
default: requiredDuringSchedulingIgnoredDuringExecution
security_context:
keystone:
pod:
runAsUser: 0
conf:
wsgi_keystone: |
{{- $portInt := tuple "identity" "internal" "api" $ | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
Listen :::{{ $portInt }}
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
CustomLog /dev/stdout combined env=!forwarded
CustomLog /dev/stdout proxy env=forwarded
WSGISocketPrefix /var/run/httpd/wsgi
<VirtualHost *:{{ $portInt }}>
WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP} python-home=/var/lib/openstack socket-user=apache
WSGIProcessGroup keystone-public
WSGIScriptAlias / /var/www/cgi-bin/keystone/keystone-wsgi-public
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
<IfVersion >= 2.4>
ErrorLogFormat "%{cu}t %M"
</IfVersion>
ErrorLog /dev/stdout
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
CustomLog /dev/stdout combined env=!forwarded
CustomLog /dev/stdout proxy env=forwarded
</VirtualHost>
bootstrap:
script: |
#NOTE(gagehugo): As of Rocky, keystone creates a member role by default
openstack role create --or-show member
openstack role add \
--user="${OS_USERNAME}" \
--user-domain="${OS_USER_DOMAIN_NAME}" \
--project-domain="${OS_PROJECT_DOMAIN_NAME}" \
--project="${OS_PROJECT_NAME}" \
"member"
# admin needs the admin role for the default domain
openstack role add \
--user="${OS_USERNAME}" \
--domain="${OS_DEFAULT_DOMAIN}" \
"admin"
#STX: exempt admin from auth faillockout
TOKEN=$(openstack token issue -c id -f value)
USER_ID=$(openstack user show ${OS_USERNAME} -c id -f value)
REQ_URL="http://keystone.openstack.svc.cluster.local/v3/users/${USER_ID}"
DATA_JSON="{\"user\": {\"options\": {\"ignore_lockout_failure_attempts\": true}}}"
curl -X PATCH -H "X-Auth-Token: ${TOKEN}" -H "Content-Type: application/json" -d "${DATA_JSON}" "${REQ_URL}"
source:
type: tar
location: http://172.17.0.1/helm_charts/starlingx/keystone-0.1.0.tgz
subpath: keystone
reference: master
dependencies:
- helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-keystone-api-proxy
data:
chart_name: keystone-api-proxy
release: openstack-keystone-api-proxy
namespace: openstack
wait:
timeout: 1800
labels:
release_group: osh-openstack-keystone-api-proxy
test:
enabled: false
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: osh-openstack-keystone-api-proxy
- type: pod
labels:
release_group: osh-openstack-keystone-api-proxy
component: test
values:
endpoints:
identity:
force_public_endpoint: true
images:
tags:
keystone_api_proxy: docker.io/starlingx/stx-keystone-api-proxy:master-centos-stable-latest
ks_endpoints: docker.io/starlingx/stx-heat:master-centos-stable-latest
conf:
keystone_api_proxy:
identity:
bind_host: "::"
remote_host: keystone.openstack.svc.cluster.local
remote_port: 80
source:
type: tar
location: http://172.17.0.1/helm_charts/keystone-api-proxy-0.1.0.tgz
subpath: keystone-api-proxy
reference: master
dependencies:
- helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-barbican
data:
chart_name: barbican
release: openstack-barbican
namespace: openstack
wait:
timeout: 1800
labels:
release_group: osh-openstack-barbican
test:
enabled: false
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: osh-openstack-barbican
- type: pod
labels:
release_group: osh-openstack-barbican
component: test
values:
labels:
api:
node_selector_key: openstack-control-plane
node_selector_value: enabled
job:
node_selector_key: openstack-control-plane
node_selector_value: enabled
images:
tags:
barbican_api: docker.io/starlingx/stx-barbican:master-centos-stable-latest
barbican_db_sync: docker.io/starlingx/stx-barbican:master-centos-stable-latest
bootstrap: docker.io/starlingx/stx-heat:master-centos-stable-latest
db_drop: docker.io/starlingx/stx-heat:master-centos-stable-latest
db_init: docker.io/starlingx/stx-heat:master-centos-stable-latest
image_repo_sync: null
ks_endpoints: docker.io/starlingx/stx-heat:master-centos-stable-latest
ks_service: docker.io/starlingx/stx-heat:master-centos-stable-latest
ks_user: docker.io/starlingx/stx-heat:master-centos-stable-latest
scripted_test: docker.io/starlingx/stx-heat:master-centos-stable-latest
pod:
replicas:
api: 2
affinity:
anti:
type:
default: requiredDuringSchedulingIgnoredDuringExecution
endpoints:
oslo_messaging:
statefulset:
name: osh-openstack-rabbitmq-rabbitmq
identity:
force_public_endpoint: true
conf:
barbican:
barbican_api:
bind_host: "::"
keystone_authtoken:
auth_uri: http://keystone.openstack.svc.cluster.local:80/v3
auth_url: http://keystone.openstack.svc.cluster.local:80/v3
source:
type: tar
location: http://172.17.0.1/helm_charts/starlingx/barbican-0.1.0.tgz
subpath: barbican
reference: master
dependencies:
- helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-ceph-rgw
data:
chart_name: ceph-rgw
release: openstack-ceph-rgw
namespace: openstack
wait:
timeout: 300
resources:
- type: job
labels:
release_group: osh-openstack-ceph-rgw
test:
enabled: false
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: osh-openstack-ceph-rgw
- type: pod
labels:
release_group: osh-openstack-ceph-rgw
component: test
values:
conf:
ceph:
global:
cephx: false
rgw_ks:
enabled: true
endpoints:
object_store:
path:
default: '/swift/v1'
port:
api:
default: null
admin: 7480
internal: 7480
public: 7480
images:
tags:
ceph_config_helper: docker.io/starlingx/ceph-config-helper:v1.15.0
ceph_rgw: null
image_repo_sync: null
ceph_bootstrap: null
ks_endpoints: docker.io/starlingx/stx-heat:master-centos-stable-latest
ks_service: docker.io/starlingx/stx-heat:master-centos-stable-latest
ks_user: docker.io/starlingx/stx-heat:master-centos-stable-latest
rgw_s3_admin: docker.io/starlingx/ceph-config-helper:v1.15.0
labels:
api:
node_selector_key: openstack-control-plane
node_selector_value: enabled
job:
node_selector_key: openstack-control-plane
node_selector_value: enabled
registry:
node_selector_key: openstack-control-plane
node_selector_value: enabled
pod:
replicas:
api: 2
registry: 2
affinity:
anti:
type:
default: requiredDuringSchedulingIgnoredDuringExecution
source:
type: tar
location: http://172.17.0.1/helm_charts/starlingx/ceph-rgw-0.1.15.tgz
subpath: ceph-rgw
reference: master
dependencies:
- helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-glance
data:
chart_name: glance
release: openstack-glance
namespace: openstack
wait:
timeout: 1800
labels:
release_group: osh-openstack-glance
test:
enabled: false
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: osh-openstack-glance
- type: pod
labels:
release_group: osh-openstack-glance
component: test
values:
labels:
api:
node_selector_key: openstack-control-plane
node_selector_value: enabled
job:
node_selector_key: openstack-control-plane
node_selector_value: enabled
registry:
node_selector_key: openstack-control-plane
node_selector_value: enabled
images:
tags:
bootstrap: docker.io/starlingx/stx-heat:master-centos-stable-latest
db_drop: docker.io/starlingx/stx-heat:master-centos-stable-latest
db_init: docker.io/starlingx/stx-heat:master-centos-stable-latest
glance_api: docker.io/starlingx/stx-glance:master-centos-stable-latest
glance_db_sync: docker.io/starlingx/stx-glance:master-centos-stable-latest
glance_registry: docker.io/starlingx/stx-glance:master-centos-stable-latest
glance_storage_init: docker.io/starlingx/ceph-config-helper:v1.15.0
image_repo_sync: null
ks_endpoints: docker.io/starlingx/stx-heat:master-centos-stable-latest
ks_service: docker.io/starlingx/stx-heat:master-centos-stable-latest
ks_user: docker.io/starlingx/stx-heat:master-centos-stable-latest
test: null
glance_metadefs_load: docker.io/starlingx/stx-glance:master-centos-stable-latest
pod:
replicas:
api: 2
registry: 2
affinity:
anti:
type:
default: requiredDuringSchedulingIgnoredDuringExecution
endpoints:
oslo_messaging:
statefulset:
name: osh-openstack-rabbitmq-rabbitmq
identity:
force_public_endpoint: true
conf:
glance:
DEFAULT:
bind_host: "::"
registry_host: glance-reg.openstack.svc.cluster.local
registry_port: 80
keystone_authtoken:
auth_uri: http://keystone.openstack.svc.cluster.local:80/v3
auth_url: http://keystone.openstack.svc.cluster.local:80/v3
glance_registry:
keystone_authtoken:
auth_uri: http://keystone.openstack.svc.cluster.local:80/v3
auth_url: http://keystone.openstack.svc.cluster.local:80/v3
source:
type: tar
location: http://172.17.0.1/helm_charts/starlingx/glance-0.1.0.tgz
subpath: glance
reference: master
dependencies:
- helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-cinder
data:
chart_name: cinder
release: openstack-cinder
namespace: openstack
wait:
timeout: 1800
labels:
release_group: osh-openstack-cinder
test:
enabled: false
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: osh-openstack-cinder
- type: pod
labels:
release_group: osh-openstack-cinder
component: test
values:
labels:
api:
node_selector_key: openstack-control-plane
node_selector_value: enabled
backup:
node_selector_key: openstack-control-plane
node_selector_value: enabled
job:
node_selector_key: openstack-control-plane
node_selector_value: enabled
scheduler:
node_selector_key: openstack-control-plane
node_selector_value: enabled
volume:
node_selector_key: openstack-control-plane
node_selector_value: enabled
images:
tags:
bootstrap: docker.io/starlingx/stx-heat:master-centos-stable-latest
cinder_api: docker.io/starlingx/stx-cinder:master-centos-stable-latest
cinder_backup: docker.io/starlingx/stx-cinder:master-centos-stable-latest
cinder_backup_storage_init: docker.io/starlingx/ceph-config-helper:v1.15.0
cinder_db_sync: docker.io/starlingx/stx-cinder:master-centos-stable-latest
cinder_scheduler: docker.io/starlingx/stx-cinder:master-centos-stable-latest
cinder_storage_init: docker.io/starlingx/ceph-config-helper:v1.15.0
cinder_volume: docker.io/starlingx/stx-cinder:master-centos-stable-latest
cinder_volume_usage_audit: docker.io/starlingx/stx-cinder:master-centos-stable-latest
db_drop: docker.io/starlingx/stx-heat:master-centos-stable-latest
db_init: docker.io/starlingx/stx-heat:master-centos-stable-latest
image_repo_sync: null
ks_endpoints: docker.io/starlingx/stx-heat:master-centos-stable-latest
ks_service: docker.io/starlingx/stx-heat:master-centos-stable-latest
ks_user: docker.io/starlingx/stx-heat:master-centos-stable-latest
test: null
pod:
replicas:
api: 2
volume: 1
scheduler: 1
backup: 1
affinity:
anti:
type:
default: requiredDuringSchedulingIgnoredDuringExecution
endpoints:
oslo_messaging:
statefulset:
name: osh-openstack-rabbitmq-rabbitmq
identity:
force_public_endpoint: true
conf:
cinder:
DEFAULT:
backup_driver: cinder.backup.drivers.ceph.CephBackupDriver
osapi_volume_listen: "::"
glance_api_servers: http://glance.openstack.svc.cluster.local:80/
keystone_authtoken:
interface: internal
auth_uri: http://keystone.openstack.svc.cluster.local:80/v3
auth_url: http://keystone.openstack.svc.cluster.local:80/v3
storage: rbd
source:
type: tar
location: http://172.17.0.1/helm_charts/starlingx/cinder-0.1.0.tgz
subpath: cinder
reference: master
dependencies:
- helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-libvirt
data:
chart_name: libvirt
release: openstack-libvirt
namespace: openstack
wait:
timeout: 1800
labels:
release_group: osh-openstack-libvirt
install:
no_hooks: false
upgrade:
no_hooks: false
values:
ceph_client:
user_secret_name: cinder-volume-rbd-keyring
labels:
agent:
libvirt:
node_selector_key: openstack-compute-node
node_selector_value: enabled
conf:
ceph:
enabled: true
kubernetes:
cgroup: "k8s-infra"
libvirt:
listen_addr: "::"
images:
tags:
image_repo_sync: null
libvirt: docker.io/starlingx/stx-libvirt:master-centos-stable-latest
ceph_config_helper: docker.io/starlingx/ceph-config-helper:v1.15.0
source:
type: tar
location: http://172.17.0.1/helm_charts/starlingx/libvirt-0.1.7.tgz
subpath: libvirt
reference: master
dependencies:
- helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-openvswitch
data:
chart_name: openvswitch
release: openstack-openvswitch
namespace: openstack
wait:
timeout: 1800
labels:
release_group: osh-openstack-openvswitch
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: osh-openstack-openvswitch
values:
labels:
ovs:
node_selector_key: openvswitch
node_selector_value: enabled
images:
tags:
image_repo_sync: null
openvswitch_db_server: docker.io/starlingx/stx-ovs:master-centos-stable-latest
openvswitch_vswitchd: docker.io/starlingx/stx-ovs:master-centos-stable-latest
source:
type: tar
location: http://172.17.0.1/helm_charts/starlingx/openvswitch-0.1.5.tgz
subpath: openvswitch
reference: master
dependencies:
- helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-nova
data:
chart_name: nova
release: openstack-nova
namespace: openstack
wait:
timeout: 1800
labels:
release_group: osh-openstack-nova
test:
enabled: false
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: osh-openstack-nova
values:
endpoints:
oslo_messaging:
statefulset:
name: osh-openstack-rabbitmq-rabbitmq
compute:
hosts:
public: nova-api-internal
manifests:
job_ks_endpoints: false
ingress_osapi: true
service_ingress_osapi: true
cron_job_cell_setup: false
statefulset_compute_ironic: false
deployment_placement: false
ingress_placement: false
job_db_init_placement: false
job_ks_placement_endpoints: false
job_ks_placement_service: false
job_ks_placement_user: false
pdb_placement: false
secret_keystone_placement: false
service_ingress_placement: false
service_placement: false
deployment_consoleauth: false
labels:
agent:
compute:
node_selector_key: openstack-compute-node
node_selector_value: enabled
compute_ironic:
node_selector_key: openstack-ironic
node_selector_value: enabled
api_metadata:
node_selector_key: openstack-control-plane
node_selector_value: enabled
conductor:
node_selector_key: openstack-control-plane
node_selector_value: enabled
consoleauth:
node_selector_key: openstack-control-plane
node_selector_value: enabled
job:
node_selector_key: openstack-control-plane
node_selector_value: enabled
novncproxy:
node_selector_key: openstack-control-plane
node_selector_value: enabled
osapi:
node_selector_key: openstack-control-plane
node_selector_value: enabled
scheduler:
node_selector_key: openstack-control-plane
node_selector_value: enabled
spiceproxy:
node_selector_key: openstack-control-plane
node_selector_value: enabled
test:
node_selector_key: openstack-control-plane
node_selector_value: enabled
images:
tags:
bootstrap: docker.io/starlingx/stx-heat:master-centos-stable-latest
db_drop: docker.io/starlingx/stx-heat:master-centos-stable-latest
db_init: docker.io/starlingx/stx-heat:master-centos-stable-latest
image_repo_sync: null
ks_user: docker.io/starlingx/stx-heat:master-centos-stable-latest
ks_service: docker.io/starlingx/stx-heat:master-centos-stable-latest
ks_endpoints: docker.io/starlingx/stx-heat:master-centos-stable-latest
nova_api: docker.io/starlingx/stx-nova:master-centos-stable-latest
nova_cell_setup: docker.io/starlingx/stx-nova:master-centos-stable-latest
nova_cell_setup_init: docker.io/starlingx/stx-heat:master-centos-stable-latest
nova_compute: docker.io/starlingx/stx-nova:master-centos-stable-latest
nova_compute_ironic: docker.io/starlingx/stx-nova:master-centos-stable-latest
nova_compute_ssh: docker.io/starlingx/stx-nova:master-centos-stable-latest
nova_conductor: docker.io/starlingx/stx-nova:master-centos-stable-latest
nova_consoleauth: docker.io/starlingx/stx-nova:master-centos-stable-latest
nova_db_sync: docker.io/starlingx/stx-nova:master-centos-stable-latest
nova_novncproxy: docker.io/starlingx/stx-nova:master-centos-stable-latest
nova_novncproxy_assets: docker.io/starlingx/stx-nova:master-centos-stable-latest
nova_placement: docker.io/starlingx/stx-nova:master-centos-stable-latest
nova_scheduler: docker.io/starlingx/stx-nova:master-centos-stable-latest
nova_service_cleaner: docker.io/starlingx/ceph-config-helper:v1.15.0
nova_spiceproxy: docker.io/starlingx/stx-nova:master-centos-stable-latest
nova_spiceproxy_assets: docker.io/starlingx/stx-nova:master-centos-stable-latest
nova_storage_init: docker.io/starlingx/ceph-config-helper:v1.15.0
test: null
pod:
useHostNetwork:
novncproxy: false
use_fqdn:
compute: false
replicas:
api_metadata: 1
osapi: 1
conductor: 1
consoleauth: 1
scheduler: 1
novncproxy: 1
affinity:
anti:
type:
default: requiredDuringSchedulingIgnoredDuringExecution
user:
nova:
uid: 0
security_context:
nova:
pod:
runAsUser: 0
probes:
readiness:
nova_scheduler:
enabled: false
liveness:
nova_scheduler:
enabled: false
conf:
ceph:
enabled: true
policy:
os_compute_api:limits: '@'
os_compute_api:os-availability-zone:list: '@'
nova:
DEFAULT:
allow_resize_to_same_host: true
default_mempages_size: 2048
reserved_host_memory_mb: 0
compute_monitors: cpu.virt_driver
running_deleted_instance_poll_interval: 60
mkisofs_cmd: /usr/bin/genisoimage
network_allocate_retries: 2
# Set number of block device allocate retries and interval
# for volume create when VM boots and creates a new volume.
# The total block allocate retries time is set to 2 hours
# to satisfy the volume allocation time on slow RPM disks
# which may take 1 hour and a half per volume when several
# volumes are created in parallel.
block_device_allocate_retries_interval: 3
block_device_allocate_retries: 2400
disk_allocation_ratio: 1.0
cpu_allocation_ratio: 16.0
ram_allocation_ratio: 1.0
remove_unused_original_minimum_age_seconds: 3600
enable_new_services: false
map_new_hosts: false
# Increase from default of 60 seconds to avoid services being
# declared down during controller swacts, reboots, etc...
service_down_time: 90
long_rpc_timeout: 400
osapi_compute_listen: "::"
metadata_listen: "::"
metadata_host: "::"
my_ip: "::"
keystone_authtoken:
interface: internal
auth_uri: http://keystone.openstack.svc.cluster.local:80/v3
auth_url: http://keystone.openstack.svc.cluster.local:80/v3
vnc:
novncproxy_host: "::"
vncserver_listen: "::"
spice:
html5proxy_host: "::"
server_listen: "::"
compute:
max_concurrent_disk_ops: 2
libvirt:
cpu_mode: host-model
live_migration_completion_timeout: 180
live_migration_permit_auto_converge: true
mem_stats_period_seconds: 0
rbd_user: cinder
# Allow up to 1 day for resize conf
remove_unused_resized_minimum_age_seconds: 86400
database:
idle_timeout: 60
max_overflow: 64
max_pool_size: 1
api_database:
idle_timeout: 60
max_overflow: 64
max_pool_size: 1
cell0_database:
idle_timeout: 60
max_overflow: 64
max_pool_size: 1
glance:
api_servers: http://glance.openstack.svc.cluster.local:80/
ironic:
api_endpoint: http://ironic.openstack.svc.cluster.local:80/
auth_url: http://keystone.openstack.svc.cluster.local:80/v3
placement:
auth_url: http://keystone.openstack.svc.cluster.local:80/v3
neutron:
default_floating_pool: public
url: http://neutron.openstack.svc.cluster.local:80/
auth_url: http://keystone.openstack.svc.cluster.local:80/v3
notifications:
notification_format: unversioned
filter_scheduler:
build_failure_weight_multiplier: 0.0
cpu_weight_multiplier: 0.0
disk_weight_multiplier: 0.0
enabled_filters:
- RetryFilter
- ComputeFilter
- AvailabilityZoneFilter
- AggregateInstanceExtraSpecsFilter
- ComputeCapabilitiesFilter
- ImagePropertiesFilter
- NUMATopologyFilter
- ServerGroupAffinityFilter
- ServerGroupAntiAffinityFilter
- PciPassthroughFilter
pci_weight_multiplier: 0.0
ram_weight_multiplier: 0.0
shuffle_best_same_weighed_hosts: true
soft_affinity_weight_multiplier: 20.0
soft_anti_affinity_weight_multiplier: 20.0
scheduler:
workers: 1
discover_hosts_in_cells_interval: 30
periodic_task_interval: -1
service_user:
auth_url: http://keystone.openstack.svc.cluster.local:80/v3
send_service_user_token: true
metrics:
required: false
workarounds:
enable_numa_live_migration: true
hypervisor:
address_search_enabled: false
network:
sshd:
enabled: true
console:
address_search_enabled: false
source:
type: tar
location: http://172.17.0.1/helm_charts/starlingx/nova-0.1.0.tgz
subpath: nova
reference: master
dependencies:
- helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-placement
data:
chart_name: placement
release: openstack-placement
namespace: openstack
wait:
timeout: 1800
labels:
release_group: osh-openstack-placement
test:
enabled: false
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: osh-openstack-placement
values:
endpoints:
identity:
force_public_endpoint: true
labels:
placement:
node_selector_key: openstack-control-plane
node_selector_value: enabled
job:
node_selector_key: openstack-control-plane
node_selector_value: enabled
images:
tags:
db_drop: docker.io/starlingx/stx-heat:master-centos-stable-latest
db_init: docker.io/starlingx/stx-heat:master-centos-stable-latest
image_repo_sync: null
ks_user: docker.io/starlingx/stx-heat:master-centos-stable-latest
ks_service: docker.io/starlingx/stx-heat:master-centos-stable-latest
ks_endpoints: docker.io/starlingx/stx-heat:master-centos-stable-latest
placement: docker.io/starlingx/stx-placement:master-centos-stable-latest
placement_db_sync: docker.io/starlingx/stx-placement:master-centos-stable-latest
pod:
replicas:
placement: 1
affinity:
anti:
type:
default: requiredDuringSchedulingIgnoredDuringExecution
user:
placement:
uid: 42424
conf:
placement:
DEFAULT:
log_config_append: /etc/placement/logging.conf
keystone_authtoken:
auth_uri: http://keystone.openstack.svc.cluster.local:80/v3
auth_url: http://keystone.openstack.svc.cluster.local:80/v3
wsgi_placement: |
Listen :::{{ tuple "placement" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
CustomLog /dev/stdout combined env=!forwarded
CustomLog /dev/stdout proxy env=forwarded
WSGISocketPrefix /var/run/httpd/wsgi
<VirtualHost *:{{ tuple "placement" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}>
WSGIDaemonProcess placement-api processes=4 threads=1 user=placement group=placement display-name=%{GROUP} python-home=/var/lib/openstack socket-user=apache
WSGIProcessGroup placement-api
WSGIScriptAlias / /var/www/cgi-bin/placement/placement-api
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
<IfVersion >= 2.4>
ErrorLogFormat "%{cu}t %M"
</IfVersion>
ErrorLog /dev/stdout
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
CustomLog /dev/stdout combined env=!forwarded
CustomLog /dev/stdout proxy env=forwarded
</VirtualHost>
Alias /placement /var/www/cgi-bin/placement/placement-api
<Location /placement>
SetHandler wsgi-script
Options +ExecCGI
WSGIProcessGroup placement-api
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
</Location>
source:
type: tar
location: http://172.17.0.1/helm_charts/starlingx/placement-0.1.0.tgz
subpath: placement
reference: master
dependencies:
- helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-nova-api-proxy
data:
chart_name: nova-api-proxy
release: openstack-nova-api-proxy
namespace: openstack
wait:
timeout: 1800
labels:
release_group: osh-openstack-nova-api-proxy
test:
enabled: false
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: osh-openstack-nova-api-proxy
- type: pod
labels:
release_group: osh-openstack-nova-api-proxy
component: test
values:
images:
tags:
nova_api_proxy: docker.io/starlingx/stx-nova-api-proxy:master-centos-stable-latest
ks_endpoints: docker.io/starlingx/stx-heat:master-centos-stable-latest
endpoints:
identity:
force_public_endpoint: true
pod:
affinity:
anti:
type:
default: requiredDuringSchedulingIgnoredDuringExecution
conf:
nova_api_proxy:
DEFAULT:
osapi_proxy_listen: "::"
nfvi_compute_listen: "::"
osapi_compute_listen: nova-api-internal.openstack.svc.cluster.local
osapi_compute_listen_port: 80
keystone_authtoken:
interface: internal
auth_uri: http://keystone.openstack.svc.cluster.local:80/v3
auth_url: http://keystone.openstack.svc.cluster.local:80/v3
source:
type: tar
location: http://172.17.0.1/helm_charts/starlingx/nova-api-proxy-0.1.0.tgz
subpath: nova-api-proxy
reference: master
dependencies:
- helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-neutron
data:
chart_name: neutron
release: openstack-neutron
namespace: openstack
wait:
timeout: 1800
labels:
release_group: osh-openstack-neutron
test:
enabled: false
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: osh-openstack-neutron
values:
endpoints:
oslo_messaging:
statefulset:
name: osh-openstack-rabbitmq-rabbitmq
identity:
force_public_endpoint: true
pod:
replicas:
server: 2
security_context:
neutron_dhcp_agent:
pod:
runAsUser: 0
neutron_l2gw_agent:
pod:
runAsUser: 0
neutron_bagpipe_bgp:
pod:
runAsUser: 0
neutron_l3_agent:
pod:
runAsUser: 0
neutron_lb_agent:
pod:
runAsUser: 0
neutron_metadata_agent:
pod:
runAsUser: 0
neutron_ovs_agent:
pod:
runAsUser: 0
neutron_server:
pod:
runAsUser: 0
neutron_sriov_agent:
pod:
runAsUser: 0
affinity:
anti:
type:
default: requiredDuringSchedulingIgnoredDuringExecution
# Probes fail cause a long delay and eventual failure of the armada
# application apply. Need to determine the fix to re-enable these.
probes:
dhcp_agent:
dhcp_agent:
readiness:
enabled: false
liveness:
enabled: false
l3_agent:
l3_agent:
readiness:
enabled: false
liveness:
enabled: false
lb_agent:
lb_agent:
readiness:
enabled: false
liveness:
enabled: false
metadata_agent:
metadata_agent:
readiness:
enabled: false
liveness:
enabled: false
ovs_agent:
ovs_agent:
readiness:
enabled: false
liveness:
enabled: false
sriov_agent:
sriov_agent:
readiness:
enabled: false
liveness:
enabled: false
labels:
agent:
dhcp:
node_selector_key: openstack-compute-node
node_selector_value: enabled
l3:
node_selector_key: openstack-compute-node
node_selector_value: enabled
metadata:
node_selector_key: openstack-compute-node
node_selector_value: enabled
l2gw:
node_selector_key: openstack-compute-node
node_selector_value: enabled
job:
node_selector_key: openstack-control-plane
node_selector_value: enabled
lb:
node_selector_key: linuxbridge
node_selector_value: enabled
# ovs is a special case, requiring a special
# label that can apply to both control hosts
# and compute hosts, until we get more sophisticated
# with our daemonset scheduling
ovs:
node_selector_key: openvswitch
node_selector_value: enabled
server:
node_selector_key: openstack-control-plane
node_selector_value: enabled
test:
node_selector_key: openstack-control-plane
node_selector_value: enabled
images:
tags:
bootstrap: docker.io/starlingx/stx-heat:master-centos-stable-latest
db_init: docker.io/starlingx/stx-heat:master-centos-stable-latest
db_drop: docker.io/starlingx/stx-heat:master-centos-stable-latest
image_repo_sync: null
ks_user: docker.io/starlingx/stx-heat:master-centos-stable-latest
ks_service: docker.io/starlingx/stx-heat:master-centos-stable-latest
ks_endpoints: docker.io/starlingx/stx-heat:master-centos-stable-latest
neutron_db_sync: docker.io/starlingx/stx-neutron:master-centos-stable-latest
neutron_dhcp: docker.io/starlingx/stx-neutron:master-centos-stable-latest
neutron_l3: docker.io/starlingx/stx-neutron:master-centos-stable-latest
neutron_l2gw: docker.io/starlingx/stx-neutron:master-centos-stable-latest
neutron_openvswitch_agent: docker.io/starlingx/stx-neutron:master-centos-stable-latest
neutron_linuxbridge_agent: docker.io/starlingx/stx-neutron:master-centos-stable-latest
neutron_metadata: docker.io/starlingx/stx-neutron:master-centos-stable-latest
neutron_openvswitch_agent: docker.io/starlingx/stx-neutron:master-centos-stable-latest
neutron_server: docker.io/starlingx/stx-neutron:master-centos-stable-latest
neutron_sriov_agent: docker.io/starlingx/stx-neutron:master-centos-stable-latest
neutron_sriov_agent_init: docker.io/starlingx/stx-neutron:master-centos-stable-latest
test: null
purge_test: null
neutron_bagpipe_bgp: docker.io/starlingx/stx-neutron:master-centos-stable-latest
neutron_ironic_agent: docker.io/starlingx/stx-neutron:master-centos-stable-latest
neutron_netns_cleanup_cron: docker.io/starlingx/stx-neutron:master-centos-stable-latest
network:
interface:
tunnel: docker0
backend:
- openvswitch
- sriov
dependencies:
static:
ovs_agent:
pod: null
conf:
neutron:
DEFAULT:
l3_ha: false
min_l3_agents_per_router: 1
max_l3_agents_per_router: 1
l3_ha_network_type: vxlan
dhcp_agents_per_network: 1
max_overflow: 64
max_pool_size: 1
idle_timeout: 60
rpc_response_max_timeout: 60
router_status_managed: true
vlan_transparent: true
wsgi_default_pool_size: 100
notify_nova_on_port_data_changes: true
notify_nova_on_port_status_changes: true
control_exchange: neutron
core_plugin: neutron.plugins.ml2.plugin.Ml2Plugin
state_path: /var/run/neutron
syslog_log_facility: local2
use_syslog: true
pnet_audit_enabled: false
driver: messagingv2
enable_proxy_headers_parsing: true
log_format: '[%(name)s] %(message)s'
policy_file: /etc/neutron/policy.json
service_plugins: router,network_segment_range
dns_domain: openstacklocal
enable_new_agents: false
allow_automatic_dhcp_failover: true
allow_automatic_l3agent_failover: true
# Increase from default of 75 seconds to avoid agents being declared
# down during controller swacts, reboots, etc...
agent_down_time: 180
bind_host: "::"
oslo_concurrency:
lock_path: /var/run/neutron/lock
agent:
root_helper: sudo
vhost:
vhost_user_enabled: true
keystone_authtoken:
auth_uri: http://keystone.openstack.svc.cluster.local:80/v3
auth_url: http://keystone.openstack.svc.cluster.local:80/v3
nova:
auth_url: http://keystone.openstack.svc.cluster.local:80/v3
dhcp_agent:
DEFAULT:
enable_isolated_metadata: true
enable_metadata_network: false
interface_driver: openvswitch
resync_interval: 30
l3_agent:
DEFAULT:
agent_mode: dvr_snat
interface_driver: openvswitch
metadata_port: 80
plugins:
ml2_conf:
ml2:
mechanism_drivers: openvswitch,sriovnicswitch,l2population
path_mtu: 0
tenant_network_types: vlan,vxlan
type_drivers: flat,vlan,vxlan
ml2_type_vxlan:
vni_ranges: ''
vxlan_group: ''
ovs_driver:
vhost_user_enabled: true
securitygroup:
firewall_driver: openvswitch
openvswitch_agent:
agent:
tunnel_types: vxlan
ovs:
bridge_mappings: public:br-ex
securitygroup:
firewall_driver: openvswitch
source:
type: tar
location: http://172.17.0.1/helm_charts/starlingx/neutron-0.1.0.tgz
subpath: neutron
reference: master
dependencies:
- helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-ironic
data:
chart_name: ironic
release: openstack-ironic
namespace: openstack
wait:
timeout: 1800
labels:
release_group: osh-openstack-ironic
test:
enabled: false
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: osh-openstack-ironic
values:
pod:
replicas:
api: 2
conductor: 2
user:
ironic:
uid: 0
affinity:
anti:
type:
default: requiredDuringSchedulingIgnoredDuringExecution
labels:
api:
node_selector_key: openstack-ironic
node_selector_value: enabled
conductor:
node_selector_key: openstack-ironic
node_selector_value: enabled
job:
node_selector_key: openstack-ironic
node_selector_value: enabled
images:
tags:
bootstrap: docker.io/starlingx/stx-heat:master-centos-stable-latest
db_drop: docker.io/starlingx/stx-heat:master-centos-stable-latest
db_init: docker.io/starlingx/stx-heat:master-centos-stable-latest
image_repo_sync: null
ironic_api: docker.io/starlingx/stx-ironic:master-centos-stable-latest
ironic_conductor: docker.io/starlingx/stx-ironic:master-centos-stable-latest
ironic_db_sync: docker.io/starlingx/stx-ironic:master-centos-stable-latest
ironic_manage_cleaning_network: docker.io/starlingx/stx-heat:master-centos-stable-latest
ironic_pxe: docker.io/starlingx/stx-ironic:master-centos-stable-latest
ironic_pxe_init: docker.io/starlingx/stx-ironic:master-centos-stable-latest
ironic_pxe_http: docker.io/nginx:1.13.3
ironic_retrive_cleaning_network: docker.io/starlingx/stx-heat:master-centos-stable-latest
ironic_retrive_swift_config: docker.io/starlingx/stx-heat:master-centos-stable-latest
ks_endpoints: docker.io/starlingx/stx-heat:master-centos-stable-latest
ks_service: docker.io/starlingx/stx-heat:master-centos-stable-latest
ks_user: docker.io/starlingx/stx-heat:master-centos-stable-latest
conf:
ironic:
DEFAULT:
# enabled_drivers is deprecated in stein
enabled_drivers: ''
enabled_hardware_types: ipmi
enabled_bios_interfaces: no-bios
enabled_boot_interfaces: pxe,ipxe
enabled_console_interfaces: ipmitool-socat
enabled_deploy_interfaces: iscsi,direct
enabled_inspect_interfaces: no-inspect
enabled_management_interfaces: ipmitool
enabled_network_interfaces: flat,noop
enabled_power_interfaces: ipmitool
enabled_raid_interfaces: no-raid
enabled_storage_interfaces: cinder,noop
enabled_vendor_interfaces: ipmitool,no-vendor
keystone_authtoken:
auth_uri: http://keystone.openstack.svc.cluster.local:80/v3
auth_url: http://keystone.openstack.svc.cluster.local:80/v3
glance:
glance_host: glance.openstack.svc.cluster.local
glance_port: 80
auth_url: http://keystone.openstack.svc.cluster.local:80/v3
inspector:
auth_url: http://keystone.openstack.svc.cluster.local:80/v3
neutron:
url: http://neutron.openstack.svc.cluster.local:80/
auth_url: http://keystone.openstack.svc.cluster.local:80/v3
api:
port: 6385
pxe:
pxe_append_params: "nofb nomodeset vga=normal console=ttyS0,115200n8"
dhcp:
dhcp_provider: neutron
# Disable ipa image downloading during bootstrap
bootstrap:
image:
enabled: false
endpoints:
oslo_messaging:
statefulset:
name: osh-openstack-rabbitmq-rabbitmq
baremetal:
port:
pxe_http:
default: 28080
identity:
force_public_endpoint: true
source:
type: tar
location: http://172.17.0.1/helm_charts/starlingx/ironic-0.1.0.tgz
subpath: ironic
reference: master
dependencies:
- helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-heat
data:
chart_name: heat
release: openstack-heat
namespace: openstack
wait:
timeout: 1800
labels:
release_group: osh-openstack-heat
test:
enabled: false
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: osh-openstack-heat
- type: pod
labels:
release_group: osh-openstack-heat
component: test
values:
endpoints:
oslo_messaging:
statefulset:
name: osh-openstack-rabbitmq-rabbitmq
oslo_cache:
hosts:
default: heat-memcached
identity:
force_public_endpoint: true
labels:
api:
node_selector_key: openstack-control-plane
node_selector_value: enabled
cfn:
node_selector_key: openstack-control-plane
node_selector_value: enabled
cloudwatch:
node_selector_key: openstack-control-plane
node_selector_value: enabled
engine:
node_selector_key: openstack-control-plane
node_selector_value: enabled
job:
node_selector_key: openstack-control-plane
node_selector_value: enabled
images:
tags:
bootstrap: docker.io/starlingx/stx-heat:master-centos-stable-latest
db_drop: docker.io/starlingx/stx-heat:master-centos-stable-latest
db_init: docker.io/starlingx/stx-heat:master-centos-stable-latest
heat_api: docker.io/starlingx/stx-heat:master-centos-stable-latest
heat_cfn: docker.io/starlingx/stx-heat:master-centos-stable-latest
heat_cloudwatch: docker.io/starlingx/stx-heat:master-centos-stable-latest
heat_db_sync: docker.io/starlingx/stx-heat:master-centos-stable-latest
heat_engine: docker.io/starlingx/stx-heat:master-centos-stable-latest
heat_engine_cleaner: docker.io/starlingx/stx-heat:master-centos-stable-latest
heat_purge_deleted: docker.io/starlingx/stx-heat:master-centos-stable-latest
image_repo_sync: null
ks_endpoints: docker.io/starlingx/stx-heat:master-centos-stable-latest
ks_service: docker.io/starlingx/stx-heat:master-centos-stable-latest
ks_user: docker.io/starlingx/stx-heat:master-centos-stable-latest
test: null
conf:
policy:
stacks:global_index: rule:context_is_admin
software_configs:global_index: rule:context_is_admin
heat:
clients_keystone:
auth_uri: http://keystone.openstack.svc.cluster.local:80/v3
keystone_authtoken:
auth_uri: http://keystone.openstack.svc.cluster.local:80/v3
auth_url: http://keystone.openstack.svc.cluster.local:80/v3
trustee:
auth_url: http://keystone.openstack.svc.cluster.local:80/v3
heat_api:
bind_host: "::"
heat_api_cloudwatch:
bind_host: "::"
heat_api_cfn:
bind_host: "::"
pod:
replicas:
api: 2
cfn: 2
cloudwatch: 2
engine: 2
affinity:
anti:
type:
default: requiredDuringSchedulingIgnoredDuringExecution
source:
type: tar
location: http://172.17.0.1/helm_charts/starlingx/heat-0.1.0.tgz
subpath: heat
reference: master
dependencies:
- helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-aodh
data:
chart_name: aodh
release: openstack-aodh
namespace: openstack
wait:
timeout: 1800
labels:
release_group: osh-openstack-aodh
test:
enabled: false
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: osh-openstack-aodh
- type: pod
labels:
release_group: osh-openstack-aodh
component: test
values:
images:
tags:
aodh_alarms_cleaner: docker.io/starlingx/stx-aodh:master-centos-stable-latest
aodh_api: docker.io/starlingx/stx-aodh:master-centos-stable-latest
aodh_db_sync: docker.io/starlingx/stx-aodh:master-centos-stable-latest
aodh_evaluator: docker.io/starlingx/stx-aodh:master-centos-stable-latest
aodh_listener: docker.io/starlingx/stx-aodh:master-centos-stable-latest
aodh_notifier: docker.io/starlingx/stx-aodh:master-centos-stable-latest
bootstrap: docker.io/starlingx/stx-heat:master-centos-stable-latest
db_drop: docker.io/starlingx/stx-heat:master-centos-stable-latest
db_init: docker.io/starlingx/stx-heat:master-centos-stable-latest
image_repo_sync: null
ks_endpoints: docker.io/starlingx/stx-heat:master-centos-stable-latest
ks_service: docker.io/starlingx/stx-heat:master-centos-stable-latest
ks_user: docker.io/starlingx/stx-heat:master-centos-stable-latest
pod:
user:
aodh:
uid: 0
affinity:
anti:
type:
default: requiredDuringSchedulingIgnoredDuringExecution
endpoints:
oslo_messaging:
statefulset:
name: osh-openstack-rabbitmq-rabbitmq
identity:
force_public_endpoint: true
jobs:
alarms_cleaner:
# daily at the 35 minute mark
cron: "35 */24 * * *"
conf:
aodh:
keystone_authtoken:
auth_uri: http://keystone.openstack.svc.cluster.local:80/v3
auth_url: http://keystone.openstack.svc.cluster.local:80/v3
service_credentials:
auth_url: http://keystone.openstack.svc.cluster.local:80/v3
wsgi_aodh: |
Listen :::{{ tuple "alarming" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
CustomLog /dev/stdout combined env=!forwarded
CustomLog /dev/stdout proxy env=forwarded
WSGISocketPrefix /var/run/httpd/wsgi
<VirtualHost *:{{ tuple "alarming" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}>
WSGIDaemonProcess aodh processes=2 threads=1 user=aodh group=aodh display-name=%{GROUP} python-home=/var/lib/openstack socket-user=apache
WSGIProcessGroup aodh
WSGIScriptAlias / /var/www/cgi-bin/aodh/aodh-api
WSGIApplicationGroup %{GLOBAL}
<IfVersion >= 2.4>
ErrorLogFormat "%{cu}t %M"
</IfVersion>
ErrorLog /dev/stdout
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
CustomLog /dev/stdout combined env=!forwarded
CustomLog /dev/stdout proxy env=forwarded
</VirtualHost>
source:
type: tar
location: http://172.17.0.1/helm_charts/starlingx/aodh-0.1.0.tgz
subpath: aodh
reference: master
dependencies:
- helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-gnocchi
data:
chart_name: gnocchi
release: openstack-gnocchi
namespace: openstack
wait:
timeout: 1800
labels:
release_group: osh-openstack-gnocchi
test:
enabled: false
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: osh-openstack-gnocchi
- type: pod
labels:
release_group: osh-openstack-gnocchi
component: test
values:
images:
tags:
db_init: docker.io/starlingx/stx-gnocchi:master-centos-stable-latest
db_init_indexer: docker.io/starlingx/stx-gnocchi:master-centos-stable-latest
db_sync: docker.io/starlingx/stx-gnocchi:master-centos-stable-latest
gnocchi_api: docker.io/starlingx/stx-gnocchi:master-centos-stable-latest
gnocchi_metricd: docker.io/starlingx/stx-gnocchi:master-centos-stable-latest
gnocchi_resources_cleaner: docker.io/starlingx/stx-gnocchi:master-centos-stable-latest
gnocchi_statsd: docker.io/starlingx/stx-gnocchi:master-centos-stable-latest
gnocchi_storage_init: docker.io/starlingx/ceph-config-helper:v1.15.0
image_repo_sync: null
ks_endpoints: docker.io/starlingx/stx-heat:master-centos-stable-latest
ks_service: docker.io/starlingx/stx-heat:master-centos-stable-latest
ks_user: docker.io/starlingx/stx-heat:master-centos-stable-latest
conf:
gnocchi:
indexer:
driver: mariadb
keystone_authtoken:
interface: internal
auth_uri: http://keystone.openstack.svc.cluster.local:80/v3
auth_url: http://keystone.openstack.svc.cluster.local:80/v3
apache: |
Listen :::{{ tuple "metric" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
CustomLog /dev/stdout combined env=!forwarded
CustomLog /dev/stdout proxy env=forwarded
WSGISocketPrefix /var/run/httpd/wsgi
<VirtualHost *:{{ tuple "metric" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}>
WSGIDaemonProcess gnocchi processes=1 threads=2 user=gnocchi group=gnocchi display-name=%{GROUP} python-home=/var/lib/openstack socket-user=apache
WSGIProcessGroup gnocchi
WSGIScriptAlias / "/var/lib/openstack/bin/gnocchi-api"
WSGIApplicationGroup %{GLOBAL}
ErrorLog /dev/stdout
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
CustomLog /dev/stdout combined env=!forwarded
CustomLog /dev/stdout proxy env=forwarded
<Directory "/var/lib/openstack/bin">
Require all granted
</Directory>
</VirtualHost>
paste:
composite:gnocchi+basic:
use: egg:Paste#urlmap
/: gnocchiversions_pipeline
/v1: gnocchiv1+noauth
/healthcheck: healthcheck
composite:gnocchi+keystone:
use: egg:Paste#urlmap
/: gnocchiversions_pipeline
/v1: gnocchiv1+keystone
/healthcheck: healthcheck
composite:gnocchi+remoteuser:
use: egg:Paste#urlmap
/: gnocchiversions_pipeline
/v1: gnocchiv1+noauth
/healthcheck: healthcheck
pipeline:gnocchiv1+noauth:
pipeline: gnocchiv1
pipeline:gnocchiv1+keystone:
pipeline: keystone_authtoken gnocchiv1
pipeline:gnocchiversions_pipeline:
pipeline: gnocchiversions
app:gnocchiversions:
paste.app_factory: gnocchi.rest.app:app_factory
root: gnocchi.rest.api.VersionsController
app:gnocchiv1:
paste.app_factory: gnocchi.rest.app:app_factory
root: gnocchi.rest.api.V1Controller
filter:keystone_authtoken:
use: egg:keystonemiddleware#auth_token
oslo_config_project: gnocchi
app:healthcheck:
use: egg:oslo.middleware#healthcheck
oslo_config_project: gnocchi
pod:
affinity:
anti:
type:
default: requiredDuringSchedulingIgnoredDuringExecution
dependencies:
static:
db_sync:
jobs:
- gnocchi-storage-init
- gnocchi-db-init
services:
- endpoint: internal
service: oslo_db
metricd:
services:
- endpoint: internal
service: oslo_db
- endpoint: internal
service: oslo_cache
- endpoint: internal
service: metric
tests:
services:
- endpoint: internal
service: identity
- endpoint: internal
service: oslo_db
- endpoint: internal
service: metric
manifests:
daemonset_statsd: false
job_db_init_indexer: false
secret_db_indexer: false
service_statsd: false
endpoints:
oslo_cache:
hosts:
default: memcached
identity:
force_public_endpoint: true
source:
type: tar
location: http://172.17.0.1/helm_charts/starlingx/gnocchi-0.1.2.tgz
subpath: gnocchi
reference: master
dependencies:
- helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-panko
data:
chart_name: panko
release: openstack-panko
namespace: openstack
wait:
timeout: 1800
labels:
release_group: osh-openstack-panko
test:
enabled: false
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: osh-openstack-panko
- type: pod
labels:
release_group: osh-openstack-panko
component: test
values:
endpoints:
identity:
force_public_endpoint: true
pod:
user:
panko:
uid: 0
affinity:
anti:
type:
default: requiredDuringSchedulingIgnoredDuringExecution
images:
tags:
bootstrap: docker.io/starlingx/stx-heat:master-centos-stable-latest
db_drop: docker.io/starlingx/stx-heat:master-centos-stable-latest
db_init: docker.io/starlingx/stx-heat:master-centos-stable-latest
image_repo_sync: null
ks_endpoints: docker.io/starlingx/stx-heat:master-centos-stable-latest
ks_service: docker.io/starlingx/stx-heat:master-centos-stable-latest
ks_user: docker.io/starlingx/stx-heat:master-centos-stable-latest
panko_api: docker.io/starlingx/stx-panko:master-centos-stable-latest
panko_db_sync: docker.io/starlingx/stx-panko:master-centos-stable-latest
panko_events_cleaner: docker.io/starlingx/stx-panko:master-centos-stable-latest
test: null
conf:
panko:
keystone_authtoken:
auth_uri: http://keystone.openstack.svc.cluster.local:80/v3
auth_url: http://keystone.openstack.svc.cluster.local:80/v3
paste:
composite:panko+noauth:
use: egg:Paste#urlmap
/: pankoversions_pipeline
/v2: pankov2_noauth_pipeline
composite:panko+keystone:
use: egg:Paste#urlmap
/: pankoversions_pipeline
/v2: pankov2_keystone_pipeline
pipeline:pankoversions_pipeline:
pipeline: cors http_proxy_to_wsgi pankoversions
app:pankoversions:
paste.app_factory: panko.api.app:app_factory
root: panko.api.controllers.root.VersionsController
pipeline:pankov2_keystone_pipeline:
pipeline: cors http_proxy_to_wsgi request_id authtoken pankov2
pipeline:pankov2_noauth_pipeline:
pipeline: cors http_proxy_to_wsgi request_id pankov2
app:pankov2:
paste.app_factory: panko.api.app:app_factory
root: panko.api.controllers.v2.root.V2Controller
filter:authtoken:
paste.filter_factory: keystonemiddleware.auth_token:filter_factory
oslo_config_project: panko
filter:request_id:
paste.filter_factory: oslo_middleware:RequestId.factory
filter:cors:
paste.filter_factory: oslo_middleware.cors:filter_factory
oslo_config_project: panko
filter:http_proxy_to_wsgi:
paste.filter_factory: oslo_middleware.http_proxy_to_wsgi:HTTPProxyToWSGI.factory
oslo_config_project: panko
wsgi_panko: |
Listen :::{{ tuple "event" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
CustomLog /dev/stdout combined env=!forwarded
CustomLog /dev/stdout proxy env=forwarded
WSGISocketPrefix /var/run/httpd/wsgi
<VirtualHost *:{{ tuple "event" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}>
WSGIDaemonProcess panko processes=2 threads=1 user=panko group=panko display-name=%{GROUP} python-home=/var/lib/openstack socket-user=apache
WSGIProcessGroup panko
WSGIScriptAlias / /var/www/cgi-bin/panko/panko-api
WSGIApplicationGroup %{GLOBAL}
<IfVersion >= 2.4>
ErrorLogFormat "%{cu}t %M"
</IfVersion>
ErrorLog /dev/stdout
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
CustomLog /dev/stdout combined env=!forwarded
CustomLog /dev/stdout proxy env=forwarded
</VirtualHost>
jobs:
events_cleaner:
# hourly at the 10 minute mark
cron: "10 * * * *"
source:
type: tar
location: http://172.17.0.1/helm_charts/starlingx/panko-0.1.0.tgz
subpath: panko
reference: master
dependencies:
- helm-toolkit
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: openstack-ceilometer
data:
chart_name: ceilometer
release: openstack-ceilometer
namespace: openstack
wait:
timeout: 1800
labels:
release_group: osh-openstack-ceilometer
test:
enabled: false
install:
no_hooks: false
upgrade:
no_hooks: false
pre:
delete:
- type: job
labels:
release_group: osh-openstack-ceilometer
- type: pod
labels:
release_group: osh-openstack-ceilometer
component: test
values:
images:
tags:
ceilometer_api: docker.io/starlingx/stx-ceilometer:master-centos-stable-latest
ceilometer_central: docker.io/starlingx/stx-ceilometer:master-centos-stable-latest
ceilometer_collector: docker.io/starlingx/stx-ceilometer:master-centos-stable-latest
ceilometer_compute: docker.io/starlingx/stx-ceilometer:master-centos-stable-latest
ceilometer_db_sync: docker.io/starlingx/stx-ceilometer:master-centos-stable-latest
ceilometer_ipmi: docker.io/starlingx/stx-ceilometer:master-centos-stable-latest
ceilometer_notification: docker.io/starlingx/stx-ceilometer:master-centos-stable-latest
db_init: docker.io/starlingx/stx-ceilometer:master-centos-stable-latest
db_init_mongodb: docker.io/starlingx/stx-ceilometer:master-centos-stable-latest
image_repo_sync: null
ks_endpoints: docker.io/starlingx/stx-heat:master-centos-stable-latest
ks_service: docker.io/starlingx/stx-heat:master-centos-stable-latest
ks_user: docker.io/starlingx/stx-heat:master-centos-stable-latest
test: null
dependencies:
static:
central:
jobs:
- ceilometer-db-sync
- ceilometer-rabbit-init
services: null
compute:
jobs:
- ceilometer-db-sync
- ceilometer-rabbit-init
services: null
ipmi:
jobs:
- ceilometer-db-sync
- ceilometer-rabbit-init
services: null
notification:
jobs:
- ceilometer-db-sync
- ceilometer-rabbit-init
services:
- endpoint: internal
service: event
db_sync:
jobs:
- ceilometer-ks-user
- ceilometer-ks-service
services:
- endpoint: internal
service: identity
- endpoint: internal
service: metric
manifests:
deployment_api: false
deployment_collector: false
service_api: false
job_db_init: false
job_db_init_mongodb: false
job_ks_endpoints: false
secret_db: false
secret_mongodb: false
endpoints:
identity:
force_public_endpoint: true
oslo_messaging:
statefulset:
name: osh-openstack-rabbitmq-rabbitmq
oslo_cache:
hosts:
default: memcached
event:
name: panko
hosts:
default: panko-api
public: panko
host_fqdn_override:
default: null
path:
default: null
scheme:
default: 'http'
port:
api:
default: 8977
public: 80
conf:
ceilometer:
keystone_authtoken:
auth_uri: http://keystone.openstack.svc.cluster.local:80/v3
auth_url: http://keystone.openstack.svc.cluster.local:80/v3
service_credentials:
auth_url: http://keystone.openstack.svc.cluster.local:80/v3
dispatcher_gnocchi:
url: http://gnocchi.openstack.svc.cluster.local:80/
api:
aodh_url: http://aodh.openstack.svc.cluster.local:80/
cache:
expiration_time: 86400
compute:
resource_update_interval: 60
instance_discovery_method: workload_partitioning
oslo_messaging_notifications:
topics:
- notifications
pipeline:
sources:
- name: meter_source
meters:
- "*"
sinks:
- meter_sink
sinks:
- name: meter_sink
publishers:
- gnocchi://
event_pipeline:
sources:
- name: event_source
events:
- "*"
sinks:
- event_sink
sinks:
- name: event_sink
publishers:
- panko://
- gnocchi://
polling:
sources:
- name: instance_cpu_pollster
interval: 30
meters:
- cpu
- name: instance_disk_pollster
interval: 600
meters:
- disk.capacity
- disk.allocation
- disk.usage
- disk.device.read.requests
- disk.device.write.requests
- disk.device.read.bytes
- disk.device.write.bytes
- disk.device.capacity
- disk.device.allocation
- disk.device.usage
- name: ipmi_pollster
interval: 600
meters:
- hardware.ipmi.node.power
- hardware.ipmi.node.temperature
- hardware.ipmi.node.outlet_temperature
- hardware.ipmi.node.airflow
- hardware.ipmi.node.cups
- hardware.ipmi.node.cpu_util
- hardware.ipmi.node.mem_util
- hardware.ipmi.node.io_util
- hardware.ipmi.temperature
- hardware.ipmi.voltage
- hardware.ipmi.current
- hardware.ipmi.fan
- name: ceph_pollster
interval: 600
meters:
- radosgw.objects
- radosgw.objects.size
- radosgw.objects.containers
- radosgw.api.request
- radosgw.containers.objects
- radosgw.containers.objects.size
- name: image_pollster
interval: 600
meters:
- image.size
- name: volume_pollster
interval: 600
meters:
- volume.size
- volume.snapshot.size
- volume.backup.size
gnocchi_resources:
archive_policy_default: ceilometer-low
archive_policies:
- name: ceilometer-low
aggregation_methods:
- mean
back_window: 0
definition:
- granularity: 5 minutes
timespan: 7 days
- name: ceilometer-low-rate
aggregation_methods:
- mean
- rate:mean
back_window: 0
definition:
- granularity: 5 minutes
timespan: 7 days
resources:
- resource_type: identity
metrics:
identity.authenticate.success:
identity.authenticate.pending:
identity.authenticate.failure:
identity.user.created:
identity.user.deleted:
identity.user.updated:
identity.group.created:
identity.group.deleted:
identity.group.updated:
identity.role.created:
identity.role.deleted:
identity.role.updated:
identity.project.created:
identity.project.deleted:
identity.project.updated:
identity.trust.created:
identity.trust.deleted:
identity.role_assignment.created:
identity.role_assignment.deleted:
- resource_type: ceph_account
metrics:
radosgw.objects:
radosgw.objects.size:
radosgw.objects.containers:
radosgw.api.request:
radosgw.containers.objects:
radosgw.containers.objects.size:
- resource_type: instance
metrics:
memory:
memory.usage:
memory.resident:
memory.swap.in:
memory.swap.out:
memory.bandwidth.total:
memory.bandwidth.local:
vcpus:
archive_policy_name: ceilometer-low-rate
cpu:
archive_policy_name: ceilometer-low-rate
cpu_l3_cache:
disk.root.size:
disk.ephemeral.size:
disk.latency:
disk.iops:
disk.capacity: