attributes: # Show only if vcenter used metadata: restrictions: - condition: "settings:common.use_vcenter.value == false or not ( cluster:net_provider == 'neutron' and networking_parameters:segmentation_type == 'tun')" action: 'hide' group: network nsxv_manager_host: value: '' label: 'NSX Manager hostname (or IP)' description: '' weight: 10 type: 'text' regex: source: '^.+$' error: 'Hostname must be specified' nsxv_user: value: '' label: 'NSX Manager user' description: '' weight: 15 type: 'text' regex: source: '^.+$' error: 'You must specify the user name' nsxv_password: value: '' label: 'NSX Manager password' description: '' weight: 20 type: 'password' regex: source: '^.+$' error: 'You must specify the password' nsxv_ca_file: value: '' label: 'CA certificate file' description: 'Specify a CA certificate file to use in NSX Manager certificate verification, if empty - certificate will not be verified' weight: 25 type: 'file' nsxv_datacenter_moid: value: '' label: 'Datacenter MoRef ID' description: 'Datacenter MoRef ID for Edge deployment, e.g. datacenter-126' weight: 30 type: 'text' regex: source: '^[a-z]+-[a-z0-9]+$' error: 'Invalid datacenter MoRef ID' nsxv_resource_pool_id: value: '' label: 'Resource pool MoRef ID' description: 'Resource pool MoRef ID for NSX Edge nodes deployment' weight: 35 type: 'text' regex: source: '^[a-z]+-[a-z0-9]+$' error: 'Invalid resource pool MoRef ID' nsxv_datastore_id: value: '' label: 'Datastore MoRef ID' description: 'Datastore MoRef ID for NSX Edge nodes deployment' weight: 40 type: 'text' regex: source: '^[a-z]+-[a-z0-9]+$' error: 'Invalid datastore MoRef ID' nsxv_external_network: value: '' label: 'External portgroup MoRef ID' description: 'External portgroup MoRef ID for NSX Edge physical connectivity' weight: 45 type: 'text' regex: source: '^[a-z]+-[a-z0-9]+$' error: 'Invalid portgroup MoRef ID' nsxv_vdn_scope_id: value: '' label: 'Transport zone MoRef ID' description: 'Transport zone MoRef ID for VXLAN networks' weight: 50 type: 'text' regex: source: '^vdnscope-[0-9]+$' error: 'Invalid transport zone MoRef ID' nsxv_dvs_id: value: '' label: 'Distributed virtual switch MoRef ID' description: 'DVS MoRef ID connected to Edge cluster' weight: 55 type: 'text' regex: source: '^dvs-[0-9]+$' error: 'Invalid DVS MoRef ID' nsxv_backup_edge_pool: value: '' label: 'NSX backup Edge pool' description: 'Define backup edge pools management range with the four-tuple: :[edge_size]::' weight: 60 type: 'text' regex: source: '^(?:(?:service|vdr):(?:compact|large|xlarge|quadlarge):[0-9]+:[0-9]+)(?:,(?:service|vdr):(?:compact|large|xlarge|quadlarge):[0-9]+:[0-9]+)*$' error: 'Invalid Edge pool' nsxv_edge_ha: value: true label: 'Enable HA for NSX Edges' description: 'Deploy NSX Edges in HA pair' weight: 65 type: 'checkbox' nsxv_metadata_initializer: value: true label: 'Init metadata infrastructure' description: 'If enabled, instance will attempt to initialize the metadata infrastructure to access to metadata proxy service' weight: 70 type: 'checkbox' nsxv_metadata_insecure: value: true label: 'Bypass metadata service certificate verification' description: '' weight: 75 type: 'checkbox' restrictions: - condition: 'settings:nsxv.nsxv_metadata_initializer.value == false' action: 'hide' # hidden due to https://bugs.launchpad.net/vmware-nsx/+bug/1590840 nsxv_metadata_nova_client_cert: type: 'hidden' value: '' weight: 80 label: '' #label: 'Certificate for metadata proxy' #description: 'PEM format' #type: 'file' #restrictions: # - condition: 'settings:nsxv.nsxv_metadata_nova_client_priv_key.value.name != null and settings:nsxv.nsxv_metadata_nova_client_cert.value.name == null' # action: 'none' # strict: false # message: 'Private key loaded, but certificate is absent' # - condition: 'settings:nsxv.nsxv_metadata_initializer.value == false' # action: 'hide' # - condition: 'settings:nsxv.nsxv_metadata_insecure.value == true' # action: 'hide' # hidden due to https://bugs.launchpad.net/vmware-nsx/+bug/1590840 nsxv_metadata_nova_client_priv_key: type: 'hidden' value: '' weight: 85 label: '' #label: 'Private key' #description: 'Private key for metadata certificate' #type: 'file' #restrictions: # - condition: 'settings:nsxv.nsxv_metadata_nova_client_priv_key.value.name == null and settings:nsxv.nsxv_metadata_nova_client_cert.value.name != null' # action: 'none' # strict: false # message: 'Certificate loaded, but private key is absent.' # - condition: 'settings:nsxv.nsxv_metadata_initializer.value == false' # action: 'hide' # - condition: 'settings:nsxv.nsxv_metadata_insecure.value == true' # action: 'hide' nsxv_metadata_listen: label: 'Which network will be used to access the nova-metadata' weight: 90 type: 'select' value: 'public' values: - data: 'public' label: 'Public network' - data: 'management' label: 'Management network' restrictions: - condition: 'settings:nsxv.nsxv_metadata_initializer.value == false' action: 'hide' nsxv_metadata_service_allowed_ports: value: '' label: 'Metadata allowed ports' description: 'Additional ports to 80, 443 and 8775' weight: 95 type: 'text' restrictions: - condition: 'settings:nsxv.nsxv_metadata_initializer.value == false' action: 'hide' nsxv_mgt_net_moid: value: '' label: 'Metadata portgroup MoRef ID' description: 'Portgroup MoRef ID for metadata proxy management network' weight: 100 type: 'text' regex: source: '^[a-z]+-[a-z0-9]+$' error: 'Invalid portgroup MoRef ID' restrictions: - condition: 'settings:nsxv.nsxv_metadata_initializer.value == false' action: 'hide' nsxv_mgt_net_proxy_ips: value: '' label: 'Metadata proxy IP addresses' description: 'Management network IP address for metadata proxy, comma separated' weight: 105 type: 'text' regex: source: '^(?:[0-9]{1,3}\.){3}[0-9]{1,3}$' error: 'Invalid IP address' restrictions: - condition: "settings:nsxv.nsxv_metadata_listen.value == 'management'" action: 'hide' - condition: 'settings:nsxv.nsxv_metadata_initializer.value == false' action: 'hide' nsxv_mgt_net_proxy_netmask: value: '' label: 'Management network netmask' description: 'Management network netmask for metadata proxy' weight: 110 type: 'text' regex: source: '^(?:[0-9]{1,3}\.){3}[0-9]{1,3}$' error: 'Invalid netmask' restrictions: - condition: "settings:nsxv.nsxv_metadata_listen.value == 'management'" action: 'hide' - condition: 'settings:nsxv.nsxv_metadata_initializer.value == false' action: 'hide' nsxv_mgt_net_default_gateway: value: '' label: 'Management network default gateway' description: 'Management network default gateway for metadata proxy' weight: 115 type: 'text' regex: source: '^(?:[0-9]{1,3}\.){3}[0-9]{1,3}$' error: 'Invalid IP address of the default gateway' restrictions: - condition: "settings:nsxv.nsxv_metadata_listen.value == 'management'" action: 'hide' - condition: 'settings:nsxv.nsxv_metadata_initializer.value == false' action: 'hide' nsxv_floating_ip_range: value: '' label: 'Floating IP ranges' description: 'Dash separated IP addresses allocation pool from external network, e.g. "start_ip_address-end_ip_address"' weight: 120 type: 'text' regex: source: '^(?:[0-9]{1,3}\.){3}[0-9]{1,3}-(?:[0-9]{1,3}\.){3}[0-9]{1,3}$' error: 'Invalid IP ranges' nsxv_floating_net_cidr: value: '' label: 'External network CIDR' description: 'Network in CIDR notation that includes floating IP ranges' weight: 125 type: 'text' regex: source: '^(?:[0-9]{1,3}\.){3}[0-9]{1,3}/[0-9]{1,2}$' error: 'Invalid network in CIDR notation' nsxv_floating_net_gw: value: '' label: 'Gateway' description: 'Default gateway for external network, if not defined, first IP address of the network is used' weight: 130 type: 'text' nsxv_internal_net_cidr: value: '' label: 'Internal network CIDR' description: 'Network in CIDR notation for use as internal' weight: 135 type: 'text' regex: source: '^(?:[0-9]{1,3}\.){3}[0-9]{1,3}/[0-9]{1,2}$' error: 'Invalid network in CIDR notation' nsxv_internal_net_dns: value: '' label: 'DNS for internal network' description: 'Comma separated IP addresses of DNS server for internal network' weight: 140 type: 'text' nsxv_additional: value: false label: 'Additional settings' description: '' weight: 145 type: 'checkbox' nsxv_nameservers: value: '' label: 'Instance name servers' description: 'Comma separated list of nameservers to configure for the DHCP binding entries. These will be used if there are no nameservers defined on the subnet.' weight: 150 type: 'text' restrictions: - condition: 'settings:nsxv.nsxv_additional.value == false' action: 'hide' nsxv_task_status_check_interval: value: '' label: 'Task status check interval (millisecond)' description: 'Asynchronous task status check interval' weight: 155 type: 'text' restrictions: - condition: 'settings:nsxv.nsxv_additional.value == false' action: 'hide' nsxv_maximum_tunnels_per_vnic: value: '' label: 'Maximum tunnels per vnic' description: 'Maximum number of sub interfaces supported per vnic in edge' weight: 160 type: 'text' restrictions: - condition: 'settings:nsxv.nsxv_additional.value == false' action: 'hide' nsxv_retries: value: '' label: 'API retries' description: 'Maximum number of API retries' weight: 165 type: 'text' restrictions: - condition: 'settings:nsxv.nsxv_additional.value == false' action: 'hide' nsxv_spoofguard_enabled: value: false label: 'Enable SpoofGuard' description: 'Indicates if NSXv SpoofGuard component is used to implement port-security feature' weight: 170 type: 'checkbox' restrictions: - condition: 'settings:nsxv.nsxv_additional.value == false' action: 'hide' nsxv_tenant_router_types: value: '' label: 'Tenant router types' description: 'Ordered list of router types to allocate as tenant routers' weight: 175 type: 'text' restrictions: - condition: 'settings:nsxv.nsxv_additional.value == false' action: 'hide' nsxv_exclusive_router_appliance_size: value: '' label: 'Exclusive router size' description: 'Edge form factor for exclusive router' weight: 180 type: 'text' restrictions: - condition: 'settings:nsxv.nsxv_additional.value == false' action: 'hide' nsxv_edge_appliance_user: value: '' label: 'Edge user' description: 'User for Edge node login' weight: 185 type: 'text' restrictions: - condition: 'settings:nsxv.nsxv_additional.value == false' action: 'hide' nsxv_edge_appliance_password: value: '' label: 'Edge password' description: 'Password for Edge node login' weight: 190 type: 'password' restrictions: - condition: 'settings:nsxv.nsxv_additional.value == false' action: 'hide' nsxv_dhcp_lease_time: value: '' label: 'DHCP lease time (sec)' description: '' weight: 195 type: 'text' restrictions: - condition: 'settings:nsxv.nsxv_additional.value == false' action: 'hide' nsxv_locking_coordinator_url: value: '' label: 'Coordinator URL' description: 'URL for distributed locking coordinator' weight: 200 type: 'text' restrictions: - condition: 'settings:nsxv.nsxv_additional.value == false' action: 'hide'