capabilities-map.yaml

   1 # This file holds metadata about the capabilities of the tripleo-heat-templates
   2 # repository for deployment using puppet. It groups configuration by topic,
   3 # describes possible combinations of environments and resource capabilities.
   4
   5 # root_template: identifies repository's root template
   6 # root_environment: identifies root_environment, this one is special in terms of
   7 #   order in which the environments are merged before deploying. This one serves as
   8 #   a base and it's parameters/resource_registry gets overridden by other environments
   9 #   if used.
  10
  11 # topics:
  12 # High Level grouping by purpose of environments
  13 # Attributes:
  14 #  title: (required)
  15 #  description: (optional)
  16 #  environment_groups: (required)
  17
  18 # environment_groups:
  19 # Identifies an environment choice. If group includes multiple environments it
  20 # indicates that environments in group are mutually exclusive.
  21 # Attributes:
  22 #  title: (optional)
  23 #  description: (optional)
  24 #  tags: a list of tags to provide additional information for e.g. filtering (optional)
  25 #  environments: (required)
  26
  27 # environments:
  28 # List of environments in environment group
  29 # Attributes:
  30 #  file: a file name including path within repository (required)
  31 #  title: (required)
  32 #  description: (optional)
  33 #  requires: an array of environments which are required by this environment (optional)
  34 #  resource_registry: [tbd] (optional)
  35
  36 # resource_registry:
  37 # [tbd] Each environment can provide options on resource_registry level applicable
  38 # only when that given environment is used. (resource_type of that environment can
  39 # be implemented using multiple templates).
  40
  41 root_template: overcloud.yaml
  42 root_environment: overcloud-resource-registry-puppet.yaml
  43 topics:
  44   - title: Base Resources Configuration
  45     description:
  46     environment_groups:
  47       - title:
  48         description: Enable base configuration for all resources required for OpenStack Deployment
  49         environments:
  50           - file: overcloud-resource-registry-puppet.yaml
  51             title: Base resources configuration
  52             description:
  53
  54   - title: Deployment Options
  55     description:
  56     environment_groups:
  57       - title: High Availability
  58         description: Enables configuration of an Overcloud controller with Pacemaker
  59         environments:
  60           - file: environments/puppet-pacemaker.yaml
  61             title: Pacemaker
  62             description: Enable configuration of an Overcloud controller with Pacemaker
  63             requires:
  64               - overcloud-resource-registry-puppet.yaml
  65       - title: Pacemaker options
  66         description:
  67         environments:
  68           - file: environments/puppet-pacemaker-no-restart.yaml
  69             title: Pacemaker No Restart
  70             description:
  71             requires:
  72               - environments/puppet-pacemaker.yaml
  73               - overcloud-resource-registry-puppet.yaml
  74       - title: Docker RDO
  75         description: >
  76           Docker container with heat agents for containerized compute node
  77         environments:
  78           - file: environments/docker.yaml
  79             title: Docker RDO
  80             description:
  81             requires:
  82               - overcloud-resource-registry-puppet.yaml
  83       - title: Enable TLS
  84         description: >
  85         environments:
  86           - file: environments/enable-tls.yaml
  87             title: TLS
  88             description: >
  89               Use this option to pass in certificates for SSL deployments.
  90               For these values to take effect, one of the TLS endpoints
  91               environments must also be used.
  92             requires:
  93               - overcloud-resource-registry-puppet.yaml
  94       - title: TLS Endpoints
  95         description: >
  96         environments:
  97           - file: environments/tls-endpoints-public-dns.yaml
  98             title: SSL-enabled deployment with DNS name as public endpoint
  99             description: >
 100               Use this environment when deploying an SSL-enabled overcloud where the public
 101               endpoint is a DNS name.
 102             requires:
 103               - environments/enable-tls.yaml
 104               - overcloud-resource-registry-puppet.yaml
 105           - file: environments/tls-endpoints-public-ip.yaml
 106             title: SSL-enabled deployment with IP address as public endpoint
 107             description: >
 108               Use this environment when deploying an SSL-enabled overcloud where the public
 109               endpoint is an IP address.
 110             requires:
 111               - environments/enable-tls.yaml
 112               - overcloud-resource-registry-puppet.yaml
 113       - title: External load balancer
 114         description: >
 115           Enable external load balancer
 116         environments:
 117           - file: environments/external-loadbalancer-vip-v6.yaml
 118             title: External load balancer IPv6
 119             description: >
 120             requires:
 121               - overcloud-resource-registry-puppet.yaml
 122           - file: environments/external-loadbalancer-vip.yaml
 123             title: External load balancer IPv4
 124             description: >
 125             requires:
 126               - overcloud-resource-registry-puppet.yaml
 127
 128   - title: Additional Services
 129     description: Deploy additional Overcloud services
 130     environment_groups:
 131       - title: Manila
 132         description:
 133         environments:
 134           - file: environments/manila-generic-config.yaml
 135             title: Manila
 136             description: Enable Manila generic driver backend
 137             requires:
 138               - overcloud-resource-registry-puppet.yaml
 139       - title: Sahara
 140         description:
 141         environments:
 142           - file: environments/services/sahara.yaml
 143             title: Sahara
 144             description: Deploy Sahara service
 145             requires:
 146               - overcloud-resource-registry-puppet.yaml
 147       - title: Ironic
 148         description:
 149         environments:
 150           - file: environments/services/ironic.yaml
 151             title: Ironic
 152             description: Deploy Ironic service
 153             requires:
 154               - overcloud-resource-registry-puppet.yaml
 155       - title: Mistral
 156         description:
 157         environments:
 158           - file: environments/services/mistral.yaml
 159             title: Mistral
 160             description: Deploy Mistral service
 161             requires:
 162               - overcloud-resource-registry-puppet.yaml
 163       - title: Ceilometer Api
 164         description:
 165         environments:
 166           - file: environments/services/disable-ceilometer-api.yaml
 167             title: Ceilometer Api
 168             description: Disable Ceilometer Api service. This service is
 169               deprecated and will be removed in future releases. Please move
 170               to using gnocchi/aodh/panko apis instead.
 171             requires:
 172               - overcloud-resource-registry-puppet.yaml
 173
 174   # - title: Network Interface Configuration
 175   #   description:
 176   #   environment_groups:
 177
 178   - title: Overlay Network Configuration
 179     description:
 180     environment_groups:
 181       - title: Network Isolation
 182         description:
 183         environments:
 184           - file: environments/network-isolation.yaml
 185             title: Network Isolation
 186             description: >
 187               Enable the creation of Neutron networks for
 188               isolated Overcloud traffic and configure each role to assign ports
 189               (related to that role) on these networks.
 190             requires:
 191               - overcloud-resource-registry-puppet.yaml
 192           - file: environments/network-isolation-v6.yaml
 193             title: Network Isolation IPv6
 194             description: >
 195               Enable the creation of IPv6 Neutron networks for isolated Overcloud
 196               traffic and configure each role to assign ports (related
 197               to that role) on these networks.
 198             requires:
 199               - overcloud-resource-registry-puppet.yaml
 200       - title: Single NIC or Bonding
 201         description: >
 202           Configure roles to use pair of bonded nics or to use Vlans on a
 203           single nic. This option assumes use of Network Isolation.
 204         environments:
 205           - file: environments/net-bond-with-vlans.yaml
 206             title: Bond with Vlans
 207             description: >
 208               Configure each role to use a pair of bonded nics (nic2 and
 209               nic3) and configures an IP address on each relevant isolated network
 210               for each role. This option assumes use of Network Isolation.
 211             requires:
 212               - environments/network-isolation.yaml
 213               - overcloud-resource-registry-puppet.yaml
 214           - file: environments/net-bond-with-vlans-no-external.yaml
 215             title: Bond with Vlans No External Ports
 216             description: >
 217               Configure each role to use a pair of bonded nics (nic2 and
 218               nic3) and configures an IP address on each relevant isolated network
 219               for each role. This option assumes use of Network Isolation.
 220               Sets external ports to noop.
 221             requires:
 222               - environments/network-isolation.yaml
 223               - overcloud-resource-registry-puppet.yaml
 224           - file: environments/net-bond-with-vlans-v6.yaml
 225             title: Bond with Vlans IPv6
 226             description: >
 227               Configure each role to use a pair of bonded nics (nic2 and
 228               nic3) and configures an IP address on each relevant isolated network
 229               for each role, with IPv6 on the External network.
 230               This option assumes use of Network Isolation IPv6.
 231             requires:
 232               - environments/network-isolation-v6.yaml
 233               - overcloud-resource-registry-puppet.yaml
 234           - file: environments/net-multiple-nics.yaml
 235             title: Multiple NICs
 236             description: >
 237               Configures each role to use a separate NIC for
 238               each isolated network.
 239               This option assumes use of Network Isolation.
 240             requires:
 241               - environments/network-isolation.yaml
 242               - overcloud-resource-registry-puppet.yaml
 243           - file: environments/net-multiple-nics-v6.yaml
 244             title: Multiple NICs IPv6
 245             description: >
 246               Configure each role to use a separate NIC for
 247               each isolated network with IPv6 on the External network.
 248               This option assumes use of Network Isolation IPv6.
 249             requires:
 250               - environments/network-isolation-v6.yaml
 251               - overcloud-resource-registry-puppet.yaml
 252           - file: environments/net-single-nic-with-vlans.yaml
 253             title: Single NIC with Vlans
 254             description: >
 255               Configure each role to use Vlans on a single NIC for
 256               each isolated network. This option assumes use of Network Isolation.
 257             requires:
 258               - environments/network-isolation.yaml
 259               - overcloud-resource-registry-puppet.yaml
 260           - file: environments/net-single-nic-with-vlans-no-external.yaml
 261             title: Single NIC with Vlans No External Ports
 262             description: >
 263               Configure each role to use Vlans on a single NIC for
 264               each isolated network. This option assumes use of Network Isolation.
 265               Sets external ports to noop.
 266             requires:
 267               - environments/network-isolation.yaml
 268               - overcloud-resource-registry-puppet.yaml
 269           - file: environments/net-single-nic-linux-bridge-with-vlans.yaml
 270             title: Single NIC with Linux Bridge Vlans
 271             description: >
 272               Configure each role to use Vlans on a single NIC for
 273               each isolated network. This option assumes use of Network Isolation.
 274             requires:
 275               - environments/network-isolation.yaml
 276               - overcloud-resource-registry-puppet.yaml
 277           - file: environments/net-single-nic-with-vlans-v6.yaml
 278             title: Single NIC with Vlans IPv6
 279             description: >
 280               Configures each role to use Vlans on a single NIC for
 281               each isolated network with IPv6 on the External network.
 282               This option assumes use of Network Isolation IPv6
 283             requires:
 284               - environments/network-isolation-v6.yaml
 285               - overcloud-resource-registry-puppet.yaml
 286       - title: Management Network
 287         description: >
 288           Enable the creation of a system management network. This
 289           creates a Neutron network for isolated Overcloud
 290           system management traffic and configures each role to
 291           assign a port (related to that role) on that network.
 292         environments:
 293           - file: environments/network-management.yaml
 294             title: Management Network
 295             description:
 296             requires:
 297               - overcloud-resource-registry-puppet.yaml
 298           - file: environments/network-management-v6.yaml
 299             title: Management Network IPv6
 300             description:
 301             requires:
 302               - overcloud-resource-registry-puppet.yaml
 303
 304   - title: Neutron Plugin Configuration
 305     description:
 306     environment_groups:
 307       - title: Neutron Plugins
 308         description: >
 309           Enable various Neutron plugins and backends
 310         environments:
 311           - file: environments/neutron-ml2-bigswitch.yaml
 312             title: BigSwitch Extensions
 313             description: >
 314               Enable Big Switch extensions, configured via puppet
 315             requires:
 316               - overcloud-resource-registry-puppet.yaml
 317           - file: environments/neutron-ml2-cisco-n1kv.yaml
 318             title: Cisco N1KV backend
 319             description: >
 320               Enable a Cisco N1KV backend, configured via puppet
 321             requires:
 322               - overcloud-resource-registry-puppet.yaml
 323           - file: environments/neutron-ml2-cisco-nexus-ucsm.yaml
 324             title: Cisco Neutron plugin
 325             description:
 326             requires:
 327               - overcloud-resource-registry-puppet.yaml
 328           - file: environments/neutron-midonet.yaml
 329             title: Deploy MidoNet Services
 330             description:
 331             requires:
 332               - overcloud-resource-registry-puppet.yaml
 333           - file: environments/neutron-nuage-config.yaml
 334             title: Neutron Nuage backend
 335             description: Enables Neutron Nuage backend on the controller
 336             requires:
 337               - overcloud-resource-registry-puppet.yaml
 338           - file: environments/neutron-opencontrail.yaml
 339             title: OpenContrail Extensions
 340             description: Enables OpenContrail extensions
 341             requires:
 342               - overcloud-resource-registry-puppet.yaml
 343           - file: environments/neutron-opendaylight.yaml
 344             title: OpenDaylight
 345             description: Enables OpenDaylight
 346             requires:
 347               - overcloud-resource-registry-puppet.yaml
 348           - file: environments/neutron-opendaylight-l3.yaml
 349             title: OpenDaylight with L3 DVR
 350             description: Enables OpenDaylight with L3 DVR
 351             requires:
 352               - overcloud-resource-registry-puppet.yaml
 353           - file: environments/neutron-ovs-dpdk.yaml
 354             title: DPDK with OVS
 355             description: Deploy DPDK with OVS
 356             requires:
 357               - overcloud-resource-registry-puppet.yaml
 358           - file: environments/neutron-ovs-dvr.yaml
 359             title: DVR
 360             description: Enables DVR in the Overcloud
 361             requires:
 362               - overcloud-resource-registry-puppet.yaml
 363           - file: environments/neutron-plumgrid.yaml
 364             title: PLUMgrid extensions
 365             description: Enables PLUMgrid extensions
 366             requires:
 367               - overcloud-resource-registry-puppet.yaml
 368           - file: environments/neutron-ml2-fujitsu-cfab.yaml
 369             title: Fujitsu Neutron plugin for C-Fabric
 370             description: Enable C-Fabric in the overcloud
 371             requires:
 372               - overcloud-resource-registry-puppet.yaml
 373           - file: environments/neutron-ml2-fujitsu-fossw.yaml
 374             title: Fujitsu Neutron plugin for FOS
 375             description: Enable FOS in the overcloud
 376             requires:
 377               - overcloud-resource-registry-puppet.yaml
 378
 379   - title: Nova Extensions
 380     description:
 381     environment_groups:
 382       - title: Nova Extensions
 383         description:
 384         environments:
 385           - file: environments/nova-nuage-config.yaml
 386             title: Nuage backend
 387             description: >
 388               Enables Nuage backend on the Compute
 389             requires:
 390               - overcloud-resource-registry-puppet.yaml
 391
 392   - title: Storage
 393     description:
 394     environment_groups:
 395       - title: Cinder backup service
 396         description:
 397         environments:
 398           - file: environments/cinder-backup.yaml
 399             title: Cinder backup service
 400             description: >
 401               OpenStack Cinder Backup service with Pacemaker configured
 402               with Puppet
 403             requires:
 404               - environments/puppet-pacemaker.yaml
 405               - overcloud-resource-registry-puppet.yaml
 406       - title: Cinder backend
 407         description: >
 408           Enable various Cinder backends
 409         environments:
 410           - file: environments/cinder-netapp-config.yaml
 411             title: Cinder NetApp backend
 412             description:
 413             requires:
 414               - overcloud-resource-registry-puppet.yaml
 415           - file: environments/cinder-dellsc-config.yaml
 416             title: Cinder Dell Storage Center ISCSI backend
 417             description: >
 418               Enables a Cinder Dell Storage Center ISCSI backend, configured
 419               via puppet
 420             requires:
 421               - overcloud-resource-registry-puppet.yaml
 422           - file: environments/cinder-hpelefthand-config.yaml
 423             title: Cinder HPELeftHandISCSI backend
 424             description: >
 425               Enables a Cinder HPELeftHandISCSI backend, configured
 426               via puppet
 427             requires:
 428               - overcloud-resource-registry-puppet.yaml
 429           - file: environments/cinder-eqlx-config.yaml
 430             title: Cinder EQLX backend
 431             description: >
 432               Enables a Cinder EQLX backend, configured via puppet
 433             requires:
 434               - overcloud-resource-registry-puppet.yaml
 435           - file: environments/cinder-iser.yaml
 436             title: Cinder iSER backend
 437             description: >
 438               Enable a Cinder iSER RDMA backend, configured via puppet
 439             requires:
 440               - overcloud-resource-registry-puppet.yaml
 441       - title: Externally managed Ceph
 442         description: >
 443           Enable the use of an externally managed Ceph cluster
 444         environments:
 445           - file: environments/puppet-ceph-external.yaml
 446             title: Externally managed Ceph
 447             description:
 448             requires:
 449               - overcloud-resource-registry-puppet.yaml
 450       - title: Ceph Devel
 451         description: >
 452           Enable a Ceph storage cluster using the controller and 2 ceph nodes.
 453           Rbd backends are enabled for Cinder, Glance, and Nova.
 454         environments:
 455           - file: environments/puppet-ceph-devel.yaml
 456             title: Ceph Devel
 457             description:
 458             requires:
 459               - overcloud-resource-registry-puppet.yaml
 460       - title: Storage Environment
 461         description: >
 462           Can be used to set up storage backends. Defaults to Ceph used as a
 463           backend for Cinder, Glance and Nova ephemeral storage. It configures
 464           for example which services will use Ceph, or if any of the services
 465           will use NFS. And more. Usually requires to be edited by user first.
 466         tags:
 467           - no-gui
 468         environments:
 469           - file: environments/storage-environment.yaml
 470             title: Storage Environment
 471             description:
 472             requires:
 473               - overcloud-resource-registry-puppet.yaml
 474
 475   - title: Utilities
 476     description:
 477     environment_groups:
 478       - title: Config Debug
 479         description: Enable config management (e.g. Puppet) debugging
 480         environments:
 481           - file: environments/config-debug.yaml
 482             title: Config Debug
 483             description:
 484             requires:
 485               - overcloud-resource-registry-puppet.yaml
 486       - title: Disable journal in MongoDb
 487         description: >
 488           Since, when journaling is enabled, MongoDb will create big journal
 489           file it can take time. In a CI environment for example journaling is
 490           not necessary.
 491         environments:
 492           - file: environments/mongodb-nojournal.yaml
 493             title: Disable journal in MongoDb
 494             description:
 495             requires:
 496               - overcloud-resource-registry-puppet.yaml
 497       - title: Overcloud Steps
 498         description: >
 499           Specifies hooks/breakpoints where overcloud deployment should stop
 500           Allows operator validation between steps, and/or more granular control.
 501           Note: the wildcards relate to naming convention for some resource suffixes,
 502           e.g see puppet/*-post.yaml, enabling this will mean we wait for
 503           a user signal on every *Deployment_StepN resource defined in those files.
 504         tags:
 505           - no-gui
 506         environments:
 507           - file: environments/overcloud-steps.yaml
 508             title: Overcloud Steps
 509             description:
 510             requires:
 511               - overcloud-resource-registry-puppet.yaml
 512       - title: Manage Firewall
 513         description:
 514         environments:
 515           - file: environments/manage-firewall.yaml
 516             title: Manage Firewall
 517             description:
 518             requires:
 519               - overcloud-resource-registry-puppet.yaml
 520
 521   - title: Operational Tools
 522     description:
 523     environment_groups:
 524       - title: Monitoring agents
 525         description: Enable monitoring agents
 526         environments:
 527           - file: environments/monitoring-environment.yaml
 528             title: enable monitoring agents
 529             description:
 530             requires:
 531               - overcloud-resource-registry-puppet.yaml
 532       - title: Centralized logging support
 533         description: Enable centralized logging clients (fluentd)
 534         environments:
 535           - file: environments/logging-environment.yaml
 536             title: Enable fluentd client
 537             description:
 538             requires:
 539               - overcloud-resource-registry-puppet.yaml
 540
 541   - title: Security Options
 542     description: Security Hardening Options
 543     environment_groups:
 544       - title: SSH Banner Text
 545         description: Enables population of SSH Banner Text
 546         environments:
 547           - file: environments/sshd-banner.yaml
 548             title: SSH Banner Text
 549             description:
 550             requires:
 551               - overcloud-resource-registry-puppet.yaml
 552       - title: Horizon Password Validation
 553         description: Enable Horizon Password validation
 554         environments:
 555           - file: environments/horizon_password_validation.yaml
 556             title: Horizon Password Validation
 557             description:
 558             requires:
 559               - overcloud-resource-registry-puppet.yaml
 560       - title: AuditD Rules
 561         description:  Management of AuditD rules
 562         environments:
 563           - file: environments/auditd.yaml
 564             title: AuditD Rule Management
 565             description:
 566             requires:
 567               - overcloud-resource-registry-puppet.yaml