capabilities-map.yaml

   1 # This file holds metadata about the capabilities of the tripleo-heat-templates
   2 # repository for deployment using puppet. It groups configuration by topic,
   3 # describes possible combinations of environments and resource capabilities.
   4
   5 # root_template: identifies repository's root template
   6 # root_environment: identifies root_environment, this one is special in terms of
   7 #   order in which the environments are merged before deploying. This one serves as
   8 #   a base and it's parameters/resource_registry gets overridden by other environments
   9 #   if used.
  10
  11 # topics:
  12 # High Level grouping by purpose of environments
  13 # Attributes:
  14 #  title: (required)
  15 #  description: (optional)
  16 #  environment_groups: (required)
  17
  18 # environment_groups:
  19 # Identifies an environment choice. If group includes multiple environments it
  20 # indicates that environments in group are mutually exclusive.
  21 # Attributes:
  22 #  title: (optional)
  23 #  description: (optional)
  24 #  tags: a list of tags to provide additional information for e.g. filtering (optional)
  25 #  environments: (required)
  26
  27 # environments:
  28 # List of environments in environment group
  29 # Attributes:
  30 #  file: a file name including path within repository (required)
  31 #  title: (required)
  32 #  description: (optional)
  33 #  requires: an array of environments which are required by this environment (optional)
  34 #  resource_registry: [tbd] (optional)
  35
  36 # resource_registry:
  37 # [tbd] Each environment can provide options on resource_registry level applicable
  38 # only when that given environment is used. (resource_type of that environment can
  39 # be implemented using multiple templates).
  40
  41 root_template: overcloud.yaml
  42 root_environment: overcloud-resource-registry-puppet.yaml
  43 topics:
  44   - title: Base Resources Configuration
  45     description:
  46     environment_groups:
  47       - title:
  48         description: Enable base configuration for all resources required for OpenStack Deployment
  49         environments:
  50           - file: overcloud-resource-registry-puppet.yaml
  51             title: Base resources configuration
  52             description:
  53
  54   - title: Deployment Options
  55     description:
  56     environment_groups:
  57       - title: High Availability
  58         description: Enables configuration of an Overcloud controller with Pacemaker
  59         environments:
  60           - file: environments/puppet-pacemaker.yaml
  61             title: Pacemaker
  62             description: Enable configuration of an Overcloud controller with Pacemaker
  63             requires:
  64               - overcloud-resource-registry-puppet.yaml
  65       - title: Pacemaker options
  66         description:
  67         environments:
  68           - file: environments/puppet-pacemaker-no-restart.yaml
  69             title: Pacemaker No Restart
  70             description:
  71             requires:
  72               - environments/puppet-pacemaker.yaml
  73               - overcloud-resource-registry-puppet.yaml
  74       - title: Docker RDO
  75         description: >
  76           Docker container with heat agents for containerized compute node
  77         environments:
  78           - file: environments/docker.yaml
  79             title: Docker RDO
  80             description:
  81             requires:
  82               - overcloud-resource-registry-puppet.yaml
  83       - title: Enable TLS
  84         description: >
  85         environments:
  86           - file: environments/enable-tls.yaml
  87             title: TLS
  88             description: >
  89               Use this option to pass in certificates for SSL deployments.
  90               For these values to take effect, one of the TLS endpoints
  91               environments must also be used.
  92             requires:
  93               - overcloud-resource-registry-puppet.yaml
  94       - title: TLS Endpoints
  95         description: >
  96         environments:
  97           - file: environments/tls-endpoints-public-dns.yaml
  98             title: SSL-enabled deployment with DNS name as public endpoint
  99             description: >
 100               Use this environment when deploying an SSL-enabled overcloud where the public
 101               endpoint is a DNS name.
 102             requires:
 103               - environments/enable-tls.yaml
 104               - overcloud-resource-registry-puppet.yaml
 105           - file: environments/tls-endpoints-public-ip.yaml
 106             title: SSL-enabled deployment with IP address as public endpoint
 107             description: >
 108               Use this environment when deploying an SSL-enabled overcloud where the public
 109               endpoint is an IP address.
 110             requires:
 111               - environments/enable-tls.yaml
 112               - overcloud-resource-registry-puppet.yaml
 113       - title: External load balancer
 114         description: >
 115           Enable external load balancer
 116         environments:
 117           - file: environments/external-loadbalancer-vip-v6.yaml
 118             title: External load balancer IPv6
 119             description: >
 120             requires:
 121               - overcloud-resource-registry-puppet.yaml
 122           - file: environments/external-loadbalancer-vip.yaml
 123             title: External load balancer IPv4
 124             description: >
 125             requires:
 126               - overcloud-resource-registry-puppet.yaml
 127
 128   - title: Additional Services
 129     description: Deploy additional Overcloud services
 130     environment_groups:
 131       - title: Manila
 132         description:
 133         environments:
 134           - file: environments/manila-generic-config.yaml
 135             title: Manila
 136             description: Enable Manila generic driver backend
 137             requires:
 138               - overcloud-resource-registry-puppet.yaml
 139       - title: Sahara
 140         description:
 141         environments:
 142           - file: environments/services/sahara.yaml
 143             title: Sahara
 144             description: Deploy Sahara service
 145             requires:
 146               - overcloud-resource-registry-puppet.yaml
 147       - title: Ironic
 148         description:
 149         environments:
 150           - file: environments/services/ironic.yaml
 151             title: Ironic
 152             description: Deploy Ironic service
 153             requires:
 154               - overcloud-resource-registry-puppet.yaml
 155       - title: Mistral
 156         description:
 157         environments:
 158           - file: environments/services/mistral.yaml
 159             title: Mistral
 160             description: Deploy Mistral service
 161             requires:
 162               - overcloud-resource-registry-puppet.yaml
 163       - title: Ceilometer Api
 164         description:
 165         environments:
 166           - file: environments/services/disable-ceilometer-api.yaml
 167             title: Ceilometer Api
 168             description: Disable Ceilometer Api service. This service is
 169               deprecated and will be removed in future releases. Please move
 170               to using gnocchi/aodh/panko apis instead.
 171             requires:
 172               - overcloud-resource-registry-puppet.yaml
 173
 174   # - title: Network Interface Configuration
 175   #   description:
 176   #   environment_groups:
 177
 178   - title: Overlay Network Configuration
 179     description:
 180     environment_groups:
 181       - title: Network Isolation
 182         description:
 183         environments:
 184           - file: environments/network-isolation.yaml
 185             title: Network Isolation
 186             description: >
 187               Enable the creation of Neutron networks for
 188               isolated Overcloud traffic and configure each role to assign ports
 189               (related to that role) on these networks.
 190             requires:
 191               - overcloud-resource-registry-puppet.yaml
 192           - file: environments/network-isolation-v6.yaml
 193             title: Network Isolation IPv6
 194             description: >
 195               Enable the creation of IPv6 Neutron networks for isolated Overcloud
 196               traffic and configure each role to assign ports (related
 197               to that role) on these networks.
 198             requires:
 199               - overcloud-resource-registry-puppet.yaml
 200       - title: Single NIC or Bonding
 201         description: >
 202           Configure roles to use pair of bonded nics or to use Vlans on a
 203           single nic. This option assumes use of Network Isolation.
 204         environments:
 205           - file: environments/net-bond-with-vlans.yaml
 206             title: Bond with Vlans
 207             description: >
 208               Configure each role to use a pair of bonded nics (nic2 and
 209               nic3) and configures an IP address on each relevant isolated network
 210               for each role. This option assumes use of Network Isolation.
 211             requires:
 212               - environments/network-isolation.yaml
 213               - overcloud-resource-registry-puppet.yaml
 214           - file: environments/net-bond-with-vlans-no-external.yaml
 215             title: Bond with Vlans No External Ports
 216             description: >
 217               Configure each role to use a pair of bonded nics (nic2 and
 218               nic3) and configures an IP address on each relevant isolated network
 219               for each role. This option assumes use of Network Isolation.
 220               Sets external ports to noop.
 221             requires:
 222               - environments/network-isolation.yaml
 223               - overcloud-resource-registry-puppet.yaml
 224           - file: environments/net-bond-with-vlans-v6.yaml
 225             title: Bond with Vlans IPv6
 226             description: >
 227               Configure each role to use a pair of bonded nics (nic2 and
 228               nic3) and configures an IP address on each relevant isolated network
 229               for each role, with IPv6 on the External network.
 230               This option assumes use of Network Isolation IPv6.
 231             requires:
 232               - environments/network-isolation-v6.yaml
 233               - overcloud-resource-registry-puppet.yaml
 234           - file: environments/net-multiple-nics.yaml
 235             title: Multiple NICs
 236             description: >
 237               Configures each role to use a separate NIC for
 238               each isolated network.
 239               This option assumes use of Network Isolation.
 240             requires:
 241               - environments/network-isolation.yaml
 242               - overcloud-resource-registry-puppet.yaml
 243           - file: environments/net-multiple-nics-v6.yaml
 244             title: Multiple NICs IPv6
 245             description: >
 246               Configure each role to use a separate NIC for
 247               each isolated network with IPv6 on the External network.
 248               This option assumes use of Network Isolation IPv6.
 249             requires:
 250               - environments/network-isolation-v6.yaml
 251               - overcloud-resource-registry-puppet.yaml
 252           - file: environments/net-single-nic-with-vlans.yaml
 253             title: Single NIC with Vlans
 254             description: >
 255               Configure each role to use Vlans on a single NIC for
 256               each isolated network. This option assumes use of Network Isolation.
 257             requires:
 258               - environments/network-isolation.yaml
 259               - overcloud-resource-registry-puppet.yaml
 260           - file: environments/net-single-nic-with-vlans-no-external.yaml
 261             title: Single NIC with Vlans No External Ports
 262             description: >
 263               Configure each role to use Vlans on a single NIC for
 264               each isolated network. This option assumes use of Network Isolation.
 265               Sets external ports to noop.
 266             requires:
 267               - environments/network-isolation.yaml
 268               - overcloud-resource-registry-puppet.yaml
 269           - file: environments/net-single-nic-linux-bridge-with-vlans.yaml
 270             title: Single NIC with Linux Bridge Vlans
 271             description: >
 272               Configure each role to use Vlans on a single NIC for
 273               each isolated network. This option assumes use of Network Isolation.
 274             requires:
 275               - environments/network-isolation.yaml
 276               - overcloud-resource-registry-puppet.yaml
 277           - file: environments/net-single-nic-with-vlans-v6.yaml
 278             title: Single NIC with Vlans IPv6
 279             description: >
 280               Configures each role to use Vlans on a single NIC for
 281               each isolated network with IPv6 on the External network.
 282               This option assumes use of Network Isolation IPv6
 283             requires:
 284               - environments/network-isolation-v6.yaml
 285               - overcloud-resource-registry-puppet.yaml
 286       - title: Management Network
 287         description: >
 288           Enable the creation of a system management network. This
 289           creates a Neutron network for isolated Overcloud
 290           system management traffic and configures each role to
 291           assign a port (related to that role) on that network.
 292         environments:
 293           - file: environments/network-management.yaml
 294             title: Management Network
 295             description:
 296             requires:
 297               - overcloud-resource-registry-puppet.yaml
 298           - file: environments/network-management-v6.yaml
 299             title: Management Network IPv6
 300             description:
 301             requires:
 302               - overcloud-resource-registry-puppet.yaml
 303
 304   - title: Neutron Plugin Configuration
 305     description:
 306     environment_groups:
 307       - title: Neutron Plugins
 308         description: >
 309           Enable various Neutron plugins and backends
 310         environments:
 311           - file: environments/neutron-ml2-bigswitch.yaml
 312             title: BigSwitch Extensions
 313             description: >
 314               Enable Big Switch extensions, configured via puppet
 315             requires:
 316               - overcloud-resource-registry-puppet.yaml
 317           - file: environments/neutron-ml2-cisco-n1kv.yaml
 318             title: Cisco N1KV backend
 319             description: >
 320               Enable a Cisco N1KV backend, configured via puppet
 321             requires:
 322               - overcloud-resource-registry-puppet.yaml
 323           - file: environments/neutron-ml2-cisco-nexus-ucsm.yaml
 324             title: Cisco Neutron plugin
 325             description:
 326             requires:
 327               - overcloud-resource-registry-puppet.yaml
 328           - file: environments/neutron-midonet.yaml
 329             title: Deploy MidoNet Services
 330             description:
 331             requires:
 332               - overcloud-resource-registry-puppet.yaml
 333           - file: environments/neutron-nuage-config.yaml
 334             title: Neutron Nuage backend
 335             description: Enables Neutron Nuage backend on the controller
 336             requires:
 337               - overcloud-resource-registry-puppet.yaml
 338           - file: environments/neutron-opendaylight.yaml
 339             title: OpenDaylight
 340             description: Enables OpenDaylight
 341             requires:
 342               - overcloud-resource-registry-puppet.yaml
 343           - file: environments/neutron-ovs-dpdk.yaml
 344             title: DPDK with OVS
 345             description: Deploy DPDK with OVS
 346             requires:
 347               - overcloud-resource-registry-puppet.yaml
 348           - file: environments/neutron-ovs-dvr.yaml
 349             title: DVR
 350             description: Enables DVR in the Overcloud
 351             requires:
 352               - overcloud-resource-registry-puppet.yaml
 353           - file: environments/neutron-plumgrid.yaml
 354             title: PLUMgrid extensions
 355             description: Enables PLUMgrid extensions
 356             requires:
 357               - overcloud-resource-registry-puppet.yaml
 358           - file: environments/neutron-ml2-fujitsu-cfab.yaml
 359             title: Fujitsu Neutron plugin for C-Fabric
 360             description: Enable C-Fabric in the overcloud
 361             requires:
 362               - overcloud-resource-registry-puppet.yaml
 363           - file: environments/neutron-ml2-fujitsu-fossw.yaml
 364             title: Fujitsu Neutron plugin for FOS
 365             description: Enable FOS in the overcloud
 366             requires:
 367               - overcloud-resource-registry-puppet.yaml
 368
 369   - title: Nova Extensions
 370     description:
 371     environment_groups:
 372       - title: Nova Extensions
 373         description:
 374         environments:
 375           - file: environments/nova-nuage-config.yaml
 376             title: Nuage backend
 377             description: >
 378               Enables Nuage backend on the Compute
 379             requires:
 380               - overcloud-resource-registry-puppet.yaml
 381
 382   - title: Storage
 383     description:
 384     environment_groups:
 385       - title: Cinder backup service
 386         description:
 387         environments:
 388           - file: environments/cinder-backup.yaml
 389             title: Cinder backup service
 390             description: >
 391               OpenStack Cinder Backup service with Pacemaker configured
 392               with Puppet
 393             requires:
 394               - environments/puppet-pacemaker.yaml
 395               - overcloud-resource-registry-puppet.yaml
 396       - title: Cinder backend
 397         description: >
 398           Enable various Cinder backends
 399         environments:
 400           - file: environments/cinder-netapp-config.yaml
 401             title: Cinder NetApp backend
 402             description:
 403             requires:
 404               - overcloud-resource-registry-puppet.yaml
 405           - file: environments/cinder-dellsc-config.yaml
 406             title: Cinder Dell EMC Storage Center ISCSI backend
 407             description: >
 408               Enables a Cinder Dell EMC Storage Center ISCSI backend,
 409               configured via puppet
 410             requires:
 411               - overcloud-resource-registry-puppet.yaml
 412           - file: environments/cinder-hpelefthand-config.yaml
 413             title: Cinder HPELeftHandISCSI backend
 414             description: >
 415               Enables a Cinder HPELeftHandISCSI backend, configured
 416               via puppet
 417             requires:
 418               - overcloud-resource-registry-puppet.yaml
 419           - file: environments/cinder-dellps-config.yaml
 420             title: Cinder Dell EMC PS Series backend
 421             description: >
 422               Enables a Cinder Dell EMC PS Series backend,
 423               configured via puppet
 424             requires:
 425               - overcloud-resource-registry-puppet.yaml
 426           - file: environments/cinder-iser.yaml
 427             title: Cinder iSER backend
 428             description: >
 429               Enable a Cinder iSER RDMA backend, configured via puppet
 430           - file: environments/cinder-scaleio-config.yaml
 431             title: Cinder Dell EMC ScaleIO backend
 432             description: >
 433               Enables a Cinder Dell EMC ScaleIO backend,
 434               configured via puppet
 435             requires:
 436               - overcloud-resource-registry-puppet.yaml
 437       - title: Ceph
 438         description: >
 439           Enable the use of Ceph in the overcloud
 440         environments:
 441           - file: environments/puppet-ceph-external.yaml
 442             title: Externally managed Ceph
 443             description: >
 444               Configures the overcloud to use an externally managed Ceph cluster, via RBD driver.
 445             requires:
 446               - overcloud-resource-registry-puppet.yaml
 447           - file: environments/puppet-ceph.yaml
 448             title: TripleO managed Ceph
 449             description: >
 450               Deploys a Ceph cluster via TripleO, requires at lease one CephStorage node or
 451               use of hyperconverged-ceph.yaml environment for the HCI scenario, where CephOSD is
 452               colocated with NovaCompute and configures the overcloud to use it, via RBD driver.
 453             requires:
 454               - overcloud-resource-registry-puppet.yaml
 455       - title: CephMDS
 456         description: >
 457           Deploys CephMDS via TripleO, an additional Ceph service needed to create shared
 458           filesystems hosted in Ceph.
 459         environments:
 460           - file: environments/services/ceph-mds.yaml
 461             title: Deploys CephMDS
 462             description:
 463             requires:
 464               - environments/puppet-ceph.yaml
 465       - title: Ceph Rados Gateway
 466         description: >
 467           Deploys CephRGW via TripleO, transparently replaces Swift providing a compatible API
 468           which stores data in the Ceph cluster.
 469         environments:
 470           - file: environments/ceph-radosgw.yaml
 471             title: Deploys CephRGW
 472             description:
 473             requires:
 474               - environments/puppet-ceph.yaml
 475       - title: Manila with CephFS
 476         description: >
 477           Deploys Manila and configures it with the CephFS driver. This requires the deployment of
 478           Ceph and CephMDS from TripleO or the use of an external Ceph cluster for the overcloud.
 479         environments:
 480           - file: environments/manila-cephfsnative-config.yaml
 481             title: Deploys Manila with CephFS driver
 482             description: Deploys Manila and configures CephFS as its default backend.
 483             requires:
 484               - overcloud-resource-registry-puppet.yaml
 485       - title: Storage Environment
 486         description: >
 487           Can be used to set up storage backends. Defaults to Ceph used as a
 488           backend for Cinder, Glance, Nova ephemeral storage and Gnocchi. It
 489           configures which services will use Ceph, or if any of the services
 490           will use NFS. And more. Usually requires to be edited by user first.
 491         tags:
 492           - no-gui
 493         environments:
 494           - file: environments/storage-environment.yaml
 495             title: Storage Environment
 496             description:
 497             requires:
 498               - overcloud-resource-registry-puppet.yaml
 499
 500   - title: Utilities
 501     description:
 502     environment_groups:
 503       - title: Config Debug
 504         description: Enable config management (e.g. Puppet) debugging
 505         environments:
 506           - file: environments/config-debug.yaml
 507             title: Config Debug
 508             description:
 509             requires:
 510               - overcloud-resource-registry-puppet.yaml
 511       - title: Disable journal in MongoDb
 512         description: >
 513           Since, when journaling is enabled, MongoDb will create big journal
 514           file it can take time. In a CI environment for example journaling is
 515           not necessary.
 516         environments:
 517           - file: environments/mongodb-nojournal.yaml
 518             title: Disable journal in MongoDb
 519             description:
 520             requires:
 521               - overcloud-resource-registry-puppet.yaml
 522       - title: Overcloud Steps
 523         description: >
 524           Specifies hooks/breakpoints where overcloud deployment should stop
 525           Allows operator validation between steps, and/or more granular control.
 526           Note: the wildcards relate to naming convention for some resource suffixes,
 527           e.g see puppet/*-post.yaml, enabling this will mean we wait for
 528           a user signal on every *Deployment_StepN resource defined in those files.
 529         tags:
 530           - no-gui
 531         environments:
 532           - file: environments/overcloud-steps.yaml
 533             title: Overcloud Steps
 534             description:
 535             requires:
 536               - overcloud-resource-registry-puppet.yaml
 537
 538   - title: Operational Tools
 539     description:
 540     environment_groups:
 541       - title: Monitoring agents
 542         description: Enable monitoring agents
 543         environments:
 544           - file: environments/monitoring-environment.yaml
 545             title: enable monitoring agents
 546             description:
 547             requires:
 548               - overcloud-resource-registry-puppet.yaml
 549       - title: Centralized logging support
 550         description: Enable centralized logging clients (fluentd)
 551         environments:
 552           - file: environments/logging-environment.yaml
 553             title: Enable fluentd client
 554             description:
 555             requires:
 556               - overcloud-resource-registry-puppet.yaml
 557
 558   - title: Security Options
 559     description: Security Hardening Options
 560     environment_groups:
 561       - title: SSH Banner Text
 562         description: Enables population of SSH Banner Text
 563         environments:
 564           - file: environments/sshd-banner.yaml
 565             title: SSH Banner Text
 566             description:
 567             requires:
 568               - overcloud-resource-registry-puppet.yaml
 569       - title: Horizon Password Validation
 570         description: Enable Horizon Password validation
 571         environments:
 572           - file: environments/horizon_password_validation.yaml
 573             title: Horizon Password Validation
 574             description:
 575             requires:
 576               - overcloud-resource-registry-puppet.yaml
 577       - title: AuditD Rules
 578         description:  Management of AuditD rules
 579         environments:
 580           - file: environments/auditd.yaml
 581             title: AuditD Rule Management
 582             description:
 583             requires:
 584               - overcloud-resource-registry-puppet.yaml
 585       - title: Keystone CADF auditing
 586         description: Enable CADF notifications in Keystone for auditing
 587         environments:
 588           - file: environments/cadf.yaml
 589             title: Keystone CADF auditing