capabilities-map.yaml

   1 # This file holds metadata about the capabilities of the tripleo-heat-templates
   2 # repository for deployment using puppet. It groups configuration by topic,
   3 # describes possible combinations of environments and resource capabilities.
   4
   5 # root_template: identifies repository's root template
   6 # root_environment: identifies root_environment, this one is special in terms of
   7 #   order in which the environments are merged before deploying. This one serves as
   8 #   a base and it's parameters/resource_registry gets overridden by other environments
   9 #   if used.
  10
  11 # topics:
  12 # High Level grouping by purpose of environments
  13 # Attributes:
  14 #  title: (required)
  15 #  description: (optional)
  16 #  environment_groups: (required)
  17
  18 # environment_groups:
  19 # Identifies an environment choice. If group includes multiple environments it
  20 # indicates that environments in group are mutually exclusive.
  21 # Attributes:
  22 #  title: (optional)
  23 #  description: (optional)
  24 #  tags: a list of tags to provide additional information for e.g. filtering (optional)
  25 #  environments: (required)
  26
  27 # environments:
  28 # List of environments in environment group
  29 # Attributes:
  30 #  file: a file name including path within repository (required)
  31 #  title: (required)
  32 #  description: (optional)
  33 #  requires: an array of environments which are required by this environment (optional)
  34 #  resource_registry: [tbd] (optional)
  35
  36 # resource_registry:
  37 # [tbd] Each environment can provide options on resource_registry level applicable
  38 # only when that given environment is used. (resource_type of that environment can
  39 # be implemented using multiple templates).
  40
  41 root_template: overcloud.yaml
  42 root_environment: overcloud-resource-registry-puppet.yaml
  43 topics:
  44   - title: Base Resources Configuration
  45     description:
  46     environment_groups:
  47       - title:
  48         description: Enable base configuration for all resources required for OpenStack Deployment
  49         environments:
  50           - file: overcloud-resource-registry-puppet.yaml
  51             title: Base resources configuration
  52             description:
  53
  54   - title: Deployment Options
  55     description:
  56     environment_groups:
  57       - title: High Availability
  58         description: Enables configuration of an Overcloud controller with Pacemaker
  59         environments:
  60           - file: environments/puppet-pacemaker.yaml
  61             title: Pacemaker
  62             description: Enable configuration of an Overcloud controller with Pacemaker
  63             requires:
  64               - overcloud-resource-registry-puppet.yaml
  65       - title: Pacemaker options
  66         description:
  67         environments:
  68           - file: environments/puppet-pacemaker-no-restart.yaml
  69             title: Pacemaker No Restart
  70             description:
  71             requires:
  72               - environments/puppet-pacemaker.yaml
  73               - overcloud-resource-registry-puppet.yaml
  74       - title: Docker RDO
  75         description: >
  76           Docker container with heat agents for containerized compute node
  77         environments:
  78           - file: environments/docker.yaml
  79             title: Docker RDO
  80             description:
  81             requires:
  82               - overcloud-resource-registry-puppet.yaml
  83       - title: Enable TLS
  84         description: >
  85         environments:
  86           - file: environments/enable-tls.yaml
  87             title: TLS
  88             description: >
  89               Use this option to pass in certificates for SSL deployments.
  90               For these values to take effect, one of the TLS endpoints
  91               environments must also be used.
  92             requires:
  93               - overcloud-resource-registry-puppet.yaml
  94       - title: TLS Endpoints
  95         description: >
  96         environments:
  97           - file: environments/tls-endpoints-public-dns.yaml
  98             title: SSL-enabled deployment with DNS name as public endpoint
  99             description: >
 100               Use this environment when deploying an SSL-enabled overcloud where the public
 101               endpoint is a DNS name.
 102             requires:
 103               - environments/enable-tls.yaml
 104               - overcloud-resource-registry-puppet.yaml
 105           - file: environments/tls-endpoints-public-ip.yaml
 106             title: SSL-enabled deployment with IP address as public endpoint
 107             description: >
 108               Use this environment when deploying an SSL-enabled overcloud where the public
 109               endpoint is an IP address.
 110             requires:
 111               - environments/enable-tls.yaml
 112               - overcloud-resource-registry-puppet.yaml
 113       - title: External load balancer
 114         description: >
 115           Enable external load balancer
 116         environments:
 117           - file: environments/external-loadbalancer-vip-v6.yaml
 118             title: External load balancer IPv6
 119             description: >
 120             requires:
 121               - overcloud-resource-registry-puppet.yaml
 122           - file: environments/external-loadbalancer-vip.yaml
 123             title: External load balancer IPv4
 124             description: >
 125             requires:
 126               - overcloud-resource-registry-puppet.yaml
 127
 128   - title: Additional Services
 129     description: Deploy additional Overcloud services
 130     environment_groups:
 131       - title: Manila
 132         description:
 133         environments:
 134           - file: environments/manila-generic-config.yaml
 135             title: Manila
 136             description: Enable Manila generic driver backend
 137             requires:
 138               - overcloud-resource-registry-puppet.yaml
 139       - title: Sahara
 140         description:
 141         environments:
 142           - file: environments/services/sahara.yaml
 143             title: Sahara
 144             description: Deploy Sahara service
 145             requires:
 146               - overcloud-resource-registry-puppet.yaml
 147       - title: Ironic
 148         description:
 149         environments:
 150           - file: environments/services/ironic.yaml
 151             title: Ironic
 152             description: Deploy Ironic service
 153             requires:
 154               - overcloud-resource-registry-puppet.yaml
 155       - title: Mistral
 156         description:
 157         environments:
 158           - file: environments/services/mistral.yaml
 159             title: Mistral
 160             description: Deploy Mistral service
 161             requires:
 162               - overcloud-resource-registry-puppet.yaml
 163       - title: Ceilometer Api
 164         description:
 165         environments:
 166           - file: environments/services/disable-ceilometer-api.yaml
 167             title: Ceilometer Api
 168             description: Disable Ceilometer Api service. This service is
 169               deprecated and will be removed in future releases. Please move
 170               to using gnocchi/aodh/panko apis instead.
 171             requires:
 172               - overcloud-resource-registry-puppet.yaml
 173
 174   # - title: Network Interface Configuration
 175   #   description:
 176   #   environment_groups:
 177
 178   - title: Overlay Network Configuration
 179     description:
 180     environment_groups:
 181       - title: Network Isolation
 182         description:
 183         environments:
 184           - file: environments/network-isolation.yaml
 185             title: Network Isolation
 186             description: >
 187               Enable the creation of Neutron networks for
 188               isolated Overcloud traffic and configure each role to assign ports
 189               (related to that role) on these networks.
 190             requires:
 191               - overcloud-resource-registry-puppet.yaml
 192           - file: environments/network-isolation-v6.yaml
 193             title: Network Isolation IPv6
 194             description: >
 195               Enable the creation of IPv6 Neutron networks for isolated Overcloud
 196               traffic and configure each role to assign ports (related
 197               to that role) on these networks.
 198             requires:
 199               - overcloud-resource-registry-puppet.yaml
 200       - title: Single NIC or Bonding
 201         description: >
 202           Configure roles to use pair of bonded nics or to use Vlans on a
 203           single nic. This option assumes use of Network Isolation.
 204         environments:
 205           - file: environments/net-bond-with-vlans.yaml
 206             title: Bond with Vlans
 207             description: >
 208               Configure each role to use a pair of bonded nics (nic2 and
 209               nic3) and configures an IP address on each relevant isolated network
 210               for each role. This option assumes use of Network Isolation.
 211             requires:
 212               - environments/network-isolation.yaml
 213               - overcloud-resource-registry-puppet.yaml
 214           - file: environments/net-bond-with-vlans-no-external.yaml
 215             title: Bond with Vlans No External Ports
 216             description: >
 217               Configure each role to use a pair of bonded nics (nic2 and
 218               nic3) and configures an IP address on each relevant isolated network
 219               for each role. This option assumes use of Network Isolation.
 220               Sets external ports to noop.
 221             requires:
 222               - environments/network-isolation.yaml
 223               - overcloud-resource-registry-puppet.yaml
 224           - file: environments/net-bond-with-vlans-v6.yaml
 225             title: Bond with Vlans IPv6
 226             description: >
 227               Configure each role to use a pair of bonded nics (nic2 and
 228               nic3) and configures an IP address on each relevant isolated network
 229               for each role, with IPv6 on the External network.
 230               This option assumes use of Network Isolation IPv6.
 231             requires:
 232               - environments/network-isolation-v6.yaml
 233               - overcloud-resource-registry-puppet.yaml
 234           - file: environments/net-multiple-nics.yaml
 235             title: Multiple NICs
 236             description: >
 237               Configures each role to use a separate NIC for
 238               each isolated network.
 239               This option assumes use of Network Isolation.
 240             requires:
 241               - environments/network-isolation.yaml
 242               - overcloud-resource-registry-puppet.yaml
 243           - file: environments/net-multiple-nics-v6.yaml
 244             title: Multiple NICs IPv6
 245             description: >
 246               Configure each role to use a separate NIC for
 247               each isolated network with IPv6 on the External network.
 248               This option assumes use of Network Isolation IPv6.
 249             requires:
 250               - environments/network-isolation-v6.yaml
 251               - overcloud-resource-registry-puppet.yaml
 252           - file: environments/net-single-nic-with-vlans.yaml
 253             title: Single NIC with Vlans
 254             description: >
 255               Configure each role to use Vlans on a single NIC for
 256               each isolated network. This option assumes use of Network Isolation.
 257             requires:
 258               - environments/network-isolation.yaml
 259               - overcloud-resource-registry-puppet.yaml
 260           - file: environments/net-single-nic-with-vlans-no-external.yaml
 261             title: Single NIC with Vlans No External Ports
 262             description: >
 263               Configure each role to use Vlans on a single NIC for
 264               each isolated network. This option assumes use of Network Isolation.
 265               Sets external ports to noop.
 266             requires:
 267               - environments/network-isolation.yaml
 268               - overcloud-resource-registry-puppet.yaml
 269           - file: environments/net-single-nic-linux-bridge-with-vlans.yaml
 270             title: Single NIC with Linux Bridge Vlans
 271             description: >
 272               Configure each role to use Vlans on a single NIC for
 273               each isolated network. This option assumes use of Network Isolation.
 274             requires:
 275               - environments/network-isolation.yaml
 276               - overcloud-resource-registry-puppet.yaml
 277           - file: environments/net-single-nic-with-vlans-v6.yaml
 278             title: Single NIC with Vlans IPv6
 279             description: >
 280               Configures each role to use Vlans on a single NIC for
 281               each isolated network with IPv6 on the External network.
 282               This option assumes use of Network Isolation IPv6
 283             requires:
 284               - environments/network-isolation-v6.yaml
 285               - overcloud-resource-registry-puppet.yaml
 286       - title: Management Network
 287         description: >
 288           Enable the creation of a system management network. This
 289           creates a Neutron network for isolated Overcloud
 290           system management traffic and configures each role to
 291           assign a port (related to that role) on that network.
 292         environments:
 293           - file: environments/network-management.yaml
 294             title: Management Network
 295             description:
 296             requires:
 297               - overcloud-resource-registry-puppet.yaml
 298           - file: environments/network-management-v6.yaml
 299             title: Management Network IPv6
 300             description:
 301             requires:
 302               - overcloud-resource-registry-puppet.yaml
 303
 304   - title: Neutron Plugin Configuration
 305     description:
 306     environment_groups:
 307       - title: Neutron Plugins
 308         description: >
 309           Enable various Neutron plugins and backends
 310         environments:
 311           - file: environments/neutron-ml2-bigswitch.yaml
 312             title: BigSwitch Extensions
 313             description: >
 314               Enable Big Switch extensions, configured via puppet
 315             requires:
 316               - overcloud-resource-registry-puppet.yaml
 317           - file: environments/neutron-ml2-cisco-n1kv.yaml
 318             title: Cisco N1KV backend
 319             description: >
 320               Enable a Cisco N1KV backend, configured via puppet
 321             requires:
 322               - overcloud-resource-registry-puppet.yaml
 323           - file: environments/neutron-ml2-cisco-nexus-ucsm.yaml
 324             title: Cisco Neutron plugin
 325             description:
 326             requires:
 327               - overcloud-resource-registry-puppet.yaml
 328           - file: environments/neutron-midonet.yaml
 329             title: Deploy MidoNet Services
 330             description:
 331             requires:
 332               - overcloud-resource-registry-puppet.yaml
 333           - file: environments/neutron-nuage-config.yaml
 334             title: Neutron Nuage backend
 335             description: Enables Neutron Nuage backend on the controller
 336             requires:
 337               - overcloud-resource-registry-puppet.yaml
 338           - file: environments/neutron-opencontrail.yaml
 339             title: OpenContrail Extensions
 340             description: Enables OpenContrail extensions
 341             requires:
 342               - overcloud-resource-registry-puppet.yaml
 343           - file: environments/neutron-opendaylight.yaml
 344             title: OpenDaylight
 345             description: Enables OpenDaylight
 346             requires:
 347               - overcloud-resource-registry-puppet.yaml
 348           - file: environments/neutron-opendaylight-l3.yaml
 349             title: OpenDaylight with L3 DVR
 350             description: Enables OpenDaylight with L3 DVR
 351             requires:
 352               - overcloud-resource-registry-puppet.yaml
 353           - file: environments/neutron-ovs-dpdk.yaml
 354             title: DPDK with OVS
 355             description: Deploy DPDK with OVS
 356             requires:
 357               - overcloud-resource-registry-puppet.yaml
 358           - file: environments/neutron-ovs-dvr.yaml
 359             title: DVR
 360             description: Enables DVR in the Overcloud
 361             requires:
 362               - overcloud-resource-registry-puppet.yaml
 363           - file: environments/neutron-plumgrid.yaml
 364             title: PLUMgrid extensions
 365             description: Enables PLUMgrid extensions
 366             requires:
 367               - overcloud-resource-registry-puppet.yaml
 368           - file: environments/neutron-ml2-fujitsu-cfab.yaml
 369             title: Fujitsu Neutron plugin for C-Fabric
 370             description: Enable C-Fabric in the overcloud
 371             requires:
 372               - overcloud-resource-registry-puppet.yaml
 373           - file: environments/neutron-ml2-fujitsu-fossw.yaml
 374             title: Fujitsu Neutron plugin for FOS
 375             description: Enable FOS in the overcloud
 376             requires:
 377               - overcloud-resource-registry-puppet.yaml
 378
 379   - title: Nova Extensions
 380     description:
 381     environment_groups:
 382       - title: Nova Extensions
 383         description:
 384         environments:
 385           - file: environments/nova-nuage-config.yaml
 386             title: Nuage backend
 387             description: >
 388               Enables Nuage backend on the Compute
 389             requires:
 390               - overcloud-resource-registry-puppet.yaml
 391
 392   - title: Storage
 393     description:
 394     environment_groups:
 395       - title: Cinder backup service
 396         description:
 397         environments:
 398           - file: environments/cinder-backup.yaml
 399             title: Cinder backup service
 400             description: >
 401               OpenStack Cinder Backup service with Pacemaker configured
 402               with Puppet
 403             requires:
 404               - environments/puppet-pacemaker.yaml
 405               - overcloud-resource-registry-puppet.yaml
 406       - title: Cinder backend
 407         description: >
 408           Enable various Cinder backends
 409         environments:
 410           - file: environments/cinder-netapp-config.yaml
 411             title: Cinder NetApp backend
 412             description:
 413             requires:
 414               - overcloud-resource-registry-puppet.yaml
 415           - file: environments/cinder-dellsc-config.yaml
 416             title: Cinder Dell EMC Storage Center ISCSI backend
 417             description: >
 418               Enables a Cinder Dell EMC Storage Center ISCSI backend,
 419               configured via puppet
 420             requires:
 421               - overcloud-resource-registry-puppet.yaml
 422           - file: environments/cinder-hpelefthand-config.yaml
 423             title: Cinder HPELeftHandISCSI backend
 424             description: >
 425               Enables a Cinder HPELeftHandISCSI backend, configured
 426               via puppet
 427             requires:
 428               - overcloud-resource-registry-puppet.yaml
 429           - file: environments/cinder-dellps-config.yaml
 430             title: Cinder Dell EMC PS Series backend
 431             description: >
 432               Enables a Cinder Dell EMC PS Series backend,
 433               configured via puppet
 434             requires:
 435               - overcloud-resource-registry-puppet.yaml
 436           - file: environments/cinder-iser.yaml
 437             title: Cinder iSER backend
 438             description: >
 439               Enable a Cinder iSER RDMA backend, configured via puppet
 440             requires:
 441               - overcloud-resource-registry-puppet.yaml
 442       - title: Externally managed Ceph
 443         description: >
 444           Enable the use of an externally managed Ceph cluster
 445         environments:
 446           - file: environments/puppet-ceph-external.yaml
 447             title: Externally managed Ceph
 448             description:
 449             requires:
 450               - overcloud-resource-registry-puppet.yaml
 451       - title: Ceph Devel
 452         description: >
 453           Enable a Ceph storage cluster using the controller and 2 ceph nodes.
 454           Rbd backends are enabled for Cinder, Glance, and Nova.
 455         environments:
 456           - file: environments/puppet-ceph-devel.yaml
 457             title: Ceph Devel
 458             description:
 459             requires:
 460               - overcloud-resource-registry-puppet.yaml
 461       - title: Storage Environment
 462         description: >
 463           Can be used to set up storage backends. Defaults to Ceph used as a
 464           backend for Cinder, Glance and Nova ephemeral storage. It configures
 465           for example which services will use Ceph, or if any of the services
 466           will use NFS. And more. Usually requires to be edited by user first.
 467         tags:
 468           - no-gui
 469         environments:
 470           - file: environments/storage-environment.yaml
 471             title: Storage Environment
 472             description:
 473             requires:
 474               - overcloud-resource-registry-puppet.yaml
 475
 476   - title: Utilities
 477     description:
 478     environment_groups:
 479       - title: Config Debug
 480         description: Enable config management (e.g. Puppet) debugging
 481         environments:
 482           - file: environments/config-debug.yaml
 483             title: Config Debug
 484             description:
 485             requires:
 486               - overcloud-resource-registry-puppet.yaml
 487       - title: Disable journal in MongoDb
 488         description: >
 489           Since, when journaling is enabled, MongoDb will create big journal
 490           file it can take time. In a CI environment for example journaling is
 491           not necessary.
 492         environments:
 493           - file: environments/mongodb-nojournal.yaml
 494             title: Disable journal in MongoDb
 495             description:
 496             requires:
 497               - overcloud-resource-registry-puppet.yaml
 498       - title: Overcloud Steps
 499         description: >
 500           Specifies hooks/breakpoints where overcloud deployment should stop
 501           Allows operator validation between steps, and/or more granular control.
 502           Note: the wildcards relate to naming convention for some resource suffixes,
 503           e.g see puppet/*-post.yaml, enabling this will mean we wait for
 504           a user signal on every *Deployment_StepN resource defined in those files.
 505         tags:
 506           - no-gui
 507         environments:
 508           - file: environments/overcloud-steps.yaml
 509             title: Overcloud Steps
 510             description:
 511             requires:
 512               - overcloud-resource-registry-puppet.yaml
 513       - title: Manage Firewall
 514         description:
 515         environments:
 516           - file: environments/manage-firewall.yaml
 517             title: Manage Firewall
 518             description:
 519             requires:
 520               - overcloud-resource-registry-puppet.yaml
 521
 522   - title: Operational Tools
 523     description:
 524     environment_groups:
 525       - title: Monitoring agents
 526         description: Enable monitoring agents
 527         environments:
 528           - file: environments/monitoring-environment.yaml
 529             title: enable monitoring agents
 530             description:
 531             requires:
 532               - overcloud-resource-registry-puppet.yaml
 533       - title: Centralized logging support
 534         description: Enable centralized logging clients (fluentd)
 535         environments:
 536           - file: environments/logging-environment.yaml
 537             title: Enable fluentd client
 538             description:
 539             requires:
 540               - overcloud-resource-registry-puppet.yaml
 541
 542   - title: Security Options
 543     description: Security Hardening Options
 544     environment_groups:
 545       - title: SSH Banner Text
 546         description: Enables population of SSH Banner Text
 547         environments:
 548           - file: environments/sshd-banner.yaml
 549             title: SSH Banner Text
 550             description:
 551             requires:
 552               - overcloud-resource-registry-puppet.yaml
 553       - title: Horizon Password Validation
 554         description: Enable Horizon Password validation
 555         environments:
 556           - file: environments/horizon_password_validation.yaml
 557             title: Horizon Password Validation
 558             description:
 559             requires:
 560               - overcloud-resource-registry-puppet.yaml
 561       - title: AuditD Rules
 562         description:  Management of AuditD rules
 563         environments:
 564           - file: environments/auditd.yaml
 565             title: AuditD Rule Management
 566             description:
 567             requires:
 568               - overcloud-resource-registry-puppet.yaml