capabilities-map.yaml

   1 # This file holds metadata about the capabilities of the tripleo-heat-templates
   2 # repository for deployment using puppet. It groups configuration by topic,
   3 # describes possible combinations of environments and resource capabilities.
   4
   5 # root_template: identifies repository's root template
   6 # root_environment: identifies root_environment, this one is special in terms of
   7 #   order in which the environments are merged before deploying. This one serves as
   8 #   a base and it's parameters/resource_registry gets overridden by other environments
   9 #   if used.
  10
  11 # topics:
  12 # High Level grouping by purpose of environments
  13 # Attributes:
  14 #  title: (required)
  15 #  description: (optional)
  16 #  environment_groups: (required)
  17
  18 # environment_groups:
  19 # Identifies an environment choice. If group includes multiple environments it
  20 # indicates that environments in group are mutually exclusive.
  21 # Attributes:
  22 #  title: (optional)
  23 #  description: (optional)
  24 #  tags: a list of tags to provide additional information for e.g. filtering (optional)
  25 #  environments: (required)
  26
  27 # environments:
  28 # List of environments in environment group
  29 # Attributes:
  30 #  file: a file name including path within repository (required)
  31 #  title: (required)
  32 #  description: (optional)
  33 #  requires: an array of environments which are required by this environment (optional)
  34 #  resource_registry: [tbd] (optional)
  35
  36 # resource_registry:
  37 # [tbd] Each environment can provide options on resource_registry level applicable
  38 # only when that given environment is used. (resource_type of that environment can
  39 # be implemented using multiple templates).
  40
  41 root_template: overcloud.yaml
  42 root_environment: overcloud-resource-registry-puppet.yaml
  43 topics:
  44   - title: Base Resources Configuration
  45     description:
  46     environment_groups:
  47       - title:
  48         description: Enable base configuration for all resources required for OpenStack Deployment
  49         environments:
  50           - file: overcloud-resource-registry-puppet.yaml
  51             title: Base resources configuration
  52             description:
  53
  54   - title: Deployment Options
  55     description:
  56     environment_groups:
  57       - title: High Availability
  58         description: Enables configuration of an Overcloud controller with Pacemaker
  59         environments:
  60           - file: environments/puppet-pacemaker.yaml
  61             title: Pacemaker
  62             description: Enable configuration of an Overcloud controller with Pacemaker
  63             requires:
  64               - overcloud-resource-registry-puppet.yaml
  65       - title: Pacemaker options
  66         description:
  67         environments:
  68           - file: environments/puppet-pacemaker-no-restart.yaml
  69             title: Pacemaker No Restart
  70             description:
  71             requires:
  72               - environments/puppet-pacemaker.yaml
  73               - overcloud-resource-registry-puppet.yaml
  74       - title: Docker RDO
  75         description: >
  76           Docker container with heat agents for containerized compute node
  77         environments:
  78           - file: environments/docker.yaml
  79             title: Docker RDO
  80             description:
  81             requires:
  82               - overcloud-resource-registry-puppet.yaml
  83       - title: Enable TLS
  84         description: >
  85         environments:
  86           - file: environments/enable-tls.yaml
  87             title: TLS
  88             description: >
  89               Use this option to pass in certificates for SSL deployments.
  90               For these values to take effect, one of the TLS endpoints
  91               environments must also be used.
  92             requires:
  93               - overcloud-resource-registry-puppet.yaml
  94       - title: TLS Endpoints
  95         description: >
  96         environments:
  97           - file: environments/tls-endpoints-public-dns.yaml
  98             title: SSL-enabled deployment with DNS name as public endpoint
  99             description: >
 100               Use this environment when deploying an SSL-enabled overcloud where the public
 101               endpoint is a DNS name.
 102             requires:
 103               - environments/enable-tls.yaml
 104               - overcloud-resource-registry-puppet.yaml
 105           - file: environments/tls-endpoints-public-ip.yaml
 106             title: SSL-enabled deployment with IP address as public endpoint
 107             description: >
 108               Use this environment when deploying an SSL-enabled overcloud where the public
 109               endpoint is an IP address.
 110             requires:
 111               - environments/enable-tls.yaml
 112               - overcloud-resource-registry-puppet.yaml
 113       - title: External load balancer
 114         description: >
 115           Enable external load balancer
 116         environments:
 117           - file: environments/external-loadbalancer-vip-v6.yaml
 118             title: External load balancer IPv6
 119             description: >
 120             requires:
 121               - overcloud-resource-registry-puppet.yaml
 122           - file: environments/external-loadbalancer-vip.yaml
 123             title: External load balancer IPv4
 124             description: >
 125             requires:
 126               - overcloud-resource-registry-puppet.yaml
 127
 128   - title: Additional Services
 129     description: Deploy additional Overcloud services
 130     environment_groups:
 131       - title: Manila
 132         description:
 133         environments:
 134           - file: environments/manila-generic-config.yaml
 135             title: Manila
 136             description: Enable Manila generic driver backend
 137             requires:
 138               - overcloud-resource-registry-puppet.yaml
 139       - title: Sahara
 140         description:
 141         environments:
 142           - file: environments/services/sahara.yaml
 143             title: Sahara
 144             description: Deploy Sahara service
 145             requires:
 146               - overcloud-resource-registry-puppet.yaml
 147       - title: Ironic
 148         description:
 149         environments:
 150           - file: environments/services/ironic.yaml
 151             title: Ironic
 152             description: Deploy Ironic service
 153             requires:
 154               - overcloud-resource-registry-puppet.yaml
 155       - title: Mistral
 156         description:
 157         environments:
 158           - file: environments/services/mistral.yaml
 159             title: Mistral
 160             description: Deploy Mistral service
 161             requires:
 162               - overcloud-resource-registry-puppet.yaml
 163       - title: Ceilometer Api
 164         description:
 165         environments:
 166           - file: environments/services/disable-ceilometer-api.yaml
 167             title: Ceilometer Api
 168             description: Disable Ceilometer Api service. This service is
 169               deprecated and will be removed in future releases. Please move
 170               to using gnocchi/aodh/panko apis instead.
 171             requires:
 172               - overcloud-resource-registry-puppet.yaml
 173
 174   # - title: Network Interface Configuration
 175   #   description:
 176   #   environment_groups:
 177
 178   - title: Overlay Network Configuration
 179     description:
 180     environment_groups:
 181       - title: Network Isolation
 182         description:
 183         environments:
 184           - file: environments/network-isolation.yaml
 185             title: Network Isolation
 186             description: >
 187               Enable the creation of Neutron networks for
 188               isolated Overcloud traffic and configure each role to assign ports
 189               (related to that role) on these networks.
 190             requires:
 191               - overcloud-resource-registry-puppet.yaml
 192           - file: environments/network-isolation-v6.yaml
 193             title: Network Isolation IPv6
 194             description: >
 195               Enable the creation of IPv6 Neutron networks for isolated Overcloud
 196               traffic and configure each role to assign ports (related
 197               to that role) on these networks.
 198             requires:
 199               - overcloud-resource-registry-puppet.yaml
 200       - title: Single NIC or Bonding
 201         description: >
 202           Configure roles to use pair of bonded nics or to use Vlans on a
 203           single nic. This option assumes use of Network Isolation.
 204         environments:
 205           - file: environments/net-bond-with-vlans.yaml
 206             title: Bond with Vlans
 207             description: >
 208               Configure each role to use a pair of bonded nics (nic2 and
 209               nic3) and configures an IP address on each relevant isolated network
 210               for each role. This option assumes use of Network Isolation.
 211             requires:
 212               - environments/network-isolation.yaml
 213               - overcloud-resource-registry-puppet.yaml
 214           - file: environments/net-bond-with-vlans-no-external.yaml
 215             title: Bond with Vlans No External Ports
 216             description: >
 217               Configure each role to use a pair of bonded nics (nic2 and
 218               nic3) and configures an IP address on each relevant isolated network
 219               for each role. This option assumes use of Network Isolation.
 220               Sets external ports to noop.
 221             requires:
 222               - environments/network-isolation.yaml
 223               - overcloud-resource-registry-puppet.yaml
 224           - file: environments/net-bond-with-vlans-v6.yaml
 225             title: Bond with Vlans IPv6
 226             description: >
 227               Configure each role to use a pair of bonded nics (nic2 and
 228               nic3) and configures an IP address on each relevant isolated network
 229               for each role, with IPv6 on the External network.
 230               This option assumes use of Network Isolation IPv6.
 231             requires:
 232               - environments/network-isolation-v6.yaml
 233               - overcloud-resource-registry-puppet.yaml
 234           - file: environments/net-multiple-nics.yaml
 235             title: Multiple NICs
 236             description: >
 237               Configures each role to use a separate NIC for
 238               each isolated network.
 239               This option assumes use of Network Isolation.
 240             requires:
 241               - environments/network-isolation.yaml
 242               - overcloud-resource-registry-puppet.yaml
 243           - file: environments/net-multiple-nics-v6.yaml
 244             title: Multiple NICs IPv6
 245             description: >
 246               Configure each role to use a separate NIC for
 247               each isolated network with IPv6 on the External network.
 248               This option assumes use of Network Isolation IPv6.
 249             requires:
 250               - environments/network-isolation-v6.yaml
 251               - overcloud-resource-registry-puppet.yaml
 252           - file: environments/net-single-nic-with-vlans.yaml
 253             title: Single NIC with Vlans
 254             description: >
 255               Configure each role to use Vlans on a single NIC for
 256               each isolated network. This option assumes use of Network Isolation.
 257             requires:
 258               - environments/network-isolation.yaml
 259               - overcloud-resource-registry-puppet.yaml
 260           - file: environments/net-single-nic-with-vlans-no-external.yaml
 261             title: Single NIC with Vlans No External Ports
 262             description: >
 263               Configure each role to use Vlans on a single NIC for
 264               each isolated network. This option assumes use of Network Isolation.
 265               Sets external ports to noop.
 266             requires:
 267               - environments/network-isolation.yaml
 268               - overcloud-resource-registry-puppet.yaml
 269           - file: environments/net-single-nic-linux-bridge-with-vlans.yaml
 270             title: Single NIC with Linux Bridge Vlans
 271             description: >
 272               Configure each role to use Vlans on a single NIC for
 273               each isolated network. This option assumes use of Network Isolation.
 274             requires:
 275               - environments/network-isolation.yaml
 276               - overcloud-resource-registry-puppet.yaml
 277           - file: environments/net-single-nic-with-vlans-v6.yaml
 278             title: Single NIC with Vlans IPv6
 279             description: >
 280               Configures each role to use Vlans on a single NIC for
 281               each isolated network with IPv6 on the External network.
 282               This option assumes use of Network Isolation IPv6
 283             requires:
 284               - environments/network-isolation-v6.yaml
 285               - overcloud-resource-registry-puppet.yaml
 286       - title: Management Network
 287         description: >
 288           Enable the creation of a system management network. This
 289           creates a Neutron network for isolated Overcloud
 290           system management traffic and configures each role to
 291           assign a port (related to that role) on that network.
 292         environments:
 293           - file: environments/network-management.yaml
 294             title: Management Network
 295             description:
 296             requires:
 297               - overcloud-resource-registry-puppet.yaml
 298           - file: environments/network-management-v6.yaml
 299             title: Management Network IPv6
 300             description:
 301             requires:
 302               - overcloud-resource-registry-puppet.yaml
 303
 304   - title: Neutron Plugin Configuration
 305     description:
 306     environment_groups:
 307       - title: Neutron Plugins
 308         description: >
 309           Enable various Neutron plugins and backends
 310         environments:
 311           - file: environments/neutron-ml2-bigswitch.yaml
 312             title: BigSwitch Extensions
 313             description: >
 314               Enable Big Switch extensions, configured via puppet
 315             requires:
 316               - overcloud-resource-registry-puppet.yaml
 317           - file: environments/neutron-ml2-cisco-n1kv.yaml
 318             title: Cisco N1KV backend
 319             description: >
 320               Enable a Cisco N1KV backend, configured via puppet
 321             requires:
 322               - overcloud-resource-registry-puppet.yaml
 323           - file: environments/neutron-ml2-cisco-nexus-ucsm.yaml
 324             title: Cisco Neutron plugin
 325             description:
 326             requires:
 327               - overcloud-resource-registry-puppet.yaml
 328           - file: environments/neutron-midonet.yaml
 329             title: Deploy MidoNet Services
 330             description:
 331             requires:
 332               - overcloud-resource-registry-puppet.yaml
 333           - file: environments/neutron-nuage-config.yaml
 334             title: Neutron Nuage backend
 335             description: Enables Neutron Nuage backend on the controller
 336             requires:
 337               - overcloud-resource-registry-puppet.yaml
 338           - file: environments/neutron-opencontrail.yaml
 339             title: OpenContrail Extensions
 340             description: Enables OpenContrail extensions
 341             requires:
 342               - overcloud-resource-registry-puppet.yaml
 343           - file: environments/neutron-opendaylight.yaml
 344             title: OpenDaylight
 345             description: Enables OpenDaylight
 346             requires:
 347               - overcloud-resource-registry-puppet.yaml
 348           - file: environments/neutron-opendaylight-l3.yaml
 349             title: OpenDaylight with L3 DVR
 350             description: Enables OpenDaylight with L3 DVR
 351             requires:
 352               - overcloud-resource-registry-puppet.yaml
 353           - file: environments/neutron-ovs-dpdk.yaml
 354             title: DPDK with OVS
 355             description: Deploy DPDK with OVS
 356             requires:
 357               - overcloud-resource-registry-puppet.yaml
 358           - file: environments/neutron-ovs-dvr.yaml
 359             title: DVR
 360             description: Enables DVR in the Overcloud
 361             requires:
 362               - overcloud-resource-registry-puppet.yaml
 363           - file: environments/neutron-plumgrid.yaml
 364             title: PLUMgrid extensions
 365             description: Enables PLUMgrid extensions
 366             requires:
 367               - overcloud-resource-registry-puppet.yaml
 368           - file: environments/neutron-ml2-fujitsu-cfab.yaml
 369             title: Fujitsu Neutron plugin for C-Fabric
 370             description: Enable C-Fabric in the overcloud
 371             requires:
 372               - overcloud-resource-registry-puppet.yaml
 373           - file: environments/neutron-ml2-fujitsu-fossw.yaml
 374             title: Fujitsu Neutron plugin for FOS
 375             description: Enable FOS in the overcloud
 376             requires:
 377               - overcloud-resource-registry-puppet.yaml
 378
 379   - title: Nova Extensions
 380     description:
 381     environment_groups:
 382       - title: Nova Extensions
 383         description:
 384         environments:
 385           - file: environments/nova-nuage-config.yaml
 386             title: Nuage backend
 387             description: >
 388               Enables Nuage backend on the Compute
 389             requires:
 390               - overcloud-resource-registry-puppet.yaml
 391
 392   - title: Storage
 393     description:
 394     environment_groups:
 395       - title: Cinder backup service
 396         description:
 397         environments:
 398           - file: environments/cinder-backup.yaml
 399             title: Cinder backup service
 400             description: >
 401               OpenStack Cinder Backup service with Pacemaker configured
 402               with Puppet
 403             requires:
 404               - environments/puppet-pacemaker.yaml
 405               - overcloud-resource-registry-puppet.yaml
 406       - title: Cinder backend
 407         description: >
 408           Enable various Cinder backends
 409         environments:
 410           - file: environments/cinder-netapp-config.yaml
 411             title: Cinder NetApp backend
 412             description:
 413             requires:
 414               - overcloud-resource-registry-puppet.yaml
 415           - file: environments/cinder-dellsc-config.yaml
 416             title: Cinder Dell EMC Storage Center ISCSI backend
 417             description: >
 418               Enables a Cinder Dell EMC Storage Center ISCSI backend,
 419               configured via puppet
 420             requires:
 421               - overcloud-resource-registry-puppet.yaml
 422           - file: environments/cinder-hpelefthand-config.yaml
 423             title: Cinder HPELeftHandISCSI backend
 424             description: >
 425               Enables a Cinder HPELeftHandISCSI backend, configured
 426               via puppet
 427             requires:
 428               - overcloud-resource-registry-puppet.yaml
 429           - file: environments/cinder-dellps-config.yaml
 430             title: Cinder Dell EMC PS Series backend
 431             description: >
 432               Enables a Cinder Dell EMC PS Series backend,
 433               configured via puppet
 434             requires:
 435               - overcloud-resource-registry-puppet.yaml
 436           - file: environments/cinder-iser.yaml
 437             title: Cinder iSER backend
 438             description: >
 439               Enable a Cinder iSER RDMA backend, configured via puppet
 440           - file: environments/cinder-scaleio-config.yaml
 441             title: Cinder Dell EMC ScaleIO backend
 442             description: >
 443               Enables a Cinder Dell EMC ScaleIO backend,
 444               configured via puppet
 445             requires:
 446               - overcloud-resource-registry-puppet.yaml
 447       - title: Ceph
 448         description: >
 449           Enable the use of Ceph in the overcloud
 450         environments:
 451           - file: environments/puppet-ceph-external.yaml
 452             title: Externally managed Ceph
 453             description: >
 454               Configures the overcloud to use an externally managed Ceph cluster, via RBD driver.
 455             requires:
 456               - overcloud-resource-registry-puppet.yaml
 457           - file: environments/puppet-ceph.yaml
 458             title: TripleO managed Ceph
 459             description: >
 460               Deploys a Ceph cluster via TripleO, requires at lease one CephStorage node or
 461               use of hyperconverged-ceph.yaml environment for the HCI scenario, where CephOSD is
 462               colocated with NovaCompute and configures the overcloud to use it, via RBD driver.
 463             requires:
 464               - overcloud-resource-registry-puppet.yaml
 465       - title: CephMDS
 466         description: >
 467           Deploys CephMDS via TripleO, an additional Ceph service needed to create shared
 468           filesystems hosted in Ceph.
 469         environments:
 470           - file: environments/services/ceph-mds.yaml
 471             title: Deploys CephMDS
 472             description:
 473             requires:
 474               - environments/puppet-ceph.yaml
 475       - title: Ceph Rados Gateway
 476         description: >
 477           Deploys CephRGW via TripleO, transparently replaces Swift providing a compatible API
 478           which stores data in the Ceph cluster.
 479         environments:
 480           - file: environments/ceph-radosgw.yaml
 481             title: Deploys CephRGW
 482             description:
 483             requires:
 484               - environments/puppet-ceph.yaml
 485       - title: Manila with CephFS
 486         description: >
 487           Deploys Manila and configures it with the CephFS driver. This requires the deployment of
 488           Ceph and CephMDS from TripleO or the use of an external Ceph cluster for the overcloud.
 489         environments:
 490           - file: environments/manila-cephfsnative-config.yaml
 491             title: Deploys Manila with CephFS driver
 492             description: Deploys Manila and configures CephFS as its default backend.
 493             requires:
 494               - overcloud-resource-registry-puppet.yaml
 495       - title: Storage Environment
 496         description: >
 497           Can be used to set up storage backends. Defaults to Ceph used as a
 498           backend for Cinder, Glance, Nova ephemeral storage and Gnocchi. It
 499           configures which services will use Ceph, or if any of the services
 500           will use NFS. And more. Usually requires to be edited by user first.
 501         tags:
 502           - no-gui
 503         environments:
 504           - file: environments/storage-environment.yaml
 505             title: Storage Environment
 506             description:
 507             requires:
 508               - overcloud-resource-registry-puppet.yaml
 509
 510   - title: Utilities
 511     description:
 512     environment_groups:
 513       - title: Config Debug
 514         description: Enable config management (e.g. Puppet) debugging
 515         environments:
 516           - file: environments/config-debug.yaml
 517             title: Config Debug
 518             description:
 519             requires:
 520               - overcloud-resource-registry-puppet.yaml
 521       - title: Disable journal in MongoDb
 522         description: >
 523           Since, when journaling is enabled, MongoDb will create big journal
 524           file it can take time. In a CI environment for example journaling is
 525           not necessary.
 526         environments:
 527           - file: environments/mongodb-nojournal.yaml
 528             title: Disable journal in MongoDb
 529             description:
 530             requires:
 531               - overcloud-resource-registry-puppet.yaml
 532       - title: Overcloud Steps
 533         description: >
 534           Specifies hooks/breakpoints where overcloud deployment should stop
 535           Allows operator validation between steps, and/or more granular control.
 536           Note: the wildcards relate to naming convention for some resource suffixes,
 537           e.g see puppet/*-post.yaml, enabling this will mean we wait for
 538           a user signal on every *Deployment_StepN resource defined in those files.
 539         tags:
 540           - no-gui
 541         environments:
 542           - file: environments/overcloud-steps.yaml
 543             title: Overcloud Steps
 544             description:
 545             requires:
 546               - overcloud-resource-registry-puppet.yaml
 547       - title: Manage Firewall
 548         description:
 549         environments:
 550           - file: environments/manage-firewall.yaml
 551             title: Manage Firewall
 552             description:
 553             requires:
 554               - overcloud-resource-registry-puppet.yaml
 555
 556   - title: Operational Tools
 557     description:
 558     environment_groups:
 559       - title: Monitoring agents
 560         description: Enable monitoring agents
 561         environments:
 562           - file: environments/monitoring-environment.yaml
 563             title: enable monitoring agents
 564             description:
 565             requires:
 566               - overcloud-resource-registry-puppet.yaml
 567       - title: Centralized logging support
 568         description: Enable centralized logging clients (fluentd)
 569         environments:
 570           - file: environments/logging-environment.yaml
 571             title: Enable fluentd client
 572             description:
 573             requires:
 574               - overcloud-resource-registry-puppet.yaml
 575
 576   - title: Security Options
 577     description: Security Hardening Options
 578     environment_groups:
 579       - title: SSH Banner Text
 580         description: Enables population of SSH Banner Text
 581         environments:
 582           - file: environments/sshd-banner.yaml
 583             title: SSH Banner Text
 584             description:
 585             requires:
 586               - overcloud-resource-registry-puppet.yaml
 587       - title: Horizon Password Validation
 588         description: Enable Horizon Password validation
 589         environments:
 590           - file: environments/horizon_password_validation.yaml
 591             title: Horizon Password Validation
 592             description:
 593             requires:
 594               - overcloud-resource-registry-puppet.yaml
 595       - title: AuditD Rules
 596         description:  Management of AuditD rules
 597         environments:
 598           - file: environments/auditd.yaml
 599             title: AuditD Rule Management
 600             description:
 601             requires:
 602               - overcloud-resource-registry-puppet.yaml