1 # This file holds metadata about the capabilities of the tripleo-heat-templates
2 # repository for deployment using puppet. It groups configuration by topic,
3 # describes possible combinations of environments and resource capabilities.
6 # High Level grouping by purpose of environments
9 # description: (optional)
10 # environment_groups: (required)
13 # Identifies an environment choice. If group includes multiple environments it
14 # indicates that environments in group are mutually exclusive.
17 # description: (optional)
18 # tags: a list of tags to provide additional information for e.g. filtering (optional)
19 # environments: (required)
22 # List of environments in environment group
24 # file: a file name including path within repository (required)
26 # description: (optional)
27 # requires: an array of environments which are required by this environment (optional)
28 # resource_registry: [tbd] (optional)
31 # [tbd] Each environment can provide options on resource_registry level applicable
32 # only when that given environment is used. (resource_type of that environment can
33 # be implemented using multiple templates).
36 - title: Base Resources Configuration
40 description: Enable base configuration for all resources required for OpenStack Deployment
42 - file: overcloud-resource-registry-puppet.yaml
43 title: Base resources configuration
46 - title: Deployment Options
49 - title: High Availability
50 description: Enables configuration of an Overcloud controller with Pacemaker
52 - file: environments/puppet-pacemaker.yaml
54 description: Enable configuration of an Overcloud controller with Pacemaker
56 - overcloud-resource-registry-puppet.yaml
57 - title: Pacemaker options
60 - file: environments/puppet-pacemaker-no-restart.yaml
61 title: Pacemaker No Restart
64 - environments/puppet-pacemaker.yaml
65 - overcloud-resource-registry-puppet.yaml
68 Docker container with heat agents for containerized compute node
70 - file: environments/docker.yaml
74 - overcloud-resource-registry-puppet.yaml
78 - file: environments/enable-tls.yaml
81 Use this option to pass in certificates for SSL deployments.
82 For these values to take effect, one of the TLS endpoints
83 environments must also be used.
85 - overcloud-resource-registry-puppet.yaml
86 - title: TLS Endpoints
89 - file: environments/tls-endpoints-public-dns.yaml
90 title: SSL-enabled deployment with DNS name as public endpoint
92 Use this environment when deploying an SSL-enabled overcloud where the public
93 endpoint is a DNS name.
95 - environments/enable-tls.yaml
96 - overcloud-resource-registry-puppet.yaml
97 - file: environments/tls-endpoints-public-ip.yaml
98 title: SSL-enabled deployment with IP address as public endpoint
100 Use this environment when deploying an SSL-enabled overcloud where the public
101 endpoint is an IP address.
103 - environments/enable-tls.yaml
104 - overcloud-resource-registry-puppet.yaml
105 - title: External load balancer
107 Enable external load balancer
109 - file: environments/external-loadbalancer-vip-v6.yaml
110 title: External load balancer IPv6
113 - overcloud-resource-registry-puppet.yaml
114 - file: environments/external-loadbalancer-vip.yaml
115 title: External load balancer IPv4
118 - overcloud-resource-registry-puppet.yaml
120 - title: Additional Services
121 description: Deploy additional Overcloud services
126 - file: environments/manila-generic-config.yaml
128 description: Enable Manila generic driver backend
130 - overcloud-resource-registry-puppet.yaml
134 - file: environments/services/sahara.yaml
136 description: Deploy Sahara service
138 - overcloud-resource-registry-puppet.yaml
142 - file: environments/services/ironic.yaml
144 description: Deploy Ironic service
146 - overcloud-resource-registry-puppet.yaml
150 - file: environments/services/mistral.yaml
152 description: Deploy Mistral service
154 - overcloud-resource-registry-puppet.yaml
155 - title: Ceilometer Api
158 - file: environments/services/disable-ceilometer-api.yaml
159 title: Ceilometer Api
160 description: Disable Ceilometer Api service. This service is
161 deprecated and will be removed in future releases. Please move
162 to using gnocchi/aodh/panko apis instead.
164 - overcloud-resource-registry-puppet.yaml
166 # - title: Network Interface Configuration
168 # environment_groups:
170 - title: Overlay Network Configuration
173 - title: Network Isolation
176 - file: environments/network-isolation.yaml
177 title: Network Isolation
179 Enable the creation of Neutron networks for
180 isolated Overcloud traffic and configure each role to assign ports
181 (related to that role) on these networks.
183 - overcloud-resource-registry-puppet.yaml
184 - file: environments/network-isolation-v6.yaml
185 title: Network Isolation IPv6
187 Enable the creation of IPv6 Neutron networks for isolated Overcloud
188 traffic and configure each role to assign ports (related
189 to that role) on these networks.
191 - overcloud-resource-registry-puppet.yaml
192 - title: Single NIC or Bonding
194 Configure roles to use pair of bonded nics or to use Vlans on a
195 single nic. This option assumes use of Network Isolation.
197 - file: environments/net-bond-with-vlans.yaml
198 title: Bond with Vlans
200 Configure each role to use a pair of bonded nics (nic2 and
201 nic3) and configures an IP address on each relevant isolated network
202 for each role. This option assumes use of Network Isolation.
204 - environments/network-isolation.yaml
205 - overcloud-resource-registry-puppet.yaml
206 - file: environments/net-bond-with-vlans-no-external.yaml
207 title: Bond with Vlans No External Ports
209 Configure each role to use a pair of bonded nics (nic2 and
210 nic3) and configures an IP address on each relevant isolated network
211 for each role. This option assumes use of Network Isolation.
212 Sets external ports to noop.
214 - environments/network-isolation.yaml
215 - overcloud-resource-registry-puppet.yaml
216 - file: environments/net-bond-with-vlans-v6.yaml
217 title: Bond with Vlans IPv6
219 Configure each role to use a pair of bonded nics (nic2 and
220 nic3) and configures an IP address on each relevant isolated network
221 for each role, with IPv6 on the External network.
222 This option assumes use of Network Isolation IPv6.
224 - environments/network-isolation-v6.yaml
225 - overcloud-resource-registry-puppet.yaml
226 - file: environments/net-multiple-nics.yaml
229 Configures each role to use a separate NIC for
230 each isolated network.
231 This option assumes use of Network Isolation.
233 - environments/network-isolation.yaml
234 - overcloud-resource-registry-puppet.yaml
235 - file: environments/net-multiple-nics-v6.yaml
236 title: Multiple NICs IPv6
238 Configure each role to use a separate NIC for
239 each isolated network with IPv6 on the External network.
240 This option assumes use of Network Isolation IPv6.
242 - environments/network-isolation-v6.yaml
243 - overcloud-resource-registry-puppet.yaml
244 - file: environments/net-single-nic-with-vlans.yaml
245 title: Single NIC with Vlans
247 Configure each role to use Vlans on a single NIC for
248 each isolated network. This option assumes use of Network Isolation.
250 - environments/network-isolation.yaml
251 - overcloud-resource-registry-puppet.yaml
252 - file: environments/net-single-nic-with-vlans-no-external.yaml
253 title: Single NIC with Vlans No External Ports
255 Configure each role to use Vlans on a single NIC for
256 each isolated network. This option assumes use of Network Isolation.
257 Sets external ports to noop.
259 - environments/network-isolation.yaml
260 - overcloud-resource-registry-puppet.yaml
261 - file: environments/net-single-nic-linux-bridge-with-vlans.yaml
262 title: Single NIC with Linux Bridge Vlans
264 Configure each role to use Vlans on a single NIC for
265 each isolated network. This option assumes use of Network Isolation.
267 - environments/network-isolation.yaml
268 - overcloud-resource-registry-puppet.yaml
269 - file: environments/net-single-nic-with-vlans-v6.yaml
270 title: Single NIC with Vlans IPv6
272 Configures each role to use Vlans on a single NIC for
273 each isolated network with IPv6 on the External network.
274 This option assumes use of Network Isolation IPv6
276 - environments/network-isolation-v6.yaml
277 - overcloud-resource-registry-puppet.yaml
278 - title: Management Network
280 Enable the creation of a system management network. This
281 creates a Neutron network for isolated Overcloud
282 system management traffic and configures each role to
283 assign a port (related to that role) on that network.
285 - file: environments/network-management.yaml
286 title: Management Network
289 - overcloud-resource-registry-puppet.yaml
290 - file: environments/network-management-v6.yaml
291 title: Management Network IPv6
294 - overcloud-resource-registry-puppet.yaml
296 - title: Neutron Plugin Configuration
299 - title: Neutron Plugins
301 Enable various Neutron plugins and backends
303 - file: environments/neutron-bgpvpn.yaml
304 title: Neutron BGPVPN Service Plugin
305 description: Enables Neutron BGPVPN Service Plugin
307 - overcloud-resource-registry-puppet.yaml
308 - file: environments/neutron-ml2-bigswitch.yaml
309 title: BigSwitch Extensions
311 Enable Big Switch extensions, configured via puppet
313 - overcloud-resource-registry-puppet.yaml
314 - file: environments/neutron-ml2-cisco-n1kv.yaml
315 title: Cisco N1KV backend
317 Enable a Cisco N1KV backend, configured via puppet
319 - overcloud-resource-registry-puppet.yaml
320 - file: environments/neutron-ml2-cisco-nexus-ucsm.yaml
321 title: Cisco Neutron plugin
324 - overcloud-resource-registry-puppet.yaml
325 - file: environments/neutron-midonet.yaml
326 title: Deploy MidoNet Services
329 - overcloud-resource-registry-puppet.yaml
330 - file: environments/neutron-nuage-config.yaml
331 title: Neutron Nuage backend
332 description: Enables Neutron Nuage backend on the controller
334 - overcloud-resource-registry-puppet.yaml
335 - file: environments/neutron-opendaylight.yaml
337 description: Enables OpenDaylight
339 - overcloud-resource-registry-puppet.yaml
340 - file: environments/neutron-ovs-dpdk.yaml
342 description: Deploy DPDK with OVS
344 - overcloud-resource-registry-puppet.yaml
345 - file: environments/neutron-ovs-dvr.yaml
347 description: Enables DVR in the Overcloud
349 - overcloud-resource-registry-puppet.yaml
350 - file: environments/neutron-plumgrid.yaml
351 title: PLUMgrid extensions
352 description: Enables PLUMgrid extensions
354 - overcloud-resource-registry-puppet.yaml
355 - file: environments/neutron-ml2-fujitsu-cfab.yaml
356 title: Fujitsu Neutron plugin for C-Fabric
357 description: Enable C-Fabric in the overcloud
359 - overcloud-resource-registry-puppet.yaml
360 - file: environments/neutron-ml2-fujitsu-fossw.yaml
361 title: Fujitsu Neutron plugin for FOS
362 description: Enable FOS in the overcloud
364 - overcloud-resource-registry-puppet.yaml
365 - file: environments/neutron-l2gw.yaml
366 title: Neutron L2 gateway Service Plugin
367 description: Enables Neutron L2 gateway Service Plugin
369 - overcloud-resource-registry-puppet.yaml
371 - title: Nova Extensions
374 - title: Nova Extensions
377 - file: environments/nova-nuage-config.yaml
380 Enables Nuage backend on the Compute
382 - overcloud-resource-registry-puppet.yaml
387 - title: Cinder backup service
390 - file: environments/cinder-backup.yaml
391 title: Cinder backup service
393 OpenStack Cinder Backup service with Pacemaker configured
396 - environments/puppet-pacemaker.yaml
397 - overcloud-resource-registry-puppet.yaml
398 - title: Cinder backend
400 Enable various Cinder backends
402 - file: environments/cinder-netapp-config.yaml
403 title: Cinder NetApp backend
406 - overcloud-resource-registry-puppet.yaml
407 - file: environments/cinder-dellsc-config.yaml
408 title: Cinder Dell EMC Storage Center ISCSI backend
410 Enables a Cinder Dell EMC Storage Center ISCSI backend,
411 configured via puppet
413 - overcloud-resource-registry-puppet.yaml
414 - file: environments/cinder-hpelefthand-config.yaml
415 title: Cinder HPELeftHandISCSI backend
417 Enables a Cinder HPELeftHandISCSI backend, configured
420 - overcloud-resource-registry-puppet.yaml
421 - file: environments/cinder-dellps-config.yaml
422 title: Cinder Dell EMC PS Series backend
424 Enables a Cinder Dell EMC PS Series backend,
425 configured via puppet
427 - overcloud-resource-registry-puppet.yaml
428 - file: environments/cinder-iser.yaml
429 title: Cinder iSER backend
431 Enable a Cinder iSER RDMA backend, configured via puppet
432 - file: environments/cinder-scaleio-config.yaml
433 title: Cinder Dell EMC ScaleIO backend
435 Enables a Cinder Dell EMC ScaleIO backend,
436 configured via puppet
438 - overcloud-resource-registry-puppet.yaml
441 Enable the use of Ceph in the overcloud
443 - file: environments/puppet-ceph-external.yaml
444 title: Externally managed Ceph
446 Configures the overcloud to use an externally managed Ceph cluster, via RBD driver.
448 - overcloud-resource-registry-puppet.yaml
449 - file: environments/puppet-ceph.yaml
450 title: TripleO managed Ceph
452 Deploys a Ceph cluster via TripleO, requires at lease one CephStorage node or
453 use of hyperconverged-ceph.yaml environment for the HCI scenario, where CephOSD is
454 colocated with NovaCompute and configures the overcloud to use it, via RBD driver.
456 - overcloud-resource-registry-puppet.yaml
459 Deploys CephMDS via TripleO, an additional Ceph service needed to create shared
460 filesystems hosted in Ceph.
462 - file: environments/services/ceph-mds.yaml
463 title: Deploys CephMDS
466 - environments/puppet-ceph.yaml
467 - title: Ceph Rados Gateway
469 Deploys CephRGW via TripleO, transparently replaces Swift providing a compatible API
470 which stores data in the Ceph cluster.
472 - file: environments/ceph-radosgw.yaml
473 title: Deploys CephRGW
476 - environments/puppet-ceph.yaml
477 - title: Manila with CephFS
479 Deploys Manila and configures it with the CephFS driver. This requires the deployment of
480 Ceph and CephMDS from TripleO or the use of an external Ceph cluster for the overcloud.
482 - file: environments/manila-cephfsnative-config.yaml
483 title: Deploys Manila with CephFS driver
484 description: Deploys Manila and configures CephFS as its default backend.
486 - overcloud-resource-registry-puppet.yaml
487 - title: Storage Environment
489 Can be used to set up storage backends. Defaults to Ceph used as a
490 backend for Cinder, Glance, Nova ephemeral storage and Gnocchi. It
491 configures which services will use Ceph, or if any of the services
492 will use NFS. And more. Usually requires to be edited by user first.
496 - file: environments/storage-environment.yaml
497 title: Storage Environment
500 - overcloud-resource-registry-puppet.yaml
505 - title: Config Debug
506 description: Enable config management (e.g. Puppet) debugging
508 - file: environments/config-debug.yaml
512 - overcloud-resource-registry-puppet.yaml
513 - title: Disable journal in MongoDb
515 Since, when journaling is enabled, MongoDb will create big journal
516 file it can take time. In a CI environment for example journaling is
519 - file: environments/mongodb-nojournal.yaml
520 title: Disable journal in MongoDb
523 - overcloud-resource-registry-puppet.yaml
524 - title: Overcloud Steps
526 Specifies hooks/breakpoints where overcloud deployment should stop
527 Allows operator validation between steps, and/or more granular control.
528 Note: the wildcards relate to naming convention for some resource suffixes,
529 e.g see puppet/*-post.yaml, enabling this will mean we wait for
530 a user signal on every *Deployment_StepN resource defined in those files.
534 - file: environments/overcloud-steps.yaml
535 title: Overcloud Steps
538 - overcloud-resource-registry-puppet.yaml
540 - title: Operational Tools
543 - title: Monitoring agents
544 description: Enable monitoring agents
546 - file: environments/monitoring-environment.yaml
547 title: Enable monitoring agents
550 - overcloud-resource-registry-puppet.yaml
551 - title: Centralized logging support
552 description: Enable centralized logging clients (fluentd)
554 - file: environments/logging-environment.yaml
555 title: Enable fluentd client
558 - overcloud-resource-registry-puppet.yaml
559 - title: Performance monitoring
560 description: Enable performance monitoring agents
562 - file: environments/collectd-environment.yaml
563 title: Enable performance monitoring agents
566 - overcloud-resource-registry-puppet.yaml
568 - title: Security Options
569 description: Security Hardening Options
571 - title: SSH Banner Text
572 description: Enables population of SSH Banner Text
574 - file: environments/sshd-banner.yaml
575 title: SSH Banner Text
578 - overcloud-resource-registry-puppet.yaml
579 - title: Horizon Password Validation
580 description: Enable Horizon Password validation
582 - file: environments/horizon_password_validation.yaml
583 title: Horizon Password Validation
586 - overcloud-resource-registry-puppet.yaml
587 - title: AuditD Rules
588 description: Management of AuditD rules
590 - file: environments/auditd.yaml
591 title: AuditD Rule Management
594 - overcloud-resource-registry-puppet.yaml
595 - title: Keystone CADF auditing
596 description: Enable CADF notifications in Keystone for auditing
598 - file: environments/cadf.yaml
599 title: Keystone CADF auditing
600 - title: SecureTTY Values
601 description: Set values within /etc/securetty
603 - file: environments/securetty.yaml
604 title: SecureTTY Values