1 ##############################################################################
2 # Copyright (c) 2015 Ericsson AB and others.
3 # jonas.bjurel@ericsson.com
4 # All rights reserved. This program and the accompanying materials
5 # are made available under the terms of the Apache License, Version 2.0
6 # which accompanies this distribution, and is available at
7 # http://www.apache.org/licenses/LICENSE-2.0
8 ##############################################################################
10 dea-base-config-metadata:
11 title: 'Deployment Environment Adapter Base configuration'
12 # DEA API version supported
14 created: 'Fri Jun 10 2016'
15 comment: 'Rebased for Fuel 10'
22 wanted_release: Newton on Ubuntu 16.04
27 description: Email address for Administrator
33 value: admin@localhost
37 label: OpenStack Access
40 description: Password for Administrator
49 description: Tenant (project) name for Administrator
52 error: Invalid tenant name
53 source: ^(?!services$)(?!nova$)(?!glance$)(?!keystone$)(?!neutron$)(?!cinder$)(?!swift$)(?!ceph$)(?!ironic$)(?![Gg]uest$)(?!.*
59 description: Username for Administrator
62 error: Invalid username
63 source: ^(?!services$)(?!nova$)(?!glance$)(?!keystone$)(?!neutron$)(?!cinder$)(?!swift$)(?!ceph$)(?!ironic$)(?![Gg]uest$)(?!.*
68 additional_components:
70 description: If selected, Ceilometer and Aodh components will be installed
71 label: Install Ceilometer and Aodh
82 description: If selected, Ironic component will be installed
85 - cluster:net_provider != 'neutron' or networking_parameters:segmentation_type != 'vlan': Ironic
86 requires Neutron with VLAN segmentation.
87 - settings:storage.images_ceph.value == true and settings:storage.objects_ceph.value == false: Ironic
88 requires Swift or RadosGW for Glance images.
93 group: openstack_services
94 label: Additional Components
97 description: If selected, You can use external Mongo DB as ceilometer backend
98 label: Use external Mongo DB
100 - settings:additional_components.ceilometer.value == false: External Mongo
101 aims to be an external backend for Ceilometer. Without Ceilometer enabled,
102 External Mongo is useless and should not be installed.
107 description: If selected, Murano component will be installed
108 label: Install Murano
113 description: If selected, Murano service broker will be installed
114 label: Install Murano service broker for Cloud Foundry
116 - condition: settings:additional_components.murano.value == false
117 message: Murano should be enabled
119 condition: not ('experimental' in version:feature_groups)
124 description: If selected, Sahara component will be installed
125 label: Install Sahara
131 description: Interval between the snapshots in seconds
132 label: Interval between the snapshots
134 error: Should be a number of seconds
138 condition: settings:atop.service_enabled.value == false
145 label: Advanced System & Process Monitor (atop)
149 description: Number of days to keep log files
152 error: Should be a number of days
156 condition: settings:atop.service_enabled.value == false
161 description: 'NOTE: When enabled, the service may generate logs up to a gigabyte
164 This should be taken into consideration when determining the correct size
165 for the log partition.
168 label: Enable atop service
174 always_editable: true
176 label: Cgroups conguration for services
187 auto_assign_floating_ip:
188 description: If selected, OpenStack will automatically assign a floating IP
191 label: Auto assign floating IP
194 condition: cluster:net_provider == 'neutron'
199 description: Debug logging mode provides more information, but requires more
202 label: OpenStack debug logging
208 label: Hypervisor type
213 description: Choose this type of hypervisor if you run OpenStack on hardware
216 description: Choose this type of hypervisor if you run OpenStack on virtual
224 description: Quotas are used to limit CPU and memory usage for tenants. Enabling
225 quotas will increase load on the Nova database.
231 propagate_task_deploy:
236 description: Debug puppet logging mode provides more information, but requires
239 label: Puppet debug logging
243 resume_guests_state_on_host_boot:
244 description: Whether to resume previous guests state when the host reboots.
245 If enabled, this option causes guests assigned to the host to resume their
246 previous state. If the guest was running a restart will be attempted when
247 nova-compute starts. If the guest was not running previously, a restart
248 will not be attempted.
250 label: Resume guests state on host boot
255 description: Uncheck this box if the public gateway will not be available
256 or will not respond to ICMP requests to the deployed cluster. If unchecked,
257 the controllers will not take public gateway availability into account as
258 part of the cluster health. If the cluster will not have internet access,
259 you will need to make sure to provide proper offline mirrors for the deployment
262 label: Public Gateway is Available
271 description: For most cases you will want qcow format. If it's disabled, raw
272 image format will be used to run VMs. OpenStack with raw format currently
273 does not support snapshotting.
275 label: Use qcow format for images
304 description: Set True only if multicast is configured correctly on router.
305 label: Need to pass network verification.
311 description: List of upstream DNS servers
315 error: Invalid IP address
316 source: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$
323 label: Host OS DNS Servers
327 description: IP Addresses of MongoDB. Use comma to split IPs
328 label: MongoDB hosts IP
330 error: Invalid hosts ip sequence
331 source: ^(((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?),)*((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$
336 group: openstack_services
337 label: External MongoDB
340 condition: settings:additional_components.mongo.value == false
341 message: Ceilometer and MongoDB are not enabled on the Additional Components
345 description: Mongo database name
348 error: Invalid database name
354 description: Mongo database password
357 error: Password contains spaces
363 description: Name for Mongo replication set
369 description: Mongo database username
372 error: Empty username
380 label: Host OS NTP Servers
383 description: List of upstream NTP servers
384 label: NTP server list
386 error: Invalid NTP server
387 source: ^[a-zA-Z\d]+[-\.\da-zA-Z]*$
390 - 0.fuel.pool.ntp.org
391 - 1.fuel.pool.ntp.org
392 - 2.fuel.pool.ntp.org
396 description: Default kernel parameters
397 label: Initial parameters
399 value: console=tty0 net.ifnames=1 biosdevname=0 rootdelay=90 nomodeset
402 label: Kernel parameters
406 group: openstack_services
407 label: Murano Settings
410 condition: settings:additional_components.murano.value == false
411 message: Murano is not enabled on the Additional Components section
413 murano_glance_artifacts_plugin:
414 description: If selected glance artifact repository will be enabled
415 label: Enable glance artifact repository
421 label: Murano Repository URL
423 value: http://storage.apps.openstack.org/
425 neutron_advanced_configuration:
428 label: Neutron Advanced Configuration
431 condition: cluster:net_provider != 'neutron'
434 description: Enable Distributed Virtual Routers in Neutron
437 - ? networking_parameters:segmentation_type != 'vlan' and settings:neutron_advanced_configuration.neutron_l2_pop.value
439 : DVR requires L2 population to be enabled.
444 description: Enable L2 population mechanism in Neutron
445 label: Neutron L2 population
448 condition: networking_parameters:segmentation_type == 'vlan'
453 description: 'Enable High Availability features for Virtual Routers in Neutron
455 Requires at least 2 Controller nodes to function properly
460 - condition: settings:neutron_advanced_configuration.neutron_dvr.value ==
462 message: Neutron DVR must be disabled in order to use Neutron L3 HA
467 description: Enable Neutron QoS advanced service plug-in
474 description: Public SSH keys to include to operator user's authorized keys,
476 label: Authorized SSH keys
481 description: Home directory for operator user
482 label: Home directory
487 value: /home/fueladmin
491 label: Operating System Access
494 description: Username for operator user
497 error: Empty username
503 description: Password for operator user
506 error: Empty password
509 value: sD2hWNhXxB70SJIBBmaixvvt
512 description: Sudoers configuration directives for operator user, one per line.
513 label: Sudoers configuration
515 value: 'ALL=(ALL) NOPASSWD: ALL'
529 label: Initial packages
559 linux-headers-generic-lts-xenial
561 linux-image-generic-lts-xenial
621 public_network_assignment:
623 description: When disabled, public network will be assigned to controllers
625 label: Assign public network to all nodes
631 label: Public network assignment
634 condition: cluster:net_provider != 'neutron'
638 description: Certificate and private key data, concatenated into a single
643 condition: (settings:public_ssl.cert_source.value != 'user_uploaded') or
644 (settings:public_ssl.horizon.value == false and settings:public_ssl.services.value
650 description: From where we'll get certificate and private key
651 label: Select source for certificate
654 condition: settings:public_ssl.horizon.value == false and settings:public_ssl.services.value
660 description: Generate private key and certificate that will be signed by
663 - data: user_uploaded
664 description: Use pre-generated key and certificate
665 label: I have my own keypair with certificate
668 description: Secure access to Horizon enabling HTTPS instead of HTTP
669 label: HTTPS for Horizon
671 - settings:public_ssl.services.value == false: TLS for OpenStack public endpoints
677 description: Your DNS entries should point to this name. Self-signed certificates
678 also will use this hostname
679 label: DNS hostname for public TLS endpoints
681 error: Invalid DNS hostname
682 source: ^[a-zA-Z\d]+[-\.\da-zA-Z]*$
685 condition: settings:public_ssl.horizon.value == false and settings:public_ssl.services.value
688 value: public.fuel.local
695 description: Enable TLS termination on HAProxy for OpenStack services
696 label: TLS for OpenStack public endpoints
702 always_editable: true
707 description: 'Please note: the first repository will be considered the operating
708 system mirror that will be used during node provisioning.
710 To create a local repository mirror on the Fuel master node, please follow
711 the instructions provided by running "fuel-createmirror --help" on the Fuel
714 Please make sure your Fuel master node has Internet access to the repository
715 before attempting to create a mirror.
719 type: custom_repo_configuration
723 section: main universe multiverse
726 uri: http://archive.ubuntu.com/ubuntu/
727 - name: ubuntu-updates
729 section: main universe multiverse
730 suite: xenial-updates
732 uri: http://archive.ubuntu.com/ubuntu/
733 - name: ubuntu-security
735 section: main universe multiverse
736 suite: xenial-security
738 uri: http://archive.ubuntu.com/ubuntu/
741 section: main restricted
744 uri: http://10.20.0.2:8080/newton-10.0/ubuntu/x86_64
747 section: main restricted
748 suite: mos10.0-updates
750 uri: http://mirror.fuel-infra.org/mos-repos/ubuntu/10.0/
753 section: main restricted
754 suite: mos10.0-security
756 uri: http://mirror.fuel-infra.org/mos-repos/ubuntu/10.0/
759 section: main restricted
760 suite: mos10.0-holdback
762 uri: http://mirror.fuel-infra.org/mos-repos/ubuntu/10.0/
765 section: main restricted
768 uri: http://10.20.0.2:8080/newton-10.0/ubuntu/auxiliary
775 label: Service user account
785 value: 5rkDBE1Pddi75UQuohA6E2s4
791 value: 'ALL=(ALL) NOPASSWD: ALL'
793 brute_force_protection:
794 description: When enabled, the access from all networks (except the provided
795 ones) will be granted, but the networks will be checked against the brute
797 label: Brute force protection
800 condition: settings:ssh.security_enabled.value == false
811 description: 'NOTE: When enabled, provide at least one working IP address
812 (the Fuel Master node IP is already added).
814 We recommend adding new addresses instead of replacing the provided Fuel
817 When disabled (by default), the admin, management, and storage networks
818 are only allowed to connect to the SSH service.
821 label: Restrict SSH service on network
826 description: IPv4/CIDR address
827 label: Restrict access to
829 error: Invalid IPv4/CIDR address
830 source: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))*$
833 condition: settings:ssh.security_enabled.value == false
841 value: AQAVkvxXAAAAABAAZzOFaGpPvF4oFOQlz7ud4g==
842 auth_s3_keystone_ceph:
843 description: This allows to authenticate S3 requests basing on EC2/S3 credentials
844 managed by Keystone. Please note that enabling the integration will increase
845 the latency of S3 requests as well as load on Keystone service. Please consult
846 with Mirantis Technical Bulletin 27 and Mirantis Support on mitigating the
847 risks related with load.
848 label: Enable S3 API Authentication via Keystone in Ceph RadosGW
851 condition: settings:storage.objects_ceph.value == false
857 value: AQAVkvxXAAAAABAA9pOqDPq0En8Dh1Pi6fZENA==
859 description: Configures Nova to store ephemeral volumes in RBD. This works
860 best if Ceph is enabled for volumes and images, too. Enables live migration
861 of all types of Ceph backed VMs (without this option, live migration will
862 only work with VMs launched from Cinder volumes).
863 label: Ceph RBD for ephemeral volumes (Nova)
869 value: 801bd64d-bec4-44cc-9126-16245e53f470
871 description: Configures Glance to use the Ceph RBD backend to store images.
872 If enabled, this option will prevent Swift from installing.
873 label: Ceph RBD for images (Glance)
875 - settings:storage.images_vcenter.value == true: Only one Glance backend could
881 description: Configures Glance to use the vCenter/ESXi backend to store images.
882 If enabled, this option will prevent Swift from installing.
883 label: VMware vCenter/ESXi datastore for images (Glance)
886 condition: settings:common.use_vcenter.value != true
887 - condition: settings:storage.images_ceph.value == true
888 message: Only one Glance backend could be selected.
894 label: Storage Backends
898 value: AQAVkvxXAAAAABAA9ZxWFYdRmV+DSwKr7BKKXg==
900 description: Configures RadosGW front end for Ceph RBD. This exposes S3 and
901 Swift API Interfaces. If enabled, this option will prevent Swift from installing.
902 label: Ceph RadosGW for objects (Swift API)
907 description: Configures the default number of object replicas in Ceph. This
908 number must be equal to or lower than the number of deployed 'Ceph OSD'
910 label: Ceph object replication factor
912 error: Invalid number
919 value: AQAVkvxXAAAAABAA1pC6F8i40b7KVCnh5Fe2GQ==
920 volumes_block_device:
921 description: High performance block device storage. It is recommended to have
922 at least one Cinder Block Device
923 label: Cinder Block device driver
925 - settings:storage.volumes_ceph.value == true
930 description: Configures Cinder to store volumes in Ceph RBD images.
931 label: Ceph RBD for volumes (Cinder)
933 - settings:storage.volumes_lvm.value == true or settings:storage.volumes_block_device.value
939 description: It is recommended to have at least one Cinder node.
940 label: Cinder LVM over iSCSI for volumes
942 - settings:storage.volumes_ceph.value == true
954 description: Remote syslog port
957 error: Invalid syslog port
958 source: ^([1-9][0-9]{0,3}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])$
963 description: Remote syslog hostname
966 error: Invalid hostname
967 source: ^[a-zA-Z\d]+[-\.\da-zA-Z]*$
972 label: Syslog transport protocol
989 label: Workloads Collector User
996 value: uuuegVGpIeAzHsAkf1o8KEzK
1002 value: fuel_stats_user
Code Review / fuel.git / blob