1 ##############################################################################
2 # Copyright (c) 2015 Ericsson AB and others.
3 # jonas.bjurel@ericsson.com
4 # All rights reserved. This program and the accompanying materials
5 # are made available under the terms of the Apache License, Version 2.0
6 # which accompanies this distribution, and is available at
7 # http://www.apache.org/licenses/LICENSE-2.0
8 ##############################################################################
10 dea-base-config-metadata:
11 title: 'Deployment Environment Adapter Base configuration'
12 # DEA API version supported
14 created: 'Fri Jun 10 2016'
15 comment: 'Rebased for Fuel 10'
22 wanted_release: Newton on Ubuntu 16.04
27 description: Email address for Administrator
33 value: admin@localhost
37 label: OpenStack Access
40 description: Password for Administrator
49 description: Tenant (project) name for Administrator
52 error: Invalid tenant name
53 source: ^(?!services$)(?!nova$)(?!glance$)(?!keystone$)(?!neutron$)(?!cinder$)(?!swift$)(?!ceph$)(?!ironic$)(?![Gg]uest$)(?!.*
59 description: Username for Administrator
62 error: Invalid username
63 source: ^(?!services$)(?!nova$)(?!glance$)(?!keystone$)(?!neutron$)(?!cinder$)(?!swift$)(?!ceph$)(?!ironic$)(?![Gg]uest$)(?!.*
68 additional_components:
70 description: If selected, Ceilometer and Aodh components will be installed
71 label: Install Ceilometer and Aodh
82 description: If selected, Ironic component will be installed
85 - cluster:net_provider != 'neutron' or networking_parameters:segmentation_type != 'vlan': Ironic
86 requires Neutron with VLAN segmentation.
87 - settings:storage.images_ceph.value == true and settings:storage.objects_ceph.value == false: Ironic
88 requires Swift or RadosGW for Glance images.
93 group: openstack_services
94 label: Additional Components
97 description: If selected, You can use external Mongo DB as ceilometer backend
98 label: Use external Mongo DB
100 - settings:additional_components.ceilometer.value == false: External Mongo
101 aims to be an external backend for Ceilometer. Without Ceilometer enabled,
102 External Mongo is useless and should not be installed.
107 description: If selected, Murano component will be installed
108 label: Install Murano
113 description: If selected, Murano service broker will be installed
114 label: Install Murano service broker for Cloud Foundry
116 - condition: settings:additional_components.murano.value == false
117 message: Murano should be enabled
119 condition: not ('experimental' in version:feature_groups)
124 description: If selected, Sahara component will be installed
125 label: Install Sahara
131 description: Interval between the snapshots in seconds
132 label: Interval between the snapshots
134 error: Should be a number of seconds
138 condition: settings:atop.service_enabled.value == false
145 label: Advanced System & Process Monitor (atop)
149 description: Number of days to keep log files
152 error: Should be a number of days
156 condition: settings:atop.service_enabled.value == false
161 description: 'NOTE: When enabled, the service may generate logs up to a gigabyte
164 This should be taken into consideration when determining the correct size
165 for the log partition.
168 label: Enable atop service
174 always_editable: true
176 label: Cgroups conguration for services
187 auto_assign_floating_ip:
188 description: If selected, OpenStack will automatically assign a floating IP
191 label: Auto assign floating IP
194 condition: cluster:net_provider == 'neutron'
199 description: Debug logging mode provides more information, but requires more
202 label: OpenStack debug logging
208 label: Hypervisor type
213 description: Choose this type of hypervisor if you run OpenStack on hardware
216 description: Choose this type of hypervisor if you run OpenStack on virtual
224 description: Quotas are used to limit CPU and memory usage for tenants. Enabling
225 quotas will increase load on the Nova database.
231 propagate_task_deploy:
236 description: Debug puppet logging mode provides more information, but requires
239 label: Puppet debug logging
243 resume_guests_state_on_host_boot:
244 description: Whether to resume previous guests state when the host reboots.
245 If enabled, this option causes guests assigned to the host to resume their
246 previous state. If the guest was running a restart will be attempted when
247 nova-compute starts. If the guest was not running previously, a restart
248 will not be attempted.
250 label: Resume guests state on host boot
255 description: Uncheck this box if the public gateway will not be available
256 or will not respond to ICMP requests to the deployed cluster. If unchecked,
257 the controllers will not take public gateway availability into account as
258 part of the cluster health. If the cluster will not have internet access,
259 you will need to make sure to provide proper offline mirrors for the deployment
262 label: Public Gateway is Available
271 description: For most cases you will want qcow format. If it's disabled, raw
272 image format will be used to run VMs. OpenStack with raw format currently
273 does not support snapshotting.
275 label: Use qcow format for images
304 description: Set True only if multicast is configured correctly on router.
305 label: Need to pass network verification.
311 description: List of upstream DNS servers
315 error: Invalid IP address
316 source: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$
323 label: Host OS DNS Servers
327 description: IP Addresses of MongoDB. Use comma to split IPs
328 label: MongoDB hosts IP
330 error: Invalid hosts ip sequence
331 source: ^(((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?),)*((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$
336 group: openstack_services
337 label: External MongoDB
340 condition: settings:additional_components.mongo.value == false
341 message: Ceilometer and MongoDB are not enabled on the Additional Components
345 description: Mongo database name
348 error: Invalid database name
354 description: Mongo database password
357 error: Password contains spaces
363 description: Name for Mongo replication set
369 description: Mongo database username
372 error: Empty username
380 label: Host OS NTP Servers
383 description: List of upstream NTP servers
384 label: NTP server list
386 error: Invalid NTP server
387 source: ^[a-zA-Z\d]+[-\.\da-zA-Z]*$
390 - 0.fuel.pool.ntp.org
391 - 1.fuel.pool.ntp.org
392 - 2.fuel.pool.ntp.org
396 description: Default kernel parameters
397 label: Initial parameters
399 value: console=tty0 net.ifnames=1 biosdevname=0 rootdelay=90 nomodeset
402 label: Kernel parameters
406 group: openstack_services
407 label: Murano Settings
410 condition: settings:additional_components.murano.value == false
411 message: Murano is not enabled on the Additional Components section
413 murano_glance_artifacts_plugin:
414 description: If selected glance artifact repository will be enabled
415 label: Enable glance artifact repository
421 label: Murano Repository URL
423 value: http://storage.apps.openstack.org/
425 neutron_advanced_configuration:
428 label: Neutron Advanced Configuration
431 condition: cluster:net_provider != 'neutron'
434 description: Enable Distributed Virtual Routers in Neutron
437 - ? networking_parameters:segmentation_type != 'vlan' and settings:neutron_advanced_configuration.neutron_l2_pop.value
439 : DVR requires L2 population to be enabled.
444 description: Enable L2 population mechanism in Neutron
445 label: Neutron L2 population
448 condition: networking_parameters:segmentation_type == 'vlan'
453 description: 'Enable High Availability features for Virtual Routers in Neutron
455 Requires at least 2 Controller nodes to function properly
460 - condition: settings:neutron_advanced_configuration.neutron_dvr.value ==
462 message: Neutron DVR must be disabled in order to use Neutron L3 HA
467 description: Enable Neutron QoS advanced service plug-in
474 description: Public SSH keys to include to operator user's authorized keys,
476 label: Authorized SSH keys
481 description: Home directory for operator user
482 label: Home directory
487 value: /home/fueladmin
491 label: Operating System Access
494 description: Username for operator user
497 error: Empty username
503 description: Password for operator user
506 error: Empty password
509 value: sD2hWNhXxB70SJIBBmaixvvt
512 description: Sudoers configuration directives for operator user, one per line.
513 label: Sudoers configuration
515 value: 'ALL=(ALL) NOPASSWD: ALL'
529 label: Initial packages
561 linux-headers-generic-lts-xenial
563 linux-image-generic-lts-xenial
623 public_network_assignment:
625 description: When disabled, public network will be assigned to controllers
627 label: Assign public network to all nodes
633 label: Public network assignment
636 condition: cluster:net_provider != 'neutron'
640 description: Certificate and private key data, concatenated into a single
645 condition: (settings:public_ssl.cert_source.value != 'user_uploaded') or
646 (settings:public_ssl.horizon.value == false and settings:public_ssl.services.value
652 description: From where we'll get certificate and private key
653 label: Select source for certificate
656 condition: settings:public_ssl.horizon.value == false and settings:public_ssl.services.value
662 description: Generate private key and certificate that will be signed by
665 - data: user_uploaded
666 description: Use pre-generated key and certificate
667 label: I have my own keypair with certificate
670 description: Secure access to Horizon enabling HTTPS instead of HTTP
671 label: HTTPS for Horizon
673 - settings:public_ssl.services.value == false: TLS for OpenStack public endpoints
679 description: Your DNS entries should point to this name. Self-signed certificates
680 also will use this hostname
681 label: DNS hostname for public TLS endpoints
683 error: Invalid DNS hostname
684 source: ^[a-zA-Z\d]+[-\.\da-zA-Z]*$
687 condition: settings:public_ssl.horizon.value == false and settings:public_ssl.services.value
690 value: public.fuel.local
697 description: Enable TLS termination on HAProxy for OpenStack services
698 label: TLS for OpenStack public endpoints
704 always_editable: true
709 description: 'Please note: the first repository will be considered the operating
710 system mirror that will be used during node provisioning.
712 To create a local repository mirror on the Fuel master node, please follow
713 the instructions provided by running "fuel-createmirror --help" on the Fuel
716 Please make sure your Fuel master node has Internet access to the repository
717 before attempting to create a mirror.
721 type: custom_repo_configuration
728 uri: http://10.20.0.2:8080/mirrors/ubuntu/
731 section: main universe multiverse
734 uri: http://archive.ubuntu.com/ubuntu/
735 - name: ubuntu-updates
737 section: main universe multiverse
738 suite: xenial-updates
740 uri: http://archive.ubuntu.com/ubuntu/
741 - name: ubuntu-security
743 section: main universe multiverse
744 suite: xenial-security
746 uri: http://archive.ubuntu.com/ubuntu/
749 section: main restricted
752 uri: http://10.20.0.2:8080/newton-10.0/ubuntu/x86_64
755 section: main restricted
756 suite: mos10.0-updates
758 uri: http://mirror.fuel-infra.org/mos-repos/ubuntu/10.0/
761 section: main restricted
762 suite: mos10.0-security
764 uri: http://mirror.fuel-infra.org/mos-repos/ubuntu/10.0/
767 section: main restricted
768 suite: mos10.0-holdback
770 uri: http://mirror.fuel-infra.org/mos-repos/ubuntu/10.0/
773 section: main restricted
776 uri: http://10.20.0.2:8080/newton-10.0/ubuntu/auxiliary
783 label: Service user account
793 value: 5rkDBE1Pddi75UQuohA6E2s4
799 value: 'ALL=(ALL) NOPASSWD: ALL'
801 brute_force_protection:
802 description: When enabled, the access from all networks (except the provided
803 ones) will be granted, but the networks will be checked against the brute
805 label: Brute force protection
808 condition: settings:ssh.security_enabled.value == false
819 description: 'NOTE: When enabled, provide at least one working IP address
820 (the Fuel Master node IP is already added).
822 We recommend adding new addresses instead of replacing the provided Fuel
825 When disabled (by default), the admin, management, and storage networks
826 are only allowed to connect to the SSH service.
829 label: Restrict SSH service on network
834 description: IPv4/CIDR address
835 label: Restrict access to
837 error: Invalid IPv4/CIDR address
838 source: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))*$
841 condition: settings:ssh.security_enabled.value == false
849 value: AQAVkvxXAAAAABAAZzOFaGpPvF4oFOQlz7ud4g==
850 auth_s3_keystone_ceph:
851 description: This allows to authenticate S3 requests basing on EC2/S3 credentials
852 managed by Keystone. Please note that enabling the integration will increase
853 the latency of S3 requests as well as load on Keystone service. Please consult
854 with Mirantis Technical Bulletin 27 and Mirantis Support on mitigating the
855 risks related with load.
856 label: Enable S3 API Authentication via Keystone in Ceph RadosGW
859 condition: settings:storage.objects_ceph.value == false
865 value: AQAVkvxXAAAAABAA9pOqDPq0En8Dh1Pi6fZENA==
867 description: Configures Nova to store ephemeral volumes in RBD. This works
868 best if Ceph is enabled for volumes and images, too. Enables live migration
869 of all types of Ceph backed VMs (without this option, live migration will
870 only work with VMs launched from Cinder volumes).
871 label: Ceph RBD for ephemeral volumes (Nova)
877 value: 801bd64d-bec4-44cc-9126-16245e53f470
879 description: Configures Glance to use the Ceph RBD backend to store images.
880 If enabled, this option will prevent Swift from installing.
881 label: Ceph RBD for images (Glance)
883 - settings:storage.images_vcenter.value == true: Only one Glance backend could
889 description: Configures Glance to use the vCenter/ESXi backend to store images.
890 If enabled, this option will prevent Swift from installing.
891 label: VMware vCenter/ESXi datastore for images (Glance)
894 condition: settings:common.use_vcenter.value != true
895 - condition: settings:storage.images_ceph.value == true
896 message: Only one Glance backend could be selected.
902 label: Storage Backends
906 value: AQAVkvxXAAAAABAA9ZxWFYdRmV+DSwKr7BKKXg==
908 description: Configures RadosGW front end for Ceph RBD. This exposes S3 and
909 Swift API Interfaces. If enabled, this option will prevent Swift from installing.
910 label: Ceph RadosGW for objects (Swift API)
915 description: Configures the default number of object replicas in Ceph. This
916 number must be equal to or lower than the number of deployed 'Ceph OSD'
918 label: Ceph object replication factor
920 error: Invalid number
927 value: AQAVkvxXAAAAABAA1pC6F8i40b7KVCnh5Fe2GQ==
928 volumes_block_device:
929 description: High performance block device storage. It is recommended to have
930 at least one Cinder Block Device
931 label: Cinder Block device driver
933 - settings:storage.volumes_ceph.value == true
938 description: Configures Cinder to store volumes in Ceph RBD images.
939 label: Ceph RBD for volumes (Cinder)
941 - settings:storage.volumes_lvm.value == true or settings:storage.volumes_block_device.value
947 description: It is recommended to have at least one Cinder node.
948 label: Cinder LVM over iSCSI for volumes
950 - settings:storage.volumes_ceph.value == true
962 description: Remote syslog port
965 error: Invalid syslog port
966 source: ^([1-9][0-9]{0,3}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])$
971 description: Remote syslog hostname
974 error: Invalid hostname
975 source: ^[a-zA-Z\d]+[-\.\da-zA-Z]*$
980 label: Syslog transport protocol
997 label: Workloads Collector User
1004 value: uuuegVGpIeAzHsAkf1o8KEzK
1010 value: fuel_stats_user