1 ##############################################################################
2 # Copyright (c) 2015 Ericsson AB and others.
3 # jonas.bjurel@ericsson.com
4 # All rights reserved. This program and the accompanying materials
5 # are made available under the terms of the Apache License, Version 2.0
6 # which accompanies this distribution, and is available at
7 # http://www.apache.org/licenses/LICENSE-2.0
8 ##############################################################################
10 dea-base-config-metadata:
11 title: 'Deployment Environment Adapter Base configuration'
12 # DEA API version supported
14 created: 'Fri Jun 10 2016'
15 comment: 'Rebased for Fuel 10'
24 wanted_release: Newton on Ubuntu 16.04
29 description: Email address for Administrator
35 value: admin@localhost
39 label: OpenStack Access
42 description: Password for Administrator
51 description: Tenant (project) name for Administrator
54 error: Invalid tenant name
55 source: ^(?!services$)(?!nova$)(?!glance$)(?!keystone$)(?!neutron$)(?!cinder$)(?!swift$)(?!ceph$)(?!ironic$)(?![Gg]uest$)(?!.*
61 description: Username for Administrator
64 error: Invalid username
65 source: ^(?!services$)(?!nova$)(?!glance$)(?!keystone$)(?!neutron$)(?!cinder$)(?!swift$)(?!ceph$)(?!ironic$)(?![Gg]uest$)(?!.*
70 additional_components:
72 description: If selected, Ceilometer and Aodh components will be installed
73 label: Install Ceilometer and Aodh
84 description: If selected, Ironic component will be installed
87 - cluster:net_provider != 'neutron' or networking_parameters:segmentation_type != 'vlan': Ironic
88 requires Neutron with VLAN segmentation.
89 - settings:storage.images_ceph.value == true and settings:storage.objects_ceph.value == false: Ironic
90 requires Swift or RadosGW for Glance images.
95 group: openstack_services
96 label: Additional Components
99 description: If selected, You can use external Mongo DB as ceilometer backend
100 label: Use external Mongo DB
102 - settings:additional_components.ceilometer.value == false: External Mongo
103 aims to be an external backend for Ceilometer. Without Ceilometer enabled,
104 External Mongo is useless and should not be installed.
109 description: If selected, Murano component will be installed
110 label: Install Murano
115 description: If selected, Murano service broker will be installed
116 label: Install Murano service broker for Cloud Foundry
118 - condition: settings:additional_components.murano.value == false
119 message: Murano should be enabled
121 condition: not ('experimental' in version:feature_groups)
126 description: If selected, Sahara component will be installed
127 label: Install Sahara
133 description: Interval between the snapshots in seconds
134 label: Interval between the snapshots
136 error: Should be a number of seconds
140 condition: settings:atop.service_enabled.value == false
147 label: Advanced System & Process Monitor (atop)
151 description: Number of days to keep log files
154 error: Should be a number of days
158 condition: settings:atop.service_enabled.value == false
163 description: 'NOTE: When enabled, the service may generate logs up to a gigabyte
166 This should be taken into consideration when determining the correct size
167 for the log partition.
170 label: Enable atop service
176 always_editable: true
178 label: Cgroups conguration for services
189 auto_assign_floating_ip:
190 description: If selected, OpenStack will automatically assign a floating IP
193 label: Auto assign floating IP
196 condition: cluster:net_provider == 'neutron'
201 description: Debug logging mode provides more information, but requires more
204 label: OpenStack debug logging
210 label: Hypervisor type
215 description: Choose this type of hypervisor if you run OpenStack on hardware
218 description: Choose this type of hypervisor if you run OpenStack on virtual
226 description: Quotas are used to limit CPU and memory usage for tenants. Enabling
227 quotas will increase load on the Nova database.
233 propagate_task_deploy:
238 description: Debug puppet logging mode provides more information, but requires
241 label: Puppet debug logging
245 resume_guests_state_on_host_boot:
246 description: Whether to resume previous guests state when the host reboots.
247 If enabled, this option causes guests assigned to the host to resume their
248 previous state. If the guest was running a restart will be attempted when
249 nova-compute starts. If the guest was not running previously, a restart
250 will not be attempted.
252 label: Resume guests state on host boot
257 description: Uncheck this box if the public gateway will not be available
258 or will not respond to ICMP requests to the deployed cluster. If unchecked,
259 the controllers will not take public gateway availability into account as
260 part of the cluster health. If the cluster will not have internet access,
261 you will need to make sure to provide proper offline mirrors for the deployment
264 label: Public Gateway is Available
273 description: For most cases you will want qcow format. If it's disabled, raw
274 image format will be used to run VMs. OpenStack with raw format currently
275 does not support snapshotting.
277 label: Use qcow format for images
306 description: Set True only if multicast is configured correctly on router.
307 label: Need to pass network verification.
313 description: List of upstream DNS servers
317 error: Invalid IP address
318 source: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$
325 label: Host OS DNS Servers
329 description: IP Addresses of MongoDB. Use comma to split IPs
330 label: MongoDB hosts IP
332 error: Invalid hosts ip sequence
333 source: ^(((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?),)*((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$
338 group: openstack_services
339 label: External MongoDB
342 condition: settings:additional_components.mongo.value == false
343 message: Ceilometer and MongoDB are not enabled on the Additional Components
347 description: Mongo database name
350 error: Invalid database name
356 description: Mongo database password
359 error: Password contains spaces
365 description: Name for Mongo replication set
371 description: Mongo database username
374 error: Empty username
382 label: Host OS NTP Servers
385 description: List of upstream NTP servers
386 label: NTP server list
388 error: Invalid NTP server
389 source: ^[a-zA-Z\d]+[-\.\da-zA-Z]*$
398 description: Default kernel parameters
399 label: Initial parameters
401 value: console=tty0 net.ifnames=1 biosdevname=0 rootdelay=90 nomodeset
404 label: Kernel parameters
408 group: openstack_services
409 label: Murano Settings
412 condition: settings:additional_components.murano.value == false
413 message: Murano is not enabled on the Additional Components section
415 murano_glance_artifacts_plugin:
416 description: If selected glance artifact repository will be enabled
417 label: Enable glance artifact repository
423 label: Murano Repository URL
425 value: http://storage.apps.openstack.org/
427 neutron_advanced_configuration:
430 label: Neutron Advanced Configuration
433 condition: cluster:net_provider != 'neutron'
436 description: Enable Distributed Virtual Routers in Neutron
439 - ? networking_parameters:segmentation_type != 'vlan' and settings:neutron_advanced_configuration.neutron_l2_pop.value
441 : DVR requires L2 population to be enabled.
446 description: Enable L2 population mechanism in Neutron
447 label: Neutron L2 population
450 condition: networking_parameters:segmentation_type == 'vlan'
455 description: 'Enable High Availability features for Virtual Routers in Neutron
457 Requires at least 2 Controller nodes to function properly
462 - condition: settings:neutron_advanced_configuration.neutron_dvr.value ==
464 message: Neutron DVR must be disabled in order to use Neutron L3 HA
469 description: Enable Neutron QoS advanced service plug-in
476 description: Public SSH keys to include to operator user's authorized keys,
478 label: Authorized SSH keys
483 description: Home directory for operator user
484 label: Home directory
489 value: /home/fueladmin
493 label: Operating System Access
496 description: Username for operator user
499 error: Empty username
505 description: Password for operator user
508 error: Empty password
511 value: sD2hWNhXxB70SJIBBmaixvvt
514 description: Sudoers configuration directives for operator user, one per line.
515 label: Sudoers configuration
517 value: 'ALL=(ALL) NOPASSWD: ALL'
531 label: Initial packages
563 linux-headers-generic-lts-xenial
565 linux-image-generic-lts-xenial
625 public_network_assignment:
627 description: When disabled, public network will be assigned to controllers
629 label: Assign public network to all nodes
635 label: Public network assignment
638 condition: cluster:net_provider != 'neutron'
642 description: Certificate and private key data, concatenated into a single
647 condition: (settings:public_ssl.cert_source.value != 'user_uploaded') or
648 (settings:public_ssl.horizon.value == false and settings:public_ssl.services.value
654 description: From where we'll get certificate and private key
655 label: Select source for certificate
658 condition: settings:public_ssl.horizon.value == false and settings:public_ssl.services.value
664 description: Generate private key and certificate that will be signed by
667 - data: user_uploaded
668 description: Use pre-generated key and certificate
669 label: I have my own keypair with certificate
672 description: Secure access to Horizon enabling HTTPS instead of HTTP
673 label: HTTPS for Horizon
675 - settings:public_ssl.services.value == false: TLS for OpenStack public endpoints
681 description: Your DNS entries should point to this name. Self-signed certificates
682 also will use this hostname
683 label: DNS hostname for public TLS endpoints
685 error: Invalid DNS hostname
686 source: ^[a-zA-Z\d]+[-\.\da-zA-Z]*$
689 condition: settings:public_ssl.horizon.value == false and settings:public_ssl.services.value
692 value: public.fuel.local
699 description: Enable TLS termination on HAProxy for OpenStack services
700 label: TLS for OpenStack public endpoints
706 always_editable: true
711 description: 'Please note: the first repository will be considered the operating
712 system mirror that will be used during node provisioning.
714 To create a local repository mirror on the Fuel master node, please follow
715 the instructions provided by running "fuel-createmirror --help" on the Fuel
718 Please make sure your Fuel master node has Internet access to the repository
719 before attempting to create a mirror.
723 type: custom_repo_configuration
730 uri: http://10.20.0.2:8080/mirrors/ubuntu/
733 section: main universe multiverse
736 uri: mirror://mirrors.ubuntu.com/mirrors.txt
737 - name: ubuntu-updates
739 section: main universe multiverse
740 suite: xenial-updates
742 uri: mirror://mirrors.ubuntu.com/mirrors.txt
743 - name: ubuntu-security
745 section: main universe multiverse
746 suite: xenial-security
748 uri: mirror://mirrors.ubuntu.com/mirrors.txt
751 section: main restricted
754 uri: http://10.20.0.2:8080/newton-10.0/ubuntu/x86_64
757 section: main restricted
758 suite: mos10.0-updates
760 uri: http://mirror.fuel-infra.org/mos-repos/ubuntu/10.0/
763 section: main restricted
764 suite: mos10.0-security
766 uri: http://mirror.fuel-infra.org/mos-repos/ubuntu/10.0/
769 section: main restricted
770 suite: mos10.0-holdback
772 uri: http://mirror.fuel-infra.org/mos-repos/ubuntu/10.0/
775 section: main restricted
778 uri: http://10.20.0.2:8080/newton-10.0/ubuntu/auxiliary
785 label: Service user account
795 value: 5rkDBE1Pddi75UQuohA6E2s4
801 value: 'ALL=(ALL) NOPASSWD: ALL'
803 brute_force_protection:
804 description: When enabled, the access from all networks (except the provided
805 ones) will be granted, but the networks will be checked against the brute
807 label: Brute force protection
810 condition: settings:ssh.security_enabled.value == false
821 description: 'NOTE: When enabled, provide at least one working IP address
822 (the Fuel Master node IP is already added).
824 We recommend adding new addresses instead of replacing the provided Fuel
827 When disabled (by default), the admin, management, and storage networks
828 are only allowed to connect to the SSH service.
831 label: Restrict SSH service on network
836 description: IPv4/CIDR address
837 label: Restrict access to
839 error: Invalid IPv4/CIDR address
840 source: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))*$
843 condition: settings:ssh.security_enabled.value == false
851 value: AQAVkvxXAAAAABAAZzOFaGpPvF4oFOQlz7ud4g==
852 auth_s3_keystone_ceph:
853 description: This allows to authenticate S3 requests basing on EC2/S3 credentials
854 managed by Keystone. Please note that enabling the integration will increase
855 the latency of S3 requests as well as load on Keystone service. Please consult
856 with Mirantis Technical Bulletin 27 and Mirantis Support on mitigating the
857 risks related with load.
858 label: Enable S3 API Authentication via Keystone in Ceph RadosGW
861 condition: settings:storage.objects_ceph.value == false
867 value: AQAVkvxXAAAAABAA9pOqDPq0En8Dh1Pi6fZENA==
869 description: Configures Nova to store ephemeral volumes in RBD. This works
870 best if Ceph is enabled for volumes and images, too. Enables live migration
871 of all types of Ceph backed VMs (without this option, live migration will
872 only work with VMs launched from Cinder volumes).
873 label: Ceph RBD for ephemeral volumes (Nova)
879 value: 801bd64d-bec4-44cc-9126-16245e53f470
881 description: Configures Glance to use the Ceph RBD backend to store images.
882 If enabled, this option will prevent Swift from installing.
883 label: Ceph RBD for images (Glance)
885 - settings:storage.images_vcenter.value == true: Only one Glance backend could
891 description: Configures Glance to use the vCenter/ESXi backend to store images.
892 If enabled, this option will prevent Swift from installing.
893 label: VMware vCenter/ESXi datastore for images (Glance)
896 condition: settings:common.use_vcenter.value != true
897 - condition: settings:storage.images_ceph.value == true
898 message: Only one Glance backend could be selected.
904 label: Storage Backends
908 value: AQAVkvxXAAAAABAA9ZxWFYdRmV+DSwKr7BKKXg==
910 description: Configures RadosGW front end for Ceph RBD. This exposes S3 and
911 Swift API Interfaces. If enabled, this option will prevent Swift from installing.
912 label: Ceph RadosGW for objects (Swift API)
917 description: Configures the default number of object replicas in Ceph. This
918 number must be equal to or lower than the number of deployed 'Ceph OSD'
920 label: Ceph object replication factor
922 error: Invalid number
929 value: AQAVkvxXAAAAABAA1pC6F8i40b7KVCnh5Fe2GQ==
930 volumes_block_device:
931 description: High performance block device storage. It is recommended to have
932 at least one Cinder Block Device
933 label: Cinder Block device driver
935 - settings:storage.volumes_ceph.value == true
940 description: Configures Cinder to store volumes in Ceph RBD images.
941 label: Ceph RBD for volumes (Cinder)
943 - settings:storage.volumes_lvm.value == true or settings:storage.volumes_block_device.value
949 description: It is recommended to have at least one Cinder node.
950 label: Cinder LVM over iSCSI for volumes
952 - settings:storage.volumes_ceph.value == true
964 description: Remote syslog port
967 error: Invalid syslog port
968 source: ^([1-9][0-9]{0,3}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])$
973 description: Remote syslog hostname
976 error: Invalid hostname
977 source: ^[a-zA-Z\d]+[-\.\da-zA-Z]*$
982 label: Syslog transport protocol
999 label: Workloads Collector User
1006 value: uuuegVGpIeAzHsAkf1o8KEzK
1012 value: fuel_stats_user