puppet/hieradata/controller.yaml

   1 # Hiera data here applies to all controller nodes
   2 nova::api::enabled: true
   3 nova::conductor::enabled: true
   4 nova::consoleauth::enabled: true
   5 nova::vncproxy::enabled: true
   6 nova::scheduler::enabled: true
   7
   8 # rabbitmq
   9 rabbitmq::delete_guest_user: false
  10 rabbitmq::wipe_db_on_cookie_change: true
  11 rabbitmq::port: '5672'
  12 rabbitmq::package_source: undef
  13 rabbitmq::repos_ensure: false
  14 rabbitmq_environment:
  15   RABBITMQ_NODENAME: "rabbit@%{::hostname}"
  16   RABBITMQ_SERVER_ERL_ARGS: '"+K true +A30 +P 1048576 -kernel inet_default_connect_options [{nodelay,true},{raw,6,18,<<5000:64/native>>}] -kernel inet_default_listen_options [{raw,6,18,<<5000:64/native>>}]"'
  17 rabbitmq_kernel_variables:
  18   inet_dist_listen_min: '35672'
  19   inet_dist_listen_max: '35672'
  20 rabbitmq_config_variables:
  21   tcp_listen_options: '[binary, {packet, raw}, {reuseaddr, true}, {backlog, 128}, {nodelay, true}, {exit_on_close, false}, {keepalive, true}]'
  22   cluster_partition_handling: 'pause_minority'
  23
  24 mongodb::server::replset: tripleo
  25 mongodb::server::journal: false
  26
  27 redis::port: 6379
  28 redis::sentinel::master_name: "%{hiera('bootstrap_nodeid')}"
  29 redis::sentinel::redis_host: "%{hiera('bootstrap_nodeid_ip')}"
  30 redis::sentinel::notification_script: '/usr/local/bin/redis-notifications.sh'
  31
  32 # service tenant
  33 glance::api::keystone_tenant: 'service'
  34 aodh::api::keystone_tenant: 'service'
  35 glance::registry::keystone_tenant: 'service'
  36 neutron::server::auth_tenant: 'service'
  37 neutron::agents::metadata::auth_tenant: 'service'
  38 neutron::agents::l3::router_delete_namespaces: True
  39 neutron::agents::dhcp::dhcp_delete_namespaces: True
  40 cinder::api::keystone_tenant: 'service'
  41 swift::proxy::authtoken::admin_tenant_name: 'service'
  42 ceilometer::api::keystone_tenant: 'service'
  43 heat::keystone_tenant: 'service'
  44 sahara::admin_tenant_name: 'service'
  45
  46 # keystone
  47 keystone::cron::token_flush::maxdelay: 3600
  48 keystone::roles::admin::service_tenant: 'service'
  49 keystone::roles::admin::admin_tenant: 'admin'
  50 keystone::cron::token_flush::destination: '/dev/null'
  51 keystone::config::keystone_config:
  52   DEFAULT/secure_proxy_ssl_header:
  53     value: 'HTTP_X_FORWARDED_PROTO'
  54   ec2/driver:
  55     value: 'keystone.contrib.ec2.backends.sql.Ec2'
  56 keystone::service_name: 'httpd'
  57 keystone::wsgi::apache::ssl: false
  58
  59 #swift
  60 swift::proxy::pipeline:
  61   - 'catch_errors'
  62   - 'healthcheck'
  63   - 'cache'
  64   - 'ratelimit'
  65   - 'tempurl'
  66   - 'formpost'
  67   - 'authtoken'
  68   - 'keystone'
  69   - 'staticweb'
  70   - 'proxy-logging'
  71   - 'proxy-server'
  72
  73 swift::proxy::account_autocreate: true
  74
  75 # glance
  76 glance::api::pipeline: 'keystone'
  77 glance::api::show_image_direct_url: true
  78 glance::registry::pipeline: 'keystone'
  79 glance::backend::swift::swift_store_create_container_on_put: true
  80 glance::backend::rbd::rbd_store_user: 'openstack'
  81 glance_file_pcmk_directory: '/var/lib/glance/images'
  82
  83 # neutron
  84 neutron::server::sync_db: true
  85 neutron::agents::dhcp::dnsmasq_config_file: /etc/neutron/dnsmasq-neutron.conf
  86
  87 # nova
  88 nova::notify_on_state_change: 'vm_and_task_state'
  89 nova::api::default_floating_pool: 'public'
  90 nova::api::osapi_v3: true
  91 nova::api::sync_db_api: true
  92 nova::scheduler::filter::ram_allocation_ratio: '1.0'
  93 nova::cron::archive_deleted_rows::hour: '*/12'
  94 nova::cron::archive_deleted_rows::destination: '/dev/null'
  95 nova::notification_driver: messaging
  96
  97 # ceilometer
  98 ceilometer::agent::auth::auth_endpoint_type: 'internalURL'
  99
 100 # cinder
 101 cinder::scheduler::scheduler_driver: cinder.scheduler.filter_scheduler.FilterScheduler
 102 cinder::cron::db_purge::destination: '/dev/null'
 103 cinder::host: hostgroup
 104
 105 # heat
 106 heat::engine::configure_delegated_roles: false
 107 heat::engine::trusts_delegated_roles: []
 108 heat::instance_user: ''
 109 heat::cron::purge_deleted::age: 30
 110 heat::cron::purge_deleted::age_type: 'days'
 111 heat::cron::purge_deleted::maxdelay: 3600
 112 heat::cron::purge_deleted::destination: '/dev/null'
 113
 114 # pacemaker
 115 pacemaker::corosync::cluster_name: 'tripleo_cluster'
 116 pacemaker::corosync::manage_fw: false
 117 pacemaker::resource_defaults::defaults:
 118   resource-stickiness: { value: INFINITY }
 119
 120 # horizon
 121 horizon::cache_backend: django.core.cache.backends.memcached.MemcachedCache
 122 horizon::django_session_engine: 'django.contrib.sessions.backends.cache'
 123 horizon::vhost_extra_params:
 124   add_listen: false
 125   priority: 10
 126
 127 # mysql
 128 mysql::server::manage_config_file: true
 129
 130
 131 tripleo::loadbalancer::keystone_admin: true
 132 tripleo::loadbalancer::keystone_public: true
 133 tripleo::loadbalancer::neutron: true
 134 tripleo::loadbalancer::cinder: true
 135 tripleo::loadbalancer::glance_api: true
 136 tripleo::loadbalancer::glance_registry: true
 137 tripleo::loadbalancer::nova_ec2: true
 138 tripleo::loadbalancer::nova_osapi: true
 139 tripleo::loadbalancer::nova_metadata: true
 140 tripleo::loadbalancer::nova_novncproxy: true
 141 tripleo::loadbalancer::mysql: true
 142 tripleo::loadbalancer::redis: true
 143 tripleo::loadbalancer::sahara: true
 144 tripleo::loadbalancer::swift_proxy_server: true
 145 tripleo::loadbalancer::ceilometer: true
 146 tripleo::loadbalancer::aodh: true
 147 tripleo::loadbalancer::heat_api: true
 148 tripleo::loadbalancer::heat_cloudwatch: true
 149 tripleo::loadbalancer::heat_cfn: true
 150 tripleo::loadbalancer::horizon: true
 151
 152 controller_classes: []
 153 # firewall
 154 tripleo::firewall::firewall_rules:
 155   '101 mongodb_config':
 156     port: 27019
 157   '102 mongodb_sharding':
 158     port: 27018
 159   '103 mongod':
 160     port: 27017
 161   '104 mysql galera':
 162     port:
 163       - 873
 164       - 3306
 165       - 4444
 166       - 4567
 167       - 4568
 168       - 9200
 169   '105 ntp':
 170     port: 123
 171     proto: udp
 172   '106 vrrp':
 173     proto: vrrp
 174   '107 haproxy stats':
 175     port: 1993
 176   '108 redis':
 177     port:
 178       - 6379
 179       - 26379
 180   '109 rabbitmq':
 181     port:
 182       - 5672
 183       - 35672
 184   '110 ceph':
 185     port:
 186       - 6789
 187       - '6800-6810'
 188   '111 keystone':
 189     port:
 190       - 5000
 191       - 13000
 192       - 35357
 193       - 13357
 194   '112 glance':
 195     port:
 196       - 9292
 197       - 9191
 198       - 13292
 199   '113 nova':
 200     port:
 201       - 6080
 202       - 13080
 203       - 8773
 204       - 3773
 205       - 8774
 206       - 13774
 207       - 8775
 208   '114 neutron server':
 209     port:
 210       - 9696
 211       - 13696
 212   '115 neutron dhcp input':
 213     proto: 'udp'
 214     port: 67
 215   '116 neutron dhcp output':
 216     proto: 'udp'
 217     chain: 'OUTPUT'
 218     port: 68
 219   '118 neutron vxlan networks':
 220     proto: 'udp'
 221     port: 4789
 222   '119 cinder':
 223     port:
 224       - 8776
 225       - 13776
 226   '120 iscsi initiator':
 227     port: 3260
 228   '121 memcached':
 229     port: 11211
 230   '122 swift proxy':
 231     port:
 232       - 8080
 233       - 13808
 234   '123 swift storage':
 235     port:
 236       - 873
 237       - 6000
 238       - 6001
 239       - 6002
 240   '124 ceilometer':
 241     port:
 242       - 8777
 243       - 13777
 244   '125 heat':
 245     port:
 246       - 8000
 247       - 13800
 248       - 8003
 249       - 13003
 250       - 8004
 251       - 13004
 252   '126 horizon':
 253     port:
 254       - 80
 255       - 443
 256   '127 snmp':
 257     port: 161
 258     proto: 'udp'
 259   '128 aodh':
 260     port:
 261       - 8042
 262       - 13042