Merge "Permits configuration of Cinder enabled_backend via hieradata"

[apex-tripleo-heat-templates.git] / puppet / hieradata / controller.yaml
diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml

index 2571970..e80bee0 100644 (file)
--- a/puppet/hieradata/controller.yaml
+++ b/puppet/hieradata/controller.yaml
@@ -30,15 +30,30 @@ redis::sentinel::redis_host: "%{hiera('bootstrap_nodeid_ip')}"
  redis::sentinel::notification_script: '/usr/local/bin/redis-notifications.sh'
  
  # service tenant
-nova::api::admin_tenant_name: 'service'
  glance::api::keystone_tenant: 'service'
  glance::registry::keystone_tenant: 'service'
  neutron::server::auth_tenant: 'service'
  neutron::agents::metadata::auth_tenant: 'service'
+neutron::agents::l3::router_delete_namespaces: True
+neutron::agents::dhcp::dhcp_delete_namespaces: True
  cinder::api::keystone_tenant: 'service'
  swift::proxy::authtoken::admin_tenant_name: 'service'
  ceilometer::api::keystone_tenant: 'service'
  heat::keystone_tenant: 'service'
+sahara::admin_tenant_name: 'service'
+
+# keystone
+keystone::cron::token_flush::maxdelay: 3600
+keystone::roles::admin::service_tenant: 'service'
+keystone::roles::admin::admin_tenant: 'admin'
+keystone::cron::token_flush::destination: '/dev/null'
+keystone::config::keystone_config:
+  DEFAULT/secure_proxy_ssl_header:
+    value: 'HTTP_X_FORWARDED_PROTO'
+  ec2/driver:
+    value: 'keystone.contrib.ec2.backends.sql.Ec2'
+keystone::service_name: 'httpd'
+keystone::wsgi::apache::ssl: false
  
  #swift
  swift::proxy::pipeline:
@@ -48,9 +63,9 @@ swift::proxy::pipeline:
    - 'ratelimit'
    - 'tempurl'
    - 'formpost'
-  - 'staticweb'
    - 'authtoken'
    - 'keystone'
+  - 'staticweb'
    - 'proxy-logging'
    - 'proxy-server'
  
@@ -58,40 +73,56 @@ swift::proxy::account_autocreate: true
  
  # glance
  glance::api::pipeline: 'keystone'
+glance::api::show_image_direct_url: true
  glance::registry::pipeline: 'keystone'
  glance::backend::swift::swift_store_create_container_on_put: true
  glance::backend::rbd::rbd_store_user: 'openstack'
+glance_file_pcmk_directory: '/var/lib/glance/images'
  
  # neutron
-neutron::core_plugin: 'ml2'
-neutron::service_plugins:
-  - 'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin'
  neutron::server::sync_db: true
  neutron::agents::dhcp::dnsmasq_config_file: /etc/neutron/dnsmasq-neutron.conf
  
  # nova
  nova::notify_on_state_change: 'vm_and_task_state'
+nova::api::default_floating_pool: 'public'
  nova::api::osapi_v3: true
+nova::api::sync_db_api: true
+nova::scheduler::filter::ram_allocation_ratio: '1.0'
+nova::cron::archive_deleted_rows::hour: '*/12'
+nova::cron::archive_deleted_rows::destination: '/dev/null'
+nova::notification_driver: messaging
  
-nova::config::nova_config:
-  DEFAULT/default_floating_pool:
-    value: 'public'
+# ceilometer
+ceilometer::agent::auth::auth_endpoint_type: 'internalURL'
  
  # cinder
  cinder::scheduler::scheduler_driver: cinder.scheduler.filter_scheduler.FilterScheduler
+cinder::cron::db_purge::destination: '/dev/null'
+cinder::host: hostgroup
+cinder_user_enabled_backends: []
  
  # heat
  heat::engine::configure_delegated_roles: false
  heat::engine::trusts_delegated_roles: []
  heat::instance_user: ''
+heat::cron::purge_deleted::age: 30
+heat::cron::purge_deleted::age_type: 'days'
+heat::cron::purge_deleted::maxdelay: 3600
+heat::cron::purge_deleted::destination: '/dev/null'
  
  # pacemaker
  pacemaker::corosync::cluster_name: 'tripleo_cluster'
  pacemaker::corosync::manage_fw: false
+pacemaker::resource_defaults::defaults:
+  resource-stickiness: { value: INFINITY }
  
  # horizon
-horizon::allowed_hosts: '*'
+horizon::cache_backend: django.core.cache.backends.memcached.MemcachedCache
  horizon::django_session_engine: 'django.contrib.sessions.backends.cache'
+horizon::vhost_extra_params:
+  add_listen: false
+  priority: 10
  
  # mysql
  mysql::server::manage_config_file: true
@@ -109,6 +140,7 @@ tripleo::loadbalancer::nova_metadata: true
  tripleo::loadbalancer::nova_novncproxy: true
  tripleo::loadbalancer::mysql: true
  tripleo::loadbalancer::redis: true
+tripleo::loadbalancer::sahara: true
  tripleo::loadbalancer::swift_proxy_server: true
  tripleo::loadbalancer::ceilometer: true
  tripleo::loadbalancer::heat_api: true
@@ -117,3 +149,109 @@ tripleo::loadbalancer::heat_cfn: true
  tripleo::loadbalancer::horizon: true
  
  controller_classes: []
+# firewall
+tripleo::firewall::firewall_rules:
+  '101 mongodb_config':
+    port: 27019
+  '102 mongodb_sharding':
+    port: 27018
+  '103 mongod':
+    port: 27017
+  '104 mysql galera':
+    port:
+      - 873
+      - 3306
+      - 4444
+      - 4567
+      - 4568
+      - 9200
+  '105 ntp':
+    port: 123
+    proto: udp
+  '106 vrrp':
+    proto: vrrp
+  '107 haproxy stats':
+    port: 1993
+  '108 redis':
+    port:
+      - 6379
+      - 26379
+  '109 rabbitmq':
+    port:
+      - 5672
+      - 35672
+  '110 ceph':
+    port:
+      - 6789
+      - '6800-6810'
+  '111 keystone':
+    port:
+      - 5000
+      - 13000
+      - 35357
+      - 13357
+  '112 glance':
+    port:
+      - 9292
+      - 9191
+      - 13292
+  '113 nova':
+    port:
+      - 6080
+      - 13080
+      - 8773
+      - 3773
+      - 8774
+      - 13774
+      - 8775
+  '114 neutron server':
+    port:
+      - 9696
+      - 13696
+  '115 neutron dhcp input':
+    proto: 'udp'
+    port: 67
+  '116 neutron dhcp output':
+    proto: 'udp'
+    chain: 'OUTPUT'
+    port: 68
+  '118 neutron vxlan networks':
+    proto: 'udp'
+    port: 4789
+  '119 cinder':
+    port:
+      - 8776
+      - 13776
+  '120 iscsi initiator':
+    port: 3260
+  '121 memcached':
+    port: 11211
+  '122 swift proxy':
+    port:
+      - 8080
+      - 13808
+  '123 swift storage':
+    port:
+      - 873
+      - 6000
+      - 6001
+      - 6002
+  '124 ceilometer':
+    port:
+      - 8777
+      - 13777
+  '125 heat':
+    port:
+      - 8000
+      - 13800
+      - 8003
+      - 13003
+      - 8004
+      - 13004
+  '126 horizon':
+    port:
+      - 80
+      - 443
+  '127 snmp':
+    port: 161
+    proto: 'udp'