# Hiera data here applies to all controller nodes
nova::api::enabled: true
-nova::conductor::enabled: true
-nova::consoleauth::enabled: true
nova::vncproxy::enabled: true
-nova::scheduler::enabled: true
# gnocchi
-gnocchi::db::sync::extra_opts: '--skip-storage'
+gnocchi::db::sync::extra_opts: '--skip-storage --create-legacy-resource-types'
gnocchi::storage::swift::swift_user: 'service:gnocchi'
gnocchi::storage::swift::swift_auth_version: 2
gnocchi::statsd::resource_id: '0a8b55df-f90f-491c-8cb9-7cdecec6fc26'
rabbitmq_config_variables:
tcp_listen_options: '[binary, {packet, raw}, {reuseaddr, true}, {backlog, 128}, {nodelay, true}, {exit_on_close, false}, {keepalive, true}]'
cluster_partition_handling: 'pause_minority'
+ loopback_users: '[]'
mongodb::server::replset: tripleo
mongodb::server::journal: false
nova::notify_on_state_change: 'vm_and_task_state'
nova::api::default_floating_pool: 'public'
nova::api::sync_db_api: true
-nova::scheduler::filter::ram_allocation_ratio: '1.0'
+nova::api::enable_proxy_headers_parsing: true
nova::cron::archive_deleted_rows::hour: '*/12'
nova::cron::archive_deleted_rows::destination: '/dev/null'
nova::notification_driver: messaging
-nova::keystone::auth::configure_ec2_endpoint: false
# ceilometer
ceilometer::agent::auth::auth_endpoint_type: 'internalURL'
cinder::scheduler::scheduler_driver: cinder.scheduler.filter_scheduler.FilterScheduler
cinder::cron::db_purge::destination: '/dev/null'
cinder::host: hostgroup
-cinder_user_enabled_backends: []
+
+# TODO(jaosorior): Move to cinder profile once cinder is moved as a composable
+# service.
+cinder::api::enable_proxy_headers_parsing: true
# heat
heat::engine::configure_delegated_roles: false
heat::keystone::domain::domain_name: 'heat_stack'
heat::keystone::domain::domain_admin: 'heat_stack_domain_admin'
heat::keystone::domain::domain_admin_email: 'heat_stack_domain_admin@localhost'
+heat::auth_plugin: 'password'
# pacemaker
pacemaker::corosync::cluster_name: 'tripleo_cluster'
mysql::server::manage_config_file: true
-tripleo::loadbalancer::keystone_admin: true
-tripleo::loadbalancer::keystone_public: true
-tripleo::loadbalancer::neutron: true
-tripleo::loadbalancer::cinder: true
-tripleo::loadbalancer::glance_api: true
-tripleo::loadbalancer::glance_registry: true
-tripleo::loadbalancer::nova_ec2: true
-tripleo::loadbalancer::nova_osapi: true
-tripleo::loadbalancer::nova_metadata: true
-tripleo::loadbalancer::nova_novncproxy: true
-tripleo::loadbalancer::mysql: true
-tripleo::loadbalancer::redis: true
-tripleo::loadbalancer::sahara: true
-tripleo::loadbalancer::swift_proxy_server: true
-tripleo::loadbalancer::ceilometer: true
-tripleo::loadbalancer::aodh: true
-tripleo::loadbalancer::gnocchi: true
-tripleo::loadbalancer::heat_api: true
-tripleo::loadbalancer::heat_cloudwatch: true
-tripleo::loadbalancer::heat_cfn: true
-tripleo::loadbalancer::horizon: true
+tripleo::haproxy::keystone_admin: true
+tripleo::haproxy::keystone_public: true
+tripleo::haproxy::neutron: true
+tripleo::haproxy::cinder: true
+tripleo::haproxy::glance_api: true
+tripleo::haproxy::glance_registry: true
+tripleo::haproxy::nova_osapi: true
+tripleo::haproxy::nova_metadata: true
+tripleo::haproxy::nova_novncproxy: true
+tripleo::haproxy::mysql: true
+tripleo::haproxy::redis: true
+tripleo::haproxy::sahara: true
+tripleo::haproxy::swift_proxy_server: true
+tripleo::haproxy::ceilometer: true
+tripleo::haproxy::aodh: true
+tripleo::haproxy::gnocchi: true
+tripleo::haproxy::heat_api: true
+tripleo::haproxy::heat_cloudwatch: true
+tripleo::haproxy::heat_cfn: true
+tripleo::haproxy::horizon: true
controller_classes: []
# firewall
tripleo::firewall::firewall_rules:
'101 mongodb_config':
- port: 27019
+ dport: 27019
'102 mongodb_sharding':
- port: 27018
+ dport: 27018
'103 mongod':
- port: 27017
+ dport: 27017
'104 mysql galera':
- port:
+ dport:
- 873
- 3306
- 4444
- 4568
- 9200
'105 ntp':
- port: 123
+ dport: 123
proto: udp
'106 vrrp':
proto: vrrp
'107 haproxy stats':
- port: 1993
+ dport: 1993
'108 redis':
- port:
+ dport:
- 6379
- 26379
'109 rabbitmq':
- port:
+ dport:
+ - 4369
- 5672
- 35672
'110 ceph':
- port:
+ dport:
- 6789
- '6800-6810'
'111 keystone':
- port:
+ dport:
- 5000
- 13000
- 35357
- 13357
'112 glance':
- port:
+ dport:
- 9292
- 9191
- 13292
'113 nova':
- port:
+ dport:
- 6080
- 13080
- 8773
- 13774
- 8775
'114 neutron server':
- port:
+ dport:
- 9696
- 13696
'115 neutron dhcp input':
proto: 'udp'
- port: 67
+ dport: 67
'116 neutron dhcp output':
proto: 'udp'
chain: 'OUTPUT'
- port: 68
+ dport: 68
'118 neutron vxlan networks':
proto: 'udp'
- port: 4789
+ dport: 4789
'119 cinder':
- port:
+ dport:
- 8776
- 13776
'120 iscsi initiator':
- port: 3260
+ dport: 3260
'121 memcached':
- port: 11211
+ dport: 11211
'122 swift proxy':
- port:
+ dport:
- 8080
- 13808
'123 swift storage':
- port:
+ dport:
- 873
- 6000
- 6001
- 6002
'124 ceilometer':
- port:
+ dport:
- 8777
- 13777
'125 heat':
- port:
+ dport:
- 8000
- 13800
- 8003
- 8004
- 13004
'126 horizon':
- port:
+ dport:
- 80
- 443
'127 snmp':
- port: 161
+ dport: 161
proto: 'udp'
'128 aodh':
- port:
+ dport:
- 8042
- 13042
'129 gnocchi-api':
- port:
+ dport:
- 8041
- 13041
+ '130 pacemaker tcp':
+ proto: 'tcp'
+ dport:
+ - 2224
+ - 3121
+ - 21064
+ '131 pacemaker udp':
+ proto: 'udp'
+ dport: 5405
+ '132 sahara':
+ dport:
+ - 8386
+ - 13386
Code Review / apex-tripleo-heat-templates.git / blobdiff