# keystone
keystone::cron::token_flush::maxdelay: 3600
+keystone::roles::admin::service_tenant: 'service'
+keystone::roles::admin::admin_tenant: 'admin'
#swift
swift::proxy::pipeline:
- 'ratelimit'
- 'tempurl'
- 'formpost'
- - 'staticweb'
- 'authtoken'
- 'keystone'
+ - 'staticweb'
- 'proxy-logging'
- 'proxy-server'
# glance
glance::api::pipeline: 'keystone'
+glance::api::show_image_direct_url: true
glance::registry::pipeline: 'keystone'
glance::backend::swift::swift_store_create_container_on_put: true
glance::backend::rbd::rbd_store_user: 'openstack'
+glance_file_pcmk_directory: '/var/lib/glance/images'
# neutron
-neutron::core_plugin: 'ml2'
-neutron::service_plugins:
- - 'neutron.services.l3_router.l3_router_plugin.L3RouterPlugin'
neutron::server::sync_db: true
neutron::agents::dhcp::dnsmasq_config_file: /etc/neutron/dnsmasq-neutron.conf
# nova
nova::notify_on_state_change: 'vm_and_task_state'
+nova::api::default_floating_pool: 'public'
nova::api::osapi_v3: true
nova::scheduler::filter::ram_allocation_ratio: '1.0'
-nova::config::nova_config:
- DEFAULT/default_floating_pool:
- value: 'public'
+# ceilometer
+ceilometer::agent::auth::auth_endpoint_type: 'internalURL'
# cinder
cinder::scheduler::scheduler_driver: cinder.scheduler.filter_scheduler.FilterScheduler
resource-stickiness: { value: INFINITY }
# horizon
-horizon::allowed_hosts: '*'
+horizon::cache_backend: django.core.cache.backends.memcached.MemcachedCache
horizon::django_session_engine: 'django.contrib.sessions.backends.cache'
+horizon::vhost_extra_params:
+ add_listen: false
+ priority: 10
# mysql
mysql::server::manage_config_file: true
-mysql::server::remove_default_accounts: true
tripleo::loadbalancer::keystone_admin: true
tripleo::loadbalancer::horizon: true
controller_classes: []
+# firewall
+tripleo::firewall::firewall_rules:
+ '101 mongodb_config':
+ port: 27019
+ '102 mongodb_sharding':
+ port: 27018
+ '103 mongod':
+ port: 27017
+ '104 mysql galera':
+ port:
+ - 873
+ - 3306
+ - 4444
+ - 4567
+ - 4568
+ - 9200
+ '105 ntp':
+ port: 123
+ proto: udp
+ '106 vrrp':
+ proto: vrrp
+ '107 haproxy stats':
+ port: 1993
+ '108 redis':
+ port:
+ - 6379
+ - 26379
+ '109 rabbitmq':
+ port:
+ - 5672
+ - 35672
+ '110 ceph':
+ port:
+ - 6789
+ - '6800-6810'
+ '111 keystone':
+ port:
+ - 5000
+ - 13000
+ - 35357
+ - 13357
+ '112 glance':
+ port:
+ - 9292
+ - 9191
+ - 13292
+ '113 nova':
+ port:
+ - 6080
+ - 13080
+ - 8773
+ - 3773
+ - 8774
+ - 13774
+ - 8775
+ '114 neutron server':
+ port:
+ - 9696
+ - 13696
+ '115 neutron dhcp input':
+ proto: 'udp'
+ port: 67
+ '116 neutron dhcp output':
+ proto: 'udp'
+ chain: 'OUTPUT'
+ port: 68
+ '118 neutron vxlan networks':
+ proto: 'udp'
+ port: 4789
+ '119 cinder':
+ port:
+ - 8776
+ - 13776
+ '120 iscsi initiator':
+ port: 3260
+ '121 memcached':
+ port: 11211
+ '122 swift proxy':
+ port:
+ - 8080
+ - 13808
+ '123 swift storage':
+ port:
+ - 873
+ - 6000
+ - 6001
+ - 6002
+ '124 ceilometer':
+ port:
+ - 8777
+ - 13777
+ '125 heat':
+ port:
+ - 8000
+ - 13800
+ - 8003
+ - 13003
+ - 8004
+ - 13004
+ '126 horizon':
+ port:
+ - 80
+ - 443
+ '127 snmp':
+ port: 161
+ proto: 'udp'
Code Review / apex-tripleo-heat-templates.git / blobdiff