Merge "Make load balancer deployment optional via template param"

[apex-tripleo-heat-templates.git] / puppet / hieradata / controller.yaml
diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml

index a66c1ea..f42ddf6 100644 (file)
--- a/puppet/hieradata/controller.yaml
+++ b/puppet/hieradata/controller.yaml
@@ -42,6 +42,8 @@ heat::keystone_tenant: 'service'
  
  # keystone
  keystone::cron::token_flush::maxdelay: 3600
+keystone::roles::admin::service_tenant: 'service'
+keystone::roles::admin::admin_tenant: 'admin'
  
  #swift
  swift::proxy::pipeline:
@@ -61,9 +63,11 @@ swift::proxy::account_autocreate: true
  
  # glance
  glance::api::pipeline: 'keystone'
+glance::api::show_image_direct_url: true
  glance::registry::pipeline: 'keystone'
  glance::backend::swift::swift_store_create_container_on_put: true
  glance::backend::rbd::rbd_store_user: 'openstack'
+glance_file_pcmk_directory: '/var/lib/glance/images'
  
  # neutron
  neutron::server::sync_db: true
@@ -75,6 +79,9 @@ nova::api::default_floating_pool: 'public'
  nova::api::osapi_v3: true
  nova::scheduler::filter::ram_allocation_ratio: '1.0'
  
+# ceilometer
+ceilometer::agent::auth::auth_endpoint_type: 'internalURL'
+
  # cinder
  cinder::scheduler::scheduler_driver: cinder.scheduler.filter_scheduler.FilterScheduler
  
@@ -90,12 +97,14 @@ pacemaker::resource_defaults::defaults:
    resource-stickiness: { value: INFINITY }
  
  # horizon
-horizon::allowed_hosts: '*'
+horizon::cache_backend: django.core.cache.backends.memcached.MemcachedCache
  horizon::django_session_engine: 'django.contrib.sessions.backends.cache'
+horizon::vhost_extra_params:
+  add_listen: false
+  priority: 10
  
  # mysql
  mysql::server::manage_config_file: true
-mysql::server::remove_default_accounts: true
  
  
  tripleo::loadbalancer::keystone_admin: true
@@ -118,3 +127,109 @@ tripleo::loadbalancer::heat_cfn: true
  tripleo::loadbalancer::horizon: true
  
  controller_classes: []
+# firewall
+tripleo::firewall::firewall_rules:
+  '101 mongodb_config':
+    port: 27019
+  '102 mongodb_sharding':
+    port: 27018
+  '103 mongod':
+    port: 27017
+  '104 mysql galera':
+    port:
+      - 873
+      - 3306
+      - 4444
+      - 4567
+      - 4568
+      - 9200
+  '105 ntp':
+    port: 123
+    proto: udp
+  '106 vrrp':
+    proto: vrrp
+  '107 haproxy stats':
+    port: 1993
+  '108 redis':
+    port:
+      - 6379
+      - 26379
+  '109 rabbitmq':
+    port:
+      - 5672
+      - 35672
+  '110 ceph':
+    port:
+      - 6789
+      - '6800-6810'
+  '111 keystone':
+    port:
+      - 5000
+      - 13000
+      - 35357
+      - 13357
+  '112 glance':
+    port:
+      - 9292
+      - 9191
+      - 13292
+  '113 nova':
+    port:
+      - 6080
+      - 13080
+      - 8773
+      - 3773
+      - 8774
+      - 13774
+      - 8775
+  '114 neutron server':
+    port:
+      - 9696
+      - 13696
+  '115 neutron dhcp input':
+    proto: 'udp'
+    port: 67
+  '116 neutron dhcp output':
+    proto: 'udp'
+    chain: 'OUTPUT'
+    port: 68
+  '118 neutron vxlan networks':
+    proto: 'udp'
+    port: 4789
+  '119 cinder':
+    port:
+      - 8776
+      - 13776
+  '120 iscsi initiator':
+    port: 3260
+  '121 memcached':
+    port: 11211
+  '122 swift proxy':
+    port:
+      - 8080
+      - 13808
+  '123 swift storage':
+    port:
+      - 873
+      - 6000
+      - 6001
+      - 6002
+  '124 ceilometer':
+    port:
+      - 8777
+      - 13777
+  '125 heat':
+    port:
+      - 8000
+      - 13800
+      - 8003
+      - 13003
+      - 8004
+      - 13004
+  '126 horizon':
+    port:
+      - 80
+      - 443
+  '127 snmp':
+    port: 161
+    proto: 'udp'