Code Review / apex-tripleo-heat-templates.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Change flat network name for nosdn fdio scenario
[apex-tripleo-heat-templates.git] / capabilities-map.yaml
1 # This file holds metadata about the capabilities of the tripleo-heat-templates
2 # repository for deployment using puppet. It groups configuration by topic,
3 # describes possible combinations of environments and resource capabilities.
4
5 # topics:
6 # High Level grouping by purpose of environments
7 # Attributes:
8 #  title: (required)
9 #  description: (optional)
10 #  environment_groups: (required)
11
12 # environment_groups:
13 # Identifies a group of environments.
14 # Attributes:
15 #  title: (optional)
16 #  description: (optional)
17 #  tags: a list of tags to provide additional information for e.g. filtering (optional)
18 #  environments: (required)
19 #  mutually_exclusive: (optional) boolean to identify that environments in group are mutually exclusive
20
21 # environments:
22 # List of environments in environment group
23 # Attributes:
24 #  file: a file name including path within repository (required)
25 #  title: (required)
26 #  description: (optional)
27 #  requires: an array of environments which are required by this environment (optional)
28
29 topics:
30   - title: General Deployment Options
31     description:
32     environment_groups:
33       - name: general-deployment-options
34         title:
35         description: Enables base configuration for all resources required for OpenStack Deployment
36         environments:
37           - file: overcloud-resource-registry-puppet.yaml
38             title: Base resources configuration
39             description:
40       - title: Containerized Deployment
41         description: >
42           Configures Deployment to use containerized services
43         environments:
44           - file: environments/docker.yaml
45             title: Containerized Deployment
46             description:
47             requires:
48               - overcloud-resource-registry-puppet.yaml
49       - title: High Availability
50         description: Enables configuration of an Overcloud Controller with Pacemaker
51         environments:
52           - file: environments/puppet-pacemaker.yaml
53             title: High Availability (Pacemaker)
54             description:
55             requires:
56               - overcloud-resource-registry-puppet.yaml
57
58   - title: Network Configuration
59     description:
60     environment_groups:
61       - title: Network Isolation
62         description:
63         environments:
64           - file: environments/network-isolation.yaml
65             title: Network Isolation
66             description: >
67               Enable the creation of Neutron networks for
68               isolated Overcloud traffic and configure each role to assign ports
69               (related to that role) on these networks.
70             requires:
71               - overcloud-resource-registry-puppet.yaml
72           - file: environments/network-isolation-v6.yaml
73             title: Network Isolation IPv6
74             description: >
75               Enable the creation of IPv6 Neutron networks for isolated Overcloud
76               traffic and configure each role to assign ports (related
77               to that role) on these networks.
78             requires:
79               - overcloud-resource-registry-puppet.yaml
80         mutually_exclusive: true
81       - title: NICs, Bonding, VLANs Configuration
82         description: >
83           Choose one of the pre-defined configurations or provide custom
84           network-environment.yaml instead. Note that pre-defined configuration work
85           only with standard Roles and Networks. These options assume use of Network Isolation.
86         environments:
87           - file: environments/net-bond-with-vlans.yaml
88             title: Bond with Vlans
89             description: >
90               Configure each role to use a pair of bonded nics (nic2 and
91               nic3) and configures an IP address on each relevant isolated network
92               for each role. This option assumes use of Network Isolation.
93             requires:
94               - environments/network-isolation.yaml
95           - file: environments/net-bond-with-vlans-no-external.yaml
96             title: Bond with Vlans No External Ports
97             description: >
98               Configure each role to use a pair of bonded nics (nic2 and
99               nic3) and configures an IP address on each relevant isolated network
100               for each role. This option assumes use of Network Isolation.
101               Sets external ports to noop.
102             requires:
103               - environments/network-isolation.yaml
104           - file: environments/net-bond-with-vlans-v6.yaml
105             title: Bond with Vlans IPv6
106             description: >
107               Configure each role to use a pair of bonded nics (nic2 and
108               nic3) and configures an IP address on each relevant isolated network
109               for each role, with IPv6 on the External network.
110               This option assumes use of Network Isolation IPv6.
111             requires:
112               - environments/network-isolation-v6.yaml
113           - file: environments/net-multiple-nics.yaml
114             title: Multiple NICs
115             description: >
116               Configures each role to use a separate NIC for
117               each isolated network.
118               This option assumes use of Network Isolation.
119             requires:
120               - environments/network-isolation.yaml
121           - file: environments/net-multiple-nics-v6.yaml
122             title: Multiple NICs IPv6
123             description: >
124               Configure each role to use a separate NIC for
125               each isolated network with IPv6 on the External network.
126               This option assumes use of Network Isolation IPv6.
127             requires:
128               - environments/network-isolation-v6.yaml
129           - file: environments/net-single-nic-with-vlans.yaml
130             title: Single NIC with Vlans
131             description: >
132               Configure each role to use Vlans on a single NIC for
133               each isolated network. This option assumes use of Network Isolation.
134             requires:
135               - environments/network-isolation.yaml
136           - file: environments/net-single-nic-with-vlans-no-external.yaml
137             title: Single NIC with Vlans No External Ports
138             description: >
139               Configure each role to use Vlans on a single NIC for
140               each isolated network. This option assumes use of Network Isolation.
141               Sets external ports to noop.
142             requires:
143               - environments/network-isolation.yaml
144           - file: environments/net-single-nic-linux-bridge-with-vlans.yaml
145             title: Single NIC with Linux Bridge Vlans
146             description: >
147               Configure each role to use Vlans on a single NIC for
148               each isolated network. This option assumes use of Network Isolation.
149             requires:
150               - environments/network-isolation.yaml
151           - file: environments/net-single-nic-with-vlans-v6.yaml
152             title: Single NIC with Vlans IPv6
153             description: >
154               Configures each role to use Vlans on a single NIC for
155               each isolated network with IPv6 on the External network.
156               This option assumes use of Network Isolation IPv6
157             requires:
158               - environments/network-isolation-v6.yaml
159         mutually_exclusive: true
160       - title: Management Network
161         description: >
162           Enable the creation of a system management network. This
163           creates a Neutron network for isolated Overcloud
164           system management traffic and configures each role to
165           assign a port (related to that role) on that network.
166         environments:
167           - file: environments/network-management.yaml
168             title: Management Network
169             description:
170             requires:
171               - overcloud-resource-registry-puppet.yaml
172           - file: environments/network-management-v6.yaml
173             title: Management Network IPv6
174             description:
175             requires:
176               - overcloud-resource-registry-puppet.yaml
177         mutually_exclusive: true
178
179       - title: Docker Network
180         description: >
181           [Temporary] Use this option when deploying containerized deployment
182           without network isolation
183         environments:
184           - file: environments/docker-network.yaml
185             title: Docker network
186             description:
187             requires:
188               - environments/docker.yaml
189
190       - title: External load balancer
191         description: >
192           Enable external load balancer, requires network Isolation to be enabled.
193           Note that this option assumes standard isolated networks set.
194         environments:
195           - file: environments/external-loadbalancer-vip.yaml
196             title: External load balancer IPv4
197             description: >
198             requires:
199               - environments/network-isolation.yaml
200           - file: environments/external-loadbalancer-vip-v6.yaml
201             title: External load balancer IPv6
202             description: >
203             requires:
204               - environments/network-isolation-v6.yaml
205         mutually_exclusive: true
206
207   - title: Neutron Plugin Configuration
208     description:
209     environment_groups:
210       - title: Neutron Plugins
211         description: >
212           Enable various Neutron plugins and backends
213         environments:
214           - file: environments/neutron-bgpvpn.yaml
215             title: Neutron BGPVPN Service Plugin
216             description: Enables Neutron BGPVPN Service Plugin
217             requires:
218               - overcloud-resource-registry-puppet.yaml
219           - file: environments/services/neutron-lbaasv2.yaml
220             title: Neutron LBaaSv2 Service Plugin
221             description: Enables Neutron LBaaSv2 Service Plugin and Agent
222             requires:
223               - overcloud-resource-registry-puppet.yaml
224           - file: environments/neutron-ml2-bigswitch.yaml
225             title: BigSwitch Extensions
226             description: >
227               Enable Big Switch extensions, configured via puppet
228             requires:
229               - overcloud-resource-registry-puppet.yaml
230           - file: environments/neutron-ml2-cisco-n1kv.yaml
231             title: Cisco N1KV backend
232             description: >
233               Enable a Cisco N1KV backend, configured via puppet
234             requires:
235               - overcloud-resource-registry-puppet.yaml
236           - file: environments/neutron-ml2-cisco-nexus-ucsm.yaml
237             title: Cisco Neutron plugin
238             description:
239             requires:
240               - overcloud-resource-registry-puppet.yaml
241           - file: environments/networking/neutron-midonet.yaml
242             title: Neutron MidoNet Services
243             description:
244             requires:
245               - overcloud-resource-registry-puppet.yaml
246           - file: environments/neutron-nuage-config.yaml
247             title: Neutron Nuage backend
248             description: Enables Neutron Nuage backend on the controller
249             requires:
250               - overcloud-resource-registry-puppet.yaml
251           - file: environments/neutron-opendaylight.yaml
252             title: OpenDaylight
253             description: Enables OpenDaylight
254             requires:
255               - overcloud-resource-registry-puppet.yaml
256           - file: environments/neutron-ovs-dpdk.yaml
257             title: DPDK with OVS
258             description: Deploy DPDK with OVS
259             requires:
260               - overcloud-resource-registry-puppet.yaml
261           - file: environments/neutron-ovs-dvr.yaml
262             title: DVR
263             description: Enables DVR in the Overcloud
264             requires:
265               - overcloud-resource-registry-puppet.yaml
266           - file: environments/neutron-plumgrid.yaml
267             title: PLUMgrid extensions
268             description: Enables PLUMgrid extensions
269             requires:
270               - overcloud-resource-registry-puppet.yaml
271           - file: environments/neutron-ml2-fujitsu-cfab.yaml
272             title: Fujitsu Neutron plugin for C-Fabric
273             description: Enable C-Fabric in the overcloud
274             requires:
275               - overcloud-resource-registry-puppet.yaml
276           - file: environments/neutron-ml2-fujitsu-fossw.yaml
277             title: Fujitsu Neutron plugin for FOS
278             description: Enable FOS in the overcloud
279             requires:
280               - overcloud-resource-registry-puppet.yaml
281           - file: environments/neutron-nsx.yaml
282             title: Deploy NSX Services
283             description:
284             requires:
285               - overcloud-resource-registry-puppet.yaml
286           - file: environments/neutron-l2gw.yaml
287             title: Neutron L2 gateway Service Plugin
288             description: Enables Neutron L2 gateway Service Plugin and Agent
289             requires:
290               - overcloud-resource-registry-puppet.yaml
291
292   - title: Storage
293     description:
294     environment_groups:
295       - title: Cinder backends
296         description: >
297           Enable various Cinder backends
298         environments:
299           - file: environments/cinder-pure-config.yaml
300             title: Cinder Pure Storage FlashArray backend
301             description:
302             requires:
303               - overcloud-resource-registry-puppet.yaml
304           - file: environments/storage/cinder-netapp-config.yaml
305             title: Cinder NetApp backend
306             description:
307             requires:
308               - overcloud-resource-registry-puppet.yaml
309           - file: environments/cinder-dellsc-config.yaml
310             title: Cinder Dell EMC Storage Center ISCSI backend
311             description: >
312               Enables a Cinder Dell EMC Storage Center ISCSI backend
313             requires:
314               - overcloud-resource-registry-puppet.yaml
315           - file: environments/cinder-dellemc-unity-config.yaml
316             title: Cinder Dell EMC Unity backend
317             description: >
318               Enables a Cinder Dell EMC Unity backend,
319           - file: environments/cinder-dellemc-vmax-iscsi-config.yaml
320             title: Cinder Dell EMC VMAX ISCSI backend
321             description: >
322               Enables a Cinder Dell EMC VMAX ISCSI backend,
323               configured via puppet
324             requires:
325               - overcloud-resource-registry-puppet.yaml
326           - file: environments/cinder-hpelefthand-config.yaml
327             title: Cinder HPELeftHandISCSI backend
328             description: >
329               Enables a Cinder HPELeftHandISCSI backend
330             requires:
331               - overcloud-resource-registry-puppet.yaml
332           - file: environments/cinder-dellps-config.yaml
333             title: Cinder Dell EMC PS Series backend
334             description: >
335               Enables a Cinder Dell EMC PS Series backend
336             requires:
337               - overcloud-resource-registry-puppet.yaml
338           - file: environments/cinder-iser.yaml
339             title: Cinder iSER backend
340             description: >
341               Enable a Cinder iSER RDMA backend, configured via puppet
342           - file: environments/cinder-scaleio-config.yaml
343             title: Cinder Dell EMC ScaleIO backend
344             description: >
345               Enables a Cinder Dell EMC ScaleIO backend
346             requires:
347               - overcloud-resource-registry-puppet.yaml
348           - file: environments/cinder-veritas-hyperscale-config.yaml
349             title: Cinder Veritas HyperScale backend
350             description: >
351               Enables a Cinder Veritas HyperScale backend,
352               configured via puppet
353             requires:
354               - overcloud-resource-registry-puppet.yaml
355       - title: Cinder backup service
356         description:
357         environments:
358           - file: environments/cinder-backup.yaml
359             title: Cinder backup service
360             description: >
361               OpenStack Cinder Backup service with Pacemaker
362             requires:
363               - environments/puppet-pacemaker.yaml
364               - overcloud-resource-registry-puppet.yaml
365       - title: Ceph
366         description: >
367           Enable the use of Ceph in the overcloud
368         environments:
369           - file: environments/puppet-ceph.yaml
370             title: Ceph Storage Backend
371             description: >
372               Deploys a Ceph cluster via TripleO, requires at lease one CephStorage node or
373               use of hyperconverged-ceph.yaml environment for the HCI scenario, where CephOSD is
374               colocated with NovaCompute and configures the overcloud to use it, via RBD driver.
375             requires:
376               - overcloud-resource-registry-puppet.yaml
377           - file: environments/storage/external-ceph.yaml
378             title: Externally managed Ceph
379             description: >
380               Configures the overcloud to use an externally managed Ceph cluster, via RBD driver.
381             requires:
382               - overcloud-resource-registry-puppet.yaml
383         mutually_exclusive: true
384       - title: Additional Ceph Options
385         description:
386         environments:
387           - file: environments/services/ceph-mds.yaml
388             title: Deploys CephMDS
389             description: >
390               Deploys CephMDS via TripleO, an additional Ceph service needed to create shared
391               filesystems hosted in Ceph.
392             requires:
393               - environments/puppet-ceph.yaml
394           - file: environments/ceph-radosgw.yaml
395             title: Ceph Rados Gateway
396             description: >
397               Deploys CephRGW via TripleO, transparently replaces Swift providing a compatible API
398               which stores data in the Ceph cluster.
399             requires:
400               - environments/puppet-ceph.yaml
401           - file: environments/manila-cephfsnative-config.yaml
402             title: Manila with CephFS
403             description: >
404               Deploys Manila and configures it with the CephFS driver. This requires the deployment of
405               Ceph and CephMDS from TripleO or the use of an external Ceph cluster for the overcloud.
406             requires:
407               - overcloud-resource-registry-puppet.yaml
408       - title: Manila with Unity
409         description: >
410           Deploys Manila and configures it with the Unity driver.
411         environments:
412           - file: environments/manila-unity-config.yaml
413             title: Deploys Manila with Unity driver
414             description: Deploys Manila and configures Unity as its default backend.
415       - title: Manila with VNX
416         description: >
417           Deploys Manila and configures it with the VNX driver.
418         environments:
419           - file: environments/manila-vnx-config.yaml
420             title: Deploys Manila with VNX driver
421             description: Deploys Manila and configures VNX as its default backend.
422       - title: Manila with VMAX
423         description: >
424           Deploys Manila and configures it with the VMAX driver.
425         environments:
426           - file: environments/manila-vmax-config.yaml
427             title: Deploys Manila with VMAX driver
428             description: Deploys Manila and configures VMAX as its default backend.
429       - title: Manila with Isilon
430         description: >
431           Deploys Manila and configures it with the Isilon driver.
432         environments:
433           - file: environments/manila-isilon-config.yaml
434             title: Deploys Manila with Isilon driver
435             description: Deploys Manila and configures Isilon as its default backend.
436             requires:
437               - overcloud-resource-registry-puppet.yaml
438       - title: Glance backends
439         description:
440         environments:
441           - file: environments/storage/glance-nfs.yaml
442             title: Glance NFS Backend
443             description: |
444               Configure and enable this option to enable the use of an NFS
445               share as the backend for Glance.
446             requires:
447               - overcloud-resource-registry-puppet.yaml
448
449
450   - title: Security
451     description: Security Hardening Options
452     environment_groups:
453       - title: TLS
454         description:
455         environments:
456           - file: environments/ssl/enable-tls.yaml
457             title: SSL on OpenStack Public Endpoints
458             description: >
459               Use this option to pass in certificates for SSL deployments.
460               For these values to take effect, one of the TLS endpoints
461               options must also be used.
462             requires:
463               - overcloud-resource-registry-puppet.yaml
464       - title: TLS Endpoints
465         description:
466         environments:
467           - file: environments/ssl/tls-endpoints-public-dns.yaml
468             title: SSL-enabled deployment with DNS name as public endpoint
469             description: >
470               Use this option when deploying an SSL-enabled overcloud where the public
471               endpoint is a DNS name.
472             requires:
473               - environments/ssl/enable-tls.yaml
474           - file: environments/ssl/tls-everywhere-endpoints-dns.yaml
475             title: Deploy All SSL Endpoints as DNS names
476             description: >
477               Use this option when deploying an overcloud where all the endpoints are
478               DNS names and there's TLS in all endpoint types.
479             requires:
480               - environments/ssl/enable-tls.yaml
481           - file: environments/ssl/tls-endpoints-public-ip.yaml
482             title: SSL-enabled deployment with IP address as public endpoint
483             description: >
484               Use this option when deploying an SSL-enabled overcloud where the public
485               endpoint is an IP address.
486             requires:
487               - environments/ssl/enable-tls.yaml
488         mutually_exclusive: true
489       - title: SSH Banner Text
490         description: Enables population of SSH Banner Text
491         environments:
492           - file: environments/sshd-banner.yaml
493             title: SSH Banner Text
494             description:
495             requires:
496               - overcloud-resource-registry-puppet.yaml
497       - title: Horizon Password Validation
498         description: Enable Horizon Password validation
499         environments:
500           - file: environments/horizon_password_validation.yaml
501             title: Horizon Password Validation
502             description:
503             requires:
504               - overcloud-resource-registry-puppet.yaml
505       - title: AuditD Rules
506         description:  Management of AuditD rules
507         environments:
508           - file: environments/auditd.yaml
509             title: AuditD Rule Management
510             description:
511             requires:
512               - overcloud-resource-registry-puppet.yaml
513       - title: Keystone CADF auditing
514         description: Enable CADF notifications in Keystone for auditing
515         environments:
516           - file: environments/cadf.yaml
517             title: Keystone CADF auditing
518       - title: SecureTTY Values
519         description: Set values within /etc/securetty
520         environments:
521           - file: environments/securetty.yaml
522             title: SecureTTY Values
523
524   - title: Additional Services
525     description:
526     environment_groups:
527       - title:
528         description: Deploy additional services
529         environments:
530           - file: environments/services/manila-generic-config.yaml
531             title: Barbican
532             description: Enable Barbican with the default secret store backend
533             requires:
534               - overcloud-resource-registry-puppet.yaml
535           - file: environments/manila-generic-config.yaml
536             title: Manila
537             description: Enable Manila with generic driver backend
538             requires:
539               - overcloud-resource-registry-puppet.yaml
540           - file: environments/services/sahara.yaml
541             title: Sahara
542             description: Deploy Sahara service
543             requires:
544               - overcloud-resource-registry-puppet.yaml
545           - file: environments/services/ironic.yaml
546             title: Ironic
547             description: Deploy Ironic service
548             requires:
549               - overcloud-resource-registry-puppet.yaml
550           - file: environments/services/mistral.yaml
551             title: Mistral
552             description: Deploy Mistral service
553             requires:
554               - overcloud-resource-registry-puppet.yaml
555           - file: environments/services/ec2-api.yaml
556             title: EC2 API
557             description: Enable EC2-API service
558             requires:
559               - overcloud-resource-registry-puppet.yaml
560           - file: environments/services/zaqar.yaml
561             title: Zaqar
562             description: Deploy Zaqar service
563             requires:
564               - overcloud-resource-registry-puppet.yaml
565
566   - title: Nova Extensions
567     description:
568     environment_groups:
569       - title: Nova Extensions
570         description:
571         environments:
572           - file: environments/nova-nuage-config.yaml
573             title: Nuage backend
574             description: >
575               Enables Nuage backend on the Compute
576             requires:
577               - overcloud-resource-registry-puppet.yaml
578
579   - title: Operational Tools
580     description:
581     environment_groups:
582       - title: Monitoring agents
583         description: Enable monitoring agents
584         environments:
585           - file: environments/monitoring-environment.yaml
586             title: Monitoring agents
587             description:
588             requires:
589               - overcloud-resource-registry-puppet.yaml
590       - title: Centralized logging support
591         description: Enable centralized logging clients (fluentd)
592         environments:
593           - file: environments/logging-environment.yaml
594             title: fluentd client
595             description:
596             requires:
597               - overcloud-resource-registry-puppet.yaml
598       - title: Performance monitoring
599         description: Enable performance monitoring agents
600         environments:
601           - file: environments/collectd-environment.yaml
602             title: Performance monitoring agents
603             description:
604             requires:
605               - overcloud-resource-registry-puppet.yaml
606
607   - title: Utilities
608     description:
609     environment_groups:
610       - title: Config Debug
611         description: Enable config management (e.g. Puppet) debugging
612         environments:
613           - file: environments/config-debug.yaml
614             title: Config Debug
615             description:
616             requires:
617               - overcloud-resource-registry-puppet.yaml
618       - title: Disable journal in MongoDb
619         description: >
620           Since, when journaling is enabled, MongoDb will create big journal
621           file it can take time. In a CI environment for example journaling is
622           not necessary.
623         environments:
624           - file: environments/mongodb-nojournal.yaml
625             title: Disable journal in MongoDb
626             description:
627             requires:
628               - overcloud-resource-registry-puppet.yaml
629       - title: Overcloud Steps
630         description: >
631           Specifies hooks/breakpoints where overcloud deployment should stop
632           Allows operator validation between steps, and/or more granular control.
633           Note: the wildcards relate to naming convention for some resource suffixes,
634           e.g see puppet/*-post.yaml, enabling this will mean we wait for
635           a user signal on every *Deployment_StepN resource defined in those files.
636         tags:
637           - no-gui
638         environments:
639           - file: environments/overcloud-steps.yaml
640             title: Overcloud Steps
641             description:
642             requires:
643               - overcloud-resource-registry-puppet.yaml