3 # Path to a public key to install on servers. If a usable key has not
4 # been installed on the remote servers, the user is prompted for a
5 # password and this key is installed so the password will not be
7 CONFIG_SSH_KEY=/root/.ssh/id_rsa.pub
9 # Default password to be used everywhere (overridden by passwords set
10 # for individual services or users).
11 CONFIG_DEFAULT_PASSWORD=
13 # Specify 'y' to install MariaDB. ['y', 'n']
14 CONFIG_MARIADB_INSTALL=y
16 # Specify 'y' to install OpenStack Image Service (glance). ['y', 'n']
17 CONFIG_GLANCE_INSTALL=y
19 # Specify 'y' to install OpenStack Block Storage (cinder). ['y', 'n']
20 CONFIG_CINDER_INSTALL=y
22 # Specify 'y' to install OpenStack Compute (nova). ['y', 'n']
25 # Specify 'y' to install OpenStack Networking (neutron); otherwise,
26 # Compute Networking (nova) will be used. ['y', 'n']
27 CONFIG_NEUTRON_INSTALL=y
29 # Specify 'y' to install OpenStack Dashboard (horizon). ['y', 'n']
30 CONFIG_HORIZON_INSTALL=y
32 # Specify 'y' to install OpenStack Object Storage (swift). ['y', 'n']
33 CONFIG_SWIFT_INSTALL=y
35 # Specify 'y' to install OpenStack Metering (ceilometer). ['y', 'n']
36 CONFIG_CEILOMETER_INSTALL=y
38 # Specify 'y' to install OpenStack Data Processing (sahara). In case
39 # of sahara installation packstack also installs heat.['y', 'n']
40 CONFIG_SAHARA_INSTALL=n
42 # Specify 'y' to install OpenStack Orchestration (heat). ['y', 'n']
45 # Specify 'y' to install OpenStack Database (trove) ['y', 'n']
46 CONFIG_TROVE_INSTALL=n
48 # Specify 'y' to install OpenStack Bare Metal Provisioning (ironic).
50 CONFIG_IRONIC_INSTALL=n
52 # Specify 'y' to install the OpenStack Client packages (command-line
53 # tools). An admin "rc" file will also be installed. ['y', 'n']
54 CONFIG_CLIENT_INSTALL=y
56 # Comma-separated list of NTP servers. Leave plain if Packstack
57 # should not install ntpd on instances.
58 CONFIG_NTP_SERVERS=clock.redhat.com
60 # Specify 'y' to install Nagios to monitor OpenStack hosts. Nagios
61 # provides additional tools for monitoring the OpenStack environment.
63 CONFIG_NAGIOS_INSTALL=n
65 # Comma-separated list of servers to be excluded from the
66 # installation. This is helpful if you are running Packstack a second
67 # time with the same answer file and do not want Packstack to
68 # overwrite these server's configurations. Leave empty if you do not
69 # need to exclude any servers.
72 # Specify 'y' if you want to run OpenStack services in debug mode;
73 # otherwise, specify 'n'. ['y', 'n']
76 # Server on which to install OpenStack services specific to the
77 # controller role (for example, API servers or dashboard).
78 CONFIG_CONTROLLER_HOST=VARINET4ADDR
80 # List the servers on which to install the Compute service.
81 CONFIG_COMPUTE_HOSTS=VARINET4ADDR
83 # List of servers on which to install the network service such as
84 # Compute networking (nova network) or OpenStack Networking (neutron).
85 CONFIG_NETWORK_HOSTS=VARINET4ADDR
87 # Specify 'y' if you want to use VMware vCenter as hypervisor and
88 # storage; otherwise, specify 'n'. ['y', 'n']
89 CONFIG_VMWARE_BACKEND=n
91 # Specify 'y' if you want to use unsupported parameters. This should
92 # be used only if you know what you are doing. Issues caused by using
93 # unsupported options will not be fixed before the next major release.
97 # Specify 'y' if you want to use subnet addresses (in CIDR format)
98 # instead of interface names in following options:
99 # CONFIG_NOVA_COMPUTE_PRIVIF, CONFIG_NOVA_NETWORK_PRIVIF,
100 # CONFIG_NOVA_NETWORK_PUBIF, CONFIG_NEUTRON_OVS_BRIDGE_IFACES,
101 # CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS, CONFIG_NEUTRON_OVS_TUNNEL_IF.
102 # This is useful for cases when interface names are not same on all
103 # installation hosts.
106 # IP address of the VMware vCenter server.
109 # User name for VMware vCenter server authentication.
112 # Password for VMware vCenter server authentication.
113 CONFIG_VCENTER_PASSWORD=
115 # Comma separated list of names of the VMware vCenter clusters. Note:
116 # if multiple clusters are specified each one is mapped to one
117 # compute, otherwise all computes are mapped to same cluster.
118 CONFIG_VCENTER_CLUSTER_NAMES=
120 # (Unsupported!) Server on which to install OpenStack services
121 # specific to storage servers such as Image or Block Storage services.
122 CONFIG_STORAGE_HOST=VARINET4ADDR
124 # (Unsupported!) Server on which to install OpenStack services
125 # specific to OpenStack Data Processing (sahara).
126 CONFIG_SAHARA_HOST=VARINET4ADDR
128 # Specify 'y' to enable the EPEL repository (Extra Packages for
129 # Enterprise Linux). ['y', 'n']
132 # Comma-separated list of URLs for any additional yum repositories,
133 # to use for installation.
136 # Specify 'y' to enable the RDO testing repository. ['y', 'n']
137 CONFIG_ENABLE_RDO_TESTING=n
139 # To subscribe each server with Red Hat Subscription Manager, include
140 # this with CONFIG_RH_PW.
143 # To subscribe each server to receive updates from a Satellite
144 # server, provide the URL of the Satellite server. You must also
145 # provide a user name (CONFIG_SATELLITE_USERNAME) and password
146 # (CONFIG_SATELLITE_PASSWORD) or an access key (CONFIG_SATELLITE_AKEY)
147 # for authentication.
148 CONFIG_SATELLITE_URL=
150 # To subscribe each server with Red Hat Subscription Manager, include
151 # this with CONFIG_RH_USER.
154 # Specify 'y' to enable RHEL optional repositories. ['y', 'n']
157 # HTTP proxy to use with Red Hat Subscription Manager.
160 # Port to use for Red Hat Subscription Manager's HTTP proxy.
161 CONFIG_RH_PROXY_PORT=
163 # User name to use for Red Hat Subscription Manager's HTTP proxy.
164 CONFIG_RH_PROXY_USER=
166 # Password to use for Red Hat Subscription Manager's HTTP proxy.
169 # User name to authenticate with the RHN Satellite server; if you
170 # intend to use an access key for Satellite authentication, leave this
172 CONFIG_SATELLITE_USER=
174 # Password to authenticate with the RHN Satellite server; if you
175 # intend to use an access key for Satellite authentication, leave this
179 # Access key for the Satellite server; if you intend to use a user
180 # name and password for Satellite authentication, leave this blank.
181 CONFIG_SATELLITE_AKEY=
183 # Certificate path or URL of the certificate authority to verify that
184 # the connection with the Satellite server is secure. If you are not
185 # using Satellite in your deployment, leave this blank.
186 CONFIG_SATELLITE_CACERT=
188 # Profile name that should be used as an identifier for the system in
189 # RHN Satellite (if required).
190 CONFIG_SATELLITE_PROFILE=
192 # Comma-separated list of flags passed to the rhnreg_ks command.
193 # Valid flags are: novirtinfo, norhnsd, nopackages ['novirtinfo',
194 # 'norhnsd', 'nopackages']
195 CONFIG_SATELLITE_FLAGS=
197 # HTTP proxy to use when connecting to the RHN Satellite server (if
199 CONFIG_SATELLITE_PROXY=
201 # User name to authenticate with the Satellite-server HTTP proxy.
202 CONFIG_SATELLITE_PROXY_USER=
204 # User password to authenticate with the Satellite-server HTTP proxy.
205 CONFIG_SATELLITE_PROXY_PW=
207 # Specify filepath for CA cert file. If CONFIG_SSL_CACERT_SELFSIGN is
208 # set to 'n' it has to be preexisting file.
209 CONFIG_SSL_CACERT_FILE=/etc/pki/tls/certs/selfcert.crt
211 # Specify filepath for CA cert key file. If
212 # CONFIG_SSL_CACERT_SELFSIGN is set to 'n' it has to be preexisting
214 CONFIG_SSL_CACERT_KEY_FILE=/etc/pki/tls/private/selfkey.key
216 # Enter the path to use to store generated SSL certificates in.
217 CONFIG_SSL_CERT_DIR=~/packstackca/
219 # Specify 'y' if you want Packstack to pregenerate the CA
221 CONFIG_SSL_CACERT_SELFSIGN=y
223 # Enter the selfsigned CAcert subject country.
224 CONFIG_SELFSIGN_CACERT_SUBJECT_C=--
226 # Enter the selfsigned CAcert subject state.
227 CONFIG_SELFSIGN_CACERT_SUBJECT_ST=State
229 # Enter the selfsigned CAcert subject location.
230 CONFIG_SELFSIGN_CACERT_SUBJECT_L=City
232 # Enter the selfsigned CAcert subject organization.
233 CONFIG_SELFSIGN_CACERT_SUBJECT_O=openstack
235 # Enter the selfsigned CAcert subject organizational unit.
236 CONFIG_SELFSIGN_CACERT_SUBJECT_OU=packstack
238 # Enter the selfsigned CAcert subject common name.
239 CONFIG_SELFSIGN_CACERT_SUBJECT_CN=VARHOSTNAME
241 CONFIG_SELFSIGN_CACERT_SUBJECT_MAIL=admin@VARHOSTNAME
243 # Service to be used as the AMQP broker. Allowed values are: qpid,
244 # rabbitmq ['qpid', 'rabbitmq']
245 CONFIG_AMQP_BACKEND=rabbitmq
247 # IP address of the server on which to install the AMQP service.
248 CONFIG_AMQP_HOST=VARINET4ADDR
250 # Specify 'y' to enable SSL for the AMQP service. ['y', 'n']
251 CONFIG_AMQP_ENABLE_SSL=n
253 # Specify 'y' to enable authentication for the AMQP service. ['y',
255 CONFIG_AMQP_ENABLE_AUTH=n
257 # Password for the NSS certificate database of the AMQP service.
258 CONFIG_AMQP_NSS_CERTDB_PW=PW_PLACEHOLDER
260 # User for AMQP authentication.
261 CONFIG_AMQP_AUTH_USER=amqp_user
263 # Password for AMQP authentication.
264 CONFIG_AMQP_AUTH_PASSWORD=PW_PLACEHOLDER
266 # IP address of the server on which to install MariaDB. If a MariaDB
267 # installation was not specified in CONFIG_MARIADB_INSTALL, specify
268 # the IP address of an existing database server (a MariaDB cluster can
269 # also be specified).
270 CONFIG_MARIADB_HOST=VARINET4ADDR
272 # User name for the MariaDB administrative user.
273 CONFIG_MARIADB_USER=root
275 # Password for the MariaDB administrative user.
276 CONFIG_MARIADB_PW=qum5net
278 # Password to use for the Identity service (keystone) to access the
280 CONFIG_KEYSTONE_DB_PW=qum5net
282 # Enter y if cron job for removing soft deleted DB rows should be
284 CONFIG_KEYSTONE_DB_PURGE_ENABLE=True
286 # Default region name to use when creating tenants in the Identity
288 CONFIG_KEYSTONE_REGION=RegionOne
290 # Token to use for the Identity service API.
291 CONFIG_KEYSTONE_ADMIN_TOKEN=9390caff845749c3ac74453eb4f384e2
293 # Email address for the Identity service 'admin' user. Defaults to
294 CONFIG_KEYSTONE_ADMIN_EMAIL=root@localhost
296 # User name for the Identity service 'admin' user. Defaults to
298 CONFIG_KEYSTONE_ADMIN_USERNAME=admin
300 # Password to use for the Identity service 'admin' user.
301 CONFIG_KEYSTONE_ADMIN_PW=qum5net
303 # Password to use for the Identity service 'demo' user.
304 CONFIG_KEYSTONE_DEMO_PW=qum5net
306 # Identity service API version string. ['v2.0', 'v3']
307 CONFIG_KEYSTONE_API_VERSION=v2.0
309 # Identity service token format (UUID or PKI). The recommended format
310 # for new deployments is UUID. ['UUID', 'PKI']
311 CONFIG_KEYSTONE_TOKEN_FORMAT=UUID
313 # Name of service to use to run the Identity service (keystone or
314 # httpd). ['keystone', 'httpd']
315 CONFIG_KEYSTONE_SERVICE_NAME=httpd
317 # Type of Identity service backend (sql or ldap). ['sql', 'ldap']
318 CONFIG_KEYSTONE_IDENTITY_BACKEND=sql
320 # URL for the Identity service LDAP backend.
321 CONFIG_KEYSTONE_LDAP_URL=ldap://VARINET4ADDR
323 # User DN for the Identity service LDAP backend. Used to bind to the
324 # LDAP server if the LDAP server does not allow anonymous
326 CONFIG_KEYSTONE_LDAP_USER_DN=
328 # User DN password for the Identity service LDAP backend.
329 CONFIG_KEYSTONE_LDAP_USER_PASSWORD=
331 # Base suffix for the Identity service LDAP backend.
332 CONFIG_KEYSTONE_LDAP_SUFFIX=
334 # Query scope for the Identity service LDAP backend. Use 'one' for
335 # onelevel/singleLevel or 'sub' for subtree/wholeSubtree ('base' is
336 # not actually used by the Identity service and is therefore
337 # deprecated). ['base', 'one', 'sub']
338 CONFIG_KEYSTONE_LDAP_QUERY_SCOPE=one
340 # Query page size for the Identity service LDAP backend.
341 CONFIG_KEYSTONE_LDAP_PAGE_SIZE=-1
343 # User subtree for the Identity service LDAP backend.
344 CONFIG_KEYSTONE_LDAP_USER_SUBTREE=
346 # User query filter for the Identity service LDAP backend.
347 CONFIG_KEYSTONE_LDAP_USER_FILTER=
349 # User object class for the Identity service LDAP backend.
350 CONFIG_KEYSTONE_LDAP_USER_OBJECTCLASS=
352 # User ID attribute for the Identity service LDAP backend.
353 CONFIG_KEYSTONE_LDAP_USER_ID_ATTRIBUTE=
355 # User name attribute for the Identity service LDAP backend.
356 CONFIG_KEYSTONE_LDAP_USER_NAME_ATTRIBUTE=
358 # User email address attribute for the Identity service LDAP backend.
359 CONFIG_KEYSTONE_LDAP_USER_MAIL_ATTRIBUTE=
361 # User-enabled attribute for the Identity service LDAP backend.
362 CONFIG_KEYSTONE_LDAP_USER_ENABLED_ATTRIBUTE=
364 # Bit mask integer applied to user-enabled attribute for the Identity
365 # service LDAP backend. Indicate the bit that the enabled value is
366 # stored in if the LDAP server represents "enabled" as a bit on an
367 # integer rather than a boolean. A value of "0" indicates the mask is
368 # not used (default). If this is not set to "0", the typical value is
369 # "2", typically used when
370 # "CONFIG_KEYSTONE_LDAP_USER_ENABLED_ATTRIBUTE = userAccountControl".
371 CONFIG_KEYSTONE_LDAP_USER_ENABLED_MASK=-1
373 # Value of enabled attribute which indicates user is enabled for the
374 # Identity service LDAP backend. This should match an appropriate
375 # integer value if the LDAP server uses non-boolean (bitmask) values
376 # to indicate whether a user is enabled or disabled. If this is not
377 # set as 'y', the typical value is "512". This is typically used when
378 # "CONFIG_KEYSTONE_LDAP_USER_ENABLED_ATTRIBUTE = userAccountControl".
379 CONFIG_KEYSTONE_LDAP_USER_ENABLED_DEFAULT=TRUE
381 # Specify 'y' if users are disabled (not enabled) in the Identity
382 # service LDAP backend (inverts boolean-enalbed values). Some LDAP
383 # servers use a boolean lock attribute where "y" means an account is
384 # disabled. Setting this to 'y' allows these lock attributes to be
385 # used. This setting will have no effect if
386 # "CONFIG_KEYSTONE_LDAP_USER_ENABLED_MASK" is in use. ['n', 'y']
387 CONFIG_KEYSTONE_LDAP_USER_ENABLED_INVERT=n
389 # Comma-separated list of attributes stripped from LDAP user entry
391 CONFIG_KEYSTONE_LDAP_USER_ATTRIBUTE_IGNORE=
393 # Identity service LDAP attribute mapped to default_project_id for
395 CONFIG_KEYSTONE_LDAP_USER_DEFAULT_PROJECT_ID_ATTRIBUTE=
397 # Specify 'y' if you want to be able to create Identity service users
398 # through the Identity service interface; specify 'n' if you will
399 # create directly in the LDAP backend. ['n', 'y']
400 CONFIG_KEYSTONE_LDAP_USER_ALLOW_CREATE=n
402 # Specify 'y' if you want to be able to update Identity service users
403 # through the Identity service interface; specify 'n' if you will
404 # update directly in the LDAP backend. ['n', 'y']
405 CONFIG_KEYSTONE_LDAP_USER_ALLOW_UPDATE=n
407 # Specify 'y' if you want to be able to delete Identity service users
408 # through the Identity service interface; specify 'n' if you will
409 # delete directly in the LDAP backend. ['n', 'y']
410 CONFIG_KEYSTONE_LDAP_USER_ALLOW_DELETE=n
412 # Identity service LDAP attribute mapped to password.
413 CONFIG_KEYSTONE_LDAP_USER_PASS_ATTRIBUTE=
415 # DN of the group entry to hold enabled LDAP users when using enabled
417 CONFIG_KEYSTONE_LDAP_USER_ENABLED_EMULATION_DN=
419 # List of additional LDAP attributes for mapping additional attribute
420 # mappings for users. The attribute-mapping format is
421 # <ldap_attr>:<user_attr>, where ldap_attr is the attribute in the
422 # LDAP entry and user_attr is the Identity API attribute.
423 CONFIG_KEYSTONE_LDAP_USER_ADDITIONAL_ATTRIBUTE_MAPPING=
425 # Group subtree for the Identity service LDAP backend.
426 CONFIG_KEYSTONE_LDAP_GROUP_SUBTREE=
428 # Group query filter for the Identity service LDAP backend.
429 CONFIG_KEYSTONE_LDAP_GROUP_FILTER=
431 # Group object class for the Identity service LDAP backend.
432 CONFIG_KEYSTONE_LDAP_GROUP_OBJECTCLASS=
434 # Group ID attribute for the Identity service LDAP backend.
435 CONFIG_KEYSTONE_LDAP_GROUP_ID_ATTRIBUTE=
437 # Group name attribute for the Identity service LDAP backend.
438 CONFIG_KEYSTONE_LDAP_GROUP_NAME_ATTRIBUTE=
440 # Group member attribute for the Identity service LDAP backend.
441 CONFIG_KEYSTONE_LDAP_GROUP_MEMBER_ATTRIBUTE=
443 # Group description attribute for the Identity service LDAP backend.
444 CONFIG_KEYSTONE_LDAP_GROUP_DESC_ATTRIBUTE=
446 # Comma-separated list of attributes stripped from LDAP group entry
448 CONFIG_KEYSTONE_LDAP_GROUP_ATTRIBUTE_IGNORE=
450 # Specify 'y' if you want to be able to create Identity service
451 # groups through the Identity service interface; specify 'n' if you
452 # will create directly in the LDAP backend. ['n', 'y']
453 CONFIG_KEYSTONE_LDAP_GROUP_ALLOW_CREATE=n
455 # Specify 'y' if you want to be able to update Identity service
456 # groups through the Identity service interface; specify 'n' if you
457 # will update directly in the LDAP backend. ['n', 'y']
458 CONFIG_KEYSTONE_LDAP_GROUP_ALLOW_UPDATE=n
460 # Specify 'y' if you want to be able to delete Identity service
461 # groups through the Identity service interface; specify 'n' if you
462 # will delete directly in the LDAP backend. ['n', 'y']
463 CONFIG_KEYSTONE_LDAP_GROUP_ALLOW_DELETE=n
465 # List of additional LDAP attributes used for mapping additional
466 # attribute mappings for groups. The attribute=mapping format is
467 # <ldap_attr>:<group_attr>, where ldap_attr is the attribute in the
468 # LDAP entry and group_attr is the Identity API attribute.
469 CONFIG_KEYSTONE_LDAP_GROUP_ADDITIONAL_ATTRIBUTE_MAPPING=
471 # Specify 'y' if the Identity service LDAP backend should use TLS.
473 CONFIG_KEYSTONE_LDAP_USE_TLS=n
475 # CA certificate directory for Identity service LDAP backend (if TLS
477 CONFIG_KEYSTONE_LDAP_TLS_CACERTDIR=
479 # CA certificate file for Identity service LDAP backend (if TLS is
481 CONFIG_KEYSTONE_LDAP_TLS_CACERTFILE=
483 # Certificate-checking strictness level for Identity service LDAP
484 # backend; valid options are: never, allow, demand. ['never', 'allow',
486 CONFIG_KEYSTONE_LDAP_TLS_REQ_CERT=demand
488 # Password to use for the Image service (glance) to access the
490 CONFIG_GLANCE_DB_PW=qum5net
492 # Password to use for the Image service to authenticate with the
494 CONFIG_GLANCE_KS_PW=qum5net
496 # Storage backend for the Image service (controls how the Image
497 # service stores disk images). Valid options are: file or swift
498 # (Object Storage). The Object Storage service must be enabled to use
499 # it as a working backend; otherwise, Packstack falls back to 'file'.
501 CONFIG_GLANCE_BACKEND=file
503 # Password to use for the Block Storage service (cinder) to access
505 CONFIG_CINDER_DB_PW=qum5net
507 # Enter y if cron job for removing soft deleted DB rows should be
509 CONFIG_CINDER_DB_PURGE_ENABLE=True
511 # Password to use for the Block Storage service to authenticate with
512 # the Identity service.
513 CONFIG_CINDER_KS_PW=qum5net
515 # Storage backend to use for the Block Storage service; valid options
516 # are: lvm, gluster, nfs, vmdk, netapp. ['lvm', 'gluster', 'nfs',
518 CONFIG_CINDER_BACKEND=lvm
520 # Specify 'y' to create the Block Storage volumes group. That is,
521 # Packstack creates a raw disk image in /var/lib/cinder, and mounts it
522 # using a loopback device. This should only be used for testing on a
523 # proof-of-concept installation of the Block Storage service (a file-
524 # backed volume group is not suitable for production usage). ['y',
526 CONFIG_CINDER_VOLUMES_CREATE=y
528 # Size of Block Storage volumes group. Actual volume size will be
529 # extended with 3% more space for VG metadata. Remember that the size
530 # of the volume group will restrict the amount of disk space that you
531 # can expose to Compute instances, and that the specified amount must
532 # be available on the device used for /var/lib/cinder.
533 CONFIG_CINDER_VOLUMES_SIZE=20G
535 # A single or comma-separated list of Red Hat Storage (gluster)
536 # volume shares to mount. Example: 'ip-address:/vol-name', 'domain
538 CONFIG_CINDER_GLUSTER_MOUNTS=
540 # A single or comma-separated list of NFS exports to mount. Example:
541 # 'ip-address:/export-name'
542 CONFIG_CINDER_NFS_MOUNTS=
544 # Administrative user account name used to access the NetApp storage
545 # system or proxy server.
546 CONFIG_CINDER_NETAPP_LOGIN=
548 # Password for the NetApp administrative user account specified in
549 # the CONFIG_CINDER_NETAPP_LOGIN parameter.
550 CONFIG_CINDER_NETAPP_PASSWORD=
552 # Hostname (or IP address) for the NetApp storage system or proxy
554 CONFIG_CINDER_NETAPP_HOSTNAME=
556 # The TCP port to use for communication with the storage system or
557 # proxy. If not specified, Data ONTAP drivers will use 80 for HTTP and
558 # 443 for HTTPS; E-Series will use 8080 for HTTP and 8443 for HTTPS.
560 CONFIG_CINDER_NETAPP_SERVER_PORT=80
562 # Storage family type used on the NetApp storage system; valid
563 # options are ontap_7mode for using Data ONTAP operating in 7-Mode,
564 # ontap_cluster for using clustered Data ONTAP, or E-Series for NetApp
565 # E-Series. Defaults to ontap_cluster. ['ontap_7mode',
566 # 'ontap_cluster', 'eseries']
567 CONFIG_CINDER_NETAPP_STORAGE_FAMILY=ontap_cluster
569 # The transport protocol used when communicating with the NetApp
570 # storage system or proxy server. Valid values are http or https.
571 # Defaults to 'http'. ['http', 'https']
572 CONFIG_CINDER_NETAPP_TRANSPORT_TYPE=http
574 # Storage protocol to be used on the data path with the NetApp
575 # storage system; valid options are iscsi, fc, nfs. Defaults to nfs.
576 # ['iscsi', 'fc', 'nfs']
577 CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL=nfs
579 # Quantity to be multiplied by the requested volume size to ensure
580 # enough space is available on the virtual storage server (Vserver) to
581 # fulfill the volume creation request. Defaults to 1.0.
582 CONFIG_CINDER_NETAPP_SIZE_MULTIPLIER=1.0
584 # Time period (in minutes) that is allowed to elapse after the image
585 # is last accessed, before it is deleted from the NFS image cache.
586 # When a cache-cleaning cycle begins, images in the cache that have
587 # not been accessed in the last M minutes, where M is the value of
588 # this parameter, are deleted from the cache to create free space on
589 # the NFS share. Defaults to 720.
590 CONFIG_CINDER_NETAPP_EXPIRY_THRES_MINUTES=720
592 # If the percentage of available space for an NFS share has dropped
593 # below the value specified by this parameter, the NFS image cache is
594 # cleaned. Defaults to 20.
595 CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_START=20
597 # When the percentage of available space on an NFS share has reached
598 # the percentage specified by this parameter, the driver stops
599 # clearing files from the NFS image cache that have not been accessed
600 # in the last M minutes, where M is the value of the
601 # CONFIG_CINDER_NETAPP_EXPIRY_THRES_MINUTES parameter. Defaults to 60.
602 CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_STOP=60
604 # Single or comma-separated list of NetApp NFS shares for Block
605 # Storage to use. Format: ip-address:/export-name. Defaults to ''.
606 CONFIG_CINDER_NETAPP_NFS_SHARES=
608 # File with the list of available NFS shares. Defaults to
609 # '/etc/cinder/shares.conf'.
610 CONFIG_CINDER_NETAPP_NFS_SHARES_CONFIG=/etc/cinder/shares.conf
612 # This parameter is only utilized when the storage protocol is
613 # configured to use iSCSI or FC. This parameter is used to restrict
614 # provisioning to the specified controller volumes. Specify the value
615 # of this parameter to be a comma separated list of NetApp controller
616 # volume names to be used for provisioning. Defaults to ''.
617 CONFIG_CINDER_NETAPP_VOLUME_LIST=
619 # The vFiler unit on which provisioning of block storage volumes will
620 # be done. This parameter is only used by the driver when connecting
621 # to an instance with a storage family of Data ONTAP operating in
622 # 7-Mode Only use this parameter when utilizing the MultiStore feature
623 # on the NetApp storage system. Defaults to ''.
624 CONFIG_CINDER_NETAPP_VFILER=
626 # The name of the config.conf stanza for a Data ONTAP (7-mode) HA
627 # partner. This option is only used by the driver when connecting to
628 # an instance with a storage family of Data ONTAP operating in 7-Mode,
629 # and it is required if the storage protocol selected is FC. Defaults
631 CONFIG_CINDER_NETAPP_PARTNER_BACKEND_NAME=
633 # This option specifies the virtual storage server (Vserver) name on
634 # the storage cluster on which provisioning of block storage volumes
635 # should occur. Defaults to ''.
636 CONFIG_CINDER_NETAPP_VSERVER=
638 # Restricts provisioning to the specified controllers. Value must be
639 # a comma-separated list of controller hostnames or IP addresses to be
640 # used for provisioning. This option is only utilized when the storage
641 # family is configured to use E-Series. Defaults to ''.
642 CONFIG_CINDER_NETAPP_CONTROLLER_IPS=
644 # Password for the NetApp E-Series storage array. Defaults to ''.
645 CONFIG_CINDER_NETAPP_SA_PASSWORD=
647 # This option is used to define how the controllers in the E-Series
648 # storage array will work with the particular operating system on the
649 # hosts that are connected to it. Defaults to 'linux_dm_mp'
650 CONFIG_CINDER_NETAPP_ESERIES_HOST_TYPE=linux_dm_mp
652 # Path to the NetApp E-Series proxy application on a proxy server.
653 # The value is combined with the value of the
654 # CONFIG_CINDER_NETAPP_TRANSPORT_TYPE, CONFIG_CINDER_NETAPP_HOSTNAME,
655 # and CONFIG_CINDER_NETAPP_HOSTNAME options to create the URL used by
656 # the driver to connect to the proxy application. Defaults to
658 CONFIG_CINDER_NETAPP_WEBSERVICE_PATH=/devmgr/v2
660 # Restricts provisioning to the specified storage pools. Only dynamic
661 # disk pools are currently supported. The value must be a comma-
662 # separated list of disk pool names to be used for provisioning.
664 CONFIG_CINDER_NETAPP_STORAGE_POOLS=
666 # Password to use for OpenStack Bare Metal Provisioning (ironic) to
667 # access the database.
668 CONFIG_IRONIC_DB_PW=PW_PLACEHOLDER
670 # Password to use for OpenStack Bare Metal Provisioning to
671 # authenticate with the Identity service.
672 CONFIG_IRONIC_KS_PW=PW_PLACEHOLDER
674 # Enter y if cron job for removing soft deleted DB rows should be
676 CONFIG_NOVA_DB_PURGE_ENABLE=True
678 # Password to use for the Compute service (nova) to access the
680 CONFIG_NOVA_DB_PW=qum5net
682 # Password to use for the Compute service to authenticate with the
684 CONFIG_NOVA_KS_PW=qum5net
686 # Overcommitment ratio for virtual to physical CPUs. Specify 1.0 to
687 # disable CPU overcommitment.
688 CONFIG_NOVA_SCHED_CPU_ALLOC_RATIO=16.0
690 # Overcommitment ratio for virtual to physical RAM. Specify 1.0 to
691 # disable RAM overcommitment.
692 CONFIG_NOVA_SCHED_RAM_ALLOC_RATIO=1.5
694 # Protocol used for instance migration. Valid options are: tcp and
695 # ssh. Note that by default, the Compute user is created with the
696 # /sbin/nologin shell so that the SSH protocol will not work. To make
697 # the SSH protocol work, you must configure the Compute user on
698 # compute hosts manually. ['tcp', 'ssh']
699 CONFIG_NOVA_COMPUTE_MIGRATE_PROTOCOL=tcp
701 # Manager that runs the Compute service.
702 CONFIG_NOVA_COMPUTE_MANAGER=nova.compute.manager.ComputeManager
704 # PEM encoded certificate to be used for ssl on the https server,
705 # leave blank if one should be generated, this certificate should not
706 # require a passphrase. If CONFIG_HORIZON_SSL is set to 'n' this
707 # parameter is ignored.
710 # SSL keyfile corresponding to the certificate if one was entered. If
711 # CONFIG_HORIZON_SSL is set to 'n' this parameter is ignored.
714 # Enter the PCI passthrough array of hash in JSON style for
715 # controller eg. [{"vendor_id":"1234", "product_id":"5678",
716 # "name":"default"}, {...}]
717 CONFIG_NOVA_PCI_ALIAS=
719 # Enter the PCI passthrough whitelist array of hash in JSON style for
720 # controller eg. [{"vendor_id":"1234", "product_id":"5678",
721 # "name':"default"}, {...}]
722 CONFIG_NOVA_PCI_PASSTHROUGH_WHITELIST=
724 # Private interface for flat DHCP on the Compute servers.
725 CONFIG_NOVA_COMPUTE_PRIVIF=
727 # Compute Network Manager. ['^nova\.network\.manager\.\w+Manager$']
728 CONFIG_NOVA_NETWORK_MANAGER=nova.network.manager.FlatDHCPManager
730 # Public interface on the Compute network server.
731 CONFIG_NOVA_NETWORK_PUBIF=eth0
733 # Private interface for flat DHCP on the Compute network server.
734 CONFIG_NOVA_NETWORK_PRIVIF=
736 # IP Range for flat DHCP. ['^[\:\.\da-fA-f]+(\/\d+){0,1}$']
737 CONFIG_NOVA_NETWORK_FIXEDRANGE=192.168.32.0/22
739 # IP Range for floating IP addresses. ['^[\:\.\da-
740 # fA-f]+(\/\d+){0,1}$']
741 CONFIG_NOVA_NETWORK_FLOATRANGE=10.3.4.0/22
743 # Specify 'y' to automatically assign a floating IP to new instances.
745 CONFIG_NOVA_NETWORK_AUTOASSIGNFLOATINGIP=n
747 # First VLAN for private networks (Compute networking).
748 CONFIG_NOVA_NETWORK_VLAN_START=100
750 # Number of networks to support (Compute networking).
751 CONFIG_NOVA_NETWORK_NUMBER=1
753 # Number of addresses in each private subnet (Compute networking).
754 CONFIG_NOVA_NETWORK_SIZE=255
756 # Password to use for OpenStack Networking (neutron) to authenticate
757 # with the Identity service.
758 CONFIG_NEUTRON_KS_PW=qum5net
760 # The password to use for OpenStack Networking to access the
762 CONFIG_NEUTRON_DB_PW=qum5net
764 # The name of the Open vSwitch bridge (or empty for linuxbridge) for
765 # the OpenStack Networking L3 agent to use for external traffic.
766 # Specify 'provider' if you intend to use a provider network to handle
768 CONFIG_NEUTRON_L3_EXT_BRIDGE=br-ex
770 # Password for the OpenStack Networking metadata agent.
771 CONFIG_NEUTRON_METADATA_PW=qum5net
773 # Specify 'y' to install OpenStack Networking's Load-Balancing-
774 # as-a-Service (LBaaS). ['y', 'n']
775 CONFIG_LBAAS_INSTALL=n
777 # Specify 'y' to install OpenStack Networking's L3 Metering agent
779 CONFIG_NEUTRON_METERING_AGENT_INSTALL=n
781 # Specify 'y' to configure OpenStack Networking's Firewall-
782 # as-a-Service (FWaaS). ['y', 'n']
783 CONFIG_NEUTRON_FWAAS=n
785 # Specify 'y' to configure OpenStack Networking's VPN-as-a-Service
786 # (VPNaaS). ['y', 'n']
787 CONFIG_NEUTRON_VPNAAS=n
789 # Comma-separated list of network-type driver entry points to be
790 # loaded from the neutron.ml2.type_drivers namespace. ['local',
791 # 'flat', 'vlan', 'gre', 'vxlan']
792 CONFIG_NEUTRON_ML2_TYPE_DRIVERS=vxlan
794 # Comma-separated, ordered list of network types to allocate as
795 # tenant networks. The 'local' value is only useful for single-box
796 # testing and provides no connectivity between hosts. ['local',
797 # 'vlan', 'gre', 'vxlan']
798 CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES=vxlan
800 # Comma-separated ordered list of networking mechanism driver entry
801 # points to be loaded from the neutron.ml2.mechanism_drivers
802 # namespace. ['logger', 'test', 'linuxbridge', 'openvswitch',
803 # 'hyperv', 'ncs', 'arista', 'cisco_nexus', 'mlnx', 'l2population',
805 CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS=openvswitch
807 # Comma-separated list of physical_network names with which flat
808 # networks can be created. Use * to allow flat networks with arbitrary
809 # physical_network names.
810 CONFIG_NEUTRON_ML2_FLAT_NETWORKS=*
812 # Comma-separated list of <physical_network>:<vlan_min>:<vlan_max> or
813 # <physical_network> specifying physical_network names usable for VLAN
814 # provider and tenant networks, as well as ranges of VLAN tags on each
815 # available for allocation to tenant networks.
816 CONFIG_NEUTRON_ML2_VLAN_RANGES=
818 # Comma-separated list of <tun_min>:<tun_max> tuples enumerating
819 # ranges of GRE tunnel IDs that are available for tenant-network
820 # allocation. A tuple must be an array with tun_max +1 - tun_min >
822 CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES=
824 # Comma-separated list of addresses for VXLAN multicast group. If
825 # left empty, disables VXLAN from sending allocate broadcast traffic
826 # (disables multicast VXLAN mode). Should be a Multicast IP (v4 or v6)
828 CONFIG_NEUTRON_ML2_VXLAN_GROUP=
830 # Comma-separated list of <vni_min>:<vni_max> tuples enumerating
831 # ranges of VXLAN VNI IDs that are available for tenant network
832 # allocation. Minimum value is 0 and maximum value is 16777215.
833 CONFIG_NEUTRON_ML2_VNI_RANGES=10:100
835 # Name of the L2 agent to be used with OpenStack Networking.
836 # ['linuxbridge', 'openvswitch']
837 CONFIG_NEUTRON_L2_AGENT=openvswitch
839 # Comma separated list of supported PCI vendor devices defined by
840 # vendor_id:product_id according to the PCI ID Repository.
841 CONFIG_NEUTRON_ML2_SUPPORTED_PCI_VENDOR_DEVS=['15b3:1004', '8086:10ca']
843 # Specify 'y' if the sriov agent is required
844 CONFIG_NEUTRON_ML2_SRIOV_AGENT_REQUIRED=n
846 # Comma-separated list of interface mappings for the OpenStack
847 # Networking ML2 SRIOV agent. Each tuple in the list must be in the
848 # format <physical_network>:<net_interface>. Example:
849 # physnet1:eth1,physnet2:eth2,physnet3:eth3.
850 CONFIG_NEUTRON_ML2_SRIOV_INTERFACE_MAPPINGS=
852 # Comma-separated list of interface mappings for the OpenStack
853 # Networking linuxbridge plugin. Each tuple in the list must be in the
854 # format <physical_network>:<net_interface>. Example:
855 # physnet1:eth1,physnet2:eth2,physnet3:eth3.
856 CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS=
858 # Comma-separated list of bridge mappings for the OpenStack
859 # Networking Open vSwitch plugin. Each tuple in the list must be in
860 # the format <physical_network>:<ovs_bridge>. Example: physnet1:br-
861 # eth1,physnet2:br-eth2,physnet3:br-eth3
862 CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=
864 # Comma-separated list of colon-separated Open vSwitch
865 # <bridge>:<interface> pairs. The interface will be added to the
866 # associated bridge. If you desire the bridge to be persistent a value
867 # must be added to this directive, also
868 # CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS must be set in order to create
869 # the proper port. This can be achieved from the command line by
870 # issuing the following command: packstack --allinone --os-neutron-
871 # ovs-bridge-mappings=ext-net:br-ex --os-neutron-ovs-bridge-interfaces
873 CONFIG_NEUTRON_OVS_BRIDGE_IFACES=
875 # Interface for the Open vSwitch tunnel. Packstack overrides the IP
876 # address used for tunnels on this hypervisor to the IP found on the
877 # specified interface (for example, eth1).
878 CONFIG_NEUTRON_OVS_TUNNEL_IF=
881 CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT=4789
883 # Specify 'y' to set up Horizon communication over https. ['y', 'n']
886 # Secret key to use for Horizon Secret Encryption Key.
887 CONFIG_HORIZON_SECRET_KEY=e2ba54f295f84d0c8d645de8e36fcc33
889 # PEM-encoded certificate to be used for SSL connections on the https
890 # server. To generate a certificate, leave blank.
891 CONFIG_HORIZON_SSL_CERT=
893 # SSL keyfile corresponding to the certificate if one was specified.
894 # The certificate should not require a passphrase.
895 CONFIG_HORIZON_SSL_KEY=
897 CONFIG_HORIZON_SSL_CACERT=
899 # Password to use for the Object Storage service to authenticate with
900 # the Identity service.
901 CONFIG_SWIFT_KS_PW=qum5net
903 # Comma-separated list of devices to use as storage device for Object
904 # Storage. Each entry must take the format /path/to/dev (for example,
905 # specifying /dev/vdb installs /dev/vdb as the Object Storage storage
906 # device; Packstack does not create the filesystem, you must do this
907 # first). If left empty, Packstack creates a loopback device for test
909 CONFIG_SWIFT_STORAGES=
911 # Number of Object Storage storage zones; this number MUST be no
912 # larger than the number of configured storage devices.
913 CONFIG_SWIFT_STORAGE_ZONES=1
915 # Number of Object Storage storage replicas; this number MUST be no
916 # larger than the number of configured storage zones.
917 CONFIG_SWIFT_STORAGE_REPLICAS=1
919 # File system type for storage nodes. ['xfs', 'ext4']
920 CONFIG_SWIFT_STORAGE_FSTYPE=ext4
922 # Custom seed number to use for swift_hash_path_suffix in
923 # /etc/swift/swift.conf. If you do not provide a value, a seed number
924 # is automatically generated.
925 CONFIG_SWIFT_HASH=54760d6b88814b53
927 # Size of the Object Storage loopback file storage device.
928 CONFIG_SWIFT_STORAGE_SIZE=2G
930 # Password used by Orchestration service user to authenticate against
932 CONFIG_HEAT_DB_PW=PW_PLACEHOLDER
934 # Encryption key to use for authentication in the Orchestration
935 # database (16, 24, or 32 chars).
936 CONFIG_HEAT_AUTH_ENC_KEY=2e06ca7c4aa3400c
938 # Password to use for the Orchestration service to authenticate with
939 # the Identity service.
940 CONFIG_HEAT_KS_PW=PW_PLACEHOLDER
942 # Specify 'y' to install the Orchestration CloudWatch API. ['y', 'n']
943 CONFIG_HEAT_CLOUDWATCH_INSTALL=n
945 # Specify 'y' to install the Orchestration CloudFormation API. ['y',
947 CONFIG_HEAT_CFN_INSTALL=n
949 # Name of the Identity domain for Orchestration.
950 CONFIG_HEAT_DOMAIN=heat
952 # Name of the Identity domain administrative user for Orchestration.
953 CONFIG_HEAT_DOMAIN_ADMIN=heat_admin
955 # Password for the Identity domain administrative user for
957 CONFIG_HEAT_DOMAIN_PASSWORD=PW_PLACEHOLDER
959 # Specify 'y' to provision for demo usage and testing. ['y', 'n']
960 CONFIG_PROVISION_DEMO=y
962 # Specify 'y' to configure the OpenStack Integration Test Suite
963 # (tempest) for testing. The test suite requires OpenStack Networking
964 # to be installed. ['y', 'n']
965 CONFIG_PROVISION_TEMPEST=n
967 # CIDR network address for the floating IP subnet.
968 CONFIG_PROVISION_DEMO_FLOATRANGE=172.24.4.224/28
970 # The name to be assigned to the demo image in Glance (default
972 CONFIG_PROVISION_IMAGE_NAME=cirros
974 # A URL or local file location for an image to download and provision
975 # in Glance (defaults to a URL for a recent "cirros" image).
976 CONFIG_PROVISION_IMAGE_URL=http://download.cirros-cloud.net/0.3.3/cirros-0.3.3-x86_64-disk.img
978 # Format for the demo image (default "qcow2").
979 CONFIG_PROVISION_IMAGE_FORMAT=qcow2
981 # User to use when connecting to instances booted from the demo
983 CONFIG_PROVISION_IMAGE_SSH_USER=cirros
985 # Name of the Integration Test Suite provisioning user. If you do not
986 # provide a user name, Tempest is configured in a standalone mode.
987 CONFIG_PROVISION_TEMPEST_USER=
989 # Password to use for the Integration Test Suite provisioning user.
990 CONFIG_PROVISION_TEMPEST_USER_PW=PW_PLACEHOLDER
992 # CIDR network address for the floating IP subnet.
993 CONFIG_PROVISION_TEMPEST_FLOATRANGE=172.24.4.224/28
995 # URI of the Integration Test Suite git repository.
996 CONFIG_PROVISION_TEMPEST_REPO_URI=https://github.com/openstack/tempest.git
998 # Revision (branch) of the Integration Test Suite git repository.
999 CONFIG_PROVISION_TEMPEST_REPO_REVISION=master
1001 # Specify 'y' to configure the Open vSwitch external bridge for an
1002 # all-in-one deployment (the L3 external bridge acts as the gateway
1003 # for virtual machines). ['y', 'n']
1004 CONFIG_PROVISION_OVS_BRIDGE=y
1006 # Password to use for OpenStack Data Processing (sahara) to access
1008 CONFIG_SAHARA_DB_PW=PW_PLACEHOLDER
1010 # Password to use for OpenStack Data Processing to authenticate with
1011 # the Identity service.
1012 CONFIG_SAHARA_KS_PW=PW_PLACEHOLDER
1014 # Secret key for signing Telemetry service (ceilometer) messages.
1015 CONFIG_CEILOMETER_SECRET=d1cd21accf764049
1017 # Password to use for Telemetry to authenticate with the Identity
1019 CONFIG_CEILOMETER_KS_PW=qum5net
1021 # Backend driver for Telemetry's group membership coordination.
1023 CONFIG_CEILOMETER_COORDINATION_BACKEND=redis
1025 # IP address of the server on which to install MongoDB.
1026 CONFIG_MONGODB_HOST=VARINET4ADDR
1028 # IP address of the server on which to install the Redis master
1030 CONFIG_REDIS_MASTER_HOST=VARINET4ADDR
1032 # Port on which the Redis server(s) listens.
1033 CONFIG_REDIS_PORT=6379
1035 # Specify 'y' to have Redis try to use HA. ['y', 'n']
1038 # Hosts on which to install Redis slaves.
1039 CONFIG_REDIS_SLAVE_HOSTS=
1041 # Hosts on which to install Redis sentinel servers.
1042 CONFIG_REDIS_SENTINEL_HOSTS=
1044 # Host to configure as the Redis coordination sentinel.
1045 CONFIG_REDIS_SENTINEL_CONTACT_HOST=
1047 # Port on which Redis sentinel servers listen.
1048 CONFIG_REDIS_SENTINEL_PORT=26379
1050 # Quorum value for Redis sentinel servers.
1051 CONFIG_REDIS_SENTINEL_QUORUM=2
1053 # Name of the master server watched by the Redis sentinel. ['[a-z]+']
1054 CONFIG_REDIS_MASTER_NAME=mymaster
1056 # Password to use for OpenStack Database-as-a-Service (trove) to
1057 # access the database.
1058 CONFIG_TROVE_DB_PW=PW_PLACEHOLDER
1060 # Password to use for OpenStack Database-as-a-Service to authenticate
1061 # with the Identity service.
1062 CONFIG_TROVE_KS_PW=PW_PLACEHOLDER
1064 # User name to use when OpenStack Database-as-a-Service connects to
1065 # the Compute service.
1066 CONFIG_TROVE_NOVA_USER=trove
1068 # Tenant to use when OpenStack Database-as-a-Service connects to the
1070 CONFIG_TROVE_NOVA_TENANT=services
1072 # Password to use when OpenStack Database-as-a-Service connects to
1073 # the Compute service.
1074 CONFIG_TROVE_NOVA_PW=PW_PLACEHOLDER
1076 # Password of the nagiosadmin user on the Nagios server.
1077 CONFIG_NAGIOS_PW=PW_PLACEHOLDER