Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-models / mcp-virtual-lab / d4c407ab730847b8f3ba4301645904fd258922ae / . / classes / cluster / os-ha-ovs / openstack / control.yml
blob: 4ed52726ff70624a36dc323ea73bf71f71712b05 [file] [log] [blame]
Ales Komarekc12dd412017-06-27 16:24:42 +0200[diff] [blame]1classes:
Oleh Hryhorovafb990c2018-01-24 14:31:49 +0200[diff] [blame]2- system.salt.minion.cert.proxy
Ales Komarekc12dd412017-06-27 16:24:42 +0200[diff] [blame]3- system.linux.system.lowmem
4- system.linux.system.repo.glusterfs
5- system.linux.system.repo.mcp.openstack
6- system.linux.system.repo.mcp.extra
7- system.linux.system.repo.saltstack.xenial
Mykyta Karpin358eeca2017-12-15 17:11:39 +0200[diff] [blame]8- system.linux.storage.loopback
Ales Komarekc12dd412017-06-27 16:24:42 +0200[diff] [blame]9- system.memcached.server.single
10- system.rabbitmq.server.cluster
11- system.rabbitmq.server.vhost.openstack
Oleh Hryhorovafb990c2018-01-24 14:31:49 +0200[diff] [blame]12- system.nginx.server.single
13- system.nginx.server.proxy.openstack_api
14- system.nginx.server.proxy.openstack.designate
15- system.nginx.server.proxy.openstack.placement
Ales Komarekc12dd412017-06-27 16:24:42 +0200[diff] [blame]16- system.keystone.server.wsgi
17- system.keystone.server.cluster
18- system.glusterfs.client.cluster
19- system.glusterfs.client.volume.glance
20- system.glusterfs.client.volume.keystone
21- system.glusterfs.server.volume.glance
22- system.glusterfs.server.volume.keystone
23- system.glusterfs.server.cluster
24- system.glance.control.cluster
25- system.nova.control.cluster
26- system.neutron.control.openvswitch.cluster
27- system.cinder.control.cluster
Mykyta Karpin358eeca2017-12-15 17:11:39 +0200[diff] [blame]28- system.cinder.control.backend.lvm
29- system.cinder.volume.single
30- system.cinder.volume.backend.lvm
Ales Komarekc12dd412017-06-27 16:24:42 +0200[diff] [blame]31- system.heat.server.cluster
Adam Tengler7eb78f92017-08-11 17:56:03 +0000[diff] [blame]32- system.designate.server.cluster
33- system.designate.server.backend.bind
Ales Komarekc12dd412017-06-27 16:24:42 +0200[diff] [blame]34- system.galera.server.cluster
Ales Komarekc12dd412017-06-27 16:24:42 +0200[diff] [blame]35- system.galera.server.database.cinder
Jiri Broulik180dba02017-08-23 13:16:15 +0200[diff] [blame]36- system.galera.server.database.designate
Ales Komarekc12dd412017-06-27 16:24:42 +0200[diff] [blame]37- system.galera.server.database.glance
38- system.galera.server.database.heat
39- system.galera.server.database.keystone
40- system.galera.server.database.nova
Petr Michalecf05e3ea2017-08-21 17:33:16 +0200[diff] [blame]41- cluster.os-ha-ovs.openstack.dashboard
42- cluster.os-ha-ovs
Ales Komarekc12dd412017-06-27 16:24:42 +0200[diff] [blame]43parameters:
44 _param:
Oleh Hryhorovafb990c2018-01-24 14:31:49 +0200[diff] [blame]45 salt_minion_ca_authority: salt_master_ca
Ales Komarekc12dd412017-06-27 16:24:42 +0200[diff] [blame]46 keepalived_vip_interface: ens4
Oleh Hryhorovafb990c2018-01-24 14:31:49 +0200[diff] [blame]47 ### nginx ssl sites settings
48 nginx_proxy_ssl:
49 enabled: true
50 engine: salt
51 authority: "${_param:salt_minion_ca_authority}"
52 key_file: "/etc/ssl/private/internal_proxy.key"
53 cert_file: "/etc/ssl/certs/internal_proxy.crt"
54 chain_file: "/etc/ssl/certs/internal_proxy-with-chain.crt"
55 nginx_proxy_openstack_api_address: ${_param:cluster_local_address}
56 nginx_proxy_openstack_keystone_host: 127.0.0.1
57 nginx_proxy_openstack_nova_host: 127.0.0.1
58 nginx_proxy_openstack_cinder_host: 127.0.0.1
59 nginx_proxy_openstack_glance_host: 127.0.0.1
60 nginx_proxy_openstack_neutron_host: 127.0.0.1
61 nginx_proxy_openstack_heat_host: 127.0.0.1
62 nginx_proxy_openstack_designate_host: 127.0.0.1
63 nginx_proxy_openstack_placement_host: 127.0.0.1
64 apache_keystone_api_host: ${_param:single_address}
65 apache_keystone_ssl: ${_param:nginx_proxy_ssl}
66 nginx:
67 server:
68 site:
69 nginx_proxy_openstack_api_keystone:
70 enabled: false
71 nginx_proxy_openstack_api_keystone_private:
72 enabled: false
Ales Komarekc12dd412017-06-27 16:24:42 +0200[diff] [blame]73 linux:
74 system:
75 package:
76 python-msgpack:
77 version: latest
78 network:
79 interface:
80 ens4:
81 enabled: true
82 type: eth
83 proto: static
84 address: ${_param:single_address}
85 netmask: 255.255.255.0
86 keepalived:
87 cluster:
88 instance:
89 VIP:
90 virtual_router_id: 150
91 keystone:
92 server:
93 admin_email: ${_param:admin_email}
94 notification:
95 driver: messagingv2
96 topics: "notifications"
Adam Tengler7eb78f92017-08-11 17:56:03 +0000[diff] [blame]97 designate:
Ivan Udovichenko7da7f1e2017-09-08 17:53:19 +0300[diff] [blame]98 worker:
99 enabled: ${_param:designate_worker_enabled}
Adam Tengler7eb78f92017-08-11 17:56:03 +0000[diff] [blame]100 server:
101 pools:
102 default:
103 description: 'test pool'
104 targets:
105 default:
106 description: 'test target1'
107 default1:
108 type: ${_param:designate_pool_target_type}
109 description: 'test target2'
110 masters: ${_param:designate_pool_target_masters}
111 options:
112 host: ${_param:openstack_control_node02_address}
113 port: 53
114 rndc_host: ${_param:openstack_control_node02_address}
115 rndc_port: 953
116 rndc_key_file: /etc/designate/rndc.key
117 default2:
118 type: ${_param:designate_pool_target_type}
119 description: 'test target3'
120 masters: ${_param:designate_pool_target_masters}
121 options:
122 host: ${_param:openstack_control_node03_address}
123 port: 53
124 rndc_host: ${_param:openstack_control_node03_address}
125 rndc_port: 953
126 rndc_key_file: /etc/designate/rndc.key
Ales Komarekc12dd412017-06-27 16:24:42 +0200[diff] [blame]127 glance:
128 server:
129 storage:
130 engine: file
131 images: []
132 workers: 1
133 notification:
134 driver: messagingv2
135 topics: "notifications"
Oleh Hryhorovafb990c2018-01-24 14:31:49 +0200[diff] [blame]136 bind:
137 address: 127.0.0.1
138 identity:
139 protocol: https
140 registry:
141 protocol: https
Ales Komarekc12dd412017-06-27 16:24:42 +0200[diff] [blame]142 heat:
143 server:
144 notification:
145 driver: messagingv2
146 topics: "notifications"
Oleh Hryhorovafb990c2018-01-24 14:31:49 +0200[diff] [blame]147 bind:
148 api:
149 address: 127.0.0.1
150 api_cfn:
151 address: 127.0.0.1
152 api_cloudwatch:
153 address: 127.0.0.1
154 identity:
155 protocol: https
Ales Komarekc12dd412017-06-27 16:24:42 +0200[diff] [blame]156 neutron:
157 server:
158 notification:
159 driver: messagingv2
160 topics: "notifications"
Oleh Hryhorovafb990c2018-01-24 14:31:49 +0200[diff] [blame]161 bind:
162 address: 127.0.0.1
163 identity:
164 protocol: https
Adam Tengler7eb78f92017-08-11 17:56:03 +0000[diff] [blame]165 bind:
166 server:
167 control:
168 mgmt:
169 enabled: true
170 bind:
171 address: ${_param:single_address}
172 port: 953
173 allow:
174 - ${_param:openstack_control_node01_address}
175 - ${_param:openstack_control_node02_address}
176 - ${_param:openstack_control_node03_address}
177 keys:
178 - designate
Ales Komarekc12dd412017-06-27 16:24:42 +0200[diff] [blame]179 nova:
180 controller:
181 networking: dvr
182 cpu_allocation: 54
183 metadata:
184 password: ${_param:metadata_password}
185 bind:
Oleh Hryhorovafb990c2018-01-24 14:31:49 +0200[diff] [blame]186 private_address: 127.0.0.1
Ales Komarekc12dd412017-06-27 16:24:42 +0200[diff] [blame]187 public_address: ${_param:cluster_vip_address}
188 novncproxy_port: 6080
Oleh Hryhorovafb990c2018-01-24 14:31:49 +0200[diff] [blame]189 identity:
190 protocol: https
191 network:
192 protocol: https
193 glance:
194 protocol: https
Ales Komarekc12dd412017-06-27 16:24:42 +0200[diff] [blame]195 vncproxy_url: http://${_param:cluster_vip_address}:6080
196 workers: 1
197 notification:
198 driver: messagingv2
199 topics: "notifications"
200 cinder:
201 volume:
202 notification:
203 driver: messagingv2
204 topics: "notifications"
205 controller:
206 notification:
207 driver: messagingv2
208 topics: "notifications"
Oleh Hryhorovafb990c2018-01-24 14:31:49 +0200[diff] [blame]209 identity:
210 protocol: https
211 osapi:
212 host: 127.0.0.1
213 glance:
214 protocol: https
215 salt:
216 minion:
217 cert:
218 internal_proxy:
219 host: ${_param:salt_minion_ca_host}
220 authority: ${_param:salt_minion_ca_authority}
221 common_name: internal_proxy
222 signing_policy: cert_open
223 alternative_names: IP:127.0.0.1,IP:${_param:cluster_local_address},IP:${_param:cluster_public_host},DNS:${linux:system:name},DNS:${linux:network:fqdn},DNS:${_param:cluster_local_address},DNS:${_param:cluster_public_host}
224 key_file: "/etc/ssl/private/internal_proxy.key"
225 cert_file: "/etc/ssl/certs/internal_proxy.crt"
226 all_file: "/etc/ssl/certs/internal_proxy-with-chain.crt"
227 haproxy:
228 proxy:
229 listen:
230 keystone_public_api:
231 type: ~
232 designate_api:
233 type: ~
234 keystone_admin_api:
235 type: ~
236 nova_api:
237 type: ~
238 nova_metadata_api:
239 type: ~
240 cinder_api:
241 type: ~
242 glance_api:
243 type: ~
244 glance_registry_api:
245 type: ~
246 heat_cloudwatch_api:
247 type: ~
248 heat_api:
249 type: ~
250 heat_cfn_api:
251 type: ~
252 neutron_api:
253 type: ~
254 nova_placement_api:
Oleh Hryhorov2b4d1562018-03-05 17:38:22 +0200[diff] [blame]255 mode: tcp
256 service_name: nova_placement
257 binds:
258 - address: ${_param:cluster_vip_address}
259 port: 8778
260 servers:
261 - name: ${_param:cluster_node01_hostname}
262 host: ${_param:cluster_node01_address}
263 port: 8778
264 params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
265 - name: ${_param:cluster_node02_hostname}
266 host: ${_param:cluster_node02_address}
267 port: 8778
268 params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3
269 - name: ${_param:cluster_node03_hostname}
270 host: ${_param:cluster_node03_address}
271 port: 8778
272 params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3