Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-models / reclass-system / 1387e6e27521adfb943fa55bb85a0f8e498d5ee7 / . / defaults / openstack / init.yml
blob: b1f814c0a8a0f4e9e3b2c880db646f3bc34a58f2 [file] [log] [blame]
azvyagintsevf94ab8c2018-10-12 20:48:59 +0300[diff] [blame]1parameters:
2 _param:
Vasyl Saienko1cc05de2018-11-19 16:49:27 +0200[diff] [blame]3 # Enable barbican integration in other services nova,glance,cinder
4 barbican_integration_enabled: False
azvyagintsev3f736c42018-11-01 20:04:29 +0200[diff] [blame]5 # General
6 cluster_public_protocol: https
7 cluster_internal_protocol: http
Vasyl Saienko71e8c542018-11-16 16:19:17 +0200[diff] [blame]8 openstack_service_hostname: os-ctl-vip
9 openstack_service_host: ${_param:openstack_service_hostname}.${linux:system:domain}
azvyagintsevf94ab8c2018-10-12 20:48:59 +0300[diff] [blame]10 # SSL
11 ceilometer_agent_ssl_enabled: False
12 openstack_mysql_x509_enabled: False
13 # for non-ssl use 5672 / for ssl 5671
14 openstack_rabbitmq_port: 5672
15 openstack_rabbitmq_x509_enabled: False
azvyagintsev3f736c42018-11-01 20:04:29 +0200[diff] [blame]16 # Openstack memcache
Oleh Hryhorov26e8d6f2018-11-21 16:18:57 +0200[diff] [blame]17 openstack_memcached_server_bind_address: 0.0.0.0
Oleksandr Bryndzii87f24232018-10-02 09:51:13 +0000[diff] [blame]18 openstack_memcache_security_enabled: False
19 openstack_memcache_security_strategy: 'ENCRYPT'
azvyagintsev3f736c42018-11-01 20:04:29 +0200[diff] [blame]20 openstack_memcached_proto_tcp_enabled: True
21 openstack_memcached_proto_udp_enabled: False
Mykyta Karpin882dcac2018-11-30 16:37:28 +0200[diff] [blame]22 openstack_old_version: ocata
23 openstack_version: ocata
24 openstack_upgrade_enabled: False
Oleksandr Bryndzii256f63e2018-10-02 11:36:05 +0000[diff] [blame]25 # Cinder
26 cinder_memcache_security_enabled: ${_param:openstack_memcache_security_enabled}
27 cinder_memcache_secret_key: ''
Mykyta Karpin882dcac2018-11-30 16:37:28 +0200[diff] [blame]28 cinder_old_version: ${_param:openstack_old_version}
29 cinder_version: ${_param:openstack_version}
30 cinder_upgrade_enabled: ${_param:openstack_upgrade_enabled}
Oleksandr Bryndzii48cf31f2018-10-24 16:08:46 +0300[diff] [blame]31 # Nova
32 nova_memcache_security_enabled: ${_param:openstack_memcache_security_enabled}
33 nova_memcache_secret_key: ''
Mykyta Karpin882dcac2018-11-30 16:37:28 +0200[diff] [blame]34 nova_old_version: ${_param:openstack_old_version}
35 nova_version: ${_param:openstack_version}
36 nova_upgrade_enabled: ${_param:openstack_upgrade_enabled}
Oleksandr Bryndzii61d8db82018-10-24 16:03:12 +0300[diff] [blame]37 # Glance
38 glance_memcache_security_enabled: ${_param:openstack_memcache_security_enabled}
39 glance_memcache_secret_key: ''
Mykyta Karpin882dcac2018-11-30 16:37:28 +0200[diff] [blame]40 glance_old_version: ${_param:openstack_old_version}
41 glance_version: ${_param:openstack_version}
42 glance_upgrade_enabled: ${_param:openstack_upgrade_enabled}
Vasyl Saienkoebe90622018-11-12 11:03:18 +0200[diff] [blame]43 # Allow CORS from horizon, needed for direct upload
44 glance_cors_allowed_origin: '${_param:horizon_public_protocol}://${_param:horizon_public_host}'
Oleksandr Bryndziib7c92172018-10-24 12:02:20 +0300[diff] [blame]45 # Heat
46 heat_memcache_security_enabled: ${_param:openstack_memcache_security_enabled}
47 heat_memcache_secret_key: ''
Mykyta Karpin882dcac2018-11-30 16:37:28 +0200[diff] [blame]48 heat_old_version: ${_param:openstack_old_version}
49 heat_version: ${_param:openstack_version}
50 heat_upgrade_enabled: ${_param:openstack_upgrade_enabled}
Oleksandr Bryndziic72982c2018-10-24 11:50:20 +0300[diff] [blame]51 # Aodh
52 aodh_memcache_security_enabled: ${_param:openstack_memcache_security_enabled}
53 aodh_memcache_secret_key: ''
Mykyta Karpin882dcac2018-11-30 16:37:28 +0200[diff] [blame]54 aodh_old_version: ${_param:openstack_old_version}
55 aodh_version: ${_param:openstack_version}
56 aodh_upgrade_enabled: ${_param:openstack_upgrade_enabled}
57 # Ceilometer
58 ceilometer_old_version: ${_param:openstack_old_version}
59 ceilometer_version: ${_param:openstack_version}
60 ceilometer_upgrade_enabled: ${_param:openstack_upgrade_enabled}
Oleksandr Bryndzii0b5809e2018-11-01 18:23:35 +0200[diff] [blame]61 # Gnocchi
62 gnocchi_memcache_security_enabled: ${_param:openstack_memcache_security_enabled}
63 gnocchi_memcache_secret_key: ''
Mykyta Karpin882dcac2018-11-30 16:37:28 +0200[diff] [blame]64 gnocchi_old_version: 4.0
65 gnocchi_version: 4.0
66 gnocchi_upgrade_enabled: ${_param:openstack_upgrade_enabled}
Oleksandr Bryndzii0bf966d2018-11-01 18:36:54 +0200[diff] [blame]67 # Panko
68 panko_memcache_security_enabled: ${_param:openstack_memcache_security_enabled}
69 panko_memcache_secret_key: ''
Mykyta Karpin882dcac2018-11-30 16:37:28 +0200[diff] [blame]70 panko_old_version: ${_param:openstack_old_version}
71 panko_version: ${_param:openstack_version}
72 panko_upgrade_enabled: ${_param:openstack_upgrade_enabled}
Oleksandr Bryndzii43fed5f2018-11-01 19:26:19 +0200[diff] [blame]73 # Barbican
74 barbican_memcache_security_enabled: ${_param:openstack_memcache_security_enabled}
75 barbican_memcache_secret_key: ''
Mykyta Karpin882dcac2018-11-30 16:37:28 +0200[diff] [blame]76 barbican_old_version: ${_param:openstack_old_version}
77 barbican_version: ${_param:openstack_version}
78 barbican_upgrade_enabled: ${_param:openstack_upgrade_enabled}
79 # Designate
80 designate_old_version: ${_param:openstack_old_version}
81 designate_version: ${_param:openstack_version}
82 designate_upgrade_enabled: ${_param:openstack_upgrade_enabled}
Oleksandr Bryndzii242b2d12018-11-07 13:49:15 +0200[diff] [blame]83 # Ironic
84 ironic_memcache_security_enabled: ${_param:openstack_memcache_security_enabled}
85 ironic_memcache_secret_key: ''
Mykyta Karpin882dcac2018-11-30 16:37:28 +0200[diff] [blame]86 # Keystone
87 keystone_old_version: ${_param:openstack_old_version}
88 keystone_version: ${_param:openstack_version}
89 keystone_upgrade_enabled: ${_param:openstack_upgrade_enabled}
90 # Manila
91 manila_old_version: ${_param:openstack_old_version}
92 manila_version: ${_param:openstack_version}
93 manila_upgrade_enabled: ${_param:openstack_upgrade_enabled}
94 # Neutron
95 neutron_old_version: ${_param:openstack_old_version}
96 neutron_version: ${_param:openstack_version}
97 neutron_upgrade_enabled: ${_param:openstack_upgrade_enabled}
Oleksandr Bryndzii1d423492018-11-06 10:35:02 +0200[diff] [blame]98 # Apache mods defaults
99 apache_mods_status_enabled: True
100 apache_mods_status_status: 'disabled'
Oleh Hryhorov1b5be042018-11-29 19:04:34 +0200[diff] [blame]101 apache_horizon_listen_address: '0.0.0.0'
Vasyl Saienko0e5c1052018-11-06 17:35:51 +0200[diff] [blame]102 # Horizon
103 # 'direct' mode will require cors on glance side to be enabled.
Vasyl Saienkoebe90622018-11-12 11:03:18 +0200[diff] [blame]104 horizon_images_upload_mode: 'direct'
105 # TODO (vsaineko): switch to openstack_cluster_public_host
106 horizon_public_host: ${_param:cluster_public_host}
107 horizon_public_port: 443
108 horizon_public_protocol: https
Oleh Hryhorov2368cdb2018-12-04 14:43:44 +0200[diff] [blame]109 horizon_server_bind_address: ${_param:single_address}
Mykyta Karpin882dcac2018-11-30 16:37:28 +0200[diff] [blame]110 horizon_old_version: ${_param:openstack_old_version}
111 horizon_version: ${_param:openstack_version}
112 horizon_upgrade_enabled: ${_param:openstack_upgrade_enabled}
Oleh Hryhorov81c4c212018-11-23 17:23:15 +0200[diff] [blame]113 # HAproxy
114 haproxy_openstack_web_bind_port: ${_param:horizon_public_port}
115 #
116 # haproxy_openstack_web_sticks_params is defined for SSL by default
117 # if cluster_protocolr HTTP is going to be used then haproxy_openstack_web_sticks_params
118 # should be redefined peroperly. For example empty list.
119 #
120 haproxy_openstack_web_sticks_params:
121 - stick-table type binary len 32 size 30k expire 30m
122 - acl clienthello req_ssl_hello_type 1
123 - acl serverhello rep_ssl_hello_type 2
124 - tcp-request inspect-delay 5s
125 - tcp-request content accept if clienthello
126 - tcp-response content accept if serverhello
127 - stick on payload_lv(43,1) if clienthello
128 - stick store-response payload_lv(43,1) if serverhello