diff --git a/etc/kayobe/bifrost.yml b/etc/kayobe/bifrost.yml index 60254d2..61710b5 100644 --- a/etc/kayobe/bifrost.yml +++ b/etc/kayobe/bifrost.yml @@ -14,34 +14,38 @@ ############################################################################### # Diskimage-builder configuration. -# DIB base OS element. +# DIB base OS element. Default is "centos". #kolla_bifrost_dib_os_element: -# DIB image OS release. +# DIB image OS release. Default is "8". #kolla_bifrost_dib_os_release: -# List of default DIB elements. +# List of default DIB elements. Default is ["disable-selinux", +# "enable-serial-console", "vm"]. #kolla_bifrost_dib_elements_default: -# List of additional DIB elements. +# List of additional DIB elements. Default is none. #kolla_bifrost_dib_elements_extra: -# List of DIB elements. +# List of DIB elements. Default is a combination of +# kolla_bifrost_dib_elements_default and kolla_bifrost_dib_elements_extra. #kolla_bifrost_dib_elements: -# DIB init element. +# DIB init element. Default is "cloud-init-datasources". #kolla_bifrost_dib_init_element: -# DIB default environment variables. +# DIB default environment variables. Default is {"DIB_CLOUD_INIT_DATASOURCES": +# "ConfigDrive", "DIB_DISABLE_KERNEL_CLEANUP": 1}. #kolla_bifrost_dib_env_vars_default: -# DIB additional environment variables. +# DIB additional environment variables. Default is none. #kolla_bifrost_dib_env_vars_extra: -# DIB environment variables. +# DIB environment variables. Default is combination of +# kolla_bifrost_dib_env_vars_default and kolla_bifrost_dib_env_vars_extra. #kolla_bifrost_dib_env_vars: -# List of DIB packages to install. +# List of DIB packages to install. Default is to install no extra packages. #kolla_bifrost_dib_packages: ############################################################################### diff --git a/etc/kayobe/compute.yml b/etc/kayobe/compute.yml index d66c4d5..bc51836 100644 --- a/etc/kayobe/compute.yml +++ b/etc/kayobe/compute.yml @@ -54,6 +54,12 @@ # List of software RAID arrays. See mrlesmithjr.mdadm role for format. #compute_mdadm_arrays: +############################################################################### +# Compute node encryption configuration. + +# List of block devices to encrypt. See stackhpc.luks role for format. +#compute_luks_devices: + ############################################################################### # Compute node LVM configuration. @@ -89,16 +95,6 @@ # Filesystem for docker volumes LVM backing volume. ext4 allows for shrinking. #compute_lvm_group_data_lv_docker_volumes_fs: -############################################################################### -# Compute node Ceph configuration. - -# List of Ceph disks. -# The format is a list of dict like : -# - { osd: "/dev/sdb", journal: "/dev/sdc" } -# - { osd: "/dev/sdd" } -# Journal variable is not mandatory. -#compute_ceph_disks: - ############################################################################### # Compute node sysctl configuration. diff --git a/etc/kayobe/controllers.yml b/etc/kayobe/controllers.yml index aa0a6a6..0d9e98d 100644 --- a/etc/kayobe/controllers.yml +++ b/etc/kayobe/controllers.yml @@ -57,6 +57,12 @@ # List of software RAID arrays. See mrlesmithjr.mdadm role for format. #controller_mdadm_arrays: +############################################################################### +# Controller node encryption configuration. + +# List of block devices to encrypt. See stackhpc.luks role for format. +#controller_luks_devices: + ############################################################################### # Controller node LVM configuration. @@ -94,16 +100,6 @@ controller_lvm_groups: [] # Filesystem for docker volumes LVM backing volume. ext4 allows for shrinking. #controller_lvm_group_data_lv_docker_volumes_fs: -############################################################################### -# Controller node Ceph configuration. - -# List of Ceph disks. -# The format is a list of dict like : -# - { osd: "/dev/sdb", journal: "/dev/sdc" } -# - { osd: "/dev/sdd" } -# Journal variable is not mandatory. -#controller_ceph_disks: - ############################################################################### # Controller node sysctl configuration. diff --git a/etc/kayobe/dnf.yml b/etc/kayobe/dnf.yml new file mode 100644 index 0000000..cf52bb2 --- /dev/null +++ b/etc/kayobe/dnf.yml @@ -0,0 +1,67 @@ +--- +# DNF configuration. + +############################################################################### +# DNF repository configuration. + +# For backwards compatibility, all variables in this section default to the +# equivalently named variables starting with 'yum_' instead of 'dnf_'. +# The yum variables will be removed in a future release. + +# Yum configuration. Dict mapping Yum config option names to their values. +# dnf_config: +# proxy: http://proxy.example.com +#dnf_config: + +# Whether or not to use a local Yum mirror. Default value is 'false'. +#dnf_use_local_mirror: + +# Mirror FQDN for Yum repos. Default value is 'mirror.centos.org'. +#dnf_centos_mirror_host: + +# Mirror directory for Yum CentOS repos. Default value is 'centos'. +#dnf_centos_mirror_directory: + +# Mirror FQDN for Yum EPEL repos. Default value is +# 'download.fedoraproject.org'. +#dnf_epel_mirror_host: + +# Mirror directory for Yum EPEL repos. Default value is 'pub/epel'. +#dnf_epel_mirror_directory: + +# A dict of custom repositories. +# You can see params on +# http://docs.ansible.com/ansible/latest/modules/yum_repository_module.html. +# For example: +# dnf_custom_repos: +# reponame: +# baseurl: http://repo +# file: myrepo +# gpgkey: http://gpgkey +# gpgcheck: yes +#dnf_custom_repos: + +# Whether to install the epel-release package. This affects RedHat-based +# systems only. Default value is 'true'. +#dnf_install_epel: + +############################################################################### +# DNF Automatic configuration. + +# For backwards compatibility, all variables in this section default to the +# equivalently named variables starting with 'yum_cron' instead of +# 'dnf_automatic'. # The yum-cron variables will be removed in a future +# release. + +# Whether DNF Automatic is enabled. This can be used to regularly apply +# security updates. Default value is 'false'. +#dnf_automatic_enabled: + +# DNF Automatic upgrade type. Default value is 'security'. Note that the +# equivalent yum-cron variable is named slightly differently - +# 'yum_cron_update_cmd'. +#dnf_automatic_upgrade_type: + +############################################################################### +# Dummy variable to allow Ansible to accept this file. +workaround_ansible_issue_8743: yes diff --git a/etc/kayobe/hooks/.gitkeep b/etc/kayobe/hooks/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/etc/kayobe/inventory/group_vars/compute/network-interfaces b/etc/kayobe/inventory/group_vars/compute/network-interfaces index 1aab473..421f69d 100644 --- a/etc/kayobe/inventory/group_vars/compute/network-interfaces +++ b/etc/kayobe/inventory/group_vars/compute/network-interfaces @@ -22,11 +22,6 @@ # storage_net_bridge_ports: # storage_net_bond_slaves: -# Ceph storage network IP information. -# ceph_storage_net_interface: -# ceph_storage_net_bridge_ports: -# ceph_storage_net_bond_slaves: - ############################################################################### # Dummy variable to allow Ansible to accept this file. workaround_ansible_issue_8743: yes diff --git a/etc/kayobe/inventory/group_vars/storage/network-interfaces b/etc/kayobe/inventory/group_vars/storage/network-interfaces index 22654ef..0b0dd5a 100644 --- a/etc/kayobe/inventory/group_vars/storage/network-interfaces +++ b/etc/kayobe/inventory/group_vars/storage/network-interfaces @@ -22,16 +22,6 @@ # storage_mgmt_net_bridge_ports: # storage_mgmt_net_bond_slaves: -# Ceph storage network IP information. -# ceph_storage_net_interface: -# ceph_storage_net_bridge_ports: -# ceph_storage_net_bond_slaves: - -# Ceph storage management network IP information. -# ceph_storage_mgmt_net_interface: -# ceph_storage_mgmt_net_bridge_ports: -# ceph_storage_mgmt_net_bond_slaves: - # Swift storage network IP information. # swift_storage_net_interface: # swift_storage_net_bridge_ports: diff --git a/etc/kayobe/kolla.yml b/etc/kayobe/kolla.yml index 7541dea..3aa43c3 100644 --- a/etc/kayobe/kolla.yml +++ b/etc/kayobe/kolla.yml @@ -86,6 +86,10 @@ # Default is {{ openstack_release }}. #kolla_openstack_release: +# Docker tag applied to built container images. Default is +# {{ kolla_openstack_release }}. +#kolla_tag: + # Dict mapping names of sources to their definitions for # kolla_install_type=source. See kolla.common.config for details. # Example: @@ -169,9 +173,13 @@ #kolla_ansible_group: # Whether to use privilege escalation for all operations performed via Kolla -# Ansible. Default is 'true'. +# Ansible. Default is 'false'. #kolla_ansible_become: +# Whether to create a user account, configure passwordless sudo and authorise +# an SSH key for Kolla Ansible. Default is 'true'. +#kolla_ansible_create_user: + ############################################################################### # Kolla feature flag configuration. @@ -181,12 +189,6 @@ #kolla_enable_cadf_notifications: #kolla_enable_ceilometer: #kolla_enable_central_logging: -#kolla_enable_ceph: -#kolla_enable_ceph_mds: -#kolla_enable_ceph_nfs: -#kolla_enable_ceph_rgw: -# The chrony container is disabled by default because we enable an NTP daemon -# on the host. Setting this to true will disable NTP on the host. #kolla_enable_chrony: #kolla_enable_cinder: #kolla_enable_cinder_backend_hnas_iscsi: @@ -238,6 +240,7 @@ #kolla_enable_neutron_vpnaas: #kolla_enable_nova_serialconsole_proxy: #kolla_enable_octavia: +#kolla_enable_openstack_core: #kolla_enable_osprofiler: #kolla_enable_panko: #kolla_enable_prometheus: diff --git a/etc/kayobe/monasca.yml b/etc/kayobe/monasca.yml new file mode 100644 index 0000000..235bc37 --- /dev/null +++ b/etc/kayobe/monasca.yml @@ -0,0 +1,18 @@ +--- +############################################################################### +# Monasca configuration. + +# Monasca OpenStack Project name. +# The default is "monasca_control_plane". +#monasca_control_plane_project: + +# Monasca OpenStack Domain name. Default is "default". +#monasca_control_plane_domain: + +# Monasca Grafana Server port. Must match kolla-ansible +# var of the same name. Default is "3001". +#monasca_grafana_server_port: + +############################################################################### +# Dummy variable to allow Ansible to accept this file. +workaround_ansible_issue_8743: yes diff --git a/etc/kayobe/monitoring.yml b/etc/kayobe/monitoring.yml index 30690a2..e28e5cc 100644 --- a/etc/kayobe/monitoring.yml +++ b/etc/kayobe/monitoring.yml @@ -54,6 +54,12 @@ # List of software RAID arrays. See mrlesmithjr.mdadm role for format. #monitoring_mdadm_arrays: +############################################################################### +# Monitoring node encryption configuration. + +# List of block devices to encrypt. See stackhpc.luks role for format. +#monitoring_luks_devices: + ############################################################################### # Monitoring node LVM configuration. diff --git a/etc/kayobe/networks.yml b/etc/kayobe/networks.yml index e422b98..216696e 100644 --- a/etc/kayobe/networks.yml +++ b/etc/kayobe/networks.yml @@ -59,14 +59,6 @@ storage_net_name: aio #storage_mgmt_net_name: storage_mgmt_net_name: aio -# Name of the network used to carry ceph storage data traffic. -#ceph_storage_net_name: -ceph_storage_net_name: aio - -# Name of the network used to carry ceph storage management traffic. -#ceph_storage_mgmt_net_name: -ceph_storage_mgmt_net_name: aio - # Name of the network used to carry swift storage data traffic. #swift_storage_net_name: swift_storage_net_name: aio diff --git a/etc/kayobe/ntp.yml b/etc/kayobe/ntp.yml index 783c3da..4903b43 100644 --- a/etc/kayobe/ntp.yml +++ b/etc/kayobe/ntp.yml @@ -1,41 +1,13 @@ --- # Kayobe NTP configuration. -############################################################################### -# Timezone. - -# Name of the local timezone. -#timezone: - -############################################################################### -# Network Time Protocol (NTP). - -# Whether to enable the NTP daemon on the host. Default is true unless -# 'kolla_enable_chrony' has been set to true on overcloud hosts. -#ntp_service_enabled: - -# List of names of NTP servers. -#ntp_config_server: - -# List of NTP restrictions to add to ntp.conf. -#ntp_config_restrict: - -# List of addresses for NTP daemon to listen on. -#ntp_config_listen: - -# Other NTP configuration options. -#ntp_config_filegen: -#ntp_config_statistics: -#ntp_config_crypto: -#ntp_config_includefile: -#ntp_config_keys: -#ntp_config_trustedkey: -#ntp_config_requestkey: -#ntp_config_controlkey: -#ntp_config_broadcast: -#ntp_config_broadcastclient: -#ntp_config_multicastclient: -#ntp_config_tinker_panic_enabled: +# Timezone configuration has moved to time.yml. +# +# Support for running an NTP daemon on the host is no longer available. +# Instead the Kolla Ansible 'chrony' container is deployed by default. Set +# 'kolla_enable_chrony' to 'false' in kolla.yml to disable it. +# +# This file will be removed in the Victoria release. ############################################################################### # Dummy variable to allow Ansible to accept this file. diff --git a/etc/kayobe/openstack.yml b/etc/kayobe/openstack.yml index b2ad4e9..7a29298 100644 --- a/etc/kayobe/openstack.yml +++ b/etc/kayobe/openstack.yml @@ -2,10 +2,10 @@ ############################################################################### # OpenStack release configuration. -# Name of the current OpenStack release. Default is "train". +# Name of the current OpenStack release. Default is "ussuri". #openstack_release: -# Name of the current OpenStack branch. Default is "stable/train". +# Name of the current OpenStack branch. Default is "stable/ussuri". #openstack_branch: ############################################################################### diff --git a/etc/kayobe/overcloud.yml b/etc/kayobe/overcloud.yml index 0764600..c6d692e 100644 --- a/etc/kayobe/overcloud.yml +++ b/etc/kayobe/overcloud.yml @@ -19,23 +19,14 @@ ############################################################################### # Overcloud host image configuration. -# The CentOS cloud images from 7.2 (1511) onwards have a bogus name server -# entry in /etc/resolv.conf, 10.0.2.3. Cloud-init only appends name server -# entries to this file, and will not remove this bogus entry. Typically this -# leads to a delay of around 30 seconds when connecting via SSH, due to a -# timeout in NSS. The workaround employed here is to remove this bogus entry -# from the image using virt-customize, if it exists. See -# https://bugs.centos.org/view.php?id=14369. +# The CentOS cloud images have a bogus name server entry in /etc/resolv.conf, +# 192.168.122.1. Cloud-init only appends name server entries to this file, and +# will not remove this bogus entry. Typically this leads to a delay of around +# 30 seconds when connecting via SSH, due to a timeout in NSS. The workaround +# employed here is to remove this bogus entry from the image using +# virt-customize, if it exists. See https://bugs.centos.org/view.php?id=14369. #overcloud_host_image_workaround_resolv_enabled: -# Workaround a CentOS 7.5 bug: cloud-init 0.7.9-24 does not correctly set -# an IP address for VLAN subinterfaces configured with the Openstack metadata -# format/Config drive. # See, https://bugs.centos.org/view.php?id=14964. -#overcloud_host_image_workaround_cloud_init_enabled: - -# cloud-init repository for overcloud_host_image_workaround_cloud_init_enabled -#overcloud_host_image_workaround_cloud_init_repo: - ############################################################################### # Dummy variable to allow Ansible to accept this file. workaround_ansible_issue_8743: yes diff --git a/etc/kayobe/pip.yml b/etc/kayobe/pip.yml index e684bd8..563c3ce 100644 --- a/etc/kayobe/pip.yml +++ b/etc/kayobe/pip.yml @@ -23,6 +23,9 @@ # disabled #pip_trusted_hosts: [] +# PyPI proxy URL (format: http(s)://[user:password@]proxy_name:port) +#pip_proxy: "" + ############################################################################### # Dummy variable to allow Ansible to accept this file. workaround_ansible_issue_8743: yes diff --git a/etc/kayobe/seed-hypervisor.yml b/etc/kayobe/seed-hypervisor.yml index 8f928a7..1ef8988 100644 --- a/etc/kayobe/seed-hypervisor.yml +++ b/etc/kayobe/seed-hypervisor.yml @@ -24,6 +24,12 @@ # List of software RAID arrays. See mrlesmithjr.mdadm role for format. #seed_hypervisor_mdadm_arrays: +############################################################################### +# Seed hypervisor node encryption configuration. + +# List of block devices to encrypt. See stackhpc.luks role for format. +#seed_hypervisor_luks_devices: + ############################################################################### # Seed hypervisor node LVM configuration. @@ -67,9 +73,6 @@ # Name of the libvirt storage pool for the seed VM. #seed_hypervisor_libvirt_pool_name: -# Capacity of the libvirt storage pool for the seed VM. -#seed_hypervisor_libvirt_pool_capacity: - # Directory path of the libvirt storage pool for the seed VM. #seed_hypervisor_libvirt_pool_path: diff --git a/etc/kayobe/seed-vm.yml b/etc/kayobe/seed-vm.yml index 897fe49..4e33cb0 100644 --- a/etc/kayobe/seed-vm.yml +++ b/etc/kayobe/seed-vm.yml @@ -23,7 +23,8 @@ # Format of the seed VM root volume. #seed_vm_root_format: -# Base image for the seed VM root volume. +# Base image for the seed VM root volume. Default is +# "https://cloud.centos.org/centos/8/x86_64/images/CentOS-8-GenericCloud-8.1.1911-20200113.3.x86_64.qcow2". #seed_vm_root_image: # Capacity of the seed VM data volume. diff --git a/etc/kayobe/seed.yml b/etc/kayobe/seed.yml index 8e68199..2e9c6da 100644 --- a/etc/kayobe/seed.yml +++ b/etc/kayobe/seed.yml @@ -24,6 +24,12 @@ # List of software RAID arrays. See mrlesmithjr.mdadm role for format. #seed_mdadm_arrays: +############################################################################### +# Seed node encryption configuration. + +# List of block devices to encrypt. See stackhpc.luks role for format. +#seed_luks_devices: + ############################################################################### # LVM configuration. diff --git a/etc/kayobe/storage.yml b/etc/kayobe/storage.yml index 18e522f..6245537 100644 --- a/etc/kayobe/storage.yml +++ b/etc/kayobe/storage.yml @@ -18,11 +18,6 @@ # List of extra networks to which storage nodes are attached. #storage_extra_network_interfaces: -# Whether this host requires access to Ceph networks. -#storage_needs_ceph_network: - -#storage_needs_ceph_mgmt_network: - # Whether this host requires access to Swift networks. #storage_needs_swift_network: @@ -64,6 +59,12 @@ # List of software RAID arrays. See mrlesmithjr.mdadm role for format. #storage_mdadm_arrays: +############################################################################### +# Storage node encryption configuration. + +# List of block devices to encrypt. See stackhpc.luks role for format. +#storage_luks_devices: + ############################################################################### # Storage node LVM configuration. @@ -99,16 +100,6 @@ # Filesystem for docker volumes LVM backing volume. ext4 allows for shrinking. #storage_lvm_group_data_lv_docker_volumes_fs: -############################################################################### -# Storage node Ceph configuration. - -# List of Ceph disks. -# The format is a list of dict like : -# - { osd: "/dev/sdb", journal: "/dev/sdc" } -# - { osd: "/dev/sdd" } -# Journal variable is not mandatory. -#storage_ceph_disks: - ############################################################################### # Storage node sysctl configuration. diff --git a/etc/kayobe/time.yml b/etc/kayobe/time.yml new file mode 100644 index 0000000..c0a86d7 --- /dev/null +++ b/etc/kayobe/time.yml @@ -0,0 +1,12 @@ +--- +# Kayobe time configuration. + +############################################################################### +# Timezone. + +# Name of the local timezone. +#timezone: + +############################################################################### +# Dummy variable to allow Ansible to accept this file. +workaround_ansible_issue_8743: yes diff --git a/etc/kayobe/yum-cron.yml b/etc/kayobe/yum-cron.yml index 7ac502e..a93e8c4 100644 --- a/etc/kayobe/yum-cron.yml +++ b/etc/kayobe/yum-cron.yml @@ -1,4 +1,6 @@ --- +# DEPRECATED: Variables in this file are deprecated and will be removed in a +# future release. Please use dnf.yml instead. # Whether to enable Yum automatic updates. #yum_cron_enabled: false diff --git a/etc/kayobe/yum.yml b/etc/kayobe/yum.yml index 985ab92..31f16ce 100644 --- a/etc/kayobe/yum.yml +++ b/etc/kayobe/yum.yml @@ -1,4 +1,7 @@ --- +# DEPRECATED: Variables in this file are deprecated and will be removed in a +# future release. Please use dnf.yml instead. + # Yum configuration. Dict mapping Yum config option names to their values. # yum_config: # proxy: http://proxy.example.com