--- # The following configuration aims to test some of the 'host configure' # command. # Additional users. controller_users: - username: kayobe-test-user name: Kayobe test user password: kayobe-test-user-password groups: - stack # Additional network interfaces, testing a variety of interface configurations. controller_extra_network_interfaces: - test_net_eth - test_net_eth_vlan - test_net_bridge - test_net_bridge_vlan - test_net_bond - test_net_bond_vlan - test_net_bridge_noip {% if ansible_os_family == "Debian" %} - test_net_systemd_vlan {% endif %} # Custom IP routing tables. network_route_tables: - id: 2 name: kayobe-test-route-table # dummy2: Ethernet interface. test_net_eth_cidr: 192.168.34.0/24 test_net_eth_routes: - cidr: 192.168.40.0/24 gateway: 192.168.34.254 test_net_eth_interface: dummy2 # dummy2.42: VLAN subinterface of dummy2. test_net_eth_vlan_cidr: 192.168.35.0/24 test_net_eth_vlan_interface: "{% raw %}{{ test_net_eth_interface }}.{{ test_net_eth_vlan_vlan }}{% endraw %}" test_net_eth_vlan_vlan: 42 test_net_eth_vlan_routes: - cidr: 192.168.40.0/24 gateway: 192.168.35.254 table: kayobe-test-route-table test_net_eth_vlan_rules: {% if ansible_facts.os_family == 'RedHat' %} - from 192.168.35.0/24 table 2 - to: 192.168.35.0/24 table: kayobe-test-route-table {% else %} - from: 192.168.35.0/24 table: kayobe-test-route-table - to: 192.168.35.0/24 table: kayobe-test-route-table {% endif %} test_net_eth_vlan_zone: test-zone1 # br0: bridge with ports dummy3, dummy4. test_net_bridge_cidr: 192.168.36.0/24 test_net_bridge_interface: br0 test_net_bridge_bridge_ports: [dummy3, dummy4] test_net_bridge_bridge_stp: false test_net_bridge_zone: test-zone2 # br0.43: VLAN subinterface of br0. test_net_bridge_vlan_cidr: 192.168.37.0/24 test_net_bridge_vlan_interface: "{% raw %}{{ test_net_bridge_interface }}.{{ test_net_bridge_vlan_vlan }}{% endraw %}" test_net_bridge_vlan_vlan: 43 test_net_bridge_vlan_zone: test-zone3 # bond0: bond with slaves dummy5, dummy6. test_net_bond_cidr: 192.168.38.0/24 test_net_bond_interface: bond0 test_net_bond_bond_slaves: [dummy5, dummy6] test_net_bond_zone: test-zone3 # bond0.44: VLAN subinterface of bond0. test_net_bond_vlan_cidr: 192.168.39.0/24 test_net_bond_vlan_interface: "{% raw %}{{ test_net_bond_interface }}.{{ test_net_bond_vlan_vlan }}{% endraw %}" test_net_bond_vlan_vlan: 44 test_net_bond_vlan_zone: public # br1: Bridge interface without IP address. test_net_bridge_noip_cidr: 192.168.40.0/24 test_net_bridge_noip_interface: br1 test_net_bridge_noip_bridge_ports: [dummy7] test_net_bridge_noip_bridge_stp: true test_net_bridge_noip_no_ip: true {% if ansible_os_family == "Debian" %} # vlan45: VLAN interface of bond0 using systemd-networkd style test_net_systemd_vlan_cidr: 192.168.41.0/24 test_net_systemd_vlan_interface: "vlan{% raw %}{{ test_net_systemd_vlan_vlan }}{% endraw %}" test_net_systemd_vlan_parent: "{% raw %}{{ test_net_bond_interface }}{% endraw %}" test_net_systemd_vlan_vlan: 45 test_net_systemd_vlan_zone: public {% endif %} # Define a software RAID device consisting of two loopback devices. controller_mdadm_arrays: - name: md0 devices: - /dev/loop0 - /dev/loop1 level: '1' state: present # Layer LUKS encryption on top of the software RAID controller_luks_devices: - name: loopback-crypt device: /dev/md0 # Create an LVM volume group for Docker volumes. controller_lvm_groups: - "{% raw %}{{ controller_lvm_group_data }}{% endraw %}" # Provide a disk for use by LVM. Uses the LUKS encrypted device created above. controller_lvm_group_data_disks: - /dev/mapper/loopback-crypt # Set a sysctl. controller_sysctl_parameters: fs.mount-max: 99999 # Disable cloud-init. disable_cloud_init: true # Set Honolulu time. timezone: Pacific/Honolulu {% if ansible_facts.os_family == "Debian" %} apt_config: - content: | Acquire::Retries 1; filename: 99retries apt_keys: - url: https://packages.treasuredata.com/GPG-KEY-td-agent filename: td-agent.asc apt_repositories: # Ubuntu jammy repositories. - url: "http://{{ zuul_site_mirror_fqdn }}/ubuntu/" suites: jammy jammy-updates components: main restricted universe multiverse - url: "http://{{ zuul_site_mirror_fqdn }}/ubuntu/" suites: jammy-security components: main restricted universe multiverse # Treasuredata repository. - url: http://packages.treasuredata.com/4/ubuntu/jammy/ components: contrib signed_by: td-agent.asc apt_disable_sources_list: true apt_auth: - machine: https://apt.example.com login: foo password: bar filename: test.conf {% endif %} {% if ansible_facts.os_family == 'RedHat' %} # Use a local DNF mirror. dnf_use_local_mirror: true {% if ansible_facts.distribution == 'CentOS' %} # Mirror FQDN for DNF repos. dnf_centos_mirror_host: "{{ zuul_site_mirror_fqdn }}" # Mirror directory for DNF CentOS repos. dnf_centos_mirror_directory: 'centos-stream' {% endif %} # Mirror FQDN for DNF EPEL repos. dnf_epel_mirror_host: "{{ zuul_site_mirror_fqdn }}" # Mirror directory for DNF EPEL repos. dnf_epel_mirror_directory: 'epel' # Configure a custom DNF repository. dnf_custom_repos: td-agent: baseurl: http://packages.treasuredata.com/4/redhat/$releasever/$basearch gpgkey: https://packages.treasuredata.com/GPG-KEY-td-agent gpgcheck: yes # Install EPEL local mirror. dnf_install_epel: true # Enable DNF Automatic. dnf_automatic_enabled: true {% endif %} # Override the default NTP pool chrony_ntp_servers: - server: time.cloudflare.com type: pool options: - option: maxsources val: 2 # Enable firewalld controller_firewalld_enabled: true controller_firewalld_zones: - zone: test-zone1 - zone: test-zone2 - zone: test-zone3 controller_firewalld_default_zone: controller_firewalld_rules: - port: 8080/tcp zone: test-zone1 - service: http zone: test-zone2 - icmp_block: echo-request zone: test-zone3 - service: cockpit state: disabled zone: public # Configure a swap file. controller_swap: - path: /swapfile size_mb: 256 # Generate a password for libvirt SASL authentication. compute_libvirt_sasl_password: "{% raw %}{{ lookup('password', '/tmp/libvirt-sasl-password') }}{% endraw %}"