kayobe/doc/source/configuration/reference/kolla-ansible.rst
Mark Goddard ad64ebc921 Add support for customising Neutron physical network names
Previously Kolla Ansible hard-coded Neutron physical networks starting
at physnet1 up to physnetN, matching the number of interfaces in
neutron_external_interface and bridges in neutron_bridge_name.

Sometimes we may want to customise the physical network names used.
This may be to allow for not all hosts having access to all physical
networks, or to use more descriptive names.

For example, in an environment with a separate physical network for
Ironic provisioning, controllers might have access to two physical
networks, while compute nodes have access to one.

This change extends the 'physical_network' network attribute to make it
possible to customise the Neutron physical network names used for the
OVS, OVN, Linux bridge and OVS DPDK plugins. The default behaviour is
unchanged.

Depends-On: https://review.opendev.org/c/openstack/kolla-ansible/+/922320
Change-Id: I214444c60653f484fcda6275cc725879d14f9e7a
2024-09-06 10:00:50 +00:00

776 lines
31 KiB
ReStructuredText

.. _configuration-kolla-ansible:
===========================
Kolla Ansible Configuration
===========================
Kayobe relies heavily on Kolla Ansible for deployment of the OpenStack control
plane. Kolla Ansible is installed locally on the Ansible control host (the host
from which Kayobe commands are executed), and Kolla Ansible commands are
executed from there.
Kolla Ansible configuration is stored in ``${KAYOBE_CONFIG_PATH}/kolla.yml``.
.. _configuration-kolla-ansible-ansible:
Configuration of Ansible
========================
Ansible configuration is described in detail in the `Ansible documentation
<https://docs.ansible.com/ansible/latest/reference_appendices/config.html>`__.
In addition to the standard locations, Kayobe supports using an Ansible
configuration file located in the Kayobe configuration at
``${KAYOBE_CONFIG_PATH}/kolla/ansible.cfg`` or
``${KAYOBE_CONFIG_PATH}/ansible.cfg``. Note that if the ``ANSIBLE_CONFIG``
environment variable is specified it takes precedence over this file.
Kolla Ansible Installation
==========================
Prior to deploying containers, Kolla Ansible and its dependencies will be
installed on the Ansible control host. The following variables affect the
installation of Kolla Ansible:
``kolla_ansible_ctl_install_type``
Type of Kolla Ansible control installation. One of ``binary`` (PyPI) or
``source`` (git). Default is ``source``.
``kolla_ansible_source_url``
URL of Kolla Ansible source code repository if type is ``source``. Default
is https://opendev.org/openstack/kolla-ansible.
``kolla_ansible_source_version``
Version (branch, tag, etc.) of Kolla Ansible source code repository if type
is ``source``. Default is the same as the Kayobe upstream branch.
``kolla_ansible_venv_extra_requirements``
Extra requirements to install inside the Kolla Ansible virtualenv. Default
is an empty list.
``kolla_upper_constraints_file``
Upper constraints file for installation of Kolla. Default is
``{{ pip_upper_constraints_file }}``, which has a default of
``https://releases.openstack.org/constraints/upper/{{ openstack_branch }}``.
Example: custom git repository
------------------------------
To install Kolla Ansible from a custom git repository:
.. code-block:: yaml
:caption: ``$KAYOBE_CONFIG_PATH/kolla.yml``
kolla_ansible_source_url: https://git.example.com/kolla-ansible
kolla_ansible_source_version: downstream
Virtual Environment Extra Requirements
--------------------------------------
Extra Python packages can be installed inside the Kolla Ansible virtualenv,
such as when required by Ansible plugins.
For example, to use the `hashi_vault Ansible lookup plugin
<https://docs.ansible.com/ansible/devel/plugins/lookup/hashi_vault.html>`_, its
``hvac`` dependency can be installed using:
.. code-block:: yaml
:caption: ``$KAYOBE_CONFIG_PATH/kolla.yml``
---
# Extra requirements to install inside the Kolla Ansible virtualenv.
kolla_ansible_venv_extra_requirements:
- "hvac"
Local environment
=================
The following variables affect the local environment on the Ansible control
host. They reference environment variables, and should be configured using
those rather than modifying the Ansible variable directly. The file
``kayobe-env`` in the `kayobe-config git repository
<https://opendev.org/openstack/kayobe-config>`__ sets some sensible defaults
for these variables, based on the recommended environment directory structure.
``kolla_ansible_source_path``
Path to directory for Kolla Ansible source code checkout. Default is
``$KOLLA_SOURCE_PATH``, or ``$PWD/src/kolla-ansible``.
``kolla_ansible_venv``
Path to virtualenv in which to install Kolla Ansible on the Ansible control
host. Default is ``$KOLLA_VENV_PATH`` or ``$PWD/venvs/kolla-ansible``.
``kolla_config_path``
Path to Kolla Ansible configuration directory. Default is
``$KOLLA_CONFIG_PATH`` or ``/etc/kolla``.
.. _configuration-kolla-ansible-global:
Global Configuration
====================
The following variables are global, affecting all containers. They are used to
generate the Kolla Ansible configuration file, ``globals.yml``, and also affect
:ref:`Kolla image build configuration <configuration-kolla-global>`.
Kolla Images
------------
The following variables affect which Kolla images are used, and how they are
accessed.
``kolla_base_distro``
Kolla base container image distribution. Default is
``{{ os_distribution }}``.
``kolla_base_distro_version``
Kolla base container image distribution version. Default is dependent on
``kolla_base_distro``.
``kolla_docker_registry``
URL of docker registry to use for Kolla images. Default is not set, in
which case Quay.io will be used.
``kolla_docker_namespace``
Docker namespace to use for Kolla images. Default is ``kolla``.
``kolla_docker_registry_username``
Username to use to access a docker registry. Default is not set, in which
case the registry will be used without authentication.
``kolla_docker_registry_password``
Password to use to access a docker registry. Default is not set, in which
case the registry will be used without authentication.
``kolla_openstack_release``
Kolla OpenStack release version. This should be a Docker image tag. Default
is ``{{ openstack_release }}``, which takes the OpenStack release name
(e.g. ``rocky``) on stable branches and tagged releases, or ``master`` on
the Kayobe ``master`` branch.
For example, to deploy Kolla ``rocky`` images with a namespace of
``example``, and a private Docker registry at ``registry.example.com:4000``,
and the ``zed`` release.
.. code-block:: yaml
:caption: ``$KAYOBE_CONFIG_PATH/kolla.yml``
kolla_base_distro: rocky
kolla_docker_namespace: example
kolla_docker_registry: registry.example.com:4000
kolla_openstack_release: zed
The deployed ``ironic-api`` image would be referenced as follows:
.. code-block:: console
registry.example.com:4000/example/ironic-api:zed-rocky-9
Ansible
-------
The following variables affect how Ansible accesses the remote hosts.
``kolla_ansible_user``
User account to use for Kolla SSH access. Default is ``kolla``.
``kolla_ansible_group``
Primary group of Kolla SSH user. Default is ``kolla``.
``kolla_ansible_become``
Whether to use privilege escalation for all operations performed via Kolla
Ansible. Default is ``false`` since the 8.0.0 Ussuri release.
``kolla_ansible_target_venv``
Path to a virtual environment on remote hosts to use for Ansible module
execution. Default is ``{{ virtualenv_path }}/kolla-ansible``. May be set
to ``None`` to use the system Python interpreter.
.. _configuration-kolla-ansible-venv:
Context: Remote Execution Environment
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
By default, Ansible executes modules remotely using the system python
interpreter, even if the Ansible control process is executed from within a
virtual environment (unless the ``local`` connection plugin is used).
This is not ideal if there are python dependencies that must be installed
with isolation from the system python packages. Ansible can be configured to
use a virtualenv by setting the host variable ``ansible_python_interpreter``
to a path to a python interpreter in an existing virtual environment.
The variable ``kolla_ansible_target_venv`` configures the use of a virtual
environment on the remote hosts. The default configuration should work in most
cases.
.. _configuration-kolla-ansible-user-creation:
User account creation
---------------------
Since the Ussuri release, Kayobe creates a user account for Kolla Ansible
rather than this being done during Kolla Ansible's ``bootstrap-servers``
command. This workflow is more compatible with `Ansible fact caching
<https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html#caching-facts>`__,
but does mean that Kolla Ansible's ``create_kolla_user`` variable cannot be
used to disable creation of the user account. Instead, set
``kolla_ansible_create_user`` to ``false``.
``kolla_ansible_create_user``
Whether to create a user account, configure passwordless sudo and authorise
an SSH key for Kolla Ansible. Default is ``true``.
OpenStack Logging
-----------------
The following variable affects OpenStack debug logging.
``kolla_openstack_logging_debug``
Whether debug logging is enabled for OpenStack services. Default is
``false``.
Example: enabling debug logging
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
In certain situations it may be necessary to enable debug logging for all
OpenStack services. This is not usually advisable in production.
.. code-block:: yaml
:caption: ``$KAYOBE_CONFIG_PATH/kolla.yml``
---
kolla_openstack_logging_debug: true
.. _configuration-kolla-ansible-api-addresses:
API Addresses
-------------
.. note::
These variables should be used over the deprecated ``vip_address`` and
``fqdn`` :ref:`network attributes <configuration-network-global>`.
The following variables affect the addresses used for the external and internal
API.
``kolla_internal_vip_address``
Virtual IP address of OpenStack internal API. Default is the
``vip_address`` attribute of the internal network.
``kolla_internal_fqdn``
Fully Qualified Domain Name (FQDN) of OpenStack internal API. Default is
the ``fqdn`` attribute of the internal network if set, otherwise
``kolla_internal_vip_address``.
``kolla_external_vip_address``
Virtual IP address of OpenStack external API. Default is the
``vip_address`` attribute of the external network.
``kolla_external_fqdn``
Fully Qualified Domain Name (FQDN) of OpenStack external API. Default is
the ``fqdn`` attribute of the external network if set, otherwise
``kolla_external_vip_address``.
TLS Encryption of APIs
----------------------
The following variables affect TLS encryption of the public API.
``kolla_enable_tls_external``
Whether TLS is enabled for the public API endpoints. Default is ``no``.
``kolla_external_tls_cert``
A TLS certificate bundle to use for the public API endpoints, if
``kolla_enable_tls_external`` is ``true``. Note that this should be
formatted as a literal style block scalar.
The following variables affect TLS encryption of the internal API. Currently
this requires all Kolla images to be built with the API's root CA trusted.
``kolla_enable_tls_internal``
Whether TLS is enabled for the internal API endpoints. Default is ``no``.
``kolla_internal_tls_cert``
A TLS certificate bundle to use for the internal API endpoints, if
``kolla_enable_tls_internal`` is ``true``. Note that this should be
formatted as a literal style block scalar.
The following variables affect the generated ``admin-openrc.sh`` and
``public-openrc.sh`` environment files.
``kolla_public_openrc_cacert``
Path to a CA certificate file to use for the ``OS_CACERT`` environment
variable in the ``public-openrc.sh`` file when TLS is enabled, instead of
``kolla_admin_openrc_cacert``.
``kolla_admin_openrc_cacert``
Path to a CA certificate file to use for the ``OS_CACERT`` environment
variable in the ``admin-openrc.sh`` and ``public-openrc.sh`` files when TLS
is enabled, instead of Kolla Ansible's default.
Example: enabling TLS for the public API
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
It is highly recommended to use TLS encryption to secure the public API.
Here is an example:
.. code-block:: yaml
:caption: ``$KAYOBE_CONFIG_PATH/kolla.yml``
---
kolla_enable_tls_external: yes
kolla_external_tls_cert: |
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
kolla_admin_openrc_cacert: /path/to/ca/certificate/bundle
Example: enabling TLS for the internal API
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
It is highly recommended to use TLS encryption to secure the internal API.
Here is an example:
.. code-block:: yaml
:caption: ``$KAYOBE_CONFIG_PATH/kolla.yml``
---
kolla_enable_tls_internal: yes
kolla_internal_tls_cert: |
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
kolla_admin_openrc_cacert: /path/to/ca/certificate/bundle
Other certificates
------------------
In general, Kolla Ansible expects certificates to be in a directory configured
via ``kolla_certificates_dir``, which defaults to a directory named
``certificates`` in the same directory as ``globals.yml``. Kayobe follows this
pattern, and will pass files and directories added to
``${KAYOBE_CONFIG_PATH}/kolla/certificates/`` through to Kolla Ansible. This
can be useful when enabling backend API TLS encryption, or providing custom CA
certificates to be added to the trust store in containers. It is also possible
to use this path to provide certificate bundles for the external or internal
APIs, as an alternative to ``kolla_external_tls_cert`` and
``kolla_internal_tls_cert``.
Note that Ansible will automatically decrypt these files if they are encrypted
via Ansible Vault and it has access to a Vault password.
Example: adding a trusted custom CA certificate to containers
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
In an environment with a private CA, it may be necessary to add the root CA
certificate to the trust store of containers.
.. code-block:: console
:caption: ``$KAYOBE_CONFIG_PATH``
kolla/
certificates/
ca/
private-ca.crt
These files should be PEM-formatted, and have a ``.crt`` extension.
Example: adding certificates for backend TLS
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Kolla Ansible backend TLS can be used to provide end-to-end encryption of API
traffic.
.. code-block:: console
:caption: ``$KAYOBE_CONFIG_PATH``
kolla/
certificates/
backend-cert.pem
backend-key.pem
See the :kolla-ansible-doc:`Kolla Ansible documentation
<admin/advanced-configuration.html#tls-configuration>` for how to provide
service and/or host-specific certificates and keys.
Custom Global Variables
-----------------------
Kolla Ansible uses a single file for global variables, ``globals.yml``. Kayobe
provides configuration variables for all required variables and many of the
most commonly used the variables in this file. Some of these are in
``$KAYOBE_CONFIG_PATH/kolla.yml``, and others are determined from other sources
such as the networking configuration in ``$KAYOBE_CONFIG_PATH/networks.yml``.
Additional global configuration may be provided by creating
``$KAYOBE_CONFIG_PATH/kolla/globals.yml``. Variables in this file will be
templated using Jinja2, and merged with the Kayobe ``globals.yml``
configuration.
Example: use a specific tag for each image
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
For more fine-grained control over images, Kolla Ansible allows a tag to be
defined for each image. For example, for ``nova-api``:
.. code-block:: yaml
:caption: ``$KAYOBE_CONFIG_PATH/kolla/globals.yml``
---
# Use a custom tag for the nova-api container image.
nova_api_tag: v1.2.3
Example: debug logging per-service
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Enabling debug logging globally can lead to a lot of additional logs being
generated. Often we are only interested in a particular service. For example,
to enable debug logging for Nova services:
.. code-block:: yaml
:caption: ``$KAYOBE_CONFIG_PATH/kolla/globals.yml``
---
nova_logging_debug: true
Host variables
--------------
Kayobe generates a host_vars file for each host in the Kolla Ansible
inventory. These contain network interfaces and other host-specific
things. Some Kayobe Ansible variables are passed through to Kolla Ansible, as
defined by the following variables. The default set of variables should
typically be kept. Additional variables may be passed through via the
``*_extra`` variables, as described below. If a passed through variable is not
defined for a host, it is ignored.
``kolla_seed_inventory_pass_through_host_vars``
List of names of host variables to pass through from kayobe hosts to the
Kolla Ansible seed host, if set. See also
``kolla_seed_inventory_pass_through_host_vars_map``. The default is:
.. code-block:: yaml
kolla_seed_inventory_pass_through_host_vars:
- "ansible_host"
- "ansible_port"
- "ansible_ssh_private_key_file"
- "kolla_api_interface"
- "kolla_bifrost_network_interface"
It is possible to extend this list via
``kolla_seed_inventory_pass_through_host_vars_extra``.
``kolla_seed_inventory_pass_through_host_vars_map``
Dict mapping names of variables in
``kolla_seed_inventory_pass_through_host_vars`` to the variable to use in
Kolla Ansible. If a variable name is not in this mapping the kayobe name is
used. The default is:
.. code-block:: yaml
kolla_seed_inventory_pass_through_host_vars_map:
kolla_api_interface: "api_interface"
kolla_bifrost_network_interface: "bifrost_network_interface"
It is possible to extend this dict via
``kolla_seed_inventory_pass_through_host_vars_map_extra``.
``kolla_overcloud_inventory_pass_through_host_vars``
List of names of host variables to pass through from Kayobe hosts to
Kolla Ansible hosts, if set. See also
``kolla_overcloud_inventory_pass_through_host_vars_map``. The default is:
.. code-block:: yaml
kolla_overcloud_inventory_pass_through_host_vars:
- "ansible_host"
- "ansible_port"
- "ansible_ssh_private_key_file"
- "kolla_network_interface"
- "kolla_api_interface"
- "kolla_storage_interface"
- "kolla_cluster_interface"
- "kolla_swift_storage_interface"
- "kolla_swift_replication_interface"
- "kolla_provision_interface"
- "kolla_inspector_dnsmasq_interface"
- "kolla_dns_interface"
- "kolla_tunnel_interface"
- "kolla_external_vip_interface"
- "kolla_neutron_external_interfaces"
- "kolla_neutron_bridge_names"
- "kolla_neutron_physical_networks"
It is possible to extend this list via
``kolla_overcloud_inventory_pass_through_host_vars_extra``.
``kolla_overcloud_inventory_pass_through_host_vars_map``
Dict mapping names of variables in
``kolla_overcloud_inventory_pass_through_host_vars`` to the variable to use
in Kolla Ansible. If a variable name is not in this mapping the Kayobe name
is used. The default is:
.. code-block:: yaml
kolla_overcloud_inventory_pass_through_host_vars_map:
kolla_network_interface: "network_interface"
kolla_api_interface: "api_interface"
kolla_storage_interface: "storage_interface"
kolla_cluster_interface: "cluster_interface"
kolla_swift_storage_interface: "swift_storage_interface"
kolla_swift_replication_interface: "swift_replication_interface"
kolla_provision_interface: "provision_interface"
kolla_inspector_dnsmasq_interface: "ironic_dnsmasq_interface"
kolla_dns_interface: "dns_interface"
kolla_tunnel_interface: "tunnel_interface"
kolla_neutron_external_interfaces: "neutron_external_interface"
kolla_neutron_bridge_names: "neutron_bridge_name"
kolla_neutron_physical_networks: "neutron_physical_networks"
It is possible to extend this dict via
``kolla_overcloud_inventory_pass_through_host_vars_map_extra``.
Example: pass through an additional host variable
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
In this example we pass through a variable named ``my_kayobe_var`` from Kayobe
to Kolla Ansible.
.. code-block:: yaml
:caption: ``$KAYOBE_CONFIG_PATH/kolla.yml``
kolla_overcloud_inventory_pass_through_host_vars_extra:
- my_kayobe_var
This variable might be defined in the Kayobe inventory, e.g.
.. code-block:: yaml
:caption: ``$KAYOBE_CONFIG_PATH/inventory/host_vars/controller01``
my_kayobe_var: foo
The variable may then be referenced in
``$KAYOBE_CONFIG_PATH/kolla/globals.yml``, Kolla Ansible group variables, or in
Kolla Ansible custom service configuration.
In case the variable requires a different name in Kolla Ansible, use
``kolla_overcloud_inventory_pass_through_host_vars_map_extra``:
.. code-block:: yaml
:caption: ``$KAYOBE_CONFIG_PATH/kolla.yml``
kolla_overcloud_inventory_pass_through_host_vars_map_extra:
my_kayobe_var: my_kolla_ansible_var
.. _custom_kolla_inventory:
Custom Kolla Inventory
----------------------
When running Kolla Ansible playbooks, kayobe will check for any customised
inventories in the following locations:
* ``${KAYOBE_CONFIG_PATH}/kolla/inventory/``
* ``${KAYOBE_CONFIG_PATH}/environments/<environment>/kolla/inventory/``
* Only used with the :ref:`multiple environments feature <multiple-environments>`
These are copied when kayobe generates the Kolla Ansible configuration. The
copy is passed to Ansible as an additional inventory when running any
Kolla Ansible playbooks. No templating or additional preprocessing is
performed. For this reason, this directory must be a valid Ansible inventory,
with the exception that ``*.j2`` files are ignored to keep compatibility with
:ref:`custom Kolla Ansible inventory templates
<custom-kolla-inventory-templates>`.
Group variables can be used to set configuration for all hosts in a group. They
can be set in Kolla Ansible by placing files in
``${KAYOBE_CONFIG_PATH}/kolla/inventory/group_vars/*``. Since this
directory is copied directly into the Kolla Ansible inventory, Kolla
Ansible group names should be used. It should be noted that
``extra-vars`` and ``host_vars`` take precedence over ``group_vars``. For
more information on variable precedence see the Ansible `documentation
<https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html#variable-precedence-where-should-i-put-a-variable>`_.
Example: configure a Nova cell
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
In Kolla Ansible, :kolla-ansible-doc:`Nova cells are configured
<reference/compute/nova-cells-guide>` via group variables. For example, to
configure ``cell0001`` the following file could be created:
.. code-block:: yaml
:caption: ``$KAYOBE_CONFIG_PATH/kolla/inventory/group_vars/cell0001/all``
---
nova_cell_name: cell0001
nova_cell_novncproxy_group: cell0001-vnc
nova_cell_conductor_group: cell0001-control
nova_cell_compute_group: cell0001-compute
Passwords
---------
Kolla Ansible auto-generates passwords to a file, ``passwords.yml``. Kayobe
handles the orchestration of this, as well as encryption of the file using an
Ansible Vault password specified in the ``KAYOBE_VAULT_PASSWORD`` environment
variable, if present. The file is generated to
``$KAYOBE_CONFIG_PATH/kolla/passwords.yml``, and should be stored along with
other Kayobe configuration files. This file should not be manually modified.
Configuring Custom Passwords
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The following variables are used to configure custom passwords:
* ``kolla_ansible_default_custom_passwords``: Dictionary containing default
custom passwords, required by Kolla Ansible. Contains SSH keys authorized by
kolla user on Kolla hosts, SSH keys authorized in hosts deployed by Bifrost,
Docker Registry password and compute libVirt custom passwords.
* ``kolla_ansible_extra_custom_passwords``: Dictionary containing extra custom
passwords to add or override in the Kolla passwords file. Default is an empty
dictionary.
* ``kolla_ansible_custom_passwords``: Dictionary containing custom passwords to
add or override in the Kolla passwords file. Default is the combination of
the ``kolla_ansible_default_custom_passwords`` and
``kolla_ansible_extra_custom_passwords``.
In this example we add our own ``my_custom_password`` and override
``keystone_admin_password``:
.. code-block:: yaml
:caption: ``$KAYOBE_CONFIG_PATH/kolla.yml``
---
# Dictionary containing extra custom passwords to add or override in the
# Kolla passwords file.
kolla_ansible_extra_custom_passwords:
my_custom_password: 'correcthorsebatterystaple'
keystone_admin_password: 'superduperstrongpassword'
Control Plane Services
======================
Kolla Ansible provides a flexible mechanism for configuring the services that
it deploys. Kayobe adds some commonly required configuration options to the
defaults provided by Kolla Ansible, but also allows for the free-form
configuration supported by Kolla Ansible. The :kolla-ansible-doc:`Kolla Ansible
documentation <>` should be used as a reference.
Enabling Services
-----------------
Services deployed by Kolla Ansible are enabled via flags.
``kolla_enable_<service or feature>``
There are various flags that can be used to enable features. These map to
variables named ``enable_<service or feature>`` in Kolla Ansible. The
default set of enabled services and features is the same as in Kolla
ansible, except that Ironic is enabled by default in Kayobe.
Example: enabling a service
^^^^^^^^^^^^^^^^^^^^^^^^^^^
A common task is enabling a new OpenStack service. This may be done via the
``kolla_enable_*`` flags, for example:
.. code-block:: yaml
:caption: ``$KAYOBE_CONFIG_PATH/kolla.yml``
---
kolla_enable_swift: true
Note that in some cases additional configuration may be required to
successfully deploy a service - check the :kolla-ansible-doc:`Kolla Ansible
configuration reference <reference>`.
Service Configuration
---------------------
Kolla-ansible's flexible configuration is described in the
:kolla-ansible-doc:`Kolla Ansible service configuration documentation
<admin/advanced-configuration.html#openstack-service-configuration-in-kolla>`.
We won't duplicate that here, but essentially it involves creating files under
a directory which for users of kayobe will be ``$KOLLA_CONFIG_PATH/config``. In
kayobe, files in this directory are auto-generated and managed by kayobe.
Instead, users should create files under ``$KAYOBE_CONFIG_PATH/kolla/config``
with the same directory structure. These files will be templated using Jinja2,
merged with kayobe's own configuration, and written out to
``$KOLLA_CONFIG_PATH/config``.
The following files, if present, will be templated and provided to
Kolla Ansible. All paths are relative to ``$KAYOBE_CONFIG_PATH/kolla/config``.
Note that typically Kolla Ansible does not use the same wildcard patterns, and
has a more restricted set of files that it will process. In some cases, it may
be necessary to inspect the Kolla Ansible configuration tasks to determine
which files are supported.
.. table:: Kolla-ansible configuration files
=============================== =======================================================
File Purpose
=============================== =======================================================
``aodh.conf`` Aodh configuration.
``aodh/*`` Extended Aodh configuration.
``backup.my.cnf`` Mariabackup configuration.
``barbican.conf`` Barbican configuration.
``barbican/*`` Extended Barbican configuration.
``blazar.conf`` Blazar configuration.
``blazar/*`` Extended Blazar configuration.
``ceilometer.conf`` Ceilometer configuration.
``ceilometer/*`` Extended Ceilometer configuration.
``cinder.conf`` Cinder configuration.
``cinder/*`` Extended Cinder configuration.
``cloudkitty.conf`` CloudKitty configuration.
``cloudkitty/*`` Extended CloudKitty configuration.
``designate.conf`` Designate configuration.
``designate/*`` Extended Designate configuration.
``fluentd/filter`` Fluentd filter configuration.
``fluentd/input`` Fluentd input configuration.
``fluentd/output`` Fluentd output configuration.
``galera.cnf`` MariaDB configuration.
``glance.conf`` Glance configuration.
``glance/*`` Extended Glance configuration.
``global.conf`` Global configuration for all OpenStack services.
``gnocchi.conf`` Gnocchi configuration.
``gnocchi/*`` Extended Gnocchi configuration.
``grafana.ini`` Grafana configuration.
``grafana/*`` Extended Grafana configuration.
``haproxy/*`` Main HAProxy configuration.
``haproxy-config/*`` Modular HAProxy configuration.
``heat.conf`` Heat configuration.
``heat/*`` Extended heat configuration.
``horizon/*`` Extended horizon configuration.
``influx*`` InfluxDB configuration.
``ironic-inspector.conf`` Ironic inspector configuration.
``ironic.conf`` Ironic configuration.
``ironic/*`` Extended ironic configuration.
``keepalived/*`` Extended keepalived configuration.
``keystone.conf`` Keystone configuration.
``keystone/*`` Extended keystone configuration.
``magnum.conf`` Magnum configuration.
``magnum/*`` Extended magnum configuration.
``manila.conf`` Manila configuration.
``manila/*`` Extended manila configuration.
``mariadb/*`` Extended MariaDB configuration.
``masakari.conf`` Masakari configuration.
``masakari/*`` Extended masakari configuration.
``multipath.conf`` Multipathd configuration.
``neutron.conf`` Neutron configuration.
``neutron/ml2_conf.ini`` Neutron ML2 configuration.
``neutron/*`` Extended neutron configuration.
``nova.conf`` Nova configuration.
``nova/*`` Extended nova configuration.
``octavia.conf`` Octavia configuration.
``octavia/*`` Extended Octavia configuration.
``opensearch/*`` OpenSearch configuration.
``placement.conf`` Placement configuration.
``placement/*`` Extended Placement configuration.
``prometheus/*`` Prometheus configuration.
``swift/*`` Extended swift configuration.
``telegraf/*`` Extended Telegraf configuration.
=============================== =======================================================
Configuring an OpenStack Component
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
To provide custom configuration to be applied to all glance services, create
``$KAYOBE_CONFIG_PATH/kolla/config/glance.conf``. For example:
.. code-block:: yaml
:caption: ``$KAYOBE_CONFIG_PATH/kolla/config/glance.conf``
[DEFAULT]
api_limit_max = 500
Configuring an OpenStack Service
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
To provide custom configuration for the glance API service, create
``$KAYOBE_CONFIG_PATH/kolla/config/glance/glance-api.conf``. For example:
.. code-block:: yaml
:caption: ``$KAYOBE_CONFIG_PATH/kolla/config/glance/glance-api.conf``
[DEFAULT]
api_limit_max = 500