openstack/kolla-ansible
Code Issues Proposed changes
7186f960d9
kolla-ansible/ansible/roles/horizon/defaults/main.yml
Michal Nasiadka 4bc410c6ca haproxy: support single external frontend 
Use case: exposing single external https frontend and
load balancing services using FQDNs.

Support different ports for internal and external endpoints.

Introduced kolla_url filter to normalize urls like:
- https://magnum.external:443/v1
- http://magnum.external:80/v1

Change-Id: I9fb03fe1cebce5c7198d523e015280c69f139cd0
Co-Authored-By: Jakub Darmach <jakub@stackhpc.com>
2023-06-29 01:44:00 +02:00

167 lines
8.2 KiB
YAML
Raw Blame History

---
horizon_services:
horizon:
container_name: horizon
group: horizon
enabled: true
image: "{{ horizon_image_full }}"
environment:
ENABLE_BLAZAR: "{{ 'yes' if enable_horizon_blazar | bool else 'no' }}"
ENABLE_CLOUDKITTY: "{{ 'yes' if enable_horizon_cloudkitty | bool else 'no' }}"
ENABLE_DESIGNATE: "{{ 'yes' if enable_horizon_designate | bool else 'no' }}"
ENABLE_FREEZER: "{{ 'yes' if enable_horizon_freezer | bool else 'no' }}"
ENABLE_HEAT: "{{ 'yes' if enable_horizon_heat | bool else 'no' }}"
ENABLE_IRONIC: "{{ 'yes' if enable_horizon_ironic | bool else 'no' }}"
ENABLE_MAGNUM: "{{ 'yes' if enable_horizon_magnum | bool else 'no' }}"
ENABLE_MANILA: "{{ 'yes' if enable_horizon_manila | bool else 'no' }}"
ENABLE_MASAKARI: "{{ 'yes' if enable_horizon_masakari | bool else 'no' }}"
ENABLE_MISTRAL: "{{ 'yes' if enable_horizon_mistral | bool else 'no' }}"
ENABLE_MURANO: "{{ 'yes' if enable_horizon_murano | bool else 'no' }}"
ENABLE_NEUTRON_VPNAAS: "{{ 'yes' if enable_horizon_neutron_vpnaas | bool else 'no' }}"
ENABLE_OCTAVIA: "{{ 'yes' if enable_horizon_octavia | bool else 'no' }}"
ENABLE_SAHARA: "{{ 'yes' if enable_horizon_sahara | bool else 'no' }}"
ENABLE_SENLIN: "{{ 'yes' if enable_horizon_senlin | bool else 'no' }}"
ENABLE_SOLUM: "{{ 'yes' if enable_horizon_solum | bool else 'no' }}"
ENABLE_TACKER: "{{ 'yes' if enable_horizon_tacker | bool else 'no' }}"
ENABLE_TROVE: "{{ 'yes' if enable_horizon_trove | bool else 'no' }}"
ENABLE_VITRAGE: "{{ 'yes' if enable_horizon_vitrage | bool else 'no' }}"
ENABLE_WATCHER: "{{ 'yes' if enable_horizon_watcher | bool else 'no' }}"
ENABLE_ZUN: "{{ 'yes' if enable_horizon_zun | bool else 'no' }}"
FORCE_GENERATE: "{{ 'yes' if horizon_dev_mode | bool else 'no' }}"
volumes: "{{ horizon_default_volumes + horizon_extra_volumes }}"
dimensions: "{{ horizon_dimensions }}"
healthcheck: "{{ horizon_healthcheck }}"
haproxy:
horizon:
enabled: "{{ enable_horizon }}"
mode: "http"
external: false
port: "{% if kolla_enable_tls_internal | bool %}{{ horizon_tls_port }}{% else %}{{ horizon_port }}{% endif %}"
listen_port: "{{ horizon_listen_port }}"
frontend_http_extra:
- "use_backend acme_client_back if { path_reg ^/.well-known/acme-challenge/.+ }"
backend_http_extra:
- "balance {{ 'roundrobin' if enable_memcached | bool or horizon_backend_database | bool else 'source' }}"
tls_backend: "{{ horizon_enable_tls_backend }}"
horizon_redirect:
enabled: "{{ enable_horizon | bool and kolla_enable_tls_internal | bool }}"
mode: "redirect"
external: false
port: "{{ horizon_port }}"
listen_port: "{{ horizon_listen_port }}"
horizon_external:
enabled: "{{ enable_horizon }}"
mode: "http"
external: true
external_fqdn: "{{ horizon_external_fqdn }}"
port: "{% if kolla_enable_tls_external | bool %}{{ horizon_tls_port }}{% else %}{{ horizon_port }}{% endif %}"
listen_port: "{{ horizon_listen_port }}"
frontend_http_extra:
- "use_backend acme_client_back if { path_reg ^/.well-known/acme-challenge/.+ }"
backend_http_extra:
- "balance {{ 'roundrobin' if enable_memcached | bool or horizon_backend_database | bool else 'source' }}"
tls_backend: "{{ horizon_enable_tls_backend }}"
horizon_external_redirect:
enabled: "{{ enable_horizon | bool and kolla_enable_tls_external | bool }}"
mode: "redirect"
external: true
external_fqdn: "{{ horizon_external_fqdn }}"
port: "{{ horizon_port }}"
listen_port: "{{ horizon_listen_port }}"
acme_client:
enabled: "{{ enable_horizon }}"
with_frontend: false
custom_member_list: "{{ acme_client_servers }}"
horizon_keystone_domain_choices:
Default: default
horizon_custom_themes: []
####################
# Database
####################
horizon_database_name: "horizon"
horizon_database_user: "{% if use_preconfigured_databases | bool and use_common_mariadb_user | bool %}{{ database_user }}{% else %}horizon{% endif %}"
horizon_database_address: "{{ database_address | put_address_in_context('url') }}:{{ database_port }}"
####################
# Database sharding
####################
horizon_database_shard_root_user: "{% if enable_proxysql | bool %}root_shard_{{ horizon_database_shard_id }}{% else %}{{ database_user }}{% endif %}"
horizon_database_shard_id: "{{ mariadb_default_database_shard_id | int }}"
horizon_database_shard:
users:
- user: "{{ horizon_database_user }}"
password: "{{ horizon_database_password }}"
rules:
- schema: "{{ horizon_database_name }}"
shard_id: "{{ horizon_database_shard_id }}"
####################
# Docker
####################
horizon_image: "{{ docker_registry ~ '/' if docker_registry else '' }}{{ docker_namespace }}/horizon"
horizon_tag: "{{ openstack_tag }}"
horizon_image_full: "{{ horizon_image }}:{{ horizon_tag }}"
horizon_dimensions: "{{ default_container_dimensions }}"
horizon_enable_healthchecks: "{{ enable_container_healthchecks }}"
horizon_healthcheck_interval: "{{ default_container_healthcheck_interval }}"
horizon_healthcheck_retries: "{{ default_container_healthcheck_retries }}"
horizon_healthcheck_start_period: "{{ default_container_healthcheck_start_period }}"
horizon_healthcheck_test: ["CMD-SHELL", "healthcheck_curl {{ 'https' if horizon_enable_tls_backend | bool else 'http' }}://{{ api_interface_address | put_address_in_context('url') }}:{{ horizon_listen_port }}"]
horizon_healthcheck_timeout: "{{ default_container_healthcheck_timeout }}"
horizon_healthcheck:
interval: "{{ horizon_healthcheck_interval }}"
retries: "{{ horizon_healthcheck_retries }}"
start_period: "{{ horizon_healthcheck_start_period }}"
test: "{% if horizon_enable_healthchecks | bool %}{{ horizon_healthcheck_test }}{% else %}NONE{% endif %}"
timeout: "{{ horizon_healthcheck_timeout }}"
horizon_default_volumes:
- "{{ node_config_directory }}/horizon/:{{ container_config_directory }}/:ro"
- "{{ kolla_dev_repos_directory ~ '/horizon/horizon:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/horizon' if horizon_dev_mode | bool else '' }}"
- "{{ kolla_dev_repos_directory ~ '/horizon/openstack_dashboard:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/openstack_dashboard' if horizon_dev_mode | bool else '' }}"
- "{{ kolla_dev_repos_directory ~ '/murano-dashboard/muranodashboard:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/muranodashboard' if horizon_murano_dev_mode | bool else '' }}"
- "/etc/localtime:/etc/localtime:ro"
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_facts.os_family == 'Debian' else '' }}"
- "kolla_logs:/var/log/kolla/"
- "/tmp:/tmp"
horizon_extra_volumes: "{{ default_extra_volumes }}"
####################
# OpenStack
####################
horizon_logging_debug: "{{ openstack_logging_debug }}"
horizon_keystone_url: "{{ keystone_public_url if horizon_use_keystone_public_url | bool else keystone_internal_url }}"
####################
# Apache
####################
horizon_wsgi_processes: "{{ openstack_service_workers }}"
horizon_wsgi_threads: 1
####################
# Kolla
####################
horizon_git_repository: "{{ kolla_dev_repos_git }}/{{ project_name }}"
murano_dashboard_git_repository: "{{ kolla_dev_repos_git }}/murano-dashboard"
horizon_dev_repos_pull: "{{ kolla_dev_repos_pull }}"
horizon_dev_mode: "{{ kolla_dev_mode }}"
horizon_murano_dev_mode: "{{ kolla_dev_mode }}"
horizon_source_version: "{{ kolla_source_version }}"
horizon_murano_source_version: "{{ kolla_source_version }}"
# This variable was created for administrators to define which one of the Keystone's URLs should be configured in Horizon.
# In some cases, such as when using OIDC, horizon will need to be configured with Keystone's public URL.
# Therefore, instead of overriding the whole "horizon_keystone_url", this change allows an easier integration because
# the Keystone public URL is already defined with variable "keystone_public_url".
horizon_use_keystone_public_url: False
View Git Blame Copy Permalink