275 lines
7.7 KiB
Django/Jinja
275 lines
7.7 KiB
Django/Jinja
---
|
|
{% if ansible_os_family == 'Debian' or ansible_facts.distribution == "openEuler" %}
|
|
# Force the use of python3 on Debian, Ubuntu and openEuler remote hosts. These distros
|
|
# typically have an unversioned Python interpreter which links to python2.7.
|
|
ansible_python_interpreter: /usr/bin/python3
|
|
{% endif %}
|
|
|
|
# NOTE(yoctozepto): In CI it makes sense to always try to fail
|
|
# as early as possible.
|
|
kolla_ansible_setup_any_errors_fatal: true
|
|
|
|
kolla_base_distro: "{{ base_distro }}"
|
|
network_interface: "{{ api_interface_name }}"
|
|
network_address_family: "{{ address_family }}"
|
|
kolla_container_engine: "{{ container_engine }}"
|
|
docker_restart_policy: "no"
|
|
|
|
{% if container_engine == 'podman' %}
|
|
podman_debug: true
|
|
podman_registry_mirrors:
|
|
- {{ infra_dockerhub_mirror }}
|
|
podman_sdk_pip_packages:
|
|
- "podman>=4.7.0"
|
|
- rich
|
|
{% if need_build_image and is_previous_release %}
|
|
podman_registry: "primary:4000"
|
|
podman_registry_insecure: true
|
|
{% endif %}
|
|
{% else %}
|
|
docker_debug: true
|
|
docker_registry_mirrors:
|
|
- {{ infra_dockerhub_mirror }}
|
|
|
|
# NOTE(bbezak): In Kolla CI K-A upgrade job needs following override
|
|
# as docker_registry var is being used both for docker daemon config
|
|
# - for kolla images build, and kolla-ansible container images sources.
|
|
# docker_custom_config gets precedence in docker daemon configuration.
|
|
{% if need_build_image and is_previous_release %}
|
|
docker_custom_config:
|
|
insecure-registries:
|
|
- primary:4000
|
|
{% endif %}
|
|
{% if ansible_facts.distribution == "openEuler" %}
|
|
docker_custom_config:
|
|
exec-opts: ["native.umask=normal"]
|
|
{% endif %}
|
|
{% endif %}
|
|
|
|
{% if kolla_python_version is defined and not is_previous_release %}
|
|
distro_python_version: "{{ kolla_python_version }}"
|
|
{% endif %}
|
|
|
|
# MariaDB/Galera - fine tune timeouts
|
|
mariadb_wsrep_extra_provider_options:
|
|
- "gmcast.peer_timeout=PT15S"
|
|
- "evs.suspect_timeout=PT10S"
|
|
- "evs.inactive_timeout=PT30S"
|
|
- "evs.keepalive_period=PT3S"
|
|
|
|
nova_compute_virt_type: "{{ virt_type }}"
|
|
|
|
enable_openstack_core: "{{ openstack_core_enabled }}"
|
|
enable_horizon: "{{ dashboard_enabled }}"
|
|
enable_heat: "{{ openstack_core_tested }}"
|
|
|
|
{% if scenario != 'bifrost' %}
|
|
kolla_internal_vip_address: "{{ kolla_internal_vip_address }}"
|
|
neutron_external_interface: "{{ neutron_external_interface_name }}"
|
|
openstack_logging_debug: "True"
|
|
nova_libvirt_logging_debug: "False"
|
|
openstack_service_workers: "1"
|
|
openstack_service_rpc_workers: "1"
|
|
{% endif %}
|
|
|
|
{% if need_build_image and not is_previous_release %}
|
|
# NOTE(Jeffrey4l): use different a docker namespace name in case it pull image from hub.docker.io when deplying
|
|
docker_namespace: "lokolla"
|
|
# NOTE(yoctozepto): use hostname or FQDN to be compatible between IPv4 and IPv6
|
|
# docker does not support referencing registry via an IPv6 address
|
|
# see: https://github.com/moby/moby/issues/39033
|
|
docker_registry: "primary:4000"
|
|
docker_registry_insecure: yes
|
|
{% if container_engine == 'podman' %}
|
|
podman_registry: "primary:4000"
|
|
podman_registry_insecure: yes
|
|
{% endif %}
|
|
openstack_tag: "{{ build_image_tag }}"
|
|
{% else %}
|
|
# use the published images from a site mirror of quay.io
|
|
docker_registry: "{{ zuul_site_mirror_fqdn }}:4447"
|
|
docker_registry_insecure: no
|
|
{% if container_engine == 'podman' %}
|
|
podman_registry: "{{ zuul_site_mirror_fqdn }}:4447"
|
|
podman_registry_insecure: no
|
|
{% endif %}
|
|
docker_namespace: openstack.kolla
|
|
{% if docker_image_tag_suffix %}
|
|
openstack_tag_suffix: "{{ docker_image_tag_suffix }}"
|
|
{% endif %}
|
|
{% endif %}
|
|
|
|
{% if scenario == "zun" %}
|
|
enable_zun: "yes"
|
|
enable_kuryr: "yes"
|
|
enable_etcd: "yes"
|
|
etcd_remove_deleted_members: "yes"
|
|
docker_configure_for_zun: "yes"
|
|
containerd_configure_for_zun: "yes"
|
|
enable_cinder: "yes"
|
|
# lvm backup driver for cinder-backup does not exist
|
|
enable_cinder_backup: "no"
|
|
enable_cinder_backend_lvm: "yes"
|
|
{% endif %}
|
|
|
|
{% if scenario == "swift" %}
|
|
enable_swift: "yes"
|
|
{% endif %}
|
|
|
|
{% if scenario == "scenario_nfv" %}
|
|
enable_tacker: "yes"
|
|
enable_neutron_sfc: "yes"
|
|
enable_mistral: "yes"
|
|
enable_redis: "yes"
|
|
enable_barbican: "yes"
|
|
enable_heat: "yes"
|
|
# NOTE(yoctozepto): see https://bugs.launchpad.net/kolla-ansible/+bug/1906299
|
|
enable_aodh: "yes"
|
|
{% endif %}
|
|
|
|
{% if scenario == "ironic" %}
|
|
enable_ironic: "yes"
|
|
ironic_dnsmasq_dhcp_ranges:
|
|
- range: "10.42.0.2,10.42.0.254,255.255.255.0"
|
|
{% endif %}
|
|
|
|
{% if scenario == "masakari" %}
|
|
enable_masakari: "yes"
|
|
{% endif %}
|
|
|
|
{% if scenario == "cells" %}
|
|
enable_cells: "yes"
|
|
enable_proxysql: "yes"
|
|
{% endif %}
|
|
|
|
{% if scenario == "mariadb" %}
|
|
enable_fluentd: "yes"
|
|
enable_mariadb: "yes"
|
|
enable_memcached: "no"
|
|
enable_rabbitmq: "no"
|
|
{% endif %}
|
|
|
|
{% if scenario == "cephadm" %}
|
|
# kolla-ansible vars
|
|
enable_cinder: "yes"
|
|
# External Ceph
|
|
glance_backend_ceph: "yes"
|
|
cinder_backend_ceph: "yes"
|
|
nova_backend_ceph: "yes"
|
|
# Redis for coordination
|
|
enable_redis: "yes"
|
|
|
|
enable_ceph_rgw: "yes"
|
|
ceph_rgw_hosts:
|
|
{% for host in hostvars %}
|
|
- host: {{ host }}
|
|
ip: {{ hostvars[host]['ansible_host'] }}
|
|
port: 6780
|
|
{% endfor %}
|
|
{% endif %}
|
|
|
|
{% if tls_enabled %}
|
|
kolla_enable_tls_external: "yes"
|
|
kolla_enable_tls_internal: "yes"
|
|
kolla_copy_ca_into_containers: "yes"
|
|
kolla_enable_tls_backend: "yes"
|
|
{% if base_distro in ["debian", "ubuntu"] %}
|
|
openstack_cacert: "/etc/ssl/certs/ca-certificates.crt"
|
|
{% endif %}
|
|
{% if base_distro in ["centos", "rocky"] %}
|
|
openstack_cacert: "/etc/pki/tls/certs/ca-bundle.crt"
|
|
{% endif %}
|
|
kolla_admin_openrc_cacert: "{% raw %}{{ kolla_certificates_dir }}{% endraw %}/ca/root.crt"
|
|
rabbitmq_enable_tls: "yes"
|
|
libvirt_tls: "yes"
|
|
{% endif %}
|
|
|
|
{% if scenario == "ovn" %}
|
|
neutron_plugin_agent: "ovn"
|
|
neutron_ovn_distributed_fip: "yes"
|
|
neutron_enable_ovn_agent: "yes"
|
|
enable_octavia: "yes"
|
|
octavia_provider_drivers: "ovn:OVN provider"
|
|
octavia_provider_agents: "ovn"
|
|
enable_redis: "yes"
|
|
{% endif %}
|
|
|
|
{% if scenario == "prometheus-opensearch" %}
|
|
enable_central_logging: "yes"
|
|
enable_grafana: "yes"
|
|
enable_prometheus: "yes"
|
|
enable_prometheus_openstack_exporter: "no"
|
|
{% endif %}
|
|
|
|
{% if scenario == "magnum" %}
|
|
enable_designate: "yes"
|
|
designate_ns_record:
|
|
- "ns.example.org"
|
|
enable_magnum: "yes"
|
|
enable_trove: "yes"
|
|
neutron_dns_domain: "example.org."
|
|
{% endif %}
|
|
|
|
{% if scenario == "octavia" %}
|
|
neutron_dns_integration: "yes"
|
|
neutron_dns_domain: "example.org."
|
|
enable_octavia: "yes"
|
|
# NOTE(wuchunyang): work around for qemu-kvm 5.1 can not attach second NIC.
|
|
# more: http://lists.openstack.org/pipermail/openstack-discuss/2021-February/020218.html
|
|
octavia_amp_flavor:
|
|
name: "amphora"
|
|
is_public: no
|
|
vcpus: 2
|
|
ram: 1024
|
|
disk: 5
|
|
octavia_network_type: "tenant"
|
|
enable_redis: "yes"
|
|
{% endif %}
|
|
|
|
{% if scenario == "venus" %}
|
|
enable_opensearch: "yes"
|
|
enable_keystone: "yes"
|
|
enable_venus: "yes"
|
|
{% endif %}
|
|
|
|
{% if groups['all'] | length == 1 %}
|
|
keepalived_track_script_enabled: "no"
|
|
{% endif %}
|
|
|
|
neutron_modules_extra:
|
|
- name: 'nf_conntrack_tftp'
|
|
- name: 'nf_nat_tftp'
|
|
|
|
{% if scenario == "haproxy" %}
|
|
kolla_external_vip_address: "{{ kolla_external_vip_address }}"
|
|
haproxy_single_external_frontend: "yes"
|
|
glance_external_fqdn: "glance.external"
|
|
horizon_external_fqdn: "horizon.external"
|
|
keystone_external_fqdn: "keystone.external"
|
|
neutron_external_fqdn: "neutron.external"
|
|
nova_external_fqdn: "nova.external"
|
|
nova_novncproxy_external_fqdn: "novncproxy.external"
|
|
placement_external_fqdn: "placement.external"
|
|
{% endif %}
|
|
|
|
{% if scenario == "lets-encrypt" %}
|
|
enable_letsencrypt: "yes"
|
|
rabbitmq_enable_tls: "yes"
|
|
letsencrypt_email: "usero@openstack.test"
|
|
letsencrypt_cert_server: "https://pebble:14000/dir"
|
|
kolla_internal_fqdn: "{{ kolla_internal_fqdn }}"
|
|
kolla_enable_tls_backend: "no"
|
|
kolla_admin_openrc_cacert: "{% raw %}{{ kolla_certificates_dir }}{% endraw %}/ca/pebble.crt"
|
|
{% endif %}
|
|
|
|
{% if scenario == "skyline" %}
|
|
enable_skyline: "yes"
|
|
{% endif %}
|
|
|
|
{# Workaround for https://github.com/rabbitmq/rabbitmq-server/issues/10728 #}
|
|
{% if address_family == 'ipv6' %}
|
|
{% raw %}
|
|
rabbitmq_tag: "2023.2-{{ kolla_base_distro }}-{{ kolla_base_distro_version }}{{ openstack_tag_suffix }}"
|
|
{% endraw %}
|
|
{% endif %}
|