de973b81fa
Kolla environment currently uses haproxy
to fullfill HA in mariadb. This patch
is switching haproxy to proxysql if enabled.
This patch is also replacing mariadb's user
'haproxy' with user 'monitor'. This replacement
has two reasons:
- Use better name to "monitor" galera claster
as there are two services using this user
(HAProxy, ProxySQL)
- Set password for monitor user as it's
always better to use password then not use.
Previous haproxy user didn't use password
as it was historically not possible with
haproxy and mariadb-clustercheck wasn't
implemented.
Depends-On: https://review.opendev.org/c/openstack/kolla/+/769385
Depends-On: https://review.opendev.org/c/openstack/kolla/+/765781
Depends-On: https://review.opendev.org/c/openstack/kolla/+/850656
Change-Id: I0edae33d982c2e3f3b5f34b3d5ad07a431162844
271 lines
5.0 KiB
YAML
271 lines
5.0 KiB
YAML
---
|
|
###################
|
|
# External Ceph options
|
|
####################
|
|
# These options must be UUID4 values in string format
|
|
# XXXXXXXX-XXXX-4XXX-XXXX-XXXXXXXXXXXX
|
|
# for backward compatible consideration, rbd_secret_uuid is only used for nova,
|
|
# cinder_rbd_secret_uuid is used for cinder
|
|
rbd_secret_uuid:
|
|
cinder_rbd_secret_uuid:
|
|
|
|
###################
|
|
# Database options
|
|
####################
|
|
database_password:
|
|
# Password for the dedicated backup user account
|
|
mariadb_backup_database_password:
|
|
# Password for the monitor user
|
|
mariadb_monitor_password:
|
|
|
|
####################
|
|
# Docker options
|
|
####################
|
|
# This should only be set if you require a password for your Docker registry
|
|
docker_registry_password:
|
|
|
|
####################
|
|
# VMware support
|
|
####################
|
|
vmware_dvs_host_password:
|
|
vmware_nsxv_password:
|
|
vmware_vcenter_host_password:
|
|
nsxv3_api_password:
|
|
vmware_nsxp_api_password:
|
|
vmware_nsxp_metadata_proxy_shared_secret:
|
|
|
|
#####################
|
|
# Hitachi NAS support
|
|
#####################
|
|
hnas_nfs_password:
|
|
|
|
#######################
|
|
# Infoblox IPAM support
|
|
#######################
|
|
infoblox_admin_password:
|
|
|
|
####################
|
|
# OpenStack options
|
|
####################
|
|
aodh_database_password:
|
|
aodh_keystone_password:
|
|
|
|
barbican_database_password:
|
|
barbican_keystone_password:
|
|
barbican_p11_password:
|
|
barbican_crypto_key:
|
|
|
|
blazar_database_password:
|
|
blazar_keystone_password:
|
|
|
|
keystone_admin_password:
|
|
keystone_database_password:
|
|
|
|
grafana_database_password:
|
|
grafana_admin_password:
|
|
|
|
glance_database_password:
|
|
glance_keystone_password:
|
|
|
|
gnocchi_database_password:
|
|
gnocchi_keystone_password:
|
|
|
|
kuryr_keystone_password:
|
|
|
|
nova_database_password:
|
|
nova_api_database_password:
|
|
nova_keystone_password:
|
|
|
|
placement_keystone_password:
|
|
placement_database_password:
|
|
|
|
neutron_database_password:
|
|
neutron_keystone_password:
|
|
metadata_secret:
|
|
|
|
cinder_database_password:
|
|
cinder_keystone_password:
|
|
|
|
cloudkitty_database_password:
|
|
cloudkitty_keystone_password:
|
|
|
|
cyborg_database_password:
|
|
cyborg_keystone_password:
|
|
|
|
freezer_database_password:
|
|
freezer_keystone_password:
|
|
|
|
sahara_database_password:
|
|
sahara_keystone_password:
|
|
|
|
designate_database_password:
|
|
designate_keystone_password:
|
|
# This option must be UUID4 value in string format
|
|
designate_pool_id:
|
|
# This option must be HMAC-MD5 value in string format
|
|
designate_rndc_key:
|
|
|
|
swift_keystone_password:
|
|
swift_hash_path_suffix:
|
|
swift_hash_path_prefix:
|
|
|
|
heat_database_password:
|
|
heat_keystone_password:
|
|
heat_domain_admin_password:
|
|
|
|
murano_database_password:
|
|
murano_keystone_password:
|
|
murano_agent_rabbitmq_password:
|
|
|
|
monasca_agent_password:
|
|
monasca_database_password:
|
|
monasca_keystone_password:
|
|
|
|
ironic_database_password:
|
|
ironic_keystone_password:
|
|
|
|
ironic_inspector_database_password:
|
|
ironic_inspector_keystone_password:
|
|
|
|
magnum_database_password:
|
|
magnum_keystone_password:
|
|
|
|
mistral_database_password:
|
|
mistral_keystone_password:
|
|
|
|
trove_database_password:
|
|
trove_keystone_password:
|
|
|
|
ceilometer_database_password:
|
|
ceilometer_keystone_password:
|
|
|
|
watcher_database_password:
|
|
watcher_keystone_password:
|
|
|
|
senlin_database_password:
|
|
senlin_keystone_password:
|
|
|
|
solum_database_password:
|
|
solum_keystone_password:
|
|
|
|
horizon_secret_key:
|
|
horizon_database_password:
|
|
|
|
telemetry_secret_key:
|
|
|
|
manila_database_password:
|
|
manila_keystone_password:
|
|
|
|
octavia_database_password:
|
|
octavia_keystone_password:
|
|
octavia_ca_password:
|
|
octavia_client_ca_password:
|
|
|
|
tacker_database_password:
|
|
tacker_keystone_password:
|
|
|
|
zun_database_password:
|
|
zun_keystone_password:
|
|
|
|
vitrage_database_password:
|
|
vitrage_keystone_password:
|
|
|
|
venus_database_password:
|
|
venus_keystone_password:
|
|
|
|
masakari_database_password:
|
|
masakari_keystone_password:
|
|
|
|
memcache_secret_key:
|
|
|
|
# HMAC secret key
|
|
osprofiler_secret:
|
|
|
|
nova_ssh_key:
|
|
private_key:
|
|
public_key:
|
|
|
|
kolla_ssh_key:
|
|
private_key:
|
|
public_key:
|
|
|
|
keystone_ssh_key:
|
|
private_key:
|
|
public_key:
|
|
|
|
bifrost_ssh_key:
|
|
private_key:
|
|
public_key:
|
|
|
|
octavia_amp_ssh_key:
|
|
private_key:
|
|
public_key:
|
|
|
|
neutron_ssh_key:
|
|
private_key:
|
|
public_key:
|
|
|
|
####################
|
|
# Gnocchi options
|
|
####################
|
|
gnocchi_project_id:
|
|
gnocchi_resource_id:
|
|
gnocchi_user_id:
|
|
|
|
####################
|
|
# RabbitMQ options
|
|
####################
|
|
rabbitmq_password:
|
|
rabbitmq_monitoring_password:
|
|
rabbitmq_cluster_cookie:
|
|
outward_rabbitmq_password:
|
|
outward_rabbitmq_cluster_cookie:
|
|
|
|
####################
|
|
# HAProxy options
|
|
####################
|
|
haproxy_password:
|
|
keepalived_password:
|
|
|
|
####################
|
|
# Kibana options
|
|
####################
|
|
kibana_password:
|
|
|
|
####################
|
|
# etcd options
|
|
####################
|
|
etcd_cluster_token:
|
|
|
|
####################
|
|
# redis options
|
|
####################
|
|
redis_master_password:
|
|
|
|
####################
|
|
# Prometheus options
|
|
####################
|
|
prometheus_mysql_exporter_database_password:
|
|
prometheus_alertmanager_password:
|
|
|
|
###############################
|
|
# OpenStack identity federation
|
|
###############################
|
|
keystone_federation_openid_crypto_password:
|
|
|
|
####################
|
|
# Ceph RadosGW options
|
|
####################
|
|
ceph_rgw_keystone_password:
|
|
|
|
##################
|
|
# libvirt options
|
|
##################
|
|
libvirt_sasl_password:
|
|
|
|
############
|
|
# ProxySQL
|
|
############
|
|
proxysql_admin_password:
|
|
proxysql_stats_password:
|