openstack/openstack-ansible-os_horizon
Code Issues Proposed changes
Role os_horizon for OpenStack-Ansible
76 Commits 9 Branches 138 Tags 6.9 MiB
Jinja 74.5%
Python 18.3%
Shell 7.2%
785b1d49eb
Go to file
Kevin Carter 785b1d49eb Add ability to configure Neutron FWaaS 
This patch adds the ability for a deployer to enable the FWaaS panels
in Horizon.

Re-Implementation-Of: https://review.openstack.org/#/c/275894/9

Change-Id: I682171333328e42895ec1a4d2d0cc5d2b2fcdcd9
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2016-03-17 17:14:19 +00:00
defaults Add ability to configure Neutron FWaaS 2016-03-17 17:14:19 +00:00
doc [DOCS] Cleanup the role docs for consistency and clarity 2016-03-10 08:55:29 -05:00
handlers Convert existing roles into galaxy roles 2015-02-18 10:56:25 +00:00
meta Enable functional convergence testing 2016-03-14 12:53:48 +00:00
tasks Merge "Enable functional convergence testing" 2016-03-17 15:25:08 +00:00
templates Add ability to configure Neutron FWaaS 2016-03-17 17:14:19 +00:00
tests Enable functional convergence testing 2016-03-14 12:53:48 +00:00
.gitignore Adding Vagrantfile for local developer testing 2016-03-09 22:04:36 -05:00
.gitreview Implement base configuration for independent repository 2016-03-02 09:39:02 -05:00
CONTRIBUTING.rst Convert existing roles into galaxy roles 2015-02-18 10:56:25 +00:00
LICENSE Convert existing roles into galaxy roles 2015-02-18 10:56:25 +00:00
other-requirements.txt Enable functional convergence testing 2016-03-14 12:53:48 +00:00
README.rst Remove dependency on the Keystone admin auth token 2016-03-17 10:48:22 -04:00
run_tests.sh Implement base configuration for independent repository 2016-03-02 09:39:02 -05:00
setup.cfg Implement base configuration for independent repository 2016-03-02 09:39:02 -05:00
setup.py Implement base configuration for independent repository 2016-03-02 09:39:02 -05:00
test-requirements.txt pin version of ansible-lint we use for testing 2016-03-15 11:40:19 -04:00
tox.ini Enable functional convergence testing 2016-03-14 12:53:48 +00:00
Vagrantfile Adding Vagrantfile for local developer testing 2016-03-09 22:04:36 -05:00

README.rst

OpenStack-Ansible Horizon

This Ansible role installs and configures OpenStack Horizon served by the Apache webserver. Horizon is configured to use Galera for session caching and memcached for other caching.

Default Variables

../../defaults/main.yml

Required Variables

This list is not exhaustive at present. See role internals for further details.

horizon_ssl_protocol: "ALL -SSLv2 -SSLv3"
horizon_ssl_cipher_suite: "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS"
horizon_galera_address: 10.100.100.101
horizon_container_mysql_password: "SuperSecrete"
horizon_secret_key: "SuperSecreteHorizonKey"

Example Playbook

- name: Installation and setup of horizon
  hosts: horizon_all
  user: root
  roles:
    - { role: "os_horizon", tags: [ "os-horizon" ] }
  vars:
    galera_client_drop_config_file: false
    external_lb_vip_address: 10.100.100.101
    internal_lb_vip_address: 10.100.100.101
    horizon_galera_address: 10.100.100.101
    horizon_container_mysql_password: "SuperSecrete"
    horizon_secret_key: "SuperSecreteHorizonKey"
    horizon_external_ssl: true
    horizon_ssl_protocol: "ALL -SSLv2 -SSLv3"
    horizon_ssl_cipher_suite: "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS"
    galera_root_password: "secrete"
    rabbitmq_servers: 10.100.100.101
    rabbitmq_use_ssl: false
    rabbitmq_port: 5671
    keystone_admin_user_name: admin
    keystone_auth_admin_password: "SuperSecretePassword"
    keystone_admin_tenant_name: admin
    keystone_service_adminuri_insecure: false
    keystone_service_internaluri_insecure: false
    keystone_service_internaluri: "http://{{ internal_lb_vip_address }}:5000"
    keystone_service_internalurl: "{{ keystone_service_internaluri }}/v3"
    keystone_service_adminuri: "http://{{ internal_lb_vip_address }}:35357"
    keystone_service_adminurl: "{{ keystone_service_adminuri }}/v3"
    openrc_os_password: "{{ keystone_auth_admin_password }}"
    openrc_os_domain_name: "Default"
    memcached_servers: 10.100.100.101
    memcached_encryption_key: "secrete"