openstack-ansible-os_octavia/tests/os_octavia-overrides.yml
German Eichberger 38e365f945 Adds iptables rules to protect octavia server container
- Adds iptables rules
 - Makes sure that health manager ip is the one
   on the management interface
 - Reworks variables
 - Improves documentation
 - Tests now run with an extra octavia network
 - renamed mgmt network to lbaas-mgmt
 - added ubuntu/centos specific iptables save/restore
   commands/packages

Change-Id: I761ce0d2dce73d018c2ba2022798a3962e44b235
2017-04-07 09:47:13 -04:00

133 lines
4.5 KiB
YAML

---
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
## Octavia rewuires currently nested virtualization (VT-X) which only one jenkins
## gate cloud provides reliabley. To cut down on gate errors this will
## disbale the tests which spin up an amphora
test_octavia_amphora: False
test_octavia_api_group: "{{ ((groups['octavia_api'] is defined) and (groups['octavia_api'] | length > 0)) | ternary('octavia_api', 'all_containers') }}"
test_octavia_api_host: "{{ hostvars[groups[test_octavia_api_group][0]]['ansible_host'] }}"
## octavia User / Group
octavia_system_user_name: octavia
octavia_system_group_name: octavia
octavia_system_shell: /bin/false
octavia_system_comment: octavia system user
octavia_system_home_folder: "/var/lib/{{ octavia_system_user_name }}"
# Octavia specific settings
octavia_venv_tag: "testing"
octavia_developer_mode: True
octavia_git_install_branch: master
octavia_service_internaluri: "http://{{ test_octavia_api_host }}:9876"
octavia_service_internalurl: "{{ octavia_service_internaluri }}"
octavia_service_password: "secrete"
octavia_service_name: octavia
octavia_service_project_name: "service"
octavia_galera_address: "{{ test_galera_host }}"
octavia_galera_database: octavia
octavia_galera_user: octavia
octavia_container_mysql_password: "secrete"
octavia_rabbitmq_password: "{{ rabbitmq_password }}"
octavia_rabbitmq_userid: octavia
octavia_rabbitmq_vhost: /octavia
octavia_rabbitmq_servers: "{{ rabbitmq_servers }}"
octavia_rabbitmq_use_ssl: "{{ rabbitmq_use_ssl }}"
octavia_rabbitmq_port: "{{ rabbitmq_port }}"
octavia_standalone: False
octavia_swift_temp_url_secret_key: secrete
octavia_keystone_auth_plugin: password
octavia_service_project_domain_id: default
octavia_service_user_domain_id: default
octavia_service_user_name: "octavia"
octavia_ansible_endpoint_type: "internal"
octavia_health_hmac_key: secrete
test_swift_storage_network: "eth3"
test_swift_repl_network: "eth3"
glance_file_store: swift
test_swift_repl_number: 2
nova_console_type: novnc
neutron_provider_networks:
network_types: "vxlan,flat"
network_vxlan_ranges: "1:1000"
network_flat_networks: "flat,lbaas"
network_mappings: "flat:eth12,lbaas:eth14"
#couldn't find provider_networks inventory var?
octavia_container_interface: "eth14"
# Must be set to a normal MTU
neutron_network_device_mtu: 1500
neutron_l2_population: True
neutron_dhcp_config:
dhcp-option-force: "26,1500"
log-facility: "/var/log/neutron/neutron-dnsmasq.log"
neutron_l3: True
neutron_metadata: True
octavia_pip_package_state: latest
octavia_package_state: latest
octavia_neutron_management_network_name: lbaas-mgmt
octavia_git_install_branch: stable/ocata
octavia_ssh_enabled: True
octavia_amphora_driver: "{% if test_octavia_amphora | bool %}amphora_haproxy_rest_driver{% else %}amphora_noop_driver{% endif %}"
octavia_compute_driver: "{% if test_octavia_amphora | bool %}compute_nova_driver{% else %}compute_noop_driver{% endif %}"
octavia_network_driver: "{% if test_octavia_amphora | bool %}allowed_address_pairs_driver{% else %}network_noop_driver{% endif %}"
#Neutron mappings
neutron_plugin_base:
- router
- metering
- neutron_lbaas.services.loadbalancer.plugin.LoadBalancerPluginv2
neutron_lbaasv2_service_provider: LOADBALANCERV2:Octavia:neutron_lbaas.drivers.octavia.driver.OctaviaDriver:default
neutron_rpc_conn_pool_size: |
30
[octavia]
base_url= http://{{ hostvars['octavia1']['ansible_host'] }}:9876
request_poll_timeout = 500
# if we have Barbican
[certificates]
# Certificate Manager plugin. Defaults to barbican. (string value)
cert_manager_type = barbican
# Name of the Barbican authentication method to use (string value)
#barbican_auth = barbican_acl_auth
[service_auth]
insecure = {{ keystone_service_internaluri_insecure | bool }}
auth_plugin = password
# this needs to have a v3 added manually :-(
auth_url = "http://{{ test_keystone_host }}:5000/v3"
admin_project_domain = default
admin_user_domain = default
admin_tenant_name = service
admin_user = neutron
admin_password = secrete
region = RegionOne
endpoint_type = internalURL
service_name = neutron
auth_version = 3