openstack/openstack-ansible-os_sahara
Code Issues Proposed changes
openstack-ansible-os_sahara/defaults/main.yml
Jesse Pretorius 51abb016b3 Default MQ RPC/Notify credentials/vhosts to match 
When the RPC and Notify service are the same, the credentials
must match - otherwise the tasks to create the user/password
will overwrite with each other.

If the two clusters are different, then the matching credentials
and vhost will not be a problem. However, if the deployer really
wishes to make sure they're different, then the vars can be
overridden.

Also, to ensure that the SSL value is consistently set in the
conf file, we apply the bool filter. We also use the 'notify'
SSL setting as the messaging system for Notifications is more
likely to remain rabbitmq in our default deployment with qrouterd
becoming the default for RPC messaging.

Change-Id: I0d5285eeebe94adda39b93e61e79be5673b7347d
2018-07-30 12:56:40 +01:00

217 lines
8.3 KiB
YAML
Raw Blame History

---
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
## Verbosity Options
debug: False
# Set the host which will execute the shade modules
# for the service setup. The host must already have
# clouds.yaml properly configured.
sahara_service_setup_host: "{{ openstack_service_setup_host | default('localhost') }}"
# Set the package install state for distribution and pip packages
# Options are 'present' and 'latest'
sahara_package_state: "latest"
sahara_pip_package_state: "latest"
sahara_git_repo: https://git.openstack.org/openstack/sahara
sahara_git_install_branch: master
sahara_developer_mode: false
sahara_developer_constraints:
- "git+{{ sahara_git_repo }}@{{ sahara_git_install_branch }}#egg=sahara"
# Name of the virtual env to deploy into
sahara_venv_tag: untagged
sahara_bin: "/openstack/venvs/sahara-{{ sahara_venv_tag }}/bin"
sahara_etc_dir: "{{ sahara_bin | dirname }}/etc/sahara"
# venv_download, even when true, will use the fallback method of building the
# venv from scratch if the venv download fails.
sahara_venv_download: "{{ not sahara_developer_mode | bool }}"
sahara_venv_download_url: http://127.0.0.1/venvs/untagged/ubuntu/sahara.tgz
sahara_db_config: /etc/sahara/sahara.conf
# Enable/Disable Ceilometer
sahara_ceilometer_enabled: False
sahara_profiler_enabled: False
sahara_fatal_deprecations: False
## System info
sahara_system_user_name: sahara
sahara_system_group_name: sahara
sahara_system_shell: /bin/false
sahara_system_comment: sahara system user
sahara_system_user_home: "/var/lib/{{ sahara_system_user_name }}"
sahara_engine_host: "{{ internal_lb_vip_address }}"
## Oslo Messaging Info
# RPC
sahara_oslomsg_rpc_host_group: "{{ oslomsg_rpc_host_group | default('rabbitmq_all') }}"
sahara_oslomsg_rpc_setup_host: "{{ (sahara_oslomsg_rpc_host_group in groups) | ternary(groups[sahara_oslomsg_rpc_host_group][0], 'localhost') }}"
sahara_oslomsg_rpc_transport: "{{ oslomsg_rpc_transport | default('rabbit') }}"
sahara_oslomsg_rpc_servers: "{{ oslomsg_rpc_servers | default('127.0.0.1') }}"
sahara_oslomsg_rpc_port: "{{ oslomsg_rpc_port | default('5672') }}"
sahara_oslomsg_rpc_use_ssl: "{{ oslomsg_rpc_use_ssl | default(False) }}"
sahara_oslomsg_rpc_userid: sahara
sahara_oslomsg_rpc_vhost: /sahara
# Notify
sahara_oslomsg_notify_host_group: "{{ oslomsg_notify_host_group | default('rabbitmq_all') }}"
sahara_oslomsg_notify_setup_host: "{{ (sahara_oslomsg_notify_host_group in groups) | ternary(groups[sahara_oslomsg_notify_host_group][0], 'localhost') }}"
sahara_oslomsg_notify_transport: "{{ oslomsg_notify_transport | default('rabbit') }}"
sahara_oslomsg_notify_servers: "{{ oslomsg_notify_servers | default('127.0.0.1') }}"
sahara_oslomsg_notify_port: "{{ oslomsg_notify_port | default('5672') }}"
sahara_oslomsg_notify_use_ssl: "{{ oslomsg_notify_use_ssl | default(False) }}"
sahara_oslomsg_notify_userid: "{{ sahara_oslomsg_rpc_userid }}"
sahara_oslomsg_notify_password: "{{ sahara_oslomsg_rpc_password }}"
sahara_oslomsg_notify_vhost: "{{ sahara_oslomsg_rpc_vhost }}"
## Database info
sahara_db_setup_host: "{{ ('galera_all' in groups) | ternary(groups['galera_all'][0], 'localhost') }}"
sahara_galera_address: "{{ galera_address | default('127.0.0.1') }}"
sahara_galera_database: sahara
sahara_galera_user: sahara
sahara_galera_use_ssl: "{{ galera_use_ssl | default(False) }}"
sahara_galera_ssl_ca_cert: "{{ galera_ssl_ca_cert | default('/etc/ssl/certs/galera-ca.pem') }}"
sahara_role_name: admin
sahara_api_bind_address: 0.0.0.0
sahara_api_service_port: 8386
## Service Type and Data
sahara_service_region: RegionOne
sahara_service_name: sahara
sahara_service_port: 8386
sahara_service_proto: http
sahara_service_engine_proto: "{{ sahara_service_proto }}"
sahara_service_publicuri_proto: "{{ openstack_service_publicuri_proto | default(sahara_service_proto) }}"
sahara_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(sahara_service_proto) }}"
sahara_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(sahara_service_proto) }}"
sahara_service_type: data-processing
sahara_service_description: "Sahara Data Processing Service"
sahara_service_user_name: sahara
sahara_service_project_name: service
sahara_service_project_domain_id: default
sahara_service_user_domain_id: default
sahara_service_project_domain_name: Default
sahara_service_user_domain_name: Default
sahara_service_publicuri: "{{ sahara_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ sahara_service_port }}"
sahara_service_publicurl: "{{ sahara_service_publicuri }}/v1.1/%(tenant_id)s"
sahara_service_internaluri: "{{ sahara_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ sahara_service_port }}"
sahara_service_internalurl: "{{ sahara_service_internaluri }}/v1.1/%(tenant_id)s"
sahara_service_adminuri: "{{ sahara_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ sahara_service_port }}"
sahara_service_adminurl: "{{ sahara_service_adminuri }}/v1.1/%(tenant_id)s"
## Keystone authentication middleware
sahara_keystone_auth_plugin: password
## Sahara config
sahara_use_floating_ips: False
sahara_use_namespaces: False
sahara_global_remote_threshold: 100
sahara_cluster_remote_threshold: 70
sahara_os_region_name: "{{ sahara_service_region }}"
sahara_default_ntp_server: "pool.ntp.org"
sahara_use_domain_for_proxy_users: True
sahara_proxy_user_domain_name: sahara_proxy
sahara_proxy_user_role_names: _member_
# Other plugins can be added to the system by simply extending the list `sahara_plugin_base`.
sahara_plugin_base:
- vanilla
- spark
- cdh
- ambari
sahara_plugin_loaded_base: "{% for plugin in sahara_plugin_base %}{{ plugin }}{% if not loop.last %},{% endif %}{% endfor %}"
## Cap the maximum number of threads / workers when a user value is unspecified.
sahara_api_workers_max: 16
sahara_api_workers: "{{ [[ansible_processor_vcpus|default(2) // 2, 1] | max, sahara_api_workers_max] | min }}"
sahara_task_executor: taskflow
sahara_digest_algorithm: sha256
sahara_http_keepalive: True
## Sahara policy
sahara_policy_file: policy.json
sahara_policy_default_rule: default
sahara_policy_dirs: policy.d
## Policy vars
# Provide a list of access controls to update the default policy.json with. These changes will be merged
# with the access controls in the default policy.json. E.g.
#sahara_policy_overrides:
# "clusters:get_all": ""
# "clusters:create": ""
sahara_service_in_ldap: False
# Common pip packages
sahara_pip_packages:
- cryptography
- keystonemiddleware
- osprofiler
- PyMySQL
- python-memcached
- python-saharaclient
- python-keystoneclient
- sahara
- warlock
- uwsgi
sahara_engine_init_overrides: {}
sahara_api_init_overrides: {}
## Service Names
sahara_services:
sahara-api:
group: sahara_api
service_name: sahara-api
init_config_overrides: "{{ sahara_api_init_overrides }}"
wsgi_overrides: "{{ sahara_api_uwsgi_ini_overrides }}"
wsgi_app: True
log_string: "--logto "
wsgi_name: sahara-wsgi-api
uwsgi_port: "{{ sahara_api_service_port }}"
uwsgi_bind_address: "{{ sahara_api_bind_address }}"
program_override: "{{ sahara_bin }}/uwsgi --ini /etc/uwsgi/sahara-api.ini"
sahara-engine:
group: sahara_engine
service_name: sahara-engine
init_config_overrides: "{{ sahara_engine_init_overrides }}"
## Sahara uWSGI settings
sahara_wsgi_processes_max: 16
sahara_wsgi_processes: "{{ [[ansible_processor_vcpus|default(1), 1] | max * 2, sahara_wsgi_processes_max] | min }}"
sahara_wsgi_threads: 1
sahara_wsgi_buffer_size: 65535
# This variable is used by the repo_build process to determine
# which host group to check for members of before building the
# pip packages required by this role. The value is picked up
# by the py_pkgs lookup.
sahara_role_project_group: sahara_all
## Tunable overrides
sahara_api_paste_ini_overrides: {}
sahara_conf_overrides: {}
sahara_rootwrap_conf_overrides: {}
sahara_policy_overrides: {}
sahara_api_uwsgi_ini_overrides: {}
View Git Blame Copy Permalink