openstack-ansible/tests/bootstrap-aio.yml
Andy McCrae 8a4729de24 SHA Bump for Pike 28/04/2016
Additionally, this adds Designate back into integrated build since
Designate is now working and requirements have caught up.

Change-Id: Ib8a6e2fe1aeb3dc475f8c0a4bdf212392ff8cdfe
2017-04-28 21:10:26 +00:00

90 lines
2.7 KiB
YAML

---
# Copyright 2015, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Bootstrap the All-In-One (AIO)
hosts: localhost
gather_facts: True
user: root
roles:
- role: "sshd"
- role: "pip_install"
- role: "bootstrap-host"
vars:
openstack_confd_entries: "{{ confd_overrides[bootstrap_host_scenario] }}"
bootstrap_host_scenario: "{{ lookup('env','SCENARIO') | default('aio', true) }}"
confd_overrides:
aio:
- name: cinder.yml.aio
- name: designate.yml.aio
- name: glance.yml.aio
- name: heat.yml.aio
- name: horizon.yml.aio
- name: keystone.yml.aio
- name: neutron.yml.aio
- name: nova.yml.aio
- name: swift.yml.aio
ceph:
- name: ceph.yml.aio
- name: cinder.yml.aio
- name: glance.yml.aio
- name: heat.yml.aio
- name: horizon.yml.aio
- name: keystone.yml.aio
- name: neutron.yml.aio
- name: nova.yml.aio
sftp_subsystem: "{{ (ansible_pkg_mgr == 'apt') | ternary('sftp /usr/lib/openssh/sftp-server','sftp /usr/libexec/openssh/sftp-server') }}"
sshd:
ListenAddress:
- 0.0.0.0
- '::'
Port: 22
Protocol: 2
HostKey:
- "/etc/ssh/ssh_host_rsa_key"
- "/etc/ssh/ssh_host_ecdsa_key"
- "/etc/ssh/ssh_host_ed25519_key"
UsePrivilegeSeparation: yes
KeyRegenerationInterval: 3600
ServerKeyBits: 1024
SyslogFacility: "AUTH"
LogLevel: "INFO"
LoginGraceTime: 120
StrictModes: yes
RSAAuthentication: yes
PubkeyAuthentication: yes
IgnoreRhosts: yes
RhostsRSAAuthentication: no
HostbasedAuthentication: no
PermitEmptyPasswords: no
PermitRootLogin: yes
ChallengeResponseAuthentication: no
PasswordAuthentication: no
X11DisplayOffset: 10
PrintMotd: no
PrintLastLog: no
TCPKeepAlive: yes
AcceptEnv: "LANG LC_*"
Subsystem: "{{ sftp_subsystem }}"
UsePAM: yes
UseDNS: no
X11Forwarding: no
Compression: yes
CompressionLevel: 6
MaxSessions: 100
MaxStartups: "100:100:100"
GSSAPIAuthentication: no
GSSAPICleanupCredentials: no