53e0325424
On OSPd10 we ran into a port collision with zaqar-server listening to port 9000. Originally port 9000 was chosen because it is less "work" to allow selinux to let httpd listen on that port. This commit allows us to change the port and handle selinux still. PS#3 - Implemented Justin's suggestion on using the ansible module rather than a shell command to semanage. Do note that I have run into inconsistent behavior with the module if you are running older than ansible 2.1.1. See this now fixed ansible issue: PS#5 - Just use semanage, Ansible upstream does not have seport fixed yet. View response on github for further details. https://github.com/ansible/ansible-modules-extras/issues/2009 PS#7 - Now persists the iptables rule and results_in_httpd is renamed to browbeat_results_in_httpd and exposed in the typical vars file. PS#12 - Implemented wfoster's handle firewalld/iptables ansible tasks. Change-Id: Ia859c6d87d6c4aba69c0db48be6b434d31162c72
184 lines
5.7 KiB
YAML
184 lines
5.7 KiB
YAML
---
|
|
|
|
# OpenStack Installer
|
|
tripleo: true
|
|
|
|
browbeat_path: /home/stack/browbeat
|
|
home_dir: /home/stack
|
|
# Configuration items to adjust browbeat results served through httpd
|
|
browbeat_results_port: 9001
|
|
browbeat_results_in_httpd: true
|
|
supported_distro: ((ansible_distribution == "CentOS" && ansible_distribution_major_version >= "7") or
|
|
(ansible_distribution == "RedHat" && ansible_distribution_major_version >= "7"))
|
|
|
|
# Login user for the remote hosts
|
|
host_remote_user: heat-admin
|
|
# Login user for the local/jump machine
|
|
local_remote_user: stack
|
|
|
|
# The Overcloud RC file
|
|
overcloudrc: /home/stack/overcloudrc
|
|
|
|
# The Overcloud CA cert file
|
|
# overcloud_ca_path: /etc/pki/ca-trust/source/anchors/overcloud.crt.pem
|
|
|
|
# The default Browbeat venv
|
|
browbeat_venv: /home/stack/browbeat-venv
|
|
|
|
# The default Rally venv
|
|
rally_venv: /home/stack/rally-venv
|
|
|
|
# Rally version to install
|
|
rally_version: 0.5.0
|
|
|
|
# The default Shaker venv
|
|
shaker_venv: /home/stack/shaker-venv
|
|
|
|
# The default PerfKit venv:
|
|
perfkit_venv: /home/stack/perfkit-venv
|
|
|
|
# Guest images for the Overcloud
|
|
images:
|
|
centos7:
|
|
url: http://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud.qcow2
|
|
cirros:
|
|
url: http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
|
|
|
|
# DNS Server to add
|
|
dns_server: 8.8.8.8
|
|
|
|
# epel7 rpm for collectd packages
|
|
epel7_rpm: https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
|
|
|
|
# Host where connmond will be running
|
|
connmon_host: 192.0.2.1
|
|
|
|
########################################
|
|
# Collectd Configuration
|
|
########################################
|
|
# Interval in seconds
|
|
collectd_interval: 10
|
|
# Run collectd on specific openstack nodes:
|
|
collectd_undercloud: true
|
|
collectd_controller: true
|
|
collectd_ceph: true
|
|
collectd_compute: false
|
|
|
|
########################################
|
|
# Docker related
|
|
# (use these if deploying graphite/carbon/grafana as containers)
|
|
########################################
|
|
persistent_carbon_data_path: /data/carbon/whisper
|
|
persistent_grafana_data_path: /data/grafana
|
|
docker_carbon_cache_port: 2003
|
|
docker_graphite_port: 8888
|
|
docker_grafana_port: 3000
|
|
carbon_cache_docker_image: kambiz/carbon-cache:0.9.15
|
|
graphite_web_docker_image: kambiz/graphite-web:0.9.15
|
|
grafana_docker_image: grafana/grafana:2.6.0
|
|
|
|
########################################
|
|
# Graphite Configuration
|
|
########################################
|
|
# Graphite Server ip address (Collectd -> Graphite server)
|
|
# you must fill out graphite_host prior to playbook execution
|
|
graphite_host:
|
|
graphite_port: 80
|
|
# Graphite prefix / Cloud name used both with graphite and grafana dashboards
|
|
graphite_prefix: openstack
|
|
# Graphite username and password for login on the dashboard
|
|
graphite_username: root
|
|
graphite_password: calvin
|
|
|
|
########################################
|
|
# Grafana Dashboarding Configuration
|
|
########################################
|
|
# Grafana Server IP Address/Port (Can be hosted on the Graphite server)
|
|
# you must fill out grafana_host prior to playbook execution
|
|
grafana_host:
|
|
grafana_port: 3000
|
|
grafana_username: admin
|
|
grafana_password: admin
|
|
# Batch number of hosts per row for all-{cpu, memory, disk, network} openstack dashboards
|
|
dashboards_batch: 20
|
|
# For use with all-{cpu, memory, disk, network} openstack dashboards, uses the graphite prefix to create dashboards for specific openstack cloud
|
|
dashboard_cloud_name: "{{graphite_prefix}}"
|
|
|
|
########################################
|
|
# Shaker Configuration
|
|
########################################
|
|
# Port for Shaker (5555 should suffice)
|
|
shaker_port: 5555
|
|
# Should choose m1.small or larger
|
|
shaker_flavor: m1.small
|
|
# Shaker centos image builder template
|
|
shaker_centos: "{{shaker_venv}}/lib/python2.7/site-packages/shaker/resources/image_builder_templates/centos.yaml"
|
|
shaker_region: regionOne
|
|
|
|
#######################################
|
|
# Connman Configuration
|
|
#######################################
|
|
# Port for Connman
|
|
connmon_port: 5800
|
|
|
|
########################################
|
|
# Browbeat Network Configuration
|
|
########################################
|
|
# Public network that perfkit and shaker utilize
|
|
browbeat_pub_net_name: browbeat_public
|
|
browbeat_pub_subnet: 1.1.1.1/22
|
|
browbeat_pub_pool_start: 1.1.1.1
|
|
browbeat_pub_pool_end: 1.1.1.1
|
|
browbeat_pub_pool_gw: 1.1.1.1
|
|
# Private subnet
|
|
browbeat_pri_net_name: browbeat_private
|
|
browbeat_pri_subnet: 172.16.10.0/24
|
|
browbeat_pri_pool_start: 172.16.10.2
|
|
browbeat_pri_pool_end: 172.16.10.100
|
|
browbeat_pri_pool_gw: 172.16.10.1
|
|
browbeat_pri_pool_dns: 8.8.8.8
|
|
|
|
browbeat_router_name: browbeat_router
|
|
|
|
########################################
|
|
# ELK Server Variables
|
|
########################################
|
|
### nginx ###
|
|
# add nonstandard port here for undercloud usage
|
|
# usage: port nginx listens to reverse-proxy Kibana
|
|
# e.g. 8888
|
|
nginx_kibana_port: 80
|
|
#
|
|
# usage: port filebeat client grabs the client SSL certificate
|
|
# e.g. 9999
|
|
elk_server_ssl_cert_port: 8080
|
|
#
|
|
### logging backend ###
|
|
# you can pick between logstash or fluentd
|
|
# if left empty logstash will be used
|
|
### accepted options ###
|
|
# logging_backend:
|
|
# logging_backend: logstash
|
|
# logging_backend: fluentd
|
|
logging_backend:
|
|
#
|
|
### logstash options ###
|
|
logstash_syslog_port: 5044
|
|
### fluentd options ###
|
|
fluentd_syslog_port: 42185
|
|
fluentd_http_port: 9919
|
|
fluentd_debug_port: 24230
|
|
## elasticsearch local port listener
|
|
# we will enable localhost listening on TCP/9200
|
|
# due to utilizing elasticsearch connectors, general
|
|
# usage may want to disable this option due to security reasons
|
|
# in which case you should set this to false
|
|
es_local_port: 9200
|
|
es_listen_external: true
|
|
### install curator tool ###
|
|
# curator is the recommended tool for managing elasticsearch indexes
|
|
# https://www.elastic.co/guide/en/elasticsearch/client/curator/current/index.html
|
|
# default is no (set to blank) or false
|
|
# set the below variable to 'true' to activate
|
|
install_curator_tool: false
|