Created
July 20, 2017 03:32
-
-
Save danilochilene/6b4ca30658c05d2e07290336fb377db1 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
# Copyright 2014, Rackspace US, Inc. | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
### | |
### This file contains commonly used overrides for convenience. Please inspect | |
### the defaults for each role to find additional override options. | |
### | |
## Debug and Verbose options. | |
debug: true | |
## Common Glance Overrides | |
# Set glance_default_store to "swift" if using Cloud Files backend | |
# or "rbd" if using ceph backend; the latter will trigger ceph to get | |
# installed on glance. If using a file store, a shared file store is | |
# recommended. See the OpenStack-Ansible install guide and the OpenStack | |
# documentation for more details. | |
# Note that "swift" is automatically set as the default back-end if there | |
# are any swift hosts in the environment. Use this setting to override | |
# this automation if you wish for a different default back-end. | |
glance_default_store: rbd | |
## Ceph pool name for Glance to use | |
glance_rbd_store_pool: glance-images | |
glance_rbd_store_chunk_size: 8 | |
## Common Nova Overrides | |
# When nova_libvirt_images_rbd_pool is defined, ceph will be installed on nova | |
# hosts. | |
nova_libvirt_images_rbd_pool: ephemeral-vms | |
nova_force_config_drive: False | |
nova_nova_conf_overrides: | |
libvirt: | |
live_migration_uri: qemu+ssh://nova@%s/system?keyfile=/var/lib/nova/.ssh/id_rsa&no_verify=1 | |
# If you wish to change the dhcp_domain configured for both nova and neutron | |
dhcp_domain: openstack-tpa2.net | |
## Common Glance Overrides when using a Swift back-end | |
# By default when 'glance_default_store' is set to 'swift' the playbooks will | |
# expect to use the Swift back-end that is configured in the same inventory. | |
# If the Swift back-end is not in the same inventory (ie it is already setup | |
# through some other means) then these settings should be used. | |
# | |
# NOTE: Ensure that the auth version matches your authentication endpoint. | |
# | |
# NOTE: If the password for glance_swift_store_key contains a dollar sign ($), | |
# it must be escaped with an additional dollar sign ($$), not a backslash. For | |
# example, a password of "super$ecure" would need to be entered as | |
# "super$$ecure" below. See Launchpad Bug #1259729 for more details. | |
# | |
# glance_swift_store_auth_version: 3 | |
# glance_swift_store_auth_address: "https://some.auth.url.com" | |
# glance_swift_store_user: "OPENSTACK_TENANT_ID:OPENSTACK_USER_NAME" | |
# glance_swift_store_key: "OPENSTACK_USER_PASSWORD" | |
# glance_swift_store_container: "NAME_OF_SWIFT_CONTAINER" | |
# glance_swift_store_region: "NAME_OF_REGION" | |
cinder_ceph_client: cinder | |
cephx: true | |
## Common Ceph Overrides | |
ceph_mons: | |
- 192.168.1.100 | |
- 192.168.1.101 | |
- 192.168.1.102 | |
## Custom Ceph Configuration File (ceph.conf) | |
# By default, your deployment host will connect to one of the mons defined above to | |
# obtain a copy of your cluster's ceph.conf. If you prefer, uncomment ceph_conf_file | |
# and customise to avoid ceph.conf being copied from a mon. | |
#ceph_conf_file: | | |
# [global] | |
# fsid = 00000000-1111-2222-3333-444444444444 | |
# mon_initial_members = mon1.example.local,mon2.example.local,mon3.example.local | |
# mon_host = 10.16.5.40,10.16.5.41,10.16.5.42 | |
# # optionally, you can use this construct to avoid defining this list twice: | |
# # mon_host = {{ ceph_mons|join(',') }} | |
# auth_cluster_required = cephx | |
# auth_service_required = cephx | |
# By default, openstack-ansible configures all OpenStack services to talk to | |
# RabbitMQ over encrypted connections on port 5671. To opt-out of this default, | |
# set the rabbitmq_use_ssl variable to 'false'. The default setting of 'true' | |
# is highly recommended for securing the contents of RabbitMQ messages. | |
# rabbitmq_use_ssl: false | |
# RabbitMQ management plugin is enabled by default, the guest user has been | |
# removed for security reasons and a new userid 'monitoring' has been created | |
# with the 'monitoring' user tag. In order to modify the userid, uncomment the | |
# following and change 'monitoring' to your userid of choice. | |
# rabbitmq_monitoring_userid: monitoring | |
## Additional pinning generator that will allow for more packages to be pinned as you see fit. | |
## All pins allow for package and versions to be defined. Be careful using this as versions | |
## are always subject to change and updates regarding security will become your problem from this | |
## point on. Pinning can be done based on a package version, release, or origin. Use "*" in the | |
## package name to indicate that you want to pin all package to a particular constraint. | |
# apt_pinned_packages: | |
# - { package: "lxc", version: "1.0.7-0ubuntu0.1" } | |
# - { package: "libvirt-bin", version: "1.2.2-0ubuntu13.1.9" } | |
# - { package: "rabbitmq-server", origin: "www.rabbitmq.com" } | |
# - { package: "*", release: "MariaDB" } | |
## Environment variable settings | |
# This allows users to specify the additional environment variables to be set | |
# which is useful in setting where you working behind a proxy. If working behind | |
# a proxy It's important to always specify the scheme as "http://". This is what | |
# the underlying python libraries will handle best. This proxy information will be | |
# placed both on the hosts and inside the containers. | |
## Example environment variable setup: | |
## (1) This sets up a permanent environment, used during and after deployment: | |
# proxy_env_url: http://username:[email protected]:9000/ | |
# no_proxy_env: "localhost,127.0.0.1,{{ internal_lb_vip_address }},{{ external_lb_vip_address }},{% for host in groups['all_containers'] %}{{ hostvars[host]['container_address'] }}{% if not loop.last %},{% endif %}{% endfor %}" | |
# global_environment_variables: | |
# HTTP_PROXY: "{{ proxy_env_url }}" | |
# HTTPS_PROXY: "{{ proxy_env_url }}" | |
# NO_PROXY: "{{ no_proxy_env }}" | |
# http_proxy: "{{ proxy_env_url }}" | |
# https_proxy: "{{ proxy_env_url }}" | |
# no_proxy: "{{ no_proxy_env }}" | |
# | |
## (2) This is applied only during deployment, nothing is left after deployment is complete: | |
# deployment_environment_variables: | |
# http_proxy: http://username:[email protected]:9000/ | |
# https_proxy: http://username:[email protected]:9000/ | |
# no_proxy: "localhost,127.0.0.1,{{ internal_lb_vip_address }},{{ external_lb_vip_address }}" | |
## SSH connection wait time | |
# If an increased delay for the ssh connection check is desired, | |
# uncomment this variable and set it appropriately. | |
ssh_delay: 10 | |
## HAProxy | |
# Uncomment this to disable keepalived installation (cf. documentation) | |
haproxy_use_keepalived: True | |
# | |
# HAProxy Keepalived configuration (cf. documentation) | |
# Make sure that this is set correctly according to the CIDR used for your | |
# internal and external addresses. | |
#haproxy_keepalived_external_vip_cidr: "{{external_lb_vip_address}}/32" | |
haproxy_keepalived_internal_vip_cidr: "10.20.20.50/24" | |
#haproxy_keepalived_external_interface: | |
haproxy_keepalived_internal_interface: br-mgmt | |
keepalived_use_latest_stable: True | |
# Defines the default VRRP id used for keepalived with haproxy. | |
# Overwrite it to your value to make sure you don't overlap | |
# with existing VRRPs id on your network. Default is 10 for the external and 11 for the | |
# internal VRRPs | |
# haproxy_keepalived_external_virtual_router_id: | |
# haproxy_keepalived_internal_virtual_router_id: | |
# Defines the VRRP master/backup priority. Defaults respectively to 100 and 20 | |
# haproxy_keepalived_priority_master: | |
# haproxy_keepalived_priority_backup: | |
# Keepalived default IP address used to check its alive status (IPv4 only) | |
# keepalived_ping_address: "193.0.14.129" | |
# All the previous variables are used in a var file, fed to the keepalived role. | |
# To use another file to feed the role, override the following var: | |
# haproxy_keepalived_vars_file: 'vars/configs/keepalived_haproxy.yml' | |
openstack_service_publicuri_proto: http | |
openstack_external_ssl: false | |
haproxy_ssl: false |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment