--- # Copyright 2015, Rackspace US, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. ## AIO user-space configuration options # Scenario used to bootstrap the host bootstrap_host_scenario: aio # # Boolean option to implement OpenStack-Ansible configuration for an AIO # Switch to no for a multi-node configuration bootstrap_host_aio_config: yes # # Path to the location of the bootstrapping configuration files bootstrap_host_aio_config_path: "{{ playbook_dir }}/../etc/openstack_deploy" # bootstrap_host_aio_config_name: "openstack_user_config.yml.aio" # Path to the location of the scripts the bootstrap scripts use bootstrap_host_aio_script_path: "{{ playbook_dir }}/../scripts" # # The user space configuration file names to use bootstrap_host_user_variables_filename: "user_variables.yml" bootstrap_host_user_secrets_filename: "user_secrets.yml" ## Swap memory # If there is no swap memory present, the bootstrap will create a loopback disk # for the purpose of having swap memory available. Swap is required for some of # the services deployed and is useful for AIO's built with less than 16GB memory. # By default the swap size is set to 8GB unless the host memory is less than 8GB, # in which case it is set to 4GB. bootstrap_host_swap_size: "{% if ansible_memory_mb['real']['total'] < 8*1024 %}4{% else %}8{% endif %}" ## Loopback volumes # Sparse loopback disks are used for Cinder, Swift and Nova (instance storage). # The size of the loopback volumes can be customized here (in gigabytes). # # Boolean option to deploy the loopback disk for Cinder bootstrap_host_loopback_cinder: yes # Size of the Cinder loopback disk in gigabytes (GB). bootstrap_host_loopback_cinder_size: 1024 # # Boolean option to deploy the loopback disk for Swift bootstrap_host_loopback_swift: yes # Size of the Swift loopback disk in gigabytes (GB). bootstrap_host_loopback_swift_size: 1024 # # Boolean option to deploy the loopback disk for Nova bootstrap_host_loopback_nova: yes # Size of the Nova loopback disk in gigabytes (GB). bootstrap_host_loopback_nova_size: 1024 # Boolean option to deploy the OSD loopback disks and cluster UUID for Ceph bootstrap_host_ceph: "{{ (bootstrap_host_scenario == 'ceph') | bool }}" # Size of the Ceph OSD loopbacks bootstrap_host_loopback_ceph_size: 1024 # Ceph OSDs to create on the AIO host ceph_osd_images: - 'ceph1' - 'ceph2' - 'ceph3' ## Network configuration # The AIO bootstrap configures bridges for use with the AIO deployment. # By default, these bridges are configured to be independent of any physical # interfaces, and they have their 'bridge_ports' set to 'none'. However, # deployers can add a physical interface to 'bridge_ports' to connect the # bridge to a real physical interface. # # A setting of 'none' keeps the bridges as independent from physical # interfaces (the default). # # Setting the value to 'eth1' would mean that the bridge is directly connected # to the eth1 device. # # See https://wiki.debian.org/BridgeNetworkConnections for more details. bootstrap_host_bridge_mgmt_ports: none bootstrap_host_bridge_vxlan_ports: none bootstrap_host_bridge_storage_ports: none bootstrap_host_bridge_vlan_ports: "br-vlan-veth" # This enables the VXLAN encapsulation the traditional bridges # (br-mgmt, br-vxlan, br-storage) bootstrap_host_encapsulation_enabled: "{{ not bootstrap_host_aio_config | bool }}" # # Default network IP ranges mgmt_range: "172.29.236" vxlan_range: "172.29.240" storage_range: "172.29.244" vlan_range: "172.29.248" netmask: "255.255.252.0" # # NICs bootstrap_host_public_interface: "{{ ansible_default_ipv4.interface }}" bootstrap_host_encapsulation_interface: eth1 # #Encapsulations bootstrap_host_encapsulation_interfaces: encap-mgmt: id: 236 underlay_device: "{{ bootstrap_host_encapsulation_interface }}" friendly_name: "Encapsulation of br-mgmt with VXLAN" encap-vxlan: id: 240 underlay_device: "{{ bootstrap_host_encapsulation_interface }}" friendly_name: "Encapsulation of br-vxlan with VXLAN" encap-storage: id: 244 underlay_device: "{{ bootstrap_host_encapsulation_interface }}" friendly_name: "Encapsulation of br-storage with VXLAN" encap-vlan: id: 248 underlay_device: "{{ bootstrap_host_encapsulation_interface }}" friendly_name: "Encapsulation of br-vlan with VXLAN" # # Bridges bridges: - name: "br-mgmt" ip_addr: "172.29.236.100" netmask: "255.255.252.0" - name: "br-vxlan" ip_addr: "172.29.240.100" netmask: "255.255.252.0" - name: "br-storage" ip_addr: "172.29.244.100" netmask: "255.255.252.0" - name: "br-vlan" ip_addr: "172.29.248.100" alias: "172.29.248.1" veth_peer: "eth12" netmask: "255.255.252.0" bootstrap_host_bridges_interfaces: br-mgmt: ports: "{{ bootstrap_host_encapsulation_enabled | bool | ternary ('encap-mgmt', bootstrap_host_bridge_mgmt_ports) }}" ip_address_range: "{{ mgmt_range }}" ip_netmask: "{{ netmask }}" br-storage: ports: "{{ bootstrap_host_encapsulation_enabled | bool | ternary ('encap-storage', bootstrap_host_bridge_storage_ports) }}" ip_address_range: "{{ storage_range }}" ip_netmask: "{{ netmask }}" br-vxlan: ports: "{{ bootstrap_host_encapsulation_enabled | bool | ternary ('encap-vxlan', bootstrap_host_bridge_vxlan_ports) }}" ip_address_range: "{{ vxlan_range }}" ip_netmask: "{{ netmask }}" br-vlan: mode: "{{ bridge_vlan_inet_mode | default('static') }}" ports: "{{ bootstrap_host_encapsulation_enabled | bool | ternary ('encap-vlan', bootstrap_host_bridge_vlan_ports) }}" ip_address_range: "{{ vlan_range }}" ip_netmask: "{{ netmask }}" state_change_scripts: "{{ bridge_vlan_state_change_scripts }}" # # Convenience scripts bridge_vlan_state_change_scripts: | pre-up ip link add br-vlan-veth type veth peer name eth12 || true pre-up ip link set br-vlan-veth up pre-up ip link set eth12 up post-down ip link del br-vlan-veth || true bridge_iptables_rules: | # To ensure ssh checksum is correct up /sbin/iptables -A POSTROUTING -t mangle -p tcp -o {{ bootstrap_host_public_interface }} -j CHECKSUM --checksum-fill down /sbin/iptables -D POSTROUTING -t mangle -p tcp -o {{ bootstrap_host_public_interface }} -j CHECKSUM --checksum-fill # To provide internet connectivity to instances up /sbin/iptables -t nat -A POSTROUTING -o {{ bootstrap_host_public_interface }} -j MASQUERADE down /sbin/iptables -t nat -D POSTROUTING -o {{ bootstrap_host_public_interface }} -j MASQUERADE ## Extra storage # An AIO may optionally be built using a second storage device. If a # secondary disk device to use is not specified, then the AIO will be # built on any existing disk partitions. # # WARNING: The data on a secondary storage device specified here will # be destroyed and repartitioned. # # Specify the secondary disk device to use. bootstrap_host_data_disk_device: null # # Boolean value to force the repartitioning of the secondary device. bootstrap_host_data_disk_device_force: no # # If the storage capacity on this device is greater than or equal to this # size (in GB), the bootstrap process will use it. bootstrap_host_data_disk_min_size: 50 ### Optional Settings ### # Set the apt repository URL's configured for the host and containers. # By default the configuration will be derived from the host. #bootstrap_host_ubuntu_repo: http://archive.ubuntu.com/ubuntu/ #bootstrap_host_ubuntu_security_repo: http://archive.ubuntu.com/ubuntu/ # Set the components that will be included in the apt repository configuration bootstrap_host_apt_components: - main - universe # Specify the public IP address for the host. # By default the address will be set to the ipv4 address of the # host's network interface that has the default route on it. #bootstrap_host_public_address: 0.0.0.0 sudo_user: "ncioadmin" # password: ncioadmin # Generated with command "openssl passwd -1 -salt ncioadmin ncioadmin" sudo_user_password: "$1$ncioadmi$vDa1mNhcMDKMBSI27RqW51"