--- # The following configuration aims to test some of the 'host configure' # command. # Additional users. controller_users: - username: kayobe-test-user name: Kayobe test user password: kayobe-test-user-password groups: - stack # Additional network interfaces, testing a variety of interface configurations. controller_extra_network_interfaces: - test_net_eth - test_net_eth_vlan - test_net_bridge - test_net_bridge_vlan - test_net_bond - test_net_bond_vlan # Custom IP routing tables. network_route_tables: - id: 2 name: kayobe-test-route-table # dummy2: Ethernet interface. test_net_eth_cidr: 192.168.34.0/24 test_net_eth_routes: - cidr: 192.168.40.0/24 gateway: 192.168.34.254 test_net_eth_interface: dummy2 # dummy2.42: VLAN subinterface of dummy2. test_net_eth_vlan_cidr: 192.168.35.0/24 test_net_eth_vlan_interface: "{% raw %}{{ test_net_eth_interface }}.{{ test_net_eth_vlan_vlan }}{% endraw %}" test_net_eth_vlan_vlan: 42 test_net_eth_vlan_routes: - cidr: 192.168.40.0/24 gateway: 192.168.35.254 table: kayobe-test-route-table test_net_eth_vlan_rules: {% if ansible_os_family == 'RedHat' %} - from 192.168.35.0/24 table kayobe-test-route-table {% else %} - from: 192.168.35.0/24 table: kayobe-test-route-table {% endif %} test_net_eth_vlan_zone: test-zone1 # br0: bridge with ports dummy3, dummy4. test_net_bridge_cidr: 192.168.36.0/24 test_net_bridge_interface: br0 test_net_bridge_bridge_ports: [dummy3, dummy4] test_net_bridge_zone: test-zone2 # br0.43: VLAN subinterface of br0. test_net_bridge_vlan_cidr: 192.168.37.0/24 test_net_bridge_vlan_interface: "{% raw %}{{ test_net_bridge_interface }}.{{ test_net_bridge_vlan_vlan }}{% endraw %}" test_net_bridge_vlan_vlan: 43 test_net_bridge_vlan_zone: test-zone3 # bond0: bond with slaves dummy5, dummy6. test_net_bond_cidr: 192.168.38.0/24 test_net_bond_interface: bond0 test_net_bond_bond_slaves: [dummy5, dummy6] test_net_bond_zone: test-zone3 # bond0.44: VLAN subinterface of bond0. test_net_bond_vlan_cidr: 192.168.39.0/24 test_net_bond_vlan_interface: "{% raw %}{{ test_net_bond_interface }}.{{ test_net_bond_vlan_vlan }}{% endraw %}" test_net_bond_vlan_vlan: 44 test_net_bond_vlan_zone: public # Define a software RAID device consisting of two loopback devices. controller_mdadm_arrays: - name: md0 devices: - /dev/loop0 - /dev/loop1 level: '1' state: present # Layer LUKS encryption on top of the software RAID controller_luks_devices: - name: loopback-crypt device: /dev/md0 # Create an LVM volume group for Docker volumes and devicemapper. controller_lvm_groups: - "{% raw %}{{ controller_lvm_group_data }}{% endraw %}" # Provide a disk for use by LVM. Uses the LUKS encrypted device created above. controller_lvm_group_data_disks: - /dev/mapper/loopback-crypt # Set a sysctl. controller_sysctl_parameters: fs.mount-max: 99999 # Disable cloud-init. disable_cloud_init: true # Use devicemapper storage driver. docker_storage_driver: devicemapper # Set Honolulu time. timezone: Pacific/Honolulu {% if ansible_os_family == 'RedHat' %} # Use a local DNF mirror. dnf_use_local_mirror: true # Mirror FQDN for DNF repos. dnf_centos_mirror_host: "{{ zuul_site_mirror_fqdn }}" # Mirror directory for DNF CentOS repos. dnf_centos_mirror_directory: 'centos' # Mirror FQDN for DNF EPEL repos. dnf_epel_mirror_host: "{{ zuul_site_mirror_fqdn }}" # Mirror directory for DNF EPEL repos. dnf_epel_mirror_directory: 'epel' # Configure a custom DNF repository. dnf_custom_repos: td-agent: baseurl: http://packages.treasuredata.com/4/redhat/$releasever/$basearch gpgkey: https://packages.treasuredata.com/GPG-KEY-td-agent gpgcheck: yes # Enable DNF Automatic. dnf_automatic_enabled: true {% endif %} # Override the default NTP pool chrony_ntp_servers: - server: time.cloudflare.com type: pool options: - option: maxsources val: 2 # Enable firewalld (CentOS only). controller_firewalld_enabled: true controller_firewalld_zones: - zone: test-zone1 - zone: test-zone2 - zone: test-zone3 controller_firewalld_default_zone: controller_firewalld_rules: - port: 8080/tcp zone: test-zone1 - service: http zone: test-zone2 - icmp_block: echo-request zone: test-zone3 - service: cockpit state: disabled zone: public