
There is no record for why we implement the MQ vhost/user creation outside of the role in the playbook, when we could do it inside the role. Implementing it inside the role allows us to reduce the quantity of group_vars duplicated from the role, and allows us to better document the required variables in the role. The delegation can still be done as it is done in the playbook too. In this patch we implement two new variables: - designate_oslomsg_rpc_setup_host - designate_oslomsg_notify_setup_host These are used in the role to allow delegation of the MQ vhost/user setup for each type to any host, but they default to using the first member of the applicable oslomsg host group. We also adjust some of the defaults to automatically inherit existing vars set in group_vars form the integrated build so that we do not need to do the wiring in the integrated build's group vars. We still default them in the role too for independent role usage. Change-Id: I65203372e551d5ab3ef17a823f2089c23a2af8fe
230 lines
8.7 KiB
YAML
230 lines
8.7 KiB
YAML
---
|
|
# Copyright 2016, Tata Consultancy Services
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
## Verbosity Options
|
|
debug: False
|
|
|
|
# Set the host which will execute the shade modules
|
|
# for the service setup. The host must already have
|
|
# clouds.yaml properly configured.
|
|
designate_service_setup_host: "{{ openstack_service_setup_host | default('localhost') }}"
|
|
|
|
# Set the package install state for distribution packages
|
|
# Options are 'present' and 'latest'
|
|
designate_package_state: "latest"
|
|
designate_pip_package_state: "latest"
|
|
|
|
# Set installation method.
|
|
designate_install_method: "source"
|
|
|
|
## The git source/branch
|
|
designate_git_repo: https://git.openstack.org/openstack/designate
|
|
designate_git_install_branch: master
|
|
|
|
# Developer mode is used for role functional testing and allows the role
|
|
# to build an environment directly from a git source without the presence
|
|
# of an OpenStack-Ansible repo_server.
|
|
designate_developer_mode: False
|
|
|
|
## The packages to build from source (used in developer mode)
|
|
designate_developer_constraints:
|
|
- "git+{{ designate_git_repo }}@{{ designate_git_install_branch }}#egg=designate"
|
|
|
|
# Name of the virtual env to deploy into
|
|
designate_venv_tag: untagged
|
|
designate_bin: "{{ _designate_bin }}"
|
|
|
|
# Set the etc dir path where designate is installed.
|
|
# This is used for role access to the db migrations.
|
|
# Example:
|
|
# designate_etc_dir: "/usr/local/etc/designate"
|
|
designate_etc_dir: "{{ _designate_etc }}/designate"
|
|
|
|
# venv_download, even when true, will use the fallback method of building the
|
|
# venv from scratch if the venv download fails.
|
|
designate_venv_download: "{{ not designate_developer_mode | bool }}"
|
|
# URL of the pre-built virtualenv
|
|
designate_venv_download_url: http://127.0.0.1/venvs/untagged/ubuntu/designate.tgz
|
|
|
|
## System info
|
|
designate_system_user_name: designate
|
|
designate_system_group_name: designate
|
|
designate_system_shell: /bin/false
|
|
designate_system_comment: designate system user
|
|
designate_system_user_home: "/var/lib/{{ designate_system_user_name }}"
|
|
|
|
## Database info
|
|
designate_db_setup_host: "{{ ('galera_all' in groups) | ternary(groups['galera_all'][0], 'localhost') }}"
|
|
designate_galera_address: "{{ galera_address | default('127.0.0.1') }}"
|
|
designate_galera_user: designate
|
|
designate_galera_database: designate
|
|
designate_galera_use_ssl: "{{ galera_use_ssl | default(False) }}"
|
|
designate_galera_ssl_ca_cert: "{{ galera_ssl_ca_cert | default('/etc/ssl/certs/galera-ca.pem') }}"
|
|
|
|
## Oslo Messaging
|
|
# RPC
|
|
designate_oslomsg_rpc_host_group: "{{ oslomsg_rpc_host_group | default('rabbitmq_all') }}"
|
|
designate_oslomsg_rpc_setup_host: "{{ (designate_oslomsg_rpc_host_group in groups) | ternary(groups[designate_oslomsg_rpc_host_group][0], 'localhost') }}"
|
|
designate_oslomsg_rpc_transport: "{{ oslomsg_rpc_transport | default('rabbit') }}"
|
|
designate_oslomsg_rpc_servers: "{{ oslomsg_rpc_servers | default('127.0.0.1') }}"
|
|
designate_oslomsg_rpc_port: "{{ oslomsg_rpc_port | default('5672') }}"
|
|
designate_oslomsg_rpc_use_ssl: "{{ oslomsg_rpc_use_ssl | default(False) }}"
|
|
designate_oslomsg_rpc_userid: designate-rpc
|
|
designate_oslomsg_rpc_vhost: /designate
|
|
|
|
# Notify
|
|
designate_oslomsg_notify_host_group: "{{ oslomsg_notify_host_group | default('rabbitmq_all') }}"
|
|
designate_oslomsg_notify_setup_host: "{{ (designate_oslomsg_notify_host_group in groups) | ternary(groups[designate_oslomsg_notify_host_group][0], 'localhost') }}"
|
|
designate_oslomsg_notify_transport: "{{ oslomsg_notify_transport | default('rabbit') }}"
|
|
designate_oslomsg_notify_servers: "{{ oslomsg_notify_servers | default('127.0.0.1') }}"
|
|
designate_oslomsg_notify_port: "{{ oslomsg_notify_port | default('5672') }}"
|
|
designate_oslomsg_notify_use_ssl: "{{ oslomsg_notify_use_ssl | default(False) }}"
|
|
designate_oslomsg_notify_userid: designate-notify
|
|
designate_oslomsg_notify_vhost: /designate
|
|
|
|
## RabbitMQ info
|
|
|
|
## Pool Configuration Defaults
|
|
designate_pool_uuid: 794ccc2c-d751-44fe-b57f-8894c9f5c842
|
|
|
|
# Enable/Disable Ceilometer
|
|
designate_ceilometer_enabled: False
|
|
|
|
# Designate services info
|
|
designate_role_name: admin
|
|
|
|
## DNS Backend Configuration
|
|
# Configuration for the DNS backend that Designate will talk to, Designate
|
|
# supports lots of backends, bind9, powerdns, nsd, djb, dyn, akamai, etc.
|
|
# DNS Backends are configured via a YAML file that Designate reads. The DNS
|
|
# server need not be in the actual Designate container, but for development,
|
|
# or for some internal addressing use cases, it may make sense.
|
|
|
|
# YAML to use for the Designate pools.yaml file. If this variable is defined,
|
|
# a pools.yaml file will be written to /etc/designate/pools.yaml with the
|
|
# provided YAML data.
|
|
#
|
|
# This is some example pools.yaml information that will work with a
|
|
# simple bind9 installation in the same container as Designate.
|
|
# designate_pools_yaml:
|
|
# - name: "default"
|
|
# description: Default BIND9 Pool
|
|
# attributes: {}
|
|
# ns_records:
|
|
# - hostname: ns1.example.org.
|
|
# priority: 1
|
|
# nameservers:
|
|
# - host: 127.0.0.1
|
|
# port: 53
|
|
# targets:
|
|
# - type: bind9
|
|
# description: BIND9 Server
|
|
# masters:
|
|
# - host: 127.0.0.1
|
|
# port: 5354
|
|
# options:
|
|
# host: 127.0.0.1
|
|
# port: 53
|
|
# rndc_host: 127.0.0.1
|
|
# rndc_port: 953
|
|
|
|
## rndc keys for authenticating with bind9
|
|
# define this to create as many key files as are required
|
|
# designate_rndc_keys
|
|
# - name: "rndc-key"
|
|
# file: /etc/designate/rndc.key
|
|
# algorithm: "hmac-md5"
|
|
# secret: "<key>"
|
|
|
|
## Service Type and Data
|
|
designate_service_region: RegionOne
|
|
designate_service_endpoint_type: internalURL
|
|
designate_service_name: designate
|
|
designate_service_port: 9001
|
|
designate_service_proto: http
|
|
designate_service_type: dns
|
|
designate_service_description: "Designate DNS as a Service"
|
|
designate_service_project_domain_id: default
|
|
designate_service_user_domain_id: default
|
|
designate_service_user_name: designate
|
|
designate_keystone_auth_type: password
|
|
designate_service_project_name: service
|
|
|
|
designate_service_publicuri_proto: "{{ openstack_service_publicuri_proto | default(designate_service_proto) }}"
|
|
designate_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(designate_service_proto) }}"
|
|
|
|
designate_service_publicuri: "{{ designate_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ designate_service_port }}"
|
|
designate_service_internaluri: "{{ designate_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ designate_service_port }}"
|
|
designate_service_adminuri: "{{ (designate_service_adminurl | default('http://localhost')) | netorigin }}"
|
|
|
|
designate_service_in_ldap: False
|
|
|
|
# Common pip packages
|
|
designate_pip_packages:
|
|
- cryptography
|
|
- designate
|
|
- osprofiler
|
|
- python-designateclient
|
|
- PyMySQL
|
|
- python-memcached
|
|
- warlock
|
|
|
|
designate_central_init_overrides: {}
|
|
designate_worker_init_overrides: {}
|
|
designate_producer_init_overrides: {}
|
|
designate_mdns_init_overrides: {}
|
|
designate_sink_init_overrides: {}
|
|
designate_api_init_overrides: {}
|
|
|
|
|
|
## Service Name-Group Mapping
|
|
designate_services:
|
|
designate-central:
|
|
group: designate_central
|
|
service_name: designate-central
|
|
init_config_overrides: "{{ designate_central_init_overrides }}"
|
|
designate-worker:
|
|
group: designate_worker
|
|
service_name: designate-worker
|
|
init_config_overrides: "{{ designate_worker_init_overrides }}"
|
|
designate-producer:
|
|
group: designate_producer
|
|
service_name: designate-producer
|
|
init_config_overrides: "{{ designate_producer_init_overrides }}"
|
|
designate-mdns:
|
|
group: designate_mdns
|
|
service_name: designate-mdns
|
|
init_config_overrides: "{{ designate_mdns_init_overrides }}"
|
|
designate-sink:
|
|
group: designate_sink
|
|
service_name: designate-sink
|
|
init_config_overrides: "{{ designate_sink_init_overrides }}"
|
|
designate-api:
|
|
group: designate_api
|
|
service_name: designate-api
|
|
init_config_overrides: "{{ designate_api_init_overrides }}"
|
|
|
|
# This variable is used by the repo_build process to determine
|
|
# which host group to check for members of before building the
|
|
# pip packages required by this role. The value is picked up
|
|
# by the py_pkgs lookup.
|
|
designate_role_project_group: designate_all
|
|
|
|
## Tunable overrides
|
|
designate_policy_overrides: {}
|
|
designate_designate_conf_overrides: {}
|
|
designate_api_paste_ini_overrides: {}
|
|
designate_rootwrap_conf_overrides: {}
|