openstack/openstack-ansible-os_zun
Code Issues Proposed changes
6ce64bb2eb
openstack-ansible-os_zun/defaults/main.yml
Kevin Carter b54e3f4497
Add packages required for osprofiler 
The following packages are required in-order to run osprofiler.
these packages will provide deployers the ability to profile
a service on demand should they choose to enable the profile
functionality.

Change-Id: I119ab6ab6f57b04fcedba36006d2a04de91cfae3
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2018-06-11 22:59:37 -05:00

265 lines
9.0 KiB
YAML
Raw Blame History

---
# Copyright 2014, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Enable/Disable barbican configurations
zun_barbican_enabled: False
# Enable/Disable designate configurations
zun_designate_enabled: False
# Notification topics for designate.
zun_notifications_designate: notifications_designate
# Enable/Disable ceilometer configurations
zun_ceilometer_enabled: False
## Verbosity Options
debug: False
# Set the package install state for distribution and pip packages
# Options are 'present' and 'latest'
zun_package_state: "latest"
zun_pip_package_state: "latest"
zun_git_repo: https://git.openstack.org/openstack/zun
zun_git_install_branch: master
zun_kuryr_git_repo: https://git.openstack.org/openstack/kuryr-libnetwork
zun_kuryr_git_install_branch: master
zun_developer_mode: false
zun_developer_constraints:
- "git+{{ zun_git_repo }}@{{ zun_git_install_branch }}#egg=zun"
- "git+{{ zun_kuryr_git_repo }}@{{ zun_kuryr_git_install_branch }}#egg=kuryr-libnetwork"
# Name of the virtual env to deploy into
zun_venv_tag: untagged
zun_bin: "/openstack/venvs/zun-{{ zun_venv_tag }}/bin"
# venv_download, even when true, will use the fallback method of building the
# venv from scratch if the venv download fails.
zun_venv_download: "{{ not zun_developer_mode | bool }}"
zun_venv_download_url: http://127.0.0.1/venvs/untagged/ubuntu/zun.tgz
zun_fatal_deprecations: False
## Zun user information
zun_system_user_name: zun
zun_system_group_name: zun
zun_system_shell: /bin/false
zun_system_comment: zun system user
zun_system_home_folder: "/var/lib/{{ zun_system_user_name }}"
zun_log_dir: "/var/log/zun"
zun_lock_path: "/var/lock/zun"
## Kuryr user information
zun_kuryr_system_user_name: kuryr
zun_kuryr_system_group_name: kuryr
zun_kuryr_system_shell: /bin/false
zun_kuryr_system_comment: kuryr system user
zun_kuryr_system_home_folder: "/var/lib/{{ zun_kuryr_system_user_name }}"
zun_kuryr_log_dir: "/var/log/kuryr"
zun_kuryr_lock_path: "/var/lock/kuryr"
# Set a list of users that are permitted to execute the docker binary.
zun_docker_users:
- "{{ zun_system_user_name }}"
- "{{ zun_kuryr_system_user_name }}"
# Set the docker api version. The default is false, which will result in no
# option being set in config for api servers. On compute hosts the docker api
# version will be used as determined by the client version information.
zun_docker_api_version: false
## Manually specified zun UID/GID
# Deployers can specify a UID for the zun user as well as the GID for the
# zun group if needed. This is commonly used in environments where shared
# storage is used, such as NFS or GlusterFS, and zun UID/GID values must be
# in sync between multiple servers.
#
# WARNING: Changing these values on an existing deployment can lead to
# failures, errors, and instability.
#
# zun_system_user_uid = <UID>
# zun_system_group_gid = <GID>
## Database info
zun_galera_user: zun
zun_galera_database: zun
zun_db_max_overflow: 10
zun_db_max_pool_size: 120
zun_db_pool_timeout: 30
# Toggle whether zun connects via an encrypted connection
zun_galera_use_ssl: "{{ galera_use_ssl | default(False) }}"
# The path where to store the database server CA certificate
zun_galera_ssl_ca_cert: "{{ galera_ssl_ca_cert | default('/etc/ssl/certs/galera-ca.pem') }}"
## RabbitMQ info
## Configuration for RPC communications
zun_rpc_thread_pool_size: 64
zun_rpc_conn_pool_size: 30
zun_rpc_response_timeout: 60
zun_rabbitmq_servers: 127.0.0.1
zun_rabbitmq_port: 5672
zun_rabbitmq_userid: zun
zun_rabbitmq_vhost: /zun
zun_rabbitmq_use_ssl: False
## Configuration for notifications communication, i.e. [oslo_messaging_notifications]
zun_rabbitmq_telemetry_userid: "{{ zun_rabbitmq_userid }}"
zun_rabbitmq_telemetry_password: "{{ zun_rabbitmq_password }}"
zun_rabbitmq_telemetry_vhost: "{{ zun_rabbitmq_vhost }}"
zun_rabbitmq_telemetry_port: "{{ zun_rabbitmq_port }}"
zun_rabbitmq_telemetry_servers: "{{ zun_rabbitmq_servers }}"
zun_rabbitmq_telemetry_use_ssl: "{{ zun_rabbitmq_use_ssl }}"
# If this is not set, then the playbook will try to guess it.
#zun_virt_type: kvm
## Zun Auth
zun_service_region: RegionOne
zun_service_project_name: "service"
zun_service_project_domain_id: default
zun_service_user_domain_id: default
zun_service_user_name: "zun"
zun_service_role_name: "admin"
## Zun Auth for kuryr
zun_kuryr_service_username: kuryr
## Keystone authentication middleware
zun_keystone_auth_plugin: password
## Zun v1
zun_service_name: zun
zun_service_type: container
zun_service_proto: http
zun_service_publicuri_proto: "{{ openstack_service_publicuri_proto | default(zun_service_proto) }}"
zun_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(zun_service_proto) }}"
zun_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(zun_service_proto) }}"
zun_service_port: 9517
zun_service_description: "Zun Compute Service"
zun_service_publicuri: "{{ zun_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ zun_service_port }}"
zun_service_publicurl: "{{ zun_service_publicuri }}"
zun_service_adminuri: "{{ zun_service_adminuri_proto }}//{{ internal_lb_vip_address }}:{{ zun_service_port }}"
zun_service_adminurl: "{{ zun_service_adminuri }}"
zun_service_internaluri: "{{ zun_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ zun_service_port }}"
zun_service_internalurl: "{{ zun_service_internaluri }}"
zun_service_endpoint_type: internalURL
# If you want to regenerate the zun users SSH keys, on each run, set this var to True
# Otherwise keys will be generated on the first run and not regenerated each run.
zun_recreate_keys: False
## General Zun configuration
# If ``zun_osapi_compute_workers`` is unset the system will use half the number of available VCPUS to
# compute the number of api workers to use.
# zun_osapi_compute_workers: 16
# If ``zun_conductor_workers`` is unset the system will use half the number of available VCPUS to
# compute the number of api workers to use.
# zun_conductor_workers: 16
# If ``zun_metadata_workers`` is unset the system will use half the number of available VCPUS to
# compute the number of api workers to use.
# zun_metadata_workers: 16
## Cap the maximun number of threads / workers when a user value is unspecified.
zun_api_threads_max: 16
zun_api_threads: "{{ [[ansible_processor_vcpus|default(2) // 2, 1] | max, zun_api_threads_max] | min }}"
zun_service_in_ldap: false
zun_scheduler_default_filters: >-
AvailabilityZoneFilter,
CPUFilter,
RamFilter,
ComputeFilter,
DiskFilter
zun_scheduler_available_filters: zun.scheduler.filters.all_filters
zun_scheduler_driver: filter_scheduler
## Service Name-Group Mapping
zun_services:
kuryr-libnetwork:
group: zun_compute
service_name: kuryr-libnetwork
condition: "{{ inventory_hostname in groups['zun_compute'] }}"
init_config_overrides: "{{ zun_kuryr_init_overrides }}"
start_order: 3
execstarts: "{{ zun_bin }}/kuryr-server --config-dir /etc/kuryr"
zun-api:
group: zun_api
service_name: zun-api
init_config_overrides: "{{ zun_api_init_overrides }}"
start_order: 1
execstarts: "{{ zun_bin }}/zun-api --config-dir /etc/zun"
zun-compute:
group: zun_compute
service_name: zun-compute
init_config_overrides: "{{ zun_compute_init_overrides }}"
start_order: 4
execstarts: "{{ zun_bin }}/zun-compute --config-dir /etc/zun"
zun-wsproxy:
group: zun_api
service_name: zun-wsproxy
init_config_overrides: "{{ zun_wsproxy_init_overrides }}"
start_order: 2
execstarts: "{{ zun_bin }}/zun-wsproxy --config-dir /etc/zun"
# Common pip packages
zun_requires_pip_packages: []
zun_pip_packages:
- kuryr-libnetwork
- oslo_rootwrap
- osprofiler
- python-memcached
- python-zunclient
- pymysql
- zun
## Default service options used within all systemd unit files.
zun_service_defaults: {}
## Tunable overrides for services
zun_zun_conf_overrides: {}
zun_rootwrap_conf_overrides: {}
zun_kuryr_conf_overrides: {}
zun_docker_config_overrides: {}
zun_kuryr_config_overrides: {}
## Tubnable overrides for service unit files.
zun_api_paste_ini_overrides: {}
zun_api_init_overrides: {}
zun_wsproxy_init_overrides: {}
zun_compute_init_overrides: {}
## Default zun+kuryr options used within the system unit file.
# NOTE(cloudnull): These options are used to ensure that kuryr is always
# started after docker and has the proper capabilities.
zun_kuryr_init_overrides:
Unit:
After:
? network-online.target
? docker.service
PartOf: docker.service
Wants: network-online.target
Service:
CapabilityBoundingSet: CAP_NET_ADMIN
Group: "{{ zun_kuryr_system_group_name }}"
User: "{{ zun_kuryr_system_user_name }}"
View Git Blame Copy Permalink