Support config dir for env generator input files
We're not going to want to list every single sample environment in a single file, so let's also take a directory and just read every yaml file in it. This commit adds support for that as well as some initial environments to demonstrate its use. Change-Id: If2c608f2a61fc5e16784ab594d23f1fa335e1d3c
This commit is contained in:
parent
4e24c8cb6a
commit
f503d1b0e7
@ -1,3 +1,6 @@
|
||||
# ********************************************************************************
|
||||
# DEPRECATED: Use tripleo-heat-templates/environments/ssl/enable-tls.yaml instead.
|
||||
# ********************************************************************************
|
||||
# Use this environment to pass in certificates for SSL deployments.
|
||||
# For these values to take effect, one of the tls-endpoints-*.yaml environments
|
||||
# must also be used.
|
||||
|
41
environments/ssl/enable-tls.yaml
Normal file
41
environments/ssl/enable-tls.yaml
Normal file
@ -0,0 +1,41 @@
|
||||
# *******************************************************************
|
||||
# This file was created automatically by the sample environment
|
||||
# generator. Developers should use `tox -e genconfig` to update it.
|
||||
# Users are recommended to make changes to a copy of the file instead
|
||||
# of the original, if any customizations are needed.
|
||||
# *******************************************************************
|
||||
# title: Enable SSL on OpenStack Public Endpoints
|
||||
# description: |
|
||||
# Use this environment to pass in certificates for SSL deployments.
|
||||
# For these values to take effect, one of the tls-endpoints-*.yaml environments
|
||||
# must also be used.
|
||||
parameter_defaults:
|
||||
# The content of the SSL certificate (without Key) in PEM format.
|
||||
# Mandatory. This parameter must be set by the user.
|
||||
# Type: string
|
||||
SSLCertificate: |
|
||||
The contents of your certificate go here
|
||||
|
||||
# The content of an SSL intermediate CA certificate in PEM format.
|
||||
# Type: string
|
||||
SSLIntermediateCertificate: ''
|
||||
|
||||
# The content of the SSL Key in PEM format.
|
||||
# Mandatory. This parameter must be set by the user.
|
||||
# Type: string
|
||||
SSLKey: |
|
||||
The contents of the private key go here
|
||||
|
||||
# ******************************************************
|
||||
# Static parameters - these are values that must be
|
||||
# included in the environment but should not be changed.
|
||||
# ******************************************************
|
||||
# The filepath of the certificate as it will be stored in the controller.
|
||||
# Type: string
|
||||
DeployedSSLCertificatePath: /etc/pki/tls/private/overcloud_endpoint.pem
|
||||
|
||||
# *********************
|
||||
# End static parameters
|
||||
# *********************
|
||||
resource_registry:
|
||||
OS::TripleO::NodeTLSData: ../../puppet/extraconfig/tls/tls-cert-inject.yaml
|
131
environments/ssl/tls-endpoints-public-dns.yaml
Normal file
131
environments/ssl/tls-endpoints-public-dns.yaml
Normal file
@ -0,0 +1,131 @@
|
||||
# *******************************************************************
|
||||
# This file was created automatically by the sample environment
|
||||
# generator. Developers should use `tox -e genconfig` to update it.
|
||||
# Users are recommended to make changes to a copy of the file instead
|
||||
# of the original, if any customizations are needed.
|
||||
# *******************************************************************
|
||||
# title: Deploy Public SSL Endpoints as DNS Names
|
||||
# description: |
|
||||
# Use this environment when deploying an SSL-enabled overcloud where the public
|
||||
# endpoint is a DNS name.
|
||||
parameter_defaults:
|
||||
# Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry.
|
||||
# Type: json
|
||||
EndpointMap:
|
||||
AodhAdmin: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'}
|
||||
AodhInternal: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'}
|
||||
AodhPublic: {protocol: 'https', port: '13042', host: 'CLOUDNAME'}
|
||||
BarbicanAdmin: {protocol: 'http', port: '9311', host: 'IP_ADDRESS'}
|
||||
BarbicanInternal: {protocol: 'http', port: '9311', host: 'IP_ADDRESS'}
|
||||
BarbicanPublic: {protocol: 'https', port: '13311', host: 'CLOUDNAME'}
|
||||
CeilometerAdmin: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'}
|
||||
CeilometerInternal: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'}
|
||||
CeilometerPublic: {protocol: 'https', port: '13777', host: 'CLOUDNAME'}
|
||||
CephRgwAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
CephRgwInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
CephRgwPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'}
|
||||
CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'}
|
||||
CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'}
|
||||
CinderPublic: {protocol: 'https', port: '13776', host: 'CLOUDNAME'}
|
||||
CongressAdmin: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
|
||||
CongressInternal: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
|
||||
CongressPublic: {protocol: 'https', port: '13789', host: 'CLOUDNAME'}
|
||||
ContrailAnalyticsApiAdmin: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsApiInternal: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsApiPublic: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorHttpAdmin: {protocol: 'http', port: '8089',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorHttpInternal: {protocol: 'http', port: '8089',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorHttpPublic: {protocol: 'http', port: '8089',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorSandeshAdmin: {protocol: 'http', port: '8086',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorSandeshInternal: {protocol: 'http', port: '8086',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorSandeshPublic: {protocol: 'http', port: '8086',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsHttpAdmin: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsHttpInternal: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsHttpPublic: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsRedisAdmin: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsRedisInternal: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsRedisPublic: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
|
||||
ContrailConfigAdmin: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
|
||||
ContrailConfigInternal: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
|
||||
ContrailConfigPublic: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
|
||||
ContrailDiscoveryAdmin: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
|
||||
ContrailDiscoveryInternal: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
|
||||
ContrailDiscoveryPublic: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpPublic: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpsAdmin: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpsInternal: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpsPublic: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
|
||||
Ec2ApiAdmin: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
|
||||
Ec2ApiInternal: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
|
||||
Ec2ApiPublic: {protocol: 'https', port: '13788', host: 'CLOUDNAME'}
|
||||
GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'}
|
||||
GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'}
|
||||
GlancePublic: {protocol: 'https', port: '13292', host: 'CLOUDNAME'}
|
||||
GnocchiAdmin: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'}
|
||||
GnocchiInternal: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'}
|
||||
GnocchiPublic: {protocol: 'https', port: '13041', host: 'CLOUDNAME'}
|
||||
HeatAdmin: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'}
|
||||
HeatInternal: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'}
|
||||
HeatPublic: {protocol: 'https', port: '13004', host: 'CLOUDNAME'}
|
||||
HeatCfnAdmin: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'}
|
||||
HeatCfnInternal: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'}
|
||||
HeatCfnPublic: {protocol: 'https', port: '13005', host: 'CLOUDNAME'}
|
||||
HorizonPublic: {protocol: 'https', port: '443', host: 'CLOUDNAME'}
|
||||
IronicAdmin: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'}
|
||||
IronicInternal: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'}
|
||||
IronicPublic: {protocol: 'https', port: '13385', host: 'CLOUDNAME'}
|
||||
IronicInspectorAdmin: {protocol: 'http', port: '5050', host: 'IP_ADDRESS'}
|
||||
IronicInspectorInternal: {protocol: 'http', port: '5050', host: 'IP_ADDRESS'}
|
||||
IronicInspectorPublic: {protocol: 'https', port: '13050', host: 'CLOUDNAME'}
|
||||
KeystoneAdmin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'}
|
||||
KeystoneInternal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'}
|
||||
KeystonePublic: {protocol: 'https', port: '13000', host: 'CLOUDNAME'}
|
||||
ManilaAdmin: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'}
|
||||
ManilaInternal: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'}
|
||||
ManilaPublic: {protocol: 'https', port: '13786', host: 'CLOUDNAME'}
|
||||
MistralAdmin: {protocol: 'http', port: '8989', host: 'IP_ADDRESS'}
|
||||
MistralInternal: {protocol: 'http', port: '8989', host: 'IP_ADDRESS'}
|
||||
MistralPublic: {protocol: 'https', port: '13989', host: 'CLOUDNAME'}
|
||||
MysqlInternal: {protocol: 'mysql+pymysql', port: '3306', host: 'IP_ADDRESS'}
|
||||
NeutronAdmin: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'}
|
||||
NeutronInternal: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'}
|
||||
NeutronPublic: {protocol: 'https', port: '13696', host: 'CLOUDNAME'}
|
||||
NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'}
|
||||
NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'}
|
||||
NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'}
|
||||
NovaPlacementAdmin: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'}
|
||||
NovaPlacementInternal: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'}
|
||||
NovaPlacementPublic: {protocol: 'https', port: '13778', host: 'CLOUDNAME'}
|
||||
NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'}
|
||||
NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'}
|
||||
NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'}
|
||||
OctaviaAdmin: {protocol: 'http', port: '9876', host: 'IP_ADDRESS'}
|
||||
OctaviaInternal: {protocol: 'http', port: '9876', host: 'IP_ADDRESS'}
|
||||
OctaviaPublic: {protocol: 'https', port: '13876', host: 'CLOUDNAME'}
|
||||
PankoAdmin: {protocol: 'http', port: '8779', host: 'IP_ADDRESS'}
|
||||
PankoInternal: {protocol: 'http', port: '8779', host: 'IP_ADDRESS'}
|
||||
PankoPublic: {protocol: 'https', port: '13779', host: 'CLOUDNAME'}
|
||||
SaharaAdmin: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'}
|
||||
SaharaInternal: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'}
|
||||
SaharaPublic: {protocol: 'https', port: '13386', host: 'CLOUDNAME'}
|
||||
SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
SwiftPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'}
|
||||
TackerAdmin: {protocol: 'http', port: '9890', host: 'IP_ADDRESS'}
|
||||
TackerInternal: {protocol: 'http', port: '9890', host: 'IP_ADDRESS'}
|
||||
TackerPublic: {protocol: 'https', port: '13989', host: 'CLOUDNAME'}
|
||||
ZaqarAdmin: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'}
|
||||
ZaqarInternal: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'}
|
||||
ZaqarPublic: {protocol: 'https', port: '13888', host: 'CLOUDNAME'}
|
||||
ZaqarWebSocketAdmin: {protocol: 'ws', port: '9000', host: 'IP_ADDRESS'}
|
||||
ZaqarWebSocketInternal: {protocol: 'ws', port: '9000', host: 'IP_ADDRESS'}
|
||||
ZaqarWebSocketPublic: {protocol: 'wss', port: '9000', host: 'CLOUDNAME'}
|
||||
|
131
environments/ssl/tls-endpoints-public-ip.yaml
Normal file
131
environments/ssl/tls-endpoints-public-ip.yaml
Normal file
@ -0,0 +1,131 @@
|
||||
# *******************************************************************
|
||||
# This file was created automatically by the sample environment
|
||||
# generator. Developers should use `tox -e genconfig` to update it.
|
||||
# Users are recommended to make changes to a copy of the file instead
|
||||
# of the original, if any customizations are needed.
|
||||
# *******************************************************************
|
||||
# title: Deploy Public SSL Endpoints as IP Addresses
|
||||
# description: |
|
||||
# Use this environment when deploying an SSL-enabled overcloud where the public
|
||||
# endpoint is an IP address.
|
||||
parameter_defaults:
|
||||
# Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry.
|
||||
# Type: json
|
||||
EndpointMap:
|
||||
AodhAdmin: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'}
|
||||
AodhInternal: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'}
|
||||
AodhPublic: {protocol: 'https', port: '13042', host: 'IP_ADDRESS'}
|
||||
BarbicanAdmin: {protocol: 'http', port: '9311', host: 'IP_ADDRESS'}
|
||||
BarbicanInternal: {protocol: 'http', port: '9311', host: 'IP_ADDRESS'}
|
||||
BarbicanPublic: {protocol: 'https', port: '13311', host: 'IP_ADDRESS'}
|
||||
CeilometerAdmin: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'}
|
||||
CeilometerInternal: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'}
|
||||
CeilometerPublic: {protocol: 'https', port: '13777', host: 'IP_ADDRESS'}
|
||||
CephRgwAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
CephRgwInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
CephRgwPublic: {protocol: 'https', port: '13808', host: 'IP_ADDRESS'}
|
||||
CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'}
|
||||
CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'}
|
||||
CinderPublic: {protocol: 'https', port: '13776', host: 'IP_ADDRESS'}
|
||||
CongressAdmin: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
|
||||
CongressInternal: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
|
||||
CongressPublic: {protocol: 'https', port: '13789', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsApiAdmin: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsApiInternal: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsApiPublic: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorHttpAdmin: {protocol: 'http', port: '8089',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorHttpInternal: {protocol: 'http', port: '8089',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorHttpPublic: {protocol: 'http', port: '8089',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorSandeshAdmin: {protocol: 'http', port: '8086',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorSandeshInternal: {protocol: 'http', port: '8086',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorSandeshPublic: {protocol: 'http', port: '8086',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsHttpAdmin: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsHttpInternal: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsHttpPublic: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsRedisAdmin: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsRedisInternal: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsRedisPublic: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
|
||||
ContrailConfigAdmin: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
|
||||
ContrailConfigInternal: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
|
||||
ContrailConfigPublic: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
|
||||
ContrailDiscoveryAdmin: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
|
||||
ContrailDiscoveryInternal: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
|
||||
ContrailDiscoveryPublic: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpPublic: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpsAdmin: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpsInternal: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpsPublic: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
|
||||
Ec2ApiAdmin: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
|
||||
Ec2ApiInternal: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
|
||||
Ec2ApiPublic: {protocol: 'https', port: '13788', host: 'IP_ADDRESS'}
|
||||
GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'}
|
||||
GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'}
|
||||
GlancePublic: {protocol: 'https', port: '13292', host: 'IP_ADDRESS'}
|
||||
GnocchiAdmin: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'}
|
||||
GnocchiInternal: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'}
|
||||
GnocchiPublic: {protocol: 'https', port: '13041', host: 'IP_ADDRESS'}
|
||||
HeatAdmin: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'}
|
||||
HeatInternal: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'}
|
||||
HeatPublic: {protocol: 'https', port: '13004', host: 'IP_ADDRESS'}
|
||||
HeatCfnAdmin: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'}
|
||||
HeatCfnInternal: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'}
|
||||
HeatCfnPublic: {protocol: 'https', port: '13005', host: 'IP_ADDRESS'}
|
||||
HorizonPublic: {protocol: 'https', port: '443', host: 'IP_ADDRESS'}
|
||||
IronicAdmin: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'}
|
||||
IronicInternal: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'}
|
||||
IronicPublic: {protocol: 'https', port: '13385', host: 'IP_ADDRESS'}
|
||||
IronicInspectorAdmin: {protocol: 'http', port: '5050', host: 'IP_ADDRESS'}
|
||||
IronicInspectorInternal: {protocol: 'http', port: '5050', host: 'IP_ADDRESS'}
|
||||
IronicInspectorPublic: {protocol: 'https', port: '13050', host: 'IP_ADDRESS'}
|
||||
KeystoneAdmin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'}
|
||||
KeystoneInternal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'}
|
||||
KeystonePublic: {protocol: 'https', port: '13000', host: 'IP_ADDRESS'}
|
||||
ManilaAdmin: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'}
|
||||
ManilaInternal: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'}
|
||||
ManilaPublic: {protocol: 'https', port: '13786', host: 'IP_ADDRESS'}
|
||||
MistralAdmin: {protocol: 'http', port: '8989', host: 'IP_ADDRESS'}
|
||||
MistralInternal: {protocol: 'http', port: '8989', host: 'IP_ADDRESS'}
|
||||
MistralPublic: {protocol: 'https', port: '13989', host: 'IP_ADDRESS'}
|
||||
MysqlInternal: {protocol: 'mysql+pymysql', port: '3306', host: 'IP_ADDRESS'}
|
||||
NeutronAdmin: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'}
|
||||
NeutronInternal: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'}
|
||||
NeutronPublic: {protocol: 'https', port: '13696', host: 'IP_ADDRESS'}
|
||||
NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'}
|
||||
NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'}
|
||||
NovaPublic: {protocol: 'https', port: '13774', host: 'IP_ADDRESS'}
|
||||
NovaPlacementAdmin: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'}
|
||||
NovaPlacementInternal: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'}
|
||||
NovaPlacementPublic: {protocol: 'https', port: '13778', host: 'IP_ADDRESS'}
|
||||
NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'}
|
||||
NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'}
|
||||
NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'IP_ADDRESS'}
|
||||
OctaviaAdmin: {protocol: 'http', port: '9876', host: 'IP_ADDRESS'}
|
||||
OctaviaInternal: {protocol: 'http', port: '9876', host: 'IP_ADDRESS'}
|
||||
OctaviaPublic: {protocol: 'https', port: '13876', host: 'IP_ADDRESS'}
|
||||
PankoAdmin: {protocol: 'http', port: '8779', host: 'IP_ADDRESS'}
|
||||
PankoInternal: {protocol: 'http', port: '8779', host: 'IP_ADDRESS'}
|
||||
PankoPublic: {protocol: 'https', port: '13779', host: 'IP_ADDRESS'}
|
||||
SaharaAdmin: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'}
|
||||
SaharaInternal: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'}
|
||||
SaharaPublic: {protocol: 'https', port: '13386', host: 'IP_ADDRESS'}
|
||||
SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
SwiftPublic: {protocol: 'https', port: '13808', host: 'IP_ADDRESS'}
|
||||
TackerAdmin: {protocol: 'http', port: '9890', host: 'IP_ADDRESS'}
|
||||
TackerInternal: {protocol: 'http', port: '9890', host: 'IP_ADDRESS'}
|
||||
TackerPublic: {protocol: 'https', port: '13989', host: 'IP_ADDRESS'}
|
||||
ZaqarAdmin: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'}
|
||||
ZaqarInternal: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'}
|
||||
ZaqarPublic: {protocol: 'https', port: '13888', host: 'IP_ADDRESS'}
|
||||
ZaqarWebSocketAdmin: {protocol: 'ws', port: '9000', host: 'IP_ADDRESS'}
|
||||
ZaqarWebSocketInternal: {protocol: 'ws', port: '9000', host: 'IP_ADDRESS'}
|
||||
ZaqarWebSocketPublic: {protocol: 'wss', port: '9000', host: 'IP_ADDRESS'}
|
||||
|
131
environments/ssl/tls-everywhere-endpoints-dns.yaml
Normal file
131
environments/ssl/tls-everywhere-endpoints-dns.yaml
Normal file
@ -0,0 +1,131 @@
|
||||
# *******************************************************************
|
||||
# This file was created automatically by the sample environment
|
||||
# generator. Developers should use `tox -e genconfig` to update it.
|
||||
# Users are recommended to make changes to a copy of the file instead
|
||||
# of the original, if any customizations are needed.
|
||||
# *******************************************************************
|
||||
# title: Deploy All SSL Endpoints as DNS Names
|
||||
# description: |
|
||||
# Use this environment when deploying an overcloud where all the endpoints are
|
||||
# DNS names and there's TLS in all endpoint types.
|
||||
parameter_defaults:
|
||||
# Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry.
|
||||
# Type: json
|
||||
EndpointMap:
|
||||
AodhAdmin: {protocol: 'https', port: '8042', host: 'CLOUDNAME'}
|
||||
AodhInternal: {protocol: 'https', port: '8042', host: 'CLOUDNAME'}
|
||||
AodhPublic: {protocol: 'https', port: '13042', host: 'CLOUDNAME'}
|
||||
BarbicanAdmin: {protocol: 'https', port: '9311', host: 'CLOUDNAME'}
|
||||
BarbicanInternal: {protocol: 'https', port: '9311', host: 'CLOUDNAME'}
|
||||
BarbicanPublic: {protocol: 'https', port: '13311', host: 'CLOUDNAME'}
|
||||
CeilometerAdmin: {protocol: 'https', port: '8777', host: 'CLOUDNAME'}
|
||||
CeilometerInternal: {protocol: 'https', port: '8777', host: 'CLOUDNAME'}
|
||||
CeilometerPublic: {protocol: 'https', port: '13777', host: 'CLOUDNAME'}
|
||||
CephRgwAdmin: {protocol: 'https', port: '8080', host: 'CLOUDNAME'}
|
||||
CephRgwInternal: {protocol: 'https', port: '8080', host: 'CLOUDNAME'}
|
||||
CephRgwPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'}
|
||||
CinderAdmin: {protocol: 'https', port: '8776', host: 'CLOUDNAME'}
|
||||
CinderInternal: {protocol: 'https', port: '8776', host: 'CLOUDNAME'}
|
||||
CinderPublic: {protocol: 'https', port: '13776', host: 'CLOUDNAME'}
|
||||
CongressAdmin: {protocol: 'https', port: '1789', host: 'CLOUDNAME'}
|
||||
CongressInternal: {protocol: 'https', port: '1789', host: 'CLOUDNAME'}
|
||||
CongressPublic: {protocol: 'https', port: '13789', host: 'CLOUDNAME'}
|
||||
ContrailAnalyticsApiAdmin: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsApiInternal: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsApiPublic: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorHttpAdmin: {protocol: 'http', port: '8089',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorHttpInternal: {protocol: 'http', port: '8089',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorHttpPublic: {protocol: 'http', port: '8089',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorSandeshAdmin: {protocol: 'http', port: '8086',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorSandeshInternal: {protocol: 'http', port: '8086',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorSandeshPublic: {protocol: 'http', port: '8086',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsHttpAdmin: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsHttpInternal: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsHttpPublic: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsRedisAdmin: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsRedisInternal: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsRedisPublic: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
|
||||
ContrailConfigAdmin: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
|
||||
ContrailConfigInternal: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
|
||||
ContrailConfigPublic: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
|
||||
ContrailDiscoveryAdmin: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
|
||||
ContrailDiscoveryInternal: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
|
||||
ContrailDiscoveryPublic: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpPublic: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpsAdmin: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpsInternal: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpsPublic: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
|
||||
Ec2ApiAdmin: {protocol: 'https', port: '8788', host: 'CLOUDNAME'}
|
||||
Ec2ApiInternal: {protocol: 'https', port: '8788', host: 'CLOUDNAME'}
|
||||
Ec2ApiPublic: {protocol: 'https', port: '13788', host: 'CLOUDNAME'}
|
||||
GlanceAdmin: {protocol: 'https', port: '9292', host: 'CLOUDNAME'}
|
||||
GlanceInternal: {protocol: 'https', port: '9292', host: 'CLOUDNAME'}
|
||||
GlancePublic: {protocol: 'https', port: '13292', host: 'CLOUDNAME'}
|
||||
GnocchiAdmin: {protocol: 'https', port: '8041', host: 'CLOUDNAME'}
|
||||
GnocchiInternal: {protocol: 'https', port: '8041', host: 'CLOUDNAME'}
|
||||
GnocchiPublic: {protocol: 'https', port: '13041', host: 'CLOUDNAME'}
|
||||
HeatAdmin: {protocol: 'https', port: '8004', host: 'CLOUDNAME'}
|
||||
HeatInternal: {protocol: 'https', port: '8004', host: 'CLOUDNAME'}
|
||||
HeatPublic: {protocol: 'https', port: '13004', host: 'CLOUDNAME'}
|
||||
HeatCfnAdmin: {protocol: 'https', port: '8000', host: 'CLOUDNAME'}
|
||||
HeatCfnInternal: {protocol: 'https', port: '8000', host: 'CLOUDNAME'}
|
||||
HeatCfnPublic: {protocol: 'https', port: '13005', host: 'CLOUDNAME'}
|
||||
HorizonPublic: {protocol: 'https', port: '443', host: 'CLOUDNAME'}
|
||||
IronicAdmin: {protocol: 'https', port: '6385', host: 'CLOUDNAME'}
|
||||
IronicInternal: {protocol: 'https', port: '6385', host: 'CLOUDNAME'}
|
||||
IronicPublic: {protocol: 'https', port: '13385', host: 'CLOUDNAME'}
|
||||
IronicInspectorAdmin: {protocol: 'http', port: '5050', host: 'CLOUDNAME'}
|
||||
IronicInspectorInternal: {protocol: 'http', port: '5050', host: 'CLOUDNAME'}
|
||||
IronicInspectorPublic: {protocol: 'https', port: '13050', host: 'CLOUDNAME'}
|
||||
KeystoneAdmin: {protocol: 'https', port: '35357', host: 'CLOUDNAME'}
|
||||
KeystoneInternal: {protocol: 'https', port: '5000', host: 'CLOUDNAME'}
|
||||
KeystonePublic: {protocol: 'https', port: '13000', host: 'CLOUDNAME'}
|
||||
ManilaAdmin: {protocol: 'https', port: '8786', host: 'CLOUDNAME'}
|
||||
ManilaInternal: {protocol: 'https', port: '8786', host: 'CLOUDNAME'}
|
||||
ManilaPublic: {protocol: 'https', port: '13786', host: 'CLOUDNAME'}
|
||||
MistralAdmin: {protocol: 'https', port: '8989', host: 'CLOUDNAME'}
|
||||
MistralInternal: {protocol: 'https', port: '8989', host: 'CLOUDNAME'}
|
||||
MistralPublic: {protocol: 'https', port: '13989', host: 'CLOUDNAME'}
|
||||
MysqlInternal: {protocol: 'mysql+pymysql', port: '3306', host: 'CLOUDNAME'}
|
||||
NeutronAdmin: {protocol: 'https', port: '9696', host: 'CLOUDNAME'}
|
||||
NeutronInternal: {protocol: 'https', port: '9696', host: 'CLOUDNAME'}
|
||||
NeutronPublic: {protocol: 'https', port: '13696', host: 'CLOUDNAME'}
|
||||
NovaAdmin: {protocol: 'https', port: '8774', host: 'CLOUDNAME'}
|
||||
NovaInternal: {protocol: 'https', port: '8774', host: 'CLOUDNAME'}
|
||||
NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'}
|
||||
NovaPlacementAdmin: {protocol: 'https', port: '8778', host: 'CLOUDNAME'}
|
||||
NovaPlacementInternal: {protocol: 'https', port: '8778', host: 'CLOUDNAME'}
|
||||
NovaPlacementPublic: {protocol: 'https', port: '13778', host: 'CLOUDNAME'}
|
||||
NovaVNCProxyAdmin: {protocol: 'https', port: '6080', host: 'CLOUDNAME'}
|
||||
NovaVNCProxyInternal: {protocol: 'https', port: '6080', host: 'CLOUDNAME'}
|
||||
NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'}
|
||||
OctaviaAdmin: {protocol: 'https', port: '9876', host: 'IP_ADDRESS'}
|
||||
OctaviaInternal: {protocol: 'https', port: '9876', host: 'IP_ADDRESS'}
|
||||
OctaviaPublic: {protocol: 'https', port: '13876', host: 'CLOUDNAME'}
|
||||
PankoAdmin: {protocol: 'https', port: '8779', host: 'CLOUDNAME'}
|
||||
PankoInternal: {protocol: 'https', port: '8779', host: 'CLOUDNAME'}
|
||||
PankoPublic: {protocol: 'https', port: '13779', host: 'CLOUDNAME'}
|
||||
SaharaAdmin: {protocol: 'https', port: '8386', host: 'CLOUDNAME'}
|
||||
SaharaInternal: {protocol: 'https', port: '8386', host: 'CLOUDNAME'}
|
||||
SaharaPublic: {protocol: 'https', port: '13386', host: 'CLOUDNAME'}
|
||||
SwiftAdmin: {protocol: 'https', port: '8080', host: 'CLOUDNAME'}
|
||||
SwiftInternal: {protocol: 'https', port: '8080', host: 'CLOUDNAME'}
|
||||
SwiftPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'}
|
||||
TackerAdmin: {protocol: 'https', port: '9890', host: 'CLOUDNAME'}
|
||||
TackerInternal: {protocol: 'https', port: '9890', host: 'CLOUDNAME'}
|
||||
TackerPublic: {protocol: 'https', port: '13989', host: 'CLOUDNAME'}
|
||||
ZaqarAdmin: {protocol: 'https', port: '8888', host: 'CLOUDNAME'}
|
||||
ZaqarInternal: {protocol: 'https', port: '8888', host: 'CLOUDNAME'}
|
||||
ZaqarPublic: {protocol: 'https', port: '13888', host: 'CLOUDNAME'}
|
||||
ZaqarWebSocketAdmin: {protocol: 'wss', port: '9000', host: 'CLOUDNAME'}
|
||||
ZaqarWebSocketInternal: {protocol: 'wss', port: '9000', host: 'CLOUDNAME'}
|
||||
ZaqarWebSocketPublic: {protocol: 'wss', port: '9000', host: 'CLOUDNAME'}
|
||||
|
@ -1,3 +1,7 @@
|
||||
# *************************************************************************************
|
||||
# DEPRECATED: Use tripleo-heat-templates/environments/ssl/tls-endpoints-public-dns.yaml
|
||||
# instead.
|
||||
# *************************************************************************************
|
||||
# Use this environment when deploying an SSL-enabled overcloud where the public
|
||||
# endpoint is a DNS name.
|
||||
parameter_defaults:
|
||||
|
@ -1,3 +1,7 @@
|
||||
# *************************************************************************************
|
||||
# DEPRECATED: Use tripleo-heat-templates/environments/ssl/tls-endpoints-public-ip.yaml
|
||||
# instead.
|
||||
# *************************************************************************************
|
||||
# Use this environment when deploying an SSL-enabled overcloud where the public
|
||||
# endpoint is an IP address.
|
||||
parameter_defaults:
|
||||
|
@ -19,8 +19,8 @@ target to do this::
|
||||
``tripleo-heat-templates`` project.
|
||||
|
||||
If a new sample environment is needed, it should be added to the
|
||||
``sample-env-generator/sample-environments.yaml`` file. The existing
|
||||
entries in the file can be used as examples, and a more detailed
|
||||
appropriate file in the ``sample-env-generator/`` directory. The existing
|
||||
entries in the files can be used as examples, and a more detailed
|
||||
explanation of the different available keys is below:
|
||||
|
||||
- **name**: the output file will be this name + .yaml, in the
|
||||
|
426
sample-env-generator/ssl.yaml
Normal file
426
sample-env-generator/ssl.yaml
Normal file
@ -0,0 +1,426 @@
|
||||
environments:
|
||||
-
|
||||
name: ssl/enable-tls
|
||||
title: Enable SSL on OpenStack Public Endpoints
|
||||
description: |
|
||||
Use this environment to pass in certificates for SSL deployments.
|
||||
For these values to take effect, one of the tls-endpoints-*.yaml environments
|
||||
must also be used.
|
||||
files:
|
||||
puppet/extraconfig/tls/tls-cert-inject.yaml:
|
||||
parameters: all
|
||||
static:
|
||||
# This should probably be private, but for testing static params I'm
|
||||
# setting it as such for now.
|
||||
- DeployedSSLCertificatePath
|
||||
sample_values:
|
||||
SSLCertificate: |-
|
||||
|
|
||||
The contents of your certificate go here
|
||||
SSLKey: |-
|
||||
|
|
||||
The contents of the private key go here
|
||||
resource_registry:
|
||||
OS::TripleO::NodeTLSData: ../../puppet/extraconfig/tls/tls-cert-inject.yaml
|
||||
-
|
||||
name: ssl/tls-endpoints-public-ip
|
||||
title: Deploy Public SSL Endpoints as IP Addresses
|
||||
description: |
|
||||
Use this environment when deploying an SSL-enabled overcloud where the public
|
||||
endpoint is an IP address.
|
||||
files:
|
||||
network/endpoints/endpoint_map.yaml:
|
||||
parameters:
|
||||
- EndpointMap
|
||||
sample_values:
|
||||
# NOTE(bnemec): This is a bit odd, but it's the only way I've found that
|
||||
# works. The |-2 tells YAML to strip two spaces off the indentation of
|
||||
# the value, which because it's indented six spaces gets us to the four
|
||||
# that we actually want. Note that zero is not a valid value here, so
|
||||
# two seemed like the most sane option.
|
||||
EndpointMap: |-2
|
||||
|
||||
AodhAdmin: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'}
|
||||
AodhInternal: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'}
|
||||
AodhPublic: {protocol: 'https', port: '13042', host: 'IP_ADDRESS'}
|
||||
BarbicanAdmin: {protocol: 'http', port: '9311', host: 'IP_ADDRESS'}
|
||||
BarbicanInternal: {protocol: 'http', port: '9311', host: 'IP_ADDRESS'}
|
||||
BarbicanPublic: {protocol: 'https', port: '13311', host: 'IP_ADDRESS'}
|
||||
CeilometerAdmin: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'}
|
||||
CeilometerInternal: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'}
|
||||
CeilometerPublic: {protocol: 'https', port: '13777', host: 'IP_ADDRESS'}
|
||||
CephRgwAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
CephRgwInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
CephRgwPublic: {protocol: 'https', port: '13808', host: 'IP_ADDRESS'}
|
||||
CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'}
|
||||
CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'}
|
||||
CinderPublic: {protocol: 'https', port: '13776', host: 'IP_ADDRESS'}
|
||||
CongressAdmin: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
|
||||
CongressInternal: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
|
||||
CongressPublic: {protocol: 'https', port: '13789', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsApiAdmin: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsApiInternal: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsApiPublic: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorHttpAdmin: {protocol: 'http', port: '8089',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorHttpInternal: {protocol: 'http', port: '8089',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorHttpPublic: {protocol: 'http', port: '8089',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorSandeshAdmin: {protocol: 'http', port: '8086',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorSandeshInternal: {protocol: 'http', port: '8086',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorSandeshPublic: {protocol: 'http', port: '8086',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsHttpAdmin: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsHttpInternal: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsHttpPublic: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsRedisAdmin: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsRedisInternal: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsRedisPublic: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
|
||||
ContrailConfigAdmin: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
|
||||
ContrailConfigInternal: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
|
||||
ContrailConfigPublic: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
|
||||
ContrailDiscoveryAdmin: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
|
||||
ContrailDiscoveryInternal: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
|
||||
ContrailDiscoveryPublic: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpPublic: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpsAdmin: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpsInternal: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpsPublic: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
|
||||
Ec2ApiAdmin: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
|
||||
Ec2ApiInternal: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
|
||||
Ec2ApiPublic: {protocol: 'https', port: '13788', host: 'IP_ADDRESS'}
|
||||
GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'}
|
||||
GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'}
|
||||
GlancePublic: {protocol: 'https', port: '13292', host: 'IP_ADDRESS'}
|
||||
GnocchiAdmin: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'}
|
||||
GnocchiInternal: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'}
|
||||
GnocchiPublic: {protocol: 'https', port: '13041', host: 'IP_ADDRESS'}
|
||||
HeatAdmin: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'}
|
||||
HeatInternal: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'}
|
||||
HeatPublic: {protocol: 'https', port: '13004', host: 'IP_ADDRESS'}
|
||||
HeatCfnAdmin: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'}
|
||||
HeatCfnInternal: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'}
|
||||
HeatCfnPublic: {protocol: 'https', port: '13005', host: 'IP_ADDRESS'}
|
||||
HorizonPublic: {protocol: 'https', port: '443', host: 'IP_ADDRESS'}
|
||||
IronicAdmin: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'}
|
||||
IronicInternal: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'}
|
||||
IronicPublic: {protocol: 'https', port: '13385', host: 'IP_ADDRESS'}
|
||||
IronicInspectorAdmin: {protocol: 'http', port: '5050', host: 'IP_ADDRESS'}
|
||||
IronicInspectorInternal: {protocol: 'http', port: '5050', host: 'IP_ADDRESS'}
|
||||
IronicInspectorPublic: {protocol: 'https', port: '13050', host: 'IP_ADDRESS'}
|
||||
KeystoneAdmin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'}
|
||||
KeystoneInternal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'}
|
||||
KeystonePublic: {protocol: 'https', port: '13000', host: 'IP_ADDRESS'}
|
||||
ManilaAdmin: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'}
|
||||
ManilaInternal: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'}
|
||||
ManilaPublic: {protocol: 'https', port: '13786', host: 'IP_ADDRESS'}
|
||||
MistralAdmin: {protocol: 'http', port: '8989', host: 'IP_ADDRESS'}
|
||||
MistralInternal: {protocol: 'http', port: '8989', host: 'IP_ADDRESS'}
|
||||
MistralPublic: {protocol: 'https', port: '13989', host: 'IP_ADDRESS'}
|
||||
MysqlInternal: {protocol: 'mysql+pymysql', port: '3306', host: 'IP_ADDRESS'}
|
||||
NeutronAdmin: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'}
|
||||
NeutronInternal: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'}
|
||||
NeutronPublic: {protocol: 'https', port: '13696', host: 'IP_ADDRESS'}
|
||||
NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'}
|
||||
NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'}
|
||||
NovaPublic: {protocol: 'https', port: '13774', host: 'IP_ADDRESS'}
|
||||
NovaPlacementAdmin: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'}
|
||||
NovaPlacementInternal: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'}
|
||||
NovaPlacementPublic: {protocol: 'https', port: '13778', host: 'IP_ADDRESS'}
|
||||
NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'}
|
||||
NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'}
|
||||
NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'IP_ADDRESS'}
|
||||
OctaviaAdmin: {protocol: 'http', port: '9876', host: 'IP_ADDRESS'}
|
||||
OctaviaInternal: {protocol: 'http', port: '9876', host: 'IP_ADDRESS'}
|
||||
OctaviaPublic: {protocol: 'https', port: '13876', host: 'IP_ADDRESS'}
|
||||
PankoAdmin: {protocol: 'http', port: '8779', host: 'IP_ADDRESS'}
|
||||
PankoInternal: {protocol: 'http', port: '8779', host: 'IP_ADDRESS'}
|
||||
PankoPublic: {protocol: 'https', port: '13779', host: 'IP_ADDRESS'}
|
||||
SaharaAdmin: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'}
|
||||
SaharaInternal: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'}
|
||||
SaharaPublic: {protocol: 'https', port: '13386', host: 'IP_ADDRESS'}
|
||||
SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
SwiftPublic: {protocol: 'https', port: '13808', host: 'IP_ADDRESS'}
|
||||
TackerAdmin: {protocol: 'http', port: '9890', host: 'IP_ADDRESS'}
|
||||
TackerInternal: {protocol: 'http', port: '9890', host: 'IP_ADDRESS'}
|
||||
TackerPublic: {protocol: 'https', port: '13989', host: 'IP_ADDRESS'}
|
||||
ZaqarAdmin: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'}
|
||||
ZaqarInternal: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'}
|
||||
ZaqarPublic: {protocol: 'https', port: '13888', host: 'IP_ADDRESS'}
|
||||
ZaqarWebSocketAdmin: {protocol: 'ws', port: '9000', host: 'IP_ADDRESS'}
|
||||
ZaqarWebSocketInternal: {protocol: 'ws', port: '9000', host: 'IP_ADDRESS'}
|
||||
ZaqarWebSocketPublic: {protocol: 'wss', port: '9000', host: 'IP_ADDRESS'}
|
||||
-
|
||||
name: ssl/tls-endpoints-public-dns
|
||||
title: Deploy Public SSL Endpoints as DNS Names
|
||||
description: |
|
||||
Use this environment when deploying an SSL-enabled overcloud where the public
|
||||
endpoint is a DNS name.
|
||||
files:
|
||||
network/endpoints/endpoint_map.yaml:
|
||||
parameters:
|
||||
- EndpointMap
|
||||
sample_values:
|
||||
# NOTE(bnemec): This is a bit odd, but it's the only way I've found that
|
||||
# works. The |-2 tells YAML to strip two spaces off the indentation of
|
||||
# the value, which because it's indented six spaces gets us to the four
|
||||
# that we actually want. Note that zero is not a valid value here, so
|
||||
# two seemed like the most sane option.
|
||||
EndpointMap: |-2
|
||||
|
||||
AodhAdmin: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'}
|
||||
AodhInternal: {protocol: 'http', port: '8042', host: 'IP_ADDRESS'}
|
||||
AodhPublic: {protocol: 'https', port: '13042', host: 'CLOUDNAME'}
|
||||
BarbicanAdmin: {protocol: 'http', port: '9311', host: 'IP_ADDRESS'}
|
||||
BarbicanInternal: {protocol: 'http', port: '9311', host: 'IP_ADDRESS'}
|
||||
BarbicanPublic: {protocol: 'https', port: '13311', host: 'CLOUDNAME'}
|
||||
CeilometerAdmin: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'}
|
||||
CeilometerInternal: {protocol: 'http', port: '8777', host: 'IP_ADDRESS'}
|
||||
CeilometerPublic: {protocol: 'https', port: '13777', host: 'CLOUDNAME'}
|
||||
CephRgwAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
CephRgwInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
CephRgwPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'}
|
||||
CinderAdmin: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'}
|
||||
CinderInternal: {protocol: 'http', port: '8776', host: 'IP_ADDRESS'}
|
||||
CinderPublic: {protocol: 'https', port: '13776', host: 'CLOUDNAME'}
|
||||
CongressAdmin: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
|
||||
CongressInternal: {protocol: 'http', port: '1789', host: 'IP_ADDRESS'}
|
||||
CongressPublic: {protocol: 'https', port: '13789', host: 'CLOUDNAME'}
|
||||
ContrailAnalyticsApiAdmin: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsApiInternal: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsApiPublic: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorHttpAdmin: {protocol: 'http', port: '8089',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorHttpInternal: {protocol: 'http', port: '8089',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorHttpPublic: {protocol: 'http', port: '8089',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorSandeshAdmin: {protocol: 'http', port: '8086',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorSandeshInternal: {protocol: 'http', port: '8086',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorSandeshPublic: {protocol: 'http', port: '8086',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsHttpAdmin: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsHttpInternal: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsHttpPublic: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsRedisAdmin: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsRedisInternal: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsRedisPublic: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
|
||||
ContrailConfigAdmin: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
|
||||
ContrailConfigInternal: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
|
||||
ContrailConfigPublic: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
|
||||
ContrailDiscoveryAdmin: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
|
||||
ContrailDiscoveryInternal: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
|
||||
ContrailDiscoveryPublic: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpPublic: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpsAdmin: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpsInternal: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpsPublic: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
|
||||
Ec2ApiAdmin: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
|
||||
Ec2ApiInternal: {protocol: 'http', port: '8788', host: 'IP_ADDRESS'}
|
||||
Ec2ApiPublic: {protocol: 'https', port: '13788', host: 'CLOUDNAME'}
|
||||
GlanceAdmin: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'}
|
||||
GlanceInternal: {protocol: 'http', port: '9292', host: 'IP_ADDRESS'}
|
||||
GlancePublic: {protocol: 'https', port: '13292', host: 'CLOUDNAME'}
|
||||
GnocchiAdmin: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'}
|
||||
GnocchiInternal: {protocol: 'http', port: '8041', host: 'IP_ADDRESS'}
|
||||
GnocchiPublic: {protocol: 'https', port: '13041', host: 'CLOUDNAME'}
|
||||
HeatAdmin: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'}
|
||||
HeatInternal: {protocol: 'http', port: '8004', host: 'IP_ADDRESS'}
|
||||
HeatPublic: {protocol: 'https', port: '13004', host: 'CLOUDNAME'}
|
||||
HeatCfnAdmin: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'}
|
||||
HeatCfnInternal: {protocol: 'http', port: '8000', host: 'IP_ADDRESS'}
|
||||
HeatCfnPublic: {protocol: 'https', port: '13005', host: 'CLOUDNAME'}
|
||||
HorizonPublic: {protocol: 'https', port: '443', host: 'CLOUDNAME'}
|
||||
IronicAdmin: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'}
|
||||
IronicInternal: {protocol: 'http', port: '6385', host: 'IP_ADDRESS'}
|
||||
IronicPublic: {protocol: 'https', port: '13385', host: 'CLOUDNAME'}
|
||||
IronicInspectorAdmin: {protocol: 'http', port: '5050', host: 'IP_ADDRESS'}
|
||||
IronicInspectorInternal: {protocol: 'http', port: '5050', host: 'IP_ADDRESS'}
|
||||
IronicInspectorPublic: {protocol: 'https', port: '13050', host: 'CLOUDNAME'}
|
||||
KeystoneAdmin: {protocol: 'http', port: '35357', host: 'IP_ADDRESS'}
|
||||
KeystoneInternal: {protocol: 'http', port: '5000', host: 'IP_ADDRESS'}
|
||||
KeystonePublic: {protocol: 'https', port: '13000', host: 'CLOUDNAME'}
|
||||
ManilaAdmin: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'}
|
||||
ManilaInternal: {protocol: 'http', port: '8786', host: 'IP_ADDRESS'}
|
||||
ManilaPublic: {protocol: 'https', port: '13786', host: 'CLOUDNAME'}
|
||||
MistralAdmin: {protocol: 'http', port: '8989', host: 'IP_ADDRESS'}
|
||||
MistralInternal: {protocol: 'http', port: '8989', host: 'IP_ADDRESS'}
|
||||
MistralPublic: {protocol: 'https', port: '13989', host: 'CLOUDNAME'}
|
||||
MysqlInternal: {protocol: 'mysql+pymysql', port: '3306', host: 'IP_ADDRESS'}
|
||||
NeutronAdmin: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'}
|
||||
NeutronInternal: {protocol: 'http', port: '9696', host: 'IP_ADDRESS'}
|
||||
NeutronPublic: {protocol: 'https', port: '13696', host: 'CLOUDNAME'}
|
||||
NovaAdmin: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'}
|
||||
NovaInternal: {protocol: 'http', port: '8774', host: 'IP_ADDRESS'}
|
||||
NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'}
|
||||
NovaPlacementAdmin: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'}
|
||||
NovaPlacementInternal: {protocol: 'http', port: '8778', host: 'IP_ADDRESS'}
|
||||
NovaPlacementPublic: {protocol: 'https', port: '13778', host: 'CLOUDNAME'}
|
||||
NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'}
|
||||
NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'}
|
||||
NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'}
|
||||
OctaviaAdmin: {protocol: 'http', port: '9876', host: 'IP_ADDRESS'}
|
||||
OctaviaInternal: {protocol: 'http', port: '9876', host: 'IP_ADDRESS'}
|
||||
OctaviaPublic: {protocol: 'https', port: '13876', host: 'CLOUDNAME'}
|
||||
PankoAdmin: {protocol: 'http', port: '8779', host: 'IP_ADDRESS'}
|
||||
PankoInternal: {protocol: 'http', port: '8779', host: 'IP_ADDRESS'}
|
||||
PankoPublic: {protocol: 'https', port: '13779', host: 'CLOUDNAME'}
|
||||
SaharaAdmin: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'}
|
||||
SaharaInternal: {protocol: 'http', port: '8386', host: 'IP_ADDRESS'}
|
||||
SaharaPublic: {protocol: 'https', port: '13386', host: 'CLOUDNAME'}
|
||||
SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
SwiftPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'}
|
||||
TackerAdmin: {protocol: 'http', port: '9890', host: 'IP_ADDRESS'}
|
||||
TackerInternal: {protocol: 'http', port: '9890', host: 'IP_ADDRESS'}
|
||||
TackerPublic: {protocol: 'https', port: '13989', host: 'CLOUDNAME'}
|
||||
ZaqarAdmin: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'}
|
||||
ZaqarInternal: {protocol: 'http', port: '8888', host: 'IP_ADDRESS'}
|
||||
ZaqarPublic: {protocol: 'https', port: '13888', host: 'CLOUDNAME'}
|
||||
ZaqarWebSocketAdmin: {protocol: 'ws', port: '9000', host: 'IP_ADDRESS'}
|
||||
ZaqarWebSocketInternal: {protocol: 'ws', port: '9000', host: 'IP_ADDRESS'}
|
||||
ZaqarWebSocketPublic: {protocol: 'wss', port: '9000', host: 'CLOUDNAME'}
|
||||
-
|
||||
name: ssl/tls-everywhere-endpoints-dns
|
||||
title: Deploy All SSL Endpoints as DNS Names
|
||||
description: |
|
||||
Use this environment when deploying an overcloud where all the endpoints are
|
||||
DNS names and there's TLS in all endpoint types.
|
||||
files:
|
||||
network/endpoints/endpoint_map.yaml:
|
||||
parameters:
|
||||
- EndpointMap
|
||||
sample_values:
|
||||
# NOTE(bnemec): This is a bit odd, but it's the only way I've found that
|
||||
# works. The |-2 tells YAML to strip two spaces off the indentation of
|
||||
# the value, which because it's indented six spaces gets us to the four
|
||||
# that we actually want. Note that zero is not a valid value here, so
|
||||
# two seemed like the most sane option.
|
||||
EndpointMap: |-2
|
||||
|
||||
AodhAdmin: {protocol: 'https', port: '8042', host: 'CLOUDNAME'}
|
||||
AodhInternal: {protocol: 'https', port: '8042', host: 'CLOUDNAME'}
|
||||
AodhPublic: {protocol: 'https', port: '13042', host: 'CLOUDNAME'}
|
||||
BarbicanAdmin: {protocol: 'https', port: '9311', host: 'CLOUDNAME'}
|
||||
BarbicanInternal: {protocol: 'https', port: '9311', host: 'CLOUDNAME'}
|
||||
BarbicanPublic: {protocol: 'https', port: '13311', host: 'CLOUDNAME'}
|
||||
CeilometerAdmin: {protocol: 'https', port: '8777', host: 'CLOUDNAME'}
|
||||
CeilometerInternal: {protocol: 'https', port: '8777', host: 'CLOUDNAME'}
|
||||
CeilometerPublic: {protocol: 'https', port: '13777', host: 'CLOUDNAME'}
|
||||
CephRgwAdmin: {protocol: 'https', port: '8080', host: 'CLOUDNAME'}
|
||||
CephRgwInternal: {protocol: 'https', port: '8080', host: 'CLOUDNAME'}
|
||||
CephRgwPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'}
|
||||
CinderAdmin: {protocol: 'https', port: '8776', host: 'CLOUDNAME'}
|
||||
CinderInternal: {protocol: 'https', port: '8776', host: 'CLOUDNAME'}
|
||||
CinderPublic: {protocol: 'https', port: '13776', host: 'CLOUDNAME'}
|
||||
CongressAdmin: {protocol: 'https', port: '1789', host: 'CLOUDNAME'}
|
||||
CongressInternal: {protocol: 'https', port: '1789', host: 'CLOUDNAME'}
|
||||
CongressPublic: {protocol: 'https', port: '13789', host: 'CLOUDNAME'}
|
||||
ContrailAnalyticsApiAdmin: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsApiInternal: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsApiPublic: {protocol: 'http', port: '8081', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorHttpAdmin: {protocol: 'http', port: '8089',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorHttpInternal: {protocol: 'http', port: '8089',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorHttpPublic: {protocol: 'http', port: '8089',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorSandeshAdmin: {protocol: 'http', port: '8086',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorSandeshInternal: {protocol: 'http', port: '8086',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsCollectorSandeshPublic: {protocol: 'http', port: '8086',
|
||||
host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsHttpAdmin: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsHttpInternal: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsHttpPublic: {protocol: 'http', port: '8090', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsRedisAdmin: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsRedisInternal: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
|
||||
ContrailAnalyticsRedisPublic: {protocol: 'http', port: '6379', host: 'IP_ADDRESS'}
|
||||
ContrailConfigAdmin: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
|
||||
ContrailConfigInternal: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
|
||||
ContrailConfigPublic: {protocol: 'http', port: '8082', host: 'IP_ADDRESS'}
|
||||
ContrailDiscoveryAdmin: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
|
||||
ContrailDiscoveryInternal: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
|
||||
ContrailDiscoveryPublic: {protocol: 'http', port: '5998', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpPublic: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpsAdmin: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpsInternal: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
|
||||
ContrailWebuiHttpsPublic: {protocol: 'http', port: '8143', host: 'IP_ADDRESS'}
|
||||
Ec2ApiAdmin: {protocol: 'https', port: '8788', host: 'CLOUDNAME'}
|
||||
Ec2ApiInternal: {protocol: 'https', port: '8788', host: 'CLOUDNAME'}
|
||||
Ec2ApiPublic: {protocol: 'https', port: '13788', host: 'CLOUDNAME'}
|
||||
GlanceAdmin: {protocol: 'https', port: '9292', host: 'CLOUDNAME'}
|
||||
GlanceInternal: {protocol: 'https', port: '9292', host: 'CLOUDNAME'}
|
||||
GlancePublic: {protocol: 'https', port: '13292', host: 'CLOUDNAME'}
|
||||
GnocchiAdmin: {protocol: 'https', port: '8041', host: 'CLOUDNAME'}
|
||||
GnocchiInternal: {protocol: 'https', port: '8041', host: 'CLOUDNAME'}
|
||||
GnocchiPublic: {protocol: 'https', port: '13041', host: 'CLOUDNAME'}
|
||||
HeatAdmin: {protocol: 'https', port: '8004', host: 'CLOUDNAME'}
|
||||
HeatInternal: {protocol: 'https', port: '8004', host: 'CLOUDNAME'}
|
||||
HeatPublic: {protocol: 'https', port: '13004', host: 'CLOUDNAME'}
|
||||
HeatCfnAdmin: {protocol: 'https', port: '8000', host: 'CLOUDNAME'}
|
||||
HeatCfnInternal: {protocol: 'https', port: '8000', host: 'CLOUDNAME'}
|
||||
HeatCfnPublic: {protocol: 'https', port: '13005', host: 'CLOUDNAME'}
|
||||
HorizonPublic: {protocol: 'https', port: '443', host: 'CLOUDNAME'}
|
||||
IronicAdmin: {protocol: 'https', port: '6385', host: 'CLOUDNAME'}
|
||||
IronicInternal: {protocol: 'https', port: '6385', host: 'CLOUDNAME'}
|
||||
IronicPublic: {protocol: 'https', port: '13385', host: 'CLOUDNAME'}
|
||||
IronicInspectorAdmin: {protocol: 'http', port: '5050', host: 'CLOUDNAME'}
|
||||
IronicInspectorInternal: {protocol: 'http', port: '5050', host: 'CLOUDNAME'}
|
||||
IronicInspectorPublic: {protocol: 'https', port: '13050', host: 'CLOUDNAME'}
|
||||
KeystoneAdmin: {protocol: 'https', port: '35357', host: 'CLOUDNAME'}
|
||||
KeystoneInternal: {protocol: 'https', port: '5000', host: 'CLOUDNAME'}
|
||||
KeystonePublic: {protocol: 'https', port: '13000', host: 'CLOUDNAME'}
|
||||
ManilaAdmin: {protocol: 'https', port: '8786', host: 'CLOUDNAME'}
|
||||
ManilaInternal: {protocol: 'https', port: '8786', host: 'CLOUDNAME'}
|
||||
ManilaPublic: {protocol: 'https', port: '13786', host: 'CLOUDNAME'}
|
||||
MistralAdmin: {protocol: 'https', port: '8989', host: 'CLOUDNAME'}
|
||||
MistralInternal: {protocol: 'https', port: '8989', host: 'CLOUDNAME'}
|
||||
MistralPublic: {protocol: 'https', port: '13989', host: 'CLOUDNAME'}
|
||||
MysqlInternal: {protocol: 'mysql+pymysql', port: '3306', host: 'CLOUDNAME'}
|
||||
NeutronAdmin: {protocol: 'https', port: '9696', host: 'CLOUDNAME'}
|
||||
NeutronInternal: {protocol: 'https', port: '9696', host: 'CLOUDNAME'}
|
||||
NeutronPublic: {protocol: 'https', port: '13696', host: 'CLOUDNAME'}
|
||||
NovaAdmin: {protocol: 'https', port: '8774', host: 'CLOUDNAME'}
|
||||
NovaInternal: {protocol: 'https', port: '8774', host: 'CLOUDNAME'}
|
||||
NovaPublic: {protocol: 'https', port: '13774', host: 'CLOUDNAME'}
|
||||
NovaPlacementAdmin: {protocol: 'https', port: '8778', host: 'CLOUDNAME'}
|
||||
NovaPlacementInternal: {protocol: 'https', port: '8778', host: 'CLOUDNAME'}
|
||||
NovaPlacementPublic: {protocol: 'https', port: '13778', host: 'CLOUDNAME'}
|
||||
NovaVNCProxyAdmin: {protocol: 'https', port: '6080', host: 'CLOUDNAME'}
|
||||
NovaVNCProxyInternal: {protocol: 'https', port: '6080', host: 'CLOUDNAME'}
|
||||
NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'}
|
||||
OctaviaAdmin: {protocol: 'https', port: '9876', host: 'IP_ADDRESS'}
|
||||
OctaviaInternal: {protocol: 'https', port: '9876', host: 'IP_ADDRESS'}
|
||||
OctaviaPublic: {protocol: 'https', port: '13876', host: 'CLOUDNAME'}
|
||||
PankoAdmin: {protocol: 'https', port: '8779', host: 'CLOUDNAME'}
|
||||
PankoInternal: {protocol: 'https', port: '8779', host: 'CLOUDNAME'}
|
||||
PankoPublic: {protocol: 'https', port: '13779', host: 'CLOUDNAME'}
|
||||
SaharaAdmin: {protocol: 'https', port: '8386', host: 'CLOUDNAME'}
|
||||
SaharaInternal: {protocol: 'https', port: '8386', host: 'CLOUDNAME'}
|
||||
SaharaPublic: {protocol: 'https', port: '13386', host: 'CLOUDNAME'}
|
||||
SwiftAdmin: {protocol: 'https', port: '8080', host: 'CLOUDNAME'}
|
||||
SwiftInternal: {protocol: 'https', port: '8080', host: 'CLOUDNAME'}
|
||||
SwiftPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'}
|
||||
TackerAdmin: {protocol: 'https', port: '9890', host: 'CLOUDNAME'}
|
||||
TackerInternal: {protocol: 'https', port: '9890', host: 'CLOUDNAME'}
|
||||
TackerPublic: {protocol: 'https', port: '13989', host: 'CLOUDNAME'}
|
||||
ZaqarAdmin: {protocol: 'https', port: '8888', host: 'CLOUDNAME'}
|
||||
ZaqarInternal: {protocol: 'https', port: '8888', host: 'CLOUDNAME'}
|
||||
ZaqarPublic: {protocol: 'https', port: '13888', host: 'CLOUDNAME'}
|
||||
ZaqarWebSocketAdmin: {protocol: 'wss', port: '9000', host: 'CLOUDNAME'}
|
||||
ZaqarWebSocketInternal: {protocol: 'wss', port: '9000', host: 'CLOUDNAME'}
|
||||
ZaqarWebSocketPublic: {protocol: 'wss', port: '9000', host: 'CLOUDNAME'}
|
@ -20,7 +20,14 @@ import yaml
|
||||
required_params = ['EndpointMap', 'ServiceNetMap', 'DefaultPasswords',
|
||||
'RoleName', 'RoleParameters']
|
||||
|
||||
# NOTE(bnemec): The duplication in this list is intentional. For the
|
||||
# transition to generated environments we have two copies of these files,
|
||||
# so they need to be listed twice. Once the deprecated version can be removed
|
||||
# the duplicate entries can be as well.
|
||||
envs_containing_endpoint_map = ['tls-endpoints-public-dns.yaml',
|
||||
'tls-endpoints-public-ip.yaml',
|
||||
'tls-everywhere-endpoints-dns.yaml',
|
||||
'tls-endpoints-public-dns.yaml',
|
||||
'tls-endpoints-public-ip.yaml',
|
||||
'tls-everywhere-endpoints-dns.yaml']
|
||||
ENDPOINT_MAP_FILE = 'endpoint_map.yaml'
|
||||
@ -294,9 +301,9 @@ if base_endpoint_map and \
|
||||
else:
|
||||
print("%s matches base endpoint map" % env_endpoint_map['file'])
|
||||
else:
|
||||
print("ERROR: Can't validate endpoint maps since a file is missing. "
|
||||
"If you meant to delete one of these files you should update this "
|
||||
"tool as well.")
|
||||
print("ERROR: Did not find expected number of environments containing the "
|
||||
"EndpointMap parameter. If you meant to add or remove one of these "
|
||||
"environments then you also need to update this tool.")
|
||||
if not base_endpoint_map:
|
||||
failed_files.append(ENDPOINT_MAP_FILE)
|
||||
if len(env_endpoint_maps) != len(envs_containing_endpoint_map):
|
||||
|
2
tox.ini
2
tox.ini
@ -31,4 +31,4 @@ commands = python setup.py test --coverage --coverage-package-name=tripleo_heat_
|
||||
[testenv:genconfig]
|
||||
commands =
|
||||
python ./tools/process-templates.py
|
||||
python ./tripleo_heat_templates/environment_generator.py sample-env-generator/sample-environments.yaml
|
||||
python ./tripleo_heat_templates/environment_generator.py sample-env-generator/
|
||||
|
@ -165,24 +165,32 @@ def _generate_environment(input_env, parent_env=None):
|
||||
_generate_environment(e, env)
|
||||
|
||||
|
||||
def generate_environments(config_file):
|
||||
with open(config_file) as f:
|
||||
config = yaml.safe_load(f)
|
||||
for env in config['environments']:
|
||||
_generate_environment(env)
|
||||
def generate_environments(config_path):
|
||||
if os.path.isdir(config_path):
|
||||
config_files = os.listdir(config_path)
|
||||
config_files = [os.path.join(config_path, i) for i in config_files
|
||||
if os.path.splitext(i)[1] == '.yaml']
|
||||
else:
|
||||
config_files = [config_path]
|
||||
for config_file in config_files:
|
||||
print('Reading environment definitions from %s' % config_file)
|
||||
with open(config_file) as f:
|
||||
config = yaml.safe_load(f)
|
||||
for env in config['environments']:
|
||||
_generate_environment(env)
|
||||
|
||||
|
||||
def usage(exit_code=1):
|
||||
print('Usage: %s <filename.yaml>' % sys.argv[0])
|
||||
print('Usage: %s [<filename.yaml> | <directory>]' % sys.argv[0])
|
||||
sys.exit(exit_code)
|
||||
|
||||
|
||||
def main():
|
||||
try:
|
||||
config_file = sys.argv[1]
|
||||
config_path = sys.argv[1]
|
||||
except IndexError:
|
||||
usage()
|
||||
generate_environments(config_file)
|
||||
generate_environments(config_path)
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
|
Loading…
Reference in New Issue
Block a user