Created
September 13, 2016 12:29
-
-
Save anonymous/606b08baf82ccb930591503c7d78f2e3 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
root@server03:/etc/openstack_deploy# cat openstack_user_config.yml | |
--- | |
cidr_networks: | |
container: 192.168.0.0/24 | |
tunnel: 172.30.1.0/24 | |
#storage: 172.17.0.0/22 | |
used_ips: | |
- "192.168.0.0,192.168.0.150" | |
- "192.168.0.250,192.168.0.254" | |
- "172.30.1.0,172.30.1.100" | |
global_overrides: | |
internal_lb_vip_address: 172.30.10.10 | |
# The external IP is quoted simply to ensure that the .aio file can be used as input | |
# dynamic inventory testing. | |
external_lb_vip_address: "{{ bootstrap_host_public_address | default(ansible_default_ipv4.address) }}" | |
tunnel_bridge: "br-vxlan" | |
management_bridge: "br-mgmt" | |
provider_networks: | |
- network: | |
container_bridge: "br-mgmt" | |
container_type: "veth" | |
container_interface: "eth1" | |
ip_from_q: "container" | |
type: "raw" | |
group_binds: | |
- all_containers | |
- hosts | |
is_container_address: true | |
is_ssh_address: true | |
- network: | |
container_bridge: "br-vxlan" | |
container_type: "veth" | |
container_interface: "eth10" | |
ip_from_q: "tunnel" | |
type: "vxlan" | |
range: "1:1000" | |
net_name: "vxlan" | |
group_binds: | |
- neutron_linuxbridge_agent | |
shared-infra_hosts: | |
infra1: | |
# Rabbitmq, and galera are set to multiples to test clustering. | |
affinity: | |
galera_container: 1 | |
rabbit_mq_container: 1 | |
ip: 192.168.0.51 | |
os-infra_hosts: | |
infra1: | |
# Horizon is set to multiple to test clustering. This test only requires x2. | |
affinity: | |
horizon_container: 1 | |
ip: 192.168.0.51 | |
#storage-infra_hosts: | |
# infra1: | |
# ip: 192.168.0.51 | |
repo-infra_hosts: | |
infra1: | |
# Repo is set to multiple to test clustering. This test only requires x2. | |
affinity: | |
repo_container: 1 | |
ip: 192.168.0.51 | |
identity_hosts: | |
infra1: | |
# Keystone is set to multiple to test clustering. This test only requires x2. | |
affinity: | |
keystone_container: 1 | |
ip: 192.168.0.51 | |
compute_hosts: | |
infra1: | |
ip: 192.168.0.51 | |
# compute1: | |
# ip: 192.168.0.31 | |
# compute2: | |
# ip: 192.168.0.32 | |
log_hosts: | |
infra1: | |
ip: 192.168.0.51 | |
network_hosts: | |
infra1: | |
ip: 192.168.0.51 | |
haproxy_hosts: | |
infra1: | |
ip: 192.168.0.51 | |
## SSH connection wait time | |
# If an increased delay for the ssh connection check is desired, | |
# uncomment this variable and set it appropriately. | |
#ssh_delay: 5 | |
## HAProxy | |
# Uncomment this to disable keepalived installation (cf. documentation) | |
# haproxy_use_keepalived: False | |
# | |
# HAProxy Keepalived configuration (cf. documentation) | |
# Make sure that this is set correctly according to the CIDR used for your | |
# internal and external addresses. | |
# haproxy_keepalived_external_vip_cidr: "{{external_lb_vip_address}}/32" | |
# haproxy_keepalived_internal_vip_cidr: "{{internal_lb_vip_address}}/32" | |
# haproxy_keepalived_external_interface: | |
# haproxy_keepalived_internal_interface: | |
# Defines the default VRRP id used for keepalived with haproxy. | |
# Overwrite it to your value to make sure you don't overlap | |
# with existing VRRPs id on your network. Default is 10 for the external and 11 for the | |
# internal VRRPs | |
# haproxy_keepalived_external_virtual_router_id: | |
# haproxy_keepalived_internal_virtual_router_id: | |
# Defines the VRRP master/backup priority. Defaults respectively to 100 and 20 | |
# haproxy_keepalived_priority_master: | |
# haproxy_keepalived_priority_backup: | |
# Keepalived default IP address used to check its alive status (IPv4 only) | |
# keepalived_ping_address: "193.0.14.129" | |
# All the previous variables are used in a var file, fed to the keepalived role. | |
# To use another file to feed the role, override the following var: | |
# haproxy_keepalived_vars_file: 'vars/configs/keepalived_haproxy.yml' | |
## Host security hardening | |
# The openstack-ansible-security role provides security hardening for hosts | |
# by applying security configurations from the STIG. Hardening is disabled by | |
# default, but an option to opt-in is available by setting the following | |
# variable to 'true'. | |
# Docs: http://docs.openstack.org/developer/openstack-ansible-security/ | |
apply_security_hardening: false |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment