/gist:606b08baf82ccb930591503c7d78f2e3

## gistfile1.txt
root@server03:/etc/openstack_deploy# cat openstack_user_config.yml
---
cidr_networks:
  container: 192.168.0.0/24
  tunnel: 172.30.1.0/24
  #storage: 172.17.0.0/22

used_ips:
    - "192.168.0.0,192.168.0.150"
    - "192.168.0.250,192.168.0.254"
    - "172.30.1.0,172.30.1.100"

global_overrides:
  internal_lb_vip_address: 172.30.10.10
  # The external IP is quoted simply to ensure that the .aio file can be used as input
  # dynamic inventory testing.
  external_lb_vip_address: "{{ bootstrap_host_public_address | default(ansible_default_ipv4.address) }}"
  tunnel_bridge: "br-vxlan"
  management_bridge: "br-mgmt"
  provider_networks:
    - network:
        container_bridge: "br-mgmt"
        container_type: "veth"
        container_interface: "eth1"
        ip_from_q: "container"
        type: "raw"
        group_binds:
          - all_containers
          - hosts
        is_container_address: true
        is_ssh_address: true
    - network:
        container_bridge: "br-vxlan"
        container_type: "veth"
        container_interface: "eth10"
        ip_from_q: "tunnel"
        type: "vxlan"
        range: "1:1000"
        net_name: "vxlan"
        group_binds:
          - neutron_linuxbridge_agent
shared-infra_hosts:
  infra1:
    # Rabbitmq, and galera are set to multiples to test clustering.
    affinity:
      galera_container: 1
      rabbit_mq_container: 1
    ip: 192.168.0.51

os-infra_hosts:
  infra1:
    # Horizon is set to multiple to test clustering. This test only requires x2.
    affinity:
      horizon_container: 1
    ip: 192.168.0.51

#storage-infra_hosts:
#  infra1:
#    ip: 192.168.0.51

repo-infra_hosts:
  infra1:
    # Repo is set to multiple to test clustering. This test only requires x2.
    affinity:
      repo_container: 1
    ip: 192.168.0.51

identity_hosts:
  infra1:
    # Keystone is set to multiple to test clustering. This test only requires x2.
    affinity:
      keystone_container: 1
    ip: 192.168.0.51

compute_hosts:
  infra1:
    ip: 192.168.0.51
#  compute1:
#    ip: 192.168.0.31
#  compute2:
#    ip: 192.168.0.32

log_hosts:
  infra1:
    ip: 192.168.0.51

network_hosts:
  infra1:
    ip: 192.168.0.51

haproxy_hosts:
  infra1:
    ip: 192.168.0.51


## SSH connection wait time
# If an increased delay for the ssh connection check is desired,
# uncomment this variable and set it appropriately.
#ssh_delay: 5


## HAProxy
# Uncomment this to disable keepalived installation (cf. documentation)
# haproxy_use_keepalived: False
#
# HAProxy Keepalived configuration (cf. documentation)
# Make sure that this is set correctly according to the CIDR used for your
# internal and external addresses.
# haproxy_keepalived_external_vip_cidr: "{{external_lb_vip_address}}/32"
# haproxy_keepalived_internal_vip_cidr: "{{internal_lb_vip_address}}/32"
# haproxy_keepalived_external_interface:
# haproxy_keepalived_internal_interface:

# Defines the default VRRP id used for keepalived with haproxy.
# Overwrite it to your value to make sure you don't overlap
# with existing VRRPs id on your network. Default is 10 for the external and 11 for the
# internal VRRPs
# haproxy_keepalived_external_virtual_router_id:
# haproxy_keepalived_internal_virtual_router_id:

# Defines the VRRP master/backup priority. Defaults respectively to 100 and 20
# haproxy_keepalived_priority_master:
# haproxy_keepalived_priority_backup:

# Keepalived default IP address used to check its alive status (IPv4 only)
# keepalived_ping_address: "193.0.14.129"

# All the previous variables are used in a var file, fed to the keepalived role.
# To use another file to feed the role, override the following var:
# haproxy_keepalived_vars_file: 'vars/configs/keepalived_haproxy.yml'

## Host security hardening
# The openstack-ansible-security role provides security hardening for hosts
# by applying security configurations from the STIG. Hardening is disabled by
# default, but an option to opt-in is available by setting the following
# variable to 'true'.
# Docs: http://docs.openstack.org/developer/openstack-ansible-security/
apply_security_hardening: false
	root@server03:/etc/openstack_deploy# cat openstack_user_config.yml
	---
	cidr_networks:
	container: 192.168.0.0/24
	tunnel: 172.30.1.0/24
	#storage: 172.17.0.0/22

	used_ips:
	- "192.168.0.0,192.168.0.150"
	- "192.168.0.250,192.168.0.254"
	- "172.30.1.0,172.30.1.100"

	global_overrides:
	internal_lb_vip_address: 172.30.10.10
	# The external IP is quoted simply to ensure that the .aio file can be used as input
	# dynamic inventory testing.
	external_lb_vip_address: "{{ bootstrap_host_public_address \| default(ansible_default_ipv4.address) }}"
	tunnel_bridge: "br-vxlan"
	management_bridge: "br-mgmt"
	provider_networks:
	- network:
	container_bridge: "br-mgmt"
	container_type: "veth"
	container_interface: "eth1"
	ip_from_q: "container"
	type: "raw"
	group_binds:
	- all_containers
	- hosts
	is_container_address: true
	is_ssh_address: true
	- network:
	container_bridge: "br-vxlan"
	container_type: "veth"
	container_interface: "eth10"
	ip_from_q: "tunnel"
	type: "vxlan"
	range: "1:1000"
	net_name: "vxlan"
	group_binds:
	- neutron_linuxbridge_agent
	shared-infra_hosts:
	infra1:
	# Rabbitmq, and galera are set to multiples to test clustering.
	affinity:
	galera_container: 1
	rabbit_mq_container: 1
	ip: 192.168.0.51

	os-infra_hosts:
	infra1:
	# Horizon is set to multiple to test clustering. This test only requires x2.
	affinity:
	horizon_container: 1
	ip: 192.168.0.51

	#storage-infra_hosts:
	# infra1:
	# ip: 192.168.0.51

	repo-infra_hosts:
	infra1:
	# Repo is set to multiple to test clustering. This test only requires x2.
	affinity:
	repo_container: 1
	ip: 192.168.0.51

	identity_hosts:
	infra1:
	# Keystone is set to multiple to test clustering. This test only requires x2.
	affinity:
	keystone_container: 1
	ip: 192.168.0.51

	compute_hosts:
	infra1:
	ip: 192.168.0.51
	# compute1:
	# ip: 192.168.0.31
	# compute2:
	# ip: 192.168.0.32

	log_hosts:
	infra1:
	ip: 192.168.0.51

	network_hosts:
	infra1:
	ip: 192.168.0.51

	haproxy_hosts:
	infra1:
	ip: 192.168.0.51



	## SSH connection wait time
	# If an increased delay for the ssh connection check is desired,
	# uncomment this variable and set it appropriately.
	#ssh_delay: 5


	## HAProxy
	# Uncomment this to disable keepalived installation (cf. documentation)
	# haproxy_use_keepalived: False
	#
	# HAProxy Keepalived configuration (cf. documentation)
	# Make sure that this is set correctly according to the CIDR used for your
	# internal and external addresses.
	# haproxy_keepalived_external_vip_cidr: "{{external_lb_vip_address}}/32"
	# haproxy_keepalived_internal_vip_cidr: "{{internal_lb_vip_address}}/32"
	# haproxy_keepalived_external_interface:
	# haproxy_keepalived_internal_interface:

	# Defines the default VRRP id used for keepalived with haproxy.
	# Overwrite it to your value to make sure you don't overlap
	# with existing VRRPs id on your network. Default is 10 for the external and 11 for the
	# internal VRRPs
	# haproxy_keepalived_external_virtual_router_id:
	# haproxy_keepalived_internal_virtual_router_id:

	# Defines the VRRP master/backup priority. Defaults respectively to 100 and 20
	# haproxy_keepalived_priority_master:
	# haproxy_keepalived_priority_backup:

	# Keepalived default IP address used to check its alive status (IPv4 only)
	# keepalived_ping_address: "193.0.14.129"

	# All the previous variables are used in a var file, fed to the keepalived role.
	# To use another file to feed the role, override the following var:
	# haproxy_keepalived_vars_file: 'vars/configs/keepalived_haproxy.yml'

	## Host security hardening
	# The openstack-ansible-security role provides security hardening for hosts
	# by applying security configurations from the STIG. Hardening is disabled by
	# default, but an option to opt-in is available by setting the following
	# variable to 'true'.
	# Docs: http://docs.openstack.org/developer/openstack-ansible-security/
	apply_security_hardening: false