openstack/openstack-ansible-os_adjutant
Code Issues Proposed changes
c5fbb4d2f5
openstack-ansible-os_adjutant/defaults/main.yml
Dmitriy Rabotyagov c5fbb4d2f5 Make role fit to the OSA standards 
We've pulled that role from github, and we need to make
an adjustments to standardize approach across all other
roles, like service and db create, uwsgi usage, etc.

We're also adding integrated CI.

Needed-By: https://review.opendev.org/756310
Change-Id: Ie95b9c723f29eb20f9e1e95e284d7ed20346aaff
2020-11-24 11:48:05 +02:00

262 lines
8.3 KiB
YAML
Raw Blame History

---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
## Verbosity Options
debug: False
# Set the package install state for distribution and pip packages
# Options are 'present' and 'latest'
adjutant_package_state: "latest"
adjutant_pip_package_state: "latest"
adjutant_service_user_name: adjutant
adjutant_system_group_name: adjutant
adjutant_system_user_name: adjutant
adjutant_system_comment: adjutant system user
adjutant_system_shell: /bin/false
adjutant_system_home_folder: "/var/lib/{{ adjutant_system_user_name }}"
adjutant_venv_tag: untagged
adjutant_bin: "/openstack/venvs/adjutant-{{ adjutant_venv_tag }}/bin"
adjutant_git_repo: https://opendev.org/openstack/adjutant
adjutant_git_install_branch: master
adjutant_upper_constraints_url: "{{ requirements_git_url | default('https://releases.openstack.org/constraints/upper/' ~ requirements_git_install_branch | default('master')) }}"
adjutant_git_constraints:
- "git+{{ adjutant_git_repo }}@{{ adjutant_git_install_branch }}#egg=adjutant"
- "--constraint {{ adjutant_upper_constraints_url }}"
adjutant_user_domain_name: Default
adjutant_user_domain_id: default
adjutant_keystone_auth_plugin: password
adjutant_galera_address: "{{ galera_address | default('127.0.0.1') }}"
adjutant_galera_database: adjutant
adjutant_galera_user: adjutant
adjutant_galera_use_ssl: "{{ galera_use_ssl | default(False) }}"
adjutant_galera_ssl_ca_cert: "{{ galera_ssl_ca_cert | default('/etc/ssl/certs/galera-ca.pem') }}"
adjutant_galera_port: 3306
adjutant_galera_setup_host: "{{ openstack_db_setup_host | default('localhost') }}"
adjutant_galera_setup_python_interpreter: "{{ openstack_db_setup_python_interpreter | default((adjutant_galera_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_python['executable'])) }}"
## Service Type and Data
adjutant_role_name: admin
adjutant_service_region: RegionOne
adjutant_service_name: adjutant
adjutant_service_type: registration
adjutant_service_description: "Adjutant Registration Service"
adjutant_service_port: 5050
adjutant_service_project_name: service
adjutant_service_in_ldap: false
adjutant_service_setup_host: "{{ openstack_service_setup_host | default('localhost') }}"
adjutant_service_setup_host_python_interpreter: "{{ openstack_service_setup_host_python_interpreter | default((adjutant_service_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_python['executable'])) }}"
adjutant_bind_address: "{{ openstack_service_bind_address | default('0.0.0.0') }}"
adjutant_service_proto: http
adjutant_service_publicuri_proto: "{{ openstack_service_publicuri_proto | default(adjutant_service_proto) }}"
adjutant_service_adminuri_proto: "{{ openstack_service_adminuri_proto | default(adjutant_service_proto) }}"
adjutant_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(adjutant_service_proto) }}"
adjutant_service_publicuri: "{{ adjutant_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ adjutant_service_port }}"
adjutant_service_publicurl: "{{ adjutant_service_publicuri }}/v1/"
adjutant_service_adminuri: "{{ adjutant_service_adminuri_proto }}://{{ internal_lb_vip_address }}:{{ adjutant_service_port }}"
adjutant_service_adminurl: "{{ adjutant_service_adminuri }}/v1/"
adjutant_service_internaluri: "{{ adjutant_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ adjutant_service_port }}"
adjutant_service_internalurl: "{{ adjutant_service_internaluri }}/v1/"
adjutant_horizon_publicurl: "{{ openstack_service_publicuri_proto | default(adjutant_service_proto) }}://{{ external_lb_vip_address }}/"
# uWSGI settings
adjutant_wsgi_threads: 1
adjutant_wsgi_processes_max: 16
adjutant_wsgi_processes: "{{ [[ansible_processor_vcpus|default(1), 1] | max * 2, adjutant_wsgi_processes_max] | min }}"
adjutant_use_uwsgi: True
adjutant_email_backend: django.core.mail.backends.smtp.EmailBackend
adjutant_email_host: localhost
adjutant_email_port: 587
adjutant_email_host_user: adjutant
adjutant_email_use_tls: True
adjutant_email_use_ssl: False
adjutant_email_reply_address: no-reply@example.com
adjutant_email_from_address: bounce+%(task_uuid)s@example.com
adjutant_email_notification_address: example@example.com
adjutant_email_signups_notification_address: signups@example.com
adjutant_active_delegate_apis:
- RoleList
- SignUp
- UpdateProjectQuotas
- UserDetail
- UserList
- UserResetPassword
- UserRoles
- UserUpdateEmail
adjutant_role_mapping:
admin:
- project_admin
- project_mod
- heat_stack_owner
- _member_
project_admin:
- project_admin
- project_mod
- heat_stack_owner
- _member_
project_mod:
- project_mod
- heat_stack_owner
- _member_
adjutant_blacklisted_roles:
- admin
- rating
adjutant_default_users_to_project_action: []
adjutant_default_roles_to_project_action: []
adjutant_default_quota_size: small
adjutant_signup_allow_auto_approve: False
adjutant_quota_allow_auto_approve: False
adjutant_quota_size_difference_threshold: 0.1
adjutant_quota_auto_approve_days: 30
adjutant_quota_sizes:
small:
cinder:
gigabytes: 5000
snapshots: 50
volumes: 20
neutron:
floatingip: 10
network: 3
port: 50
router: 3
security_group: 20
security_group_rule: 100
subnet: 3
nova:
cores: 20
fixed_ips: 0
floating_ips: 10
injected_file_content_bytes: 10240
injected_files: 5
instances: 10
key_pairs: 50
metadata_items: 128
ram: 65536
security_group_rules: 100
security_groups: 20
octavia:
health_monitor: 5
listener: 1
load_balancer: 1
member: 2
pool: 1
medium:
cinder:
gigabytes: 10000
snapshots: 300
volumes: 100
neutron:
floatingip: 25
network: 5
port: 250
router: 5
security_group: 50
security_group_rule: 400
subnet: 5
nova:
cores: 100
fixed_ips: 0
floating_ips: 25
injected_file_content_bytes: 10240
injected_files: 5
instances: 50
key_pairs: 50
metadata_items: 128
ram: 327680
security_group_rules: 400
security_groups: 50
octavia:
health_monitor: 50
listener: 5
load_balancer: 5
member: 5
pool: 5
large:
cinder:
gigabytes: 50000
snapshots: 600
volumes: 200
neutron:
floatingip: 50
network: 10
port: 500
router: 10
security_group: 100
security_group_rule: 800
subnet: 10
nova:
cores: 200
fixed_ips: 0
floating_ips: 50
injected_file_content_bytes: 10240
injected_files: 5
instances: 100
key_pairs: 50
metadata_items: 128
ram: 655360
security_group_rules: 800
security_groups: 100
octavia:
health_monitor: 100
listener: 10
load_balancer: 10
member: 10
pool: 10
adjutant_quota_sizes_asc:
- small
- medium
- large
adjutant_quota_services:
"*":
- cinder
- neutron
- nova
# Additonal Quota Service
# - octavia
adjutant_adjutant_conf_overrides: {}
adjutant_api_uwsgi_ini_overrides: {}
adjutant_api_init_overrides: {}
## Service Name-Group Mapping
adjutant_services:
adjutant-api:
group: adjutant_api
service_name: adjutant-api
service_enabled: true
init_config_overrides: "{{ adjutant_api_init_overrides }}"
execstarts: "{{ adjutant_bin }}/adjutant-api"
wsgi_app: "{{ adjutant_use_uwsgi }}"
wsgi_name: adjutant-api-wsgi
uwsgi_overrides: "{{ adjutant_api_uwsgi_ini_overrides }}"
uwsgi_bind_address: "{{ adjutant_bind_address }}"
uwsgi_port: "{{ adjutant_service_port }}"
adjutant_pip_install_args: "{{ pip_install_options | default('') }}"
adjutant_venv_python_executable: "{{ openstack_venv_python_executable | default('python3') }}"
adjutant_pip_packages:
- python-adjutant
- cryptography
- systemd-python
View Git Blame Copy Permalink