# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Default values for cinder.
# This is a YAML-formatted file.
# Declare name/value pairs to be passed into your templates.
# name: value
storage: ceph
labels:
node_selector_key: openstack-control-plane
node_selector_value: enabled
release_group: null
images:
tags:
test: docker.io/kolla/ubuntu-source-rally:4.0.0
db_init: docker.io/kolla/ubuntu-source-heat-engine:3.0.3
cinder_db_sync: docker.io/kolla/ubuntu-source-cinder-api:3.0.3
db_drop: docker.io/kolla/ubuntu-source-heat-engine:3.0.3
ks_user: docker.io/kolla/ubuntu-source-heat-engine:3.0.3
ks_service: docker.io/kolla/ubuntu-source-heat-engine:3.0.3
ks_endpoints: docker.io/kolla/ubuntu-source-heat-engine:3.0.3
cinder_api: docker.io/kolla/ubuntu-source-cinder-api:3.0.3
bootstrap: docker.io/kolla/ubuntu-source-heat-engine:3.0.3
cinder_scheduler: docker.io/kolla/ubuntu-source-cinder-scheduler:3.0.3
cinder_volume: docker.io/kolla/ubuntu-source-cinder-volume:3.0.3
cinder_volume_usage_audit: docker.io/kolla/ubuntu-source-cinder-volume:3.0.3
cinder_backup: docker.io/kolla/ubuntu-source-cinder-backup:3.0.3
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.2.1
pull_policy: "IfNotPresent"
jobs:
volume_usage_audit:
cron: "*/5 * * * *"
pod:
user:
cinder:
uid: 1000
affinity:
anti:
type:
default: preferredDuringSchedulingIgnoredDuringExecution
topologyKey:
default: kubernetes.io/hostname
mounts:
cinder_api:
init_container: null
cinder_api:
cinder_scheduler:
init_container: null
cinder_scheduler:
cinder_volume:
init_container: null
cinder_volume:
cinder_volume_usage_audit:
init_container: null
cinder_volume_usage_audit:
cinder_backup:
init_container: null
cinder_backup:
cinder_tests:
init_container: null
cinder_tests:
replicas:
api: 1
volume: 1
scheduler: 1
backup: 1
lifecycle:
upgrades:
deployments:
revision_history: 3
pod_replacement_strategy: RollingUpdate
rolling_update:
max_unavailable: 1
max_surge: 3
disruption_budget:
api:
min_available: 0
termination_grace_period:
api:
timeout: 30
resources:
enabled: false
api:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
scheduler:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
volume:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
jobs:
volume_usage_audit:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
bootstrap:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
db_init:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
db_sync:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
db_drop:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
ks_endpoints:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
ks_service:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
ks_user:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
tests:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
bootstrap:
enabled: true
bootstrap_conf_backends: true
volume_types:
name:
group:
volume_backend_name:
network:
api:
ingress:
public: true
external_policy_local: false
node_port:
enabled: false
port: 30877
conf:
paste:
composite:osapi_volume:
use: call:cinder.api:root_app_factory
/: apiversions
/v1: openstack_volume_api_v1
/v2: openstack_volume_api_v2
/v3: openstack_volume_api_v3
composite:openstack_volume_api_v1:
use: call:cinder.api.middleware.auth:pipeline_factory
noauth: cors http_proxy_to_wsgi request_id faultwrap sizelimit osprofiler noauth apiv1
keystone: cors http_proxy_to_wsgi request_id faultwrap sizelimit osprofiler authtoken keystonecontext apiv1
keystone_nolimit: cors http_proxy_to_wsgi request_id faultwrap sizelimit osprofiler authtoken keystonecontext apiv1
composite:openstack_volume_api_v2:
use: call:cinder.api.middleware.auth:pipeline_factory
noauth: cors http_proxy_to_wsgi request_id faultwrap sizelimit osprofiler noauth apiv2
keystone: cors http_proxy_to_wsgi request_id faultwrap sizelimit osprofiler authtoken keystonecontext apiv2
keystone_nolimit: cors http_proxy_to_wsgi request_id faultwrap sizelimit osprofiler authtoken keystonecontext apiv2
composite:openstack_volume_api_v3:
use: call:cinder.api.middleware.auth:pipeline_factory
noauth: cors http_proxy_to_wsgi request_id faultwrap sizelimit osprofiler noauth apiv3
keystone: cors http_proxy_to_wsgi request_id faultwrap sizelimit osprofiler authtoken keystonecontext apiv3
keystone_nolimit: cors http_proxy_to_wsgi request_id faultwrap sizelimit osprofiler authtoken keystonecontext apiv3
filter:request_id:
paste.filter_factory: oslo_middleware.request_id:RequestId.factory
filter:http_proxy_to_wsgi:
paste.filter_factory: oslo_middleware.http_proxy_to_wsgi:HTTPProxyToWSGI.factory
filter:cors:
paste.filter_factory: oslo_middleware.cors:filter_factory
oslo_config_project: cinder
filter:faultwrap:
paste.filter_factory: cinder.api.middleware.fault:FaultWrapper.factory
filter:osprofiler:
paste.filter_factory: osprofiler.web:WsgiMiddleware.factory
filter:noauth:
paste.filter_factory: cinder.api.middleware.auth:NoAuthMiddleware.factory
filter:sizelimit:
paste.filter_factory: oslo_middleware.sizelimit:RequestBodySizeLimiter.factory
app:apiv1:
paste.app_factory: cinder.api.v1.router:APIRouter.factory
app:apiv2:
paste.app_factory: cinder.api.v2.router:APIRouter.factory
app:apiv3:
paste.app_factory: cinder.api.v3.router:APIRouter.factory
pipeline:apiversions:
pipeline: cors http_proxy_to_wsgi faultwrap osvolumeversionapp
app:osvolumeversionapp:
paste.app_factory: cinder.api.versions:Versions.factory
filter:keystonecontext:
paste.filter_factory: cinder.api.middleware.auth:CinderKeystoneContext.factory
filter:authtoken:
paste.filter_factory: keystonemiddleware.auth_token:filter_factory
policy:
context_is_admin: role:admin
admin_or_owner: is_admin:True or project_id:%(project_id)s
default: rule:admin_or_owner
admin_api: is_admin:True
volume:create: ''
volume:delete: rule:admin_or_owner
volume:get: rule:admin_or_owner
volume:get_all: rule:admin_or_owner
volume:get_volume_metadata: rule:admin_or_owner
volume:create_volume_metadata: rule:admin_or_owner
volume:delete_volume_metadata: rule:admin_or_owner
volume:update_volume_metadata: rule:admin_or_owner
volume:get_volume_admin_metadata: rule:admin_api
volume:update_volume_admin_metadata: rule:admin_api
volume:get_snapshot: rule:admin_or_owner
volume:get_all_snapshots: rule:admin_or_owner
volume:create_snapshot: rule:admin_or_owner
volume:delete_snapshot: rule:admin_or_owner
volume:update_snapshot: rule:admin_or_owner
volume:get_snapshot_metadata: rule:admin_or_owner
volume:delete_snapshot_metadata: rule:admin_or_owner
volume:update_snapshot_metadata: rule:admin_or_owner
volume:extend: rule:admin_or_owner
volume:update_readonly_flag: rule:admin_or_owner
volume:retype: rule:admin_or_owner
volume:update: rule:admin_or_owner
volume_extension:types_manage: rule:admin_api
volume_extension:types_extra_specs: rule:admin_api
volume_extension:access_types_qos_specs_id: rule:admin_api
volume_extension:access_types_extra_specs: rule:admin_api
volume_extension:volume_type_access: rule:admin_or_owner
volume_extension:volume_type_access:addProjectAccess: rule:admin_api
volume_extension:volume_type_access:removeProjectAccess: rule:admin_api
volume_extension:volume_type_encryption: rule:admin_api
volume_extension:volume_encryption_metadata: rule:admin_or_owner
volume_extension:extended_snapshot_attributes: rule:admin_or_owner
volume_extension:volume_image_metadata: rule:admin_or_owner
volume_extension:quotas:show: ''
volume_extension:quotas:update: rule:admin_api
volume_extension:quotas:delete: rule:admin_api
volume_extension:quota_classes: rule:admin_api
volume_extension:quota_classes:validate_setup_for_nested_quota_use: rule:admin_api
volume_extension:volume_admin_actions:reset_status: rule:admin_api
volume_extension:snapshot_admin_actions:reset_status: rule:admin_api
volume_extension:backup_admin_actions:reset_status: rule:admin_api
volume_extension:volume_admin_actions:force_delete: rule:admin_api
volume_extension:volume_admin_actions:force_detach: rule:admin_api
volume_extension:snapshot_admin_actions:force_delete: rule:admin_api
volume_extension:backup_admin_actions:force_delete: rule:admin_api
volume_extension:volume_admin_actions:migrate_volume: rule:admin_api
volume_extension:volume_admin_actions:migrate_volume_completion: rule:admin_api
volume_extension:volume_actions:upload_public: rule:admin_api
volume_extension:volume_actions:upload_image: rule:admin_or_owner
volume_extension:volume_host_attribute: rule:admin_api
volume_extension:volume_tenant_attribute: rule:admin_or_owner
volume_extension:volume_mig_status_attribute: rule:admin_api
volume_extension:hosts: rule:admin_api
volume_extension:services:index: rule:admin_api
volume_extension:services:update: rule:admin_api
volume_extension:volume_manage: rule:admin_api
volume_extension:volume_unmanage: rule:admin_api
volume_extension:list_manageable: rule:admin_api
volume_extension:capabilities: rule:admin_api
volume:create_transfer: rule:admin_or_owner
volume:accept_transfer: ''
volume:delete_transfer: rule:admin_or_owner
volume:get_transfer: rule:admin_or_owner
volume:get_all_transfers: rule:admin_or_owner
volume_extension:replication:promote: rule:admin_api
volume_extension:replication:reenable: rule:admin_api
volume:failover_host: rule:admin_api
volume:freeze_host: rule:admin_api
volume:thaw_host: rule:admin_api
backup:create: ''
backup:delete: rule:admin_or_owner
backup:get: rule:admin_or_owner
backup:get_all: rule:admin_or_owner
backup:restore: rule:admin_or_owner
backup:backup-import: rule:admin_api
backup:backup-export: rule:admin_api
backup:update: rule:admin_or_owner
snapshot_extension:snapshot_actions:update_snapshot_status: ''
snapshot_extension:snapshot_manage: rule:admin_api
snapshot_extension:snapshot_unmanage: rule:admin_api
snapshot_extension:list_manageable: rule:admin_api
consistencygroup:create: group:nobody
consistencygroup:delete: group:nobody
consistencygroup:update: group:nobody
consistencygroup:get: group:nobody
consistencygroup:get_all: group:nobody
consistencygroup:create_cgsnapshot: group:nobody
consistencygroup:delete_cgsnapshot: group:nobody
consistencygroup:get_cgsnapshot: group:nobody
consistencygroup:get_all_cgsnapshots: group:nobody
group:group_types_manage: rule:admin_api
group:group_types_specs: rule:admin_api
group:access_group_types_specs: rule:admin_api
group:group_type_access: rule:admin_or_owner
group:create: ''
group:delete: rule:admin_or_owner
group:update: rule:admin_or_owner
group:get: rule:admin_or_owner
group:get_all: rule:admin_or_owner
group:create_group_snapshot: ''
group:delete_group_snapshot: rule:admin_or_owner
group:update_group_snapshot: rule:admin_or_owner
group:get_group_snapshot: rule:admin_or_owner
group:get_all_group_snapshots: rule:admin_or_owner
scheduler_extension:scheduler_stats:get_pools: rule:admin_api
message:delete: rule:admin_or_owner
message:get: rule:admin_or_owner
message:get_all: rule:admin_or_owner
clusters:get: rule:admin_api
clusters:get_all: rule:admin_api
clusters:update: rule:admin_api
cinder_sudoers:
override:
append:
rootwrap:
override:
append:
rootwrap_filters:
volume:
override:
append:
ceph:
override:
append:
monitors: []
cinder_keyring: null
cinder:
DEFAULT:
use_syslog: false
use_stderr: true
enable_v1_api: false
volume_name_template: "%s"
osapi_volume_workers: 8
glance_api_version: 2
os_region_name: RegionOne
host: cinder-volume-worker
osapi_volume_listen_port: 8776
enabled_backends: "rbd1"
backup_driver: "cinder.backup.drivers.ceph"
backup_ceph_conf: "/etc/ceph/ceph.conf"
backup_ceph_user: admin
backup_ceph_pool: backups
database:
max_retries: -1
keystone_authtoken:
auth_version: v3
auth_type: password
memcache_security_strategy: ENCRYPT
oslo_concurrency:
lock_path: "/var/lib/cinder/tmp"
oslo_messaging_notifications:
driver: messagingv2
backends:
# Those options will be written to backends.conf as-is.
rbd1:
volume_driver: cinder.volume.drivers.rbd.RBDDriver
volume_backend_name: rbd1
rbd_pool: volumes
rbd_ceph_conf: "/etc/ceph/ceph.conf"
rbd_flatten_volume_from_snapshot: false
rbd_max_clone_depth: 5
rbd_store_chunk_size: 4
rados_connect_timeout: -1
rbd_user: "admin"
rally_tests:
run_tempest: false
tests:
CinderVolumes.create_and_delete_volume:
- args:
size: 1
context:
users:
tenants: 1
users_per_tenant: 1
runner:
concurrency: 1
times: 1
type: constant
sla:
failure_rate:
max: 0
- args:
size:
max: 5
min: 1
context:
users:
tenants: 1
users_per_tenant: 1
runner:
concurrency: 1
times: 1
type: constant
sla:
failure_rate:
max: 0
dependencies:
db_init:
services:
- service: oslo_db
endpoint: internal
db_sync:
jobs:
- cinder-db-init
services:
- service: oslo_db
endpoint: internal
db_drop:
services:
- service: oslo_db
endpoint: internal
ks_user:
services:
- service: identity
endpoint: internal
ks_service:
services:
- service: identity
endpoint: internal
ks_endpoints:
jobs:
- cinder-ks-service
services:
- service: identity
endpoint: internal
api:
jobs:
- cinder-db-sync
- cinder-ks-user
- cinder-ks-endpoints
services:
- service: oslo_db
endpoint: internal
- service: identity
endpoint: internal
bootstrap:
services:
- service: identity
endpoint: internal
- service: volume
endpoint: internal
volume:
jobs:
- cinder-db-sync
- cinder-ks-user
- cinder-ks-endpoints
services:
- service: identity
endpoint: internal
- service: volume
endpoint: internal
volume_usage_audit:
jobs:
- cinder-db-sync
- cinder-ks-user
- cinder-ks-endpoints
services:
- service: identity
endpoint: internal
- service: volume
endpoint: internal
scheduler:
jobs:
- cinder-db-sync
- cinder-ks-user
- cinder-ks-endpoints
services:
- service: identity
endpoint: internal
- service: volume
endpoint: internal
backup:
jobs:
- cinder-db-sync
- cinder-ks-user
- cinder-ks-endpoints
services:
- service: identity
endpoint: internal
- service: volume
endpoint: internal
tests:
services:
- service: identity
endpoint: internal
- service: volume
endpoint: internal
# Names of secrets used by bootstrap and environmental checks
secrets:
identity:
admin: cinder-keystone-admin
user: cinder-keystone-user
oslo_db:
admin: cinder-db-admin
user: cinder-db-user
# We use a different layout of the endpoints here to account for versioning
# this swaps the service name and type, and should be rolled out to other
# services.
endpoints:
cluster_domain_suffix: cluster.local
identity:
name: keystone
auth:
admin:
region_name: RegionOne
username: admin
password: password
project_name: admin
user_domain_name: default
project_domain_name: default
user:
role: admin
region_name: RegionOne
username: cinder
password: password
project_name: service
user_domain_name: default
project_domain_name: default
hosts:
default: keystone-api
public: keystone
host_fqdn_override:
default: null
path:
default: /v3
scheme:
default: http
port:
admin:
default: 35357
api:
default: 80
image:
name: glance
hosts:
default: glance-api
public: glance
host_fqdn_override:
default: null
path:
default: null
scheme:
default: http
port:
api:
default: 9292
public: 80
image_registry:
name: glance-registry
hosts:
default: glance-registry
public: glance-reg
host_fqdn_override:
default: null
path:
default: null
scheme:
default: 'http'
port:
api:
default: 9191
public: 80
volume:
name: cinder
hosts:
default: cinder-api
public: cinder
host_fqdn_override:
default: null
path:
default: '/v1/%(tenant_id)s'
scheme:
default: 'http'
port:
api:
default: 8776
public: 80
volumev2:
name: cinder
hosts:
default: cinder-api
public: cinder
host_fqdn_override:
default: null
path:
default: '/v2/%(tenant_id)s'
scheme:
default: 'http'
port:
api:
default: 8776
public: 80
volumev3:
name: cinder
hosts:
default: cinder-api
public: cinder
host_fqdn_override:
default: null
path:
default: '/v3/%(tenant_id)s'
scheme:
default: 'http'
port:
api:
default: 8776
public: 80
oslo_db:
auth:
admin:
username: root
password: password
user:
username: cinder
password: password
hosts:
default: mariadb
host_fqdn_override:
default: null
path: /cinder
scheme: mysql+pymysql
port:
mysql:
default: 3306
oslo_messaging:
auth:
admin:
username: admin
password: password
user:
username: rabbitmq
password: password
hosts:
default: rabbitmq
host_fqdn_override:
default: null
path: /
scheme: rabbit
port:
amqp:
default: 5672
oslo_cache:
hosts:
default: memcached
host_fqdn_override:
default: null
port:
memcache:
default: 11211
manifests:
configmap_bin: true
configmap_etc: true
cron_volume_usage_audit: true
deployment_api: true
deployment_backup: true
deployment_scheduler: true
deployment_volume: true
ingress_api: true
job_bootstrap: true
job_db_init: true
job_db_sync: true
job_db_drop: false
job_ks_endpoints: true
job_ks_service: true
job_ks_user: true
pdb_api: true
pod_rally_test: true
secret_db: true
secret_keystone: true
service_api: true
service_ingress_api: true