openstack/openstack-helm
Code Issues Proposed changes
openstack-helm/placement/values.yaml
Zhipeng Liu bdbea96326 Allow more generic overrides for placement 
With this patch we allow for a more easy way of overriding some
of the values that may be used in other distros while maintainting
the default values if those values are not overriden.

The following values are introduced to be overriden:
conf:
  security:
  software:
    apache2:
      binary:
      start_flags:
      a2enmod:
      a2dismod:

On which:
 * binary: the binary to use for launching apache
 * start_flags: any flags that will be passed to the apache binary call
 * a2enmod: mods to enable
 * a2dismod: mods to disable

Notice that if there is no overrides given, it should not affect anything
and the templates will not be changed as the default values are set to what
they used to be as to not disrupt existing deployments.

Change-Id: I77940ff847fc5785178ee5cf84cb77bed9f1ec71
Signed-off-by: Zhipeng Liu <zhipengs.liu@intel.com>
2020-05-12 02:14:01 +00:00

436 lines
11 KiB
YAML
Raw Blame History

# Copyright 2019 Intel Corporation.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Default values for openstack-placement.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
release_group: null
labels:
api:
node_selector_key: openstack-control-plane
node_selector_value: enabled
job:
node_selector_key: openstack-control-plane
node_selector_value: enabled
images:
pull_policy: IfNotPresent
tags:
placement: docker.io/openstackhelm/placement:master-ubuntu_bionic
ks_user: docker.io/openstackhelm/heat:stein-ubuntu_bionic
ks_service: docker.io/openstackhelm/heat:stein-ubuntu_bionic
ks_endpoints: docker.io/openstackhelm/heat:stein-ubuntu_bionic
db_init: docker.io/openstackhelm/heat:stein-ubuntu_bionic
db_drop: docker.io/openstackhelm/heat:stein-ubuntu_bionic
placement_db_sync: docker.io/openstackhelm/placement:master-ubuntu_bionic
dep_check: quay.io/airshipit/kubernetes-entrypoint:v1.0.0
image_repo_sync: docker.io/docker:17.07.0
local_registry:
active: false
exclude:
- dep_check
- image_repo_sync
network:
api:
port: 8778
ingress:
public: true
classes:
namespace: "nginx"
cluster: "nginx-cluster"
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
external_policy_local: false
node_port:
enabled: false
port: 30778
conf:
policy:
context_is_admin: 'role:admin'
segregation: 'rule:context_is_admin'
admin_or_owner: 'rule:context_is_admin or project_id:%(project_id)s'
default: 'rule:admin_or_owner'
software:
apache2:
binary: apache2
start_parameters: -DFOREGROUND
# Enable/Disable modules
# a2enmod:
# - headers
# - rewrite
# a2dismod:
# - status
a2enmod: null
a2dismod: null
placement:
DEFAULT:
debug: false
use_syslog: false
log_config_append: /etc/placement/logging.conf
placement_database:
connection: null
keystone_authtoken:
auth_version: v3
auth_type: password
memcache_security_strategy: ENCRYPT
logging:
loggers:
keys:
- root
- placement
handlers:
keys:
- stdout
- stderr
- "null"
formatters:
keys:
- context
- default
logger_root:
level: WARNING
handlers: stdout
logger_placement:
level: INFO
handlers:
- stdout
qualname: placement
logger_amqp:
level: WARNING
handlers: stderr
qualname: amqp
logger_amqplib:
level: WARNING
handlers: stderr
qualname: amqplib
logger_eventletwsgi:
level: WARNING
handlers: stderr
qualname: eventlet.wsgi.server
logger_sqlalchemy:
level: WARNING
handlers: stderr
qualname: sqlalchemy
logger_boto:
level: WARNING
handlers: stderr
qualname: boto
handler_null:
class: logging.NullHandler
formatter: default
args: ()
handler_stdout:
class: StreamHandler
args: (sys.stdout,)
formatter: context
handler_stderr:
class: StreamHandler
args: (sys.stderr,)
formatter: context
formatter_context:
class: oslo_log.formatters.ContextFormatter
datefmt: "%Y-%m-%d %H:%M:%S"
formatter_default:
format: "%(message)s"
datefmt: "%Y-%m-%d %H:%M:%S"
wsgi_placement: |
Listen 0.0.0.0:{{ tuple "placement" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
CustomLog /dev/stdout combined env=!forwarded
CustomLog /dev/stdout proxy env=forwarded
<VirtualHost *:{{ tuple "placement" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}>
WSGIDaemonProcess placement-api processes=4 threads=1 user=placement group=placement display-name=%{GROUP}
WSGIProcessGroup placement-api
WSGIScriptAlias / /var/www/cgi-bin/placement/placement-api
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
<IfVersion >= 2.4>
ErrorLogFormat "%{cu}t %M"
</IfVersion>
ErrorLog /dev/stdout
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
CustomLog /dev/stdout combined env=!forwarded
CustomLog /dev/stdout proxy env=forwarded
</VirtualHost>
Alias /placement /var/www/cgi-bin/placement/placement-api
<Location /placement>
SetHandler wsgi-script
Options +ExecCGI
WSGIProcessGroup placement-api
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
</Location>
endpoints:
cluster_domain_suffix: cluster.local
local_image_registry:
name: docker-registry
namespace: docker-registry
hosts:
default: localhost
internal: docker-registry
node: localhost
host_fqdn_override:
default: null
port:
registry:
node: 5000
oslo_db:
auth:
admin:
username: root
password: password
placement:
username: placement
password: password
hosts:
default: mariadb
host_fqdn_override:
default: null
path: /placement
scheme: mysql+pymysql
port:
mysql:
default: 3306
oslo_cache:
auth:
# NOTE(portdirect): this is used to define the value for keystone
# authtoken cache encryption key, if not set it will be populated
# automatically with a random value, but to take advantage of
# this feature all services should be set to use the same key,
# and memcache service.
memcache_secret_key: null
hosts:
default: memcached
host_fqdn_override:
default: null
port:
memcache:
default: 11211
identity:
name: keystone
auth:
admin:
region_name: RegionOne
username: admin
password: password
project_name: admin
user_domain_name: default
project_domain_name: default
placement:
role: admin
region_name: RegionOne
username: placement
password: password
project_name: service
user_domain_name: service
project_domain_name: service
hosts:
default: keystone
internal: keystone-api
host_fqdn_override:
default: null
path:
default: /v3
scheme:
default: http
port:
api:
default: 80
internal: 5000
placement:
name: placement
hosts:
default: placement-api
public: placement
host_fqdn_override:
default: null
path:
default: /
scheme:
default: 'http'
port:
api:
default: 8778
public: 80
pod:
user:
placement:
uid: 42424
affinity:
anti:
type:
default: preferredDuringSchedulingIgnoredDuringExecution
topologyKey:
default: kubernetes.io/hostname
mounts:
placement:
init_container: null
placement:
volumeMounts:
volumes:
replicas:
api: 1
lifecycle:
upgrades:
deployments:
revision_history: 3
pod_replacement_strategy: RollingUpdate
rolling_update:
max_unavailable: 1
max_surge: 3
disruption_budget:
api:
min_available: 0
termination_grace_period:
api:
timeout: 30
resources:
enabled: false
api:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
jobs:
db_init:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
db_sync:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
db_drop:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
ks_endpoints:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
ks_service:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
ks_user:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
secrets:
identity:
admin: placement-keystone-admin
placement: placement-keystone-user
oslo_db:
admin: placement-db-admin
placement: placement-db-user
tls:
placement:
api:
public: placement-tls-public
dependencies:
dynamic:
common:
local_image_registry:
jobs:
- image-repo-sync
services:
- endpoint: node
service: local_image_registry
static:
api:
jobs:
- placement-db-sync
- placement-ks-service
- placement-ks-user
- placement-ks-endpoints
ks_endpoints:
jobs:
- placement-ks-user
- placement-ks-service
services:
- endpoint: internal
service: identity
ks_service:
services:
- endpoint: internal
service: identity
ks_user:
services:
- endpoint: internal
service: identity
db_drop:
services:
- endpoint: internal
service: oslo_db
db_init:
services:
- endpoint: internal
service: oslo_db
db_sync:
jobs:
- placement-db-init
services:
- endpoint: internal
service: oslo_db
manifests:
configmap_bin: true
configmap_etc: true
deployment: true
job_image_repo_sync: true
job_db_init: true
job_db_sync: true
job_db_drop: false
job_ks_endpoints: true
job_ks_service: true
job_ks_user: true
network_policy: false
secret_db: true
secret_ingress_tls: true
pdb: true
ingress: true
secret_keystone: true
service_ingress: true
service: true
View Git Blame Copy Permalink