Files
kayobe/playbooks/kayobe-overcloud-host-configure-base/overrides.yml.j2
Mark Goddard e0dec91689 Disable EPEL by default
EPEL is no longer required for a default installation. Let's disable it.

Also clean up the install_epel variable from Kolla Ansible globals.yml
template, since it never existed.

Story: 2009757
Task: 44227

Change-Id: I96eb4685f997e85ad2ee5318640d58d0287a016d
2021-12-23 13:04:12 +00:00

158 lines
4.3 KiB
Django/Jinja

---
# The following configuration aims to test some of the 'host configure'
# command.
# Additional users.
controller_users:
- username: kayobe-test-user
name: Kayobe test user
password: kayobe-test-user-password
groups:
- stack
# Additional network interfaces, testing a variety of interface configurations.
controller_extra_network_interfaces:
- test_net_eth
- test_net_eth_vlan
- test_net_bridge
- test_net_bridge_vlan
- test_net_bond
- test_net_bond_vlan
# Custom IP routing tables.
network_route_tables:
- id: 2
name: kayobe-test-route-table
# dummy2: Ethernet interface.
test_net_eth_cidr: 192.168.34.0/24
test_net_eth_routes:
- cidr: 192.168.40.0/24
gateway: 192.168.34.254
test_net_eth_interface: dummy2
# dummy2.42: VLAN subinterface of dummy2.
test_net_eth_vlan_cidr: 192.168.35.0/24
test_net_eth_vlan_interface: "{% raw %}{{ test_net_eth_interface }}.{{ test_net_eth_vlan_vlan }}{% endraw %}"
test_net_eth_vlan_vlan: 42
test_net_eth_vlan_routes:
- cidr: 192.168.40.0/24
gateway: 192.168.35.254
table: kayobe-test-route-table
test_net_eth_vlan_rules:
{% if ansible_os_family == 'RedHat' %}
- from 192.168.35.0/24 table kayobe-test-route-table
{% else %}
- from: 192.168.35.0/24
table: kayobe-test-route-table
{% endif %}
test_net_eth_vlan_zone: test-zone1
# br0: bridge with ports dummy3, dummy4.
test_net_bridge_cidr: 192.168.36.0/24
test_net_bridge_interface: br0
test_net_bridge_bridge_ports: [dummy3, dummy4]
test_net_bridge_zone: test-zone2
# br0.43: VLAN subinterface of br0.
test_net_bridge_vlan_cidr: 192.168.37.0/24
test_net_bridge_vlan_interface: "{% raw %}{{ test_net_bridge_interface }}.{{ test_net_bridge_vlan_vlan }}{% endraw %}"
test_net_bridge_vlan_vlan: 43
test_net_bridge_vlan_zone: test-zone3
# bond0: bond with slaves dummy5, dummy6.
test_net_bond_cidr: 192.168.38.0/24
test_net_bond_interface: bond0
test_net_bond_bond_slaves: [dummy5, dummy6]
test_net_bond_zone: test-zone3
# bond0.44: VLAN subinterface of bond0.
test_net_bond_vlan_cidr: 192.168.39.0/24
test_net_bond_vlan_interface: "{% raw %}{{ test_net_bond_interface }}.{{ test_net_bond_vlan_vlan }}{% endraw %}"
test_net_bond_vlan_vlan: 44
test_net_bond_vlan_zone: public
# Define a software RAID device consisting of two loopback devices.
controller_mdadm_arrays:
- name: md0
devices:
- /dev/loop0
- /dev/loop1
level: '1'
state: present
# Layer LUKS encryption on top of the software RAID
controller_luks_devices:
- name: loopback-crypt
device: /dev/md0
# Create an LVM volume group for Docker volumes and devicemapper.
controller_lvm_groups:
- "{% raw %}{{ controller_lvm_group_data }}{% endraw %}"
# Provide a disk for use by LVM. Uses the LUKS encrypted device created above.
controller_lvm_group_data_disks:
- /dev/mapper/loopback-crypt
# Set a sysctl.
controller_sysctl_parameters:
fs.mount-max: 99999
# Disable cloud-init.
disable_cloud_init: true
# Use devicemapper storage driver.
docker_storage_driver: devicemapper
# Set Honolulu time.
timezone: Pacific/Honolulu
{% if ansible_os_family == 'RedHat' %}
# Use a local DNF mirror.
dnf_use_local_mirror: true
# Mirror FQDN for DNF repos.
dnf_centos_mirror_host: "{{ zuul_site_mirror_fqdn }}"
# Mirror directory for DNF CentOS repos.
dnf_centos_mirror_directory: 'centos'
# Mirror FQDN for DNF EPEL repos.
dnf_epel_mirror_host: "{{ zuul_site_mirror_fqdn }}"
# Mirror directory for DNF EPEL repos.
dnf_epel_mirror_directory: 'epel'
# Configure a custom DNF repository.
dnf_custom_repos:
td-agent:
baseurl: http://packages.treasuredata.com/4/redhat/$releasever/$basearch
gpgkey: https://packages.treasuredata.com/GPG-KEY-td-agent
gpgcheck: yes
# Install EPEL local mirror.
dnf_install_epel: true
# Enable DNF Automatic.
dnf_automatic_enabled: true
{% endif %}
# Override the default NTP pool
chrony_ntp_servers:
- server: time.cloudflare.com
type: pool
options:
- option: maxsources
val: 2
# Enable firewalld (CentOS only).
controller_firewalld_enabled: true
controller_firewalld_zones:
- zone: test-zone1
- zone: test-zone2
- zone: test-zone3
controller_firewalld_default_zone:
controller_firewalld_rules:
- port: 8080/tcp
zone: test-zone1
- service: http
zone: test-zone2
- icmp_block: echo-request
zone: test-zone3
- service: cockpit
state: disabled
zone: public