--- # Copyright 2016, Tata Consultancy Services # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. ## Verbosity Options debug: False # Set the host which will execute the shade modules # for the service setup. The host must already have # clouds.yaml properly configured. designate_service_setup_host: "{{ openstack_service_setup_host | default('localhost') }}" # Set the package install state for distribution packages # Options are 'present' and 'latest' designate_package_state: "latest" designate_pip_package_state: "latest" # Set installation method. designate_install_method: "source" ## The git source/branch designate_git_repo: https://git.openstack.org/openstack/designate designate_git_install_branch: master # Developer mode is used for role functional testing and allows the role # to build an environment directly from a git source without the presence # of an OpenStack-Ansible repo_server. designate_developer_mode: False ## The packages to build from source (used in developer mode) designate_developer_constraints: - "git+{{ designate_git_repo }}@{{ designate_git_install_branch }}#egg=designate" # TODO(odyssey4me): # This can be simplified once all the roles are using # python_venv_build. We can then switch to using a # set of constraints in pip.conf inside the venv, # perhaps prepared by giving a giving a list of # constraints to the role. designate_pip_install_args: >- {{ designate_developer_mode | ternary(pip_install_developer_constraints | default('--constraint /opt/developer-pip-constraints.txt'), '') }} {{ (pip_install_upper_constraints is defined) | ternary('--constraint ' + pip_install_upper_constraints | default(''), '') }} {{ pip_install_options | default('') }} # Name of the virtual env to deploy into designate_venv_tag: "{{ venv_tag | default('untagged') }}" designate_bin: "{{ _designate_bin }}" # Set the etc dir path where designate is installed. # This is used for role access to the db migrations. # Example: # designate_etc_dir: "/usr/local/etc/designate" designate_etc_dir: "{{ _designate_etc }}/designate" # venv_download, even when true, will use the fallback method of building the # venv from scratch if the venv download fails. designate_venv_download: "{{ not designate_developer_mode | bool }}" # URL of the pre-built virtualenv designate_venv_download_url: http://127.0.0.1/venvs/untagged/ubuntu/designate.tgz ## System info designate_system_user_name: designate designate_system_group_name: designate designate_system_shell: /bin/false designate_system_comment: designate system user designate_system_user_home: "/var/lib/{{ designate_system_user_name }}" ## Database info designate_db_setup_host: "{{ ('galera_all' in groups) | ternary(groups['galera_all'][0], 'localhost') }}" designate_galera_address: "{{ galera_address | default('127.0.0.1') }}" designate_galera_user: designate designate_galera_database: designate designate_galera_use_ssl: "{{ galera_use_ssl | default(False) }}" designate_galera_ssl_ca_cert: "{{ galera_ssl_ca_cert | default('/etc/ssl/certs/galera-ca.pem') }}" ## Oslo Messaging # RPC designate_oslomsg_rpc_host_group: "{{ oslomsg_rpc_host_group | default('rabbitmq_all') }}" designate_oslomsg_rpc_setup_host: "{{ (designate_oslomsg_rpc_host_group in groups) | ternary(groups[designate_oslomsg_rpc_host_group][0], 'localhost') }}" designate_oslomsg_rpc_transport: "{{ oslomsg_rpc_transport | default('rabbit') }}" designate_oslomsg_rpc_servers: "{{ oslomsg_rpc_servers | default('127.0.0.1') }}" designate_oslomsg_rpc_port: "{{ oslomsg_rpc_port | default('5672') }}" designate_oslomsg_rpc_use_ssl: "{{ oslomsg_rpc_use_ssl | default(False) }}" designate_oslomsg_rpc_userid: designate-rpc designate_oslomsg_rpc_vhost: /designate # Notify designate_oslomsg_notify_host_group: "{{ oslomsg_notify_host_group | default('rabbitmq_all') }}" designate_oslomsg_notify_setup_host: "{{ (designate_oslomsg_notify_host_group in groups) | ternary(groups[designate_oslomsg_notify_host_group][0], 'localhost') }}" designate_oslomsg_notify_transport: "{{ oslomsg_notify_transport | default('rabbit') }}" designate_oslomsg_notify_servers: "{{ oslomsg_notify_servers | default('127.0.0.1') }}" designate_oslomsg_notify_port: "{{ oslomsg_notify_port | default('5672') }}" designate_oslomsg_notify_use_ssl: "{{ oslomsg_notify_use_ssl | default(False) }}" designate_oslomsg_notify_userid: "{{ designate_oslomsg_rpc_userid }}" designate_oslomsg_notify_password: "{{ designate_oslomsg_rpc_password }}" designate_oslomsg_notify_vhost: "{{ designate_oslomsg_rpc_vhost }}" ## (Qdrouterd) info # TODO(ansmith): Change structure when more backends will be supported designate_oslomsg_amqp1_enabled: "{{ designate_oslomsg_rpc_transport == 'amqp' }}" ## Pool Configuration Defaults designate_pool_uuid: 794ccc2c-d751-44fe-b57f-8894c9f5c842 # Enable/Disable Ceilometer designate_ceilometer_enabled: False # Designate services info designate_role_name: admin ## DNS Backend Configuration # Configuration for the DNS backend that Designate will talk to, Designate # supports lots of backends, bind9, powerdns, nsd, djb, dyn, akamai, etc. # DNS Backends are configured via a YAML file that Designate reads. The DNS # server need not be in the actual Designate container, but for development, # or for some internal addressing use cases, it may make sense. # YAML to use for the Designate pools.yaml file. If this variable is defined, # a pools.yaml file will be written to /etc/designate/pools.yaml with the # provided YAML data. # # This is some example pools.yaml information that will work with a # simple bind9 installation in the same container as Designate. # designate_pools_yaml: # - name: "default" # description: Default BIND9 Pool # attributes: {} # ns_records: # - hostname: ns1.example.org. # priority: 1 # nameservers: # - host: 127.0.0.1 # port: 53 # targets: # - type: bind9 # description: BIND9 Server # masters: # - host: 127.0.0.1 # port: 5354 # options: # host: 127.0.0.1 # port: 53 # rndc_host: 127.0.0.1 # rndc_port: 953 ## rndc keys for authenticating with bind9 # define this to create as many key files as are required # designate_rndc_keys # - name: "rndc-key" # file: /etc/designate/rndc.key # algorithm: "hmac-md5" # secret: "" ## Service Type and Data designate_service_region: RegionOne designate_service_endpoint_type: internalURL designate_service_name: designate designate_service_port: 9001 designate_service_proto: http designate_service_type: dns designate_service_description: "Designate DNS as a Service" designate_service_project_domain_id: default designate_service_user_domain_id: default designate_service_user_name: designate designate_keystone_auth_type: password designate_service_project_name: service designate_service_publicuri_proto: "{{ openstack_service_publicuri_proto | default(designate_service_proto) }}" designate_service_internaluri_proto: "{{ openstack_service_internaluri_proto | default(designate_service_proto) }}" designate_service_publicuri: "{{ designate_service_publicuri_proto }}://{{ external_lb_vip_address }}:{{ designate_service_port }}" designate_service_internaluri: "{{ designate_service_internaluri_proto }}://{{ internal_lb_vip_address }}:{{ designate_service_port }}" designate_service_adminuri: "{{ (designate_service_adminurl | default('http://localhost')) | netorigin }}" designate_service_in_ldap: False # Common pip packages designate_pip_packages: - cryptography - designate - osprofiler - python-designateclient - PyMySQL - python-memcached - systemd-python - warlock designate_optional_oslomsg_amqp1_pip_packages: - oslo.messaging[amqp1] designate_central_init_overrides: {} designate_worker_init_overrides: {} designate_producer_init_overrides: {} designate_mdns_init_overrides: {} designate_sink_init_overrides: {} designate_api_init_overrides: {} ## Service Name-Group Mapping designate_services: designate-central: group: designate_central service_name: designate-central init_config_overrides: "{{ designate_central_init_overrides }}" execstarts: "{{ designate_bin }}/designate-central" start_order: 3 designate-worker: group: designate_worker service_name: designate-worker init_config_overrides: "{{ designate_worker_init_overrides }}" execstarts: "{{ designate_bin }}/designate-worker" start_order: 2 designate-producer: group: designate_producer service_name: designate-producer init_config_overrides: "{{ designate_producer_init_overrides }}" execstarts: "{{ designate_bin }}/designate-producer" start_order: 5 designate-mdns: group: designate_mdns service_name: designate-mdns init_config_overrides: "{{ designate_mdns_init_overrides }}" execstarts: "{{ designate_bin }}/designate-mdns" start_order: 4 designate-sink: group: designate_sink service_name: designate-sink init_config_overrides: "{{ designate_sink_init_overrides }}" execstarts: "{{ designate_bin }}/designate-sink" start_order: 6 designate-api: group: designate_api service_name: designate-api init_config_overrides: "{{ designate_api_init_overrides }}" execstarts: "{{ designate_bin }}/designate-api" start_order: 1 # List of unit files this role will "mask". These units, when found, are knonw # to conflict with running services for this given role. Any unit listed will be # stopped and masked. designate_mask_conflicting_units: "{{ _designate_mask_conflicting_units | default([]) }}" # This variable is used by the repo_build process to determine # which host group to check for members of before building the # pip packages required by this role. The value is picked up # by the py_pkgs lookup. designate_role_project_group: designate_all ## Tunable overrides designate_policy_overrides: {} designate_designate_conf_overrides: {} designate_api_paste_ini_overrides: {} designate_rootwrap_conf_overrides: {}