openstack
/
tripleo-heat-templates
Code Issues Proposed changes
RETIRED, Heat templates for deploying OpenStack
6,968 Commits 3 Branches 28 Tags 322 MiB
Go to file
Juan Antonio Osorio Robles 17be56bc19 Disallow SSLv2, SSLv3 and TLS1.0 in httpd for FedRAMP compliance. 
We now enforce TLS1.1 or higher for httpd connections, to meet the
requirements for FedRAMP.

Change-Id: If875822f1cb705d17405621e64fea2536edc142a
Related-Bug: #1754368
(cherry picked from commit 1b54e4b5a7)
 		2018-04-20 14:13:49 +00:00
ci Rely on client defaults for the Ceph container image to use in CI 2018-04-18 12:22:50 +02:00
common Consume RoleData config from config download files 2018-04-17 12:06:03 +00:00
deployed-server get-occ-config.sh: fix handling multiple nodes in a role 2018-04-02 17:03:29 +00:00
docker Merge "Correct indentation and file path" into stable/queens 2018-04-19 22:58:18 +00:00
environments Merge "Update environment files for Q upgrade and ffwd upgrade" into stable/queens 2018-04-16 19:31:00 +00:00
extraconfig Add KernelIpForward configuration 2018-03-07 18:56:18 +00:00
firstboot Adding a workaround for enabling steering in ConnectX-3 devices 2018-03-08 07:40:49 +00:00
network Merge "Remove config.json for old style nic config files when using new style" into stable/queens 2018-04-12 20:53:44 +00:00
plan-samples Update default value for derive params workflow inputs 2018-01-15 05:50:47 -05:00
puppet Disallow SSLv2, SSLv3 and TLS1.0 in httpd for FedRAMP compliance. 2018-04-20 14:13:49 +00:00
releasenotes Correct indentation and file path 2018-04-19 08:42:32 +00:00
roles Removed unnecessary services from the LiquidioCompute role. 2018-04-11 14:43:54 +00:00
sample-env-generator Add support of netapp configuration for glance in THT 2018-03-12 13:45:35 +00:00
scripts Avoid awk error in hosts-config.sh for large deployments 2017-04-07 10:50:39 +01:00
tools Add pre_upgrade_rolling_tasks 2018-03-26 09:12:42 +00:00
tripleo_heat_templates Do not generate apache/haproxy certs for invalid networks 2018-02-08 12:50:04 +00:00
validation-scripts Use ipaddress module 2018-02-27 18:01:21 +01:00
zuul.d Merge "Zuul: Remove project name" 2018-02-20 05:06:14 +00:00
.gitignore Sample environment generator 2017-06-12 15:02:50 -05:00
.gitreview Update .gitreview for stable/queens 2018-03-03 11:43:08 +00:00
.testr.conf Sample environment generator 2017-06-12 15:02:50 -05:00
LICENSE Add license file 2014-01-20 11:58:20 +01:00
README.rst A keystone only controller deployment 2018-03-14 20:28:38 +00:00
all-nodes-validation.yaml Change template names to queens 2017-11-23 10:15:32 +01:00
babel.cfg Add release configuration. 2013-10-22 17:49:35 +01:00
bindep.txt Add in roles data validation 2017-07-07 09:51:40 -06:00
bootstrap-config.yaml Change template names to queens 2017-11-23 10:15:32 +01:00
capabilities-map.yaml Add support for Dell EMC XtremIO Cinder ISCSI Backend 2018-03-26 09:54:20 -05:00
config-download-software.yaml Change template names to queens 2017-11-23 10:15:32 +01:00
config-download-structured.yaml Change template names to queens 2017-11-23 10:15:32 +01:00
default_passwords.yaml Change template names to queens 2017-11-23 10:15:32 +01:00
hosts-config.yaml Change template names to queens 2017-11-23 10:15:32 +01:00
j2_excludes.yaml Remove ipv6 specific network templates 2017-08-31 13:12:17 -07:00
net-config-bond.j2.yaml Render NIC config templates with jinja2 2018-02-13 00:19:37 -08:00
net-config-bridge.j2.yaml Render NIC config templates with jinja2 2018-02-13 00:19:37 -08:00
net-config-linux-bridge.j2.yaml Render NIC config templates with jinja2 2018-02-13 00:19:37 -08:00
net-config-noop.j2.yaml Render NIC config templates with jinja2 2018-02-13 00:19:37 -08:00
net-config-static-bridge-with-external-dhcp.j2.yaml Render NIC config templates with jinja2 2018-02-13 00:19:37 -08:00
net-config-static-bridge.j2.yaml Render NIC config templates with jinja2 2018-02-13 00:19:37 -08:00
net-config-static.j2.yaml Render NIC config templates with jinja2 2018-02-13 00:19:37 -08:00
net-config-undercloud.j2.yaml Render NIC config templates with jinja2 2018-02-13 00:19:37 -08:00
network_data.yaml Return old ranges to network_data.yaml 2018-02-22 12:55:37 +01:00
network_data_ganesha.yaml Return old ranges to network_data.yaml 2018-02-22 12:55:37 +01:00
overcloud-resource-registry-puppet.j2.yaml Update OS::TripleO::Services::ComputeNeutronCorePlugin for containers 2018-04-12 18:18:25 +00:00
overcloud.j2.yaml Do not use the 3rd argument of yaql groupBy 2018-02-19 16:32:42 +01:00
plan-environment.yaml Add name and description fields to plan-environment.yaml 2017-04-12 17:25:40 +02:00
requirements.txt Updated from global requirements 2017-11-16 11:30:33 +00:00
roles_data.yaml Add support for Dell EMC XtremIO Cinder ISCSI Backend 2018-03-26 09:54:20 -05:00
roles_data_undercloud.yaml Add TripleOFirewall service to undercloud roles 2018-02-17 01:42:06 +00:00
setup.cfg Drop deprecated templates/Makefile/merge.py 2015-11-25 15:00:13 -05:00
setup.py Updated from global requirements 2017-03-28 13:03:01 +00:00
test-requirements.txt Merge "Introduce tests for yaql structures" 2018-01-31 09:24:26 +00:00
tox.ini Update UPPER_CONSTRAINTS_FILE for stable/queens 2018-03-03 11:43:12 +00:00

README.rst

Team and repository tags

image

tripleo-heat-templates

Heat templates to deploy OpenStack using OpenStack.

Features

The ability to deploy a multi-node, role based OpenStack deployment using OpenStack Heat. Notable features include:

  • Choice of deployment/configuration tooling: puppet, (soon) docker
  • Role based deployment: roles for the controller, compute, ceph, swift, and cinder storage
  • physical network configuration: support for isolated networks, bonding, and standard ctlplane networking

Directories

A description of the directory layout in TripleO Heat Templates.

  • environments: contains heat environment files that can be used with -e

    on the command like to enable features, etc.

  • extraconfig: templates used to enable 'extra' functionality. Includes

    functionality for distro specific registration and upgrades.

  • firstboot: example first_boot scripts that can be used when initially

    creating instances.

  • network: heat templates to help create isolated networks and ports
  • puppet: templates mostly driven by configuration with puppet. To use these

    templates you can use the overcloud-resource-registry-puppet.yaml.

  • validation-scripts: validation scripts useful to all deployment

    configurations

  • roles: example roles that can be used with the tripleoclient to generate

    a roles_data.yaml for a deployment See the roles/README.rst for additional details.

Service testing matrix

The configuration for the CI scenarios will be defined in tripleo-heat-templates/ci/ and should be executed according to the following table:

- scn000 scn001 scn002 scn003 scn004 scn006 scn007 scn009 non-ha ovh-ha
openshift

X
keystone

X

X

X

X

X

X

X

X

X
glance

rbd

 swift

file

rgw

file

file

file

file
cinder

rbd

 iscsi
heat

X

X
ironic

X
mysql

X

X

X

X

X

X

X

X

X
neutron

ovs

ovs

ovs

ovs

ovs

ovn

ovs

ovs
neutron-bgpvpn

wip
ovn

X
neutron-l2gw

wip
rabbitmq

X

X

X

X

X

X

X

X
mongodb
redis

X

X
haproxy

X

X

X

X

X

X

X

X
memcached

X

X

X

X

X

X

X

X
pacemaker

X

X

X

X

X

X

X

X

+----------------+--------+- ------+--------+--------+--------+--------+--------+--------+--------+--------+ | nova | | qemu | qemu | qemu | qemu | ironic | qemu | | qemu | qemu | +----------------+--------+--------+--------+--------+--------+--------+--------+--------+--------+--------+ | ntp | X | X | X | X | X | X | X | X | X | X | +----------------+--------+--------+--------+--------+--------+--------+--------+--------+--------+--------+ | snmp | X | X | X | X | X | X | X | X | X | X | +----------------+--------+--------+--------+--------+--------+--------+--------+--------+--------+--------+ | timezone | X | X | X | X | X | X | X | X | X | X | +----------------+--------+--------+--------+--------+--------+--------+--------+--------+--------+--------+ | sahara | | | | X | | | | | | | +----------------+--------+--------+--------+--------+--------+--------+--------+--------+--------+--------+ | mistral | | | | X | | | | | | | +----------------+--------+--------+--------+--------+--------+--------+--------+--------+--------+--------+ | swift | | | X | | | | | | | | +----------------+--------+--------+--------+--------+--------+--------+--------+--------+--------+--------+ | aodh | | X | X | | | | | | | | +----------------+--------+--------+--------+--------+--------+--------+--------+--------+--------+--------+ | ceilometer | | X | X | | | | | | | | +----------------+--------+--------+--------+--------+--------+--------+--------+--------+--------+--------+ | gnocchi | | rbd | swift | | | | | | | | +----------------+--------+-------+--------+--------+--------+--------+--------+--------+--------+--------+ | panko | | X | X | | | | | | | | +----------------+--------+--------+--------+--------+--------+--------+--------+--------+--------+--------+ | barbican | | | X | | | | | | | | +----------------+--------+--------+--------+--------+--------+--------+--------+--------+--------+--------+ | zaqar | | | X | | | | | | | | +----------------+--------+--------+--------+--------+--------+--------+--------+--------+--------+--------+ | ec2api | | | X | | | | | | | | +----------------+--------+--------+--------+--------+--------+--------+--------+--------+--------+--------+ | cephrgw | | | | | X | | | | | | +----------------+--------+--------+--------+--------+--------+--------+--------+--------+--------+--------+ | tacker | | | | | | | X | | | | +----------------+--------+--------+--------+--------+--------+--------+--------+--------+--------+--------+ | congress | | | | | | | X | | | | +----------------+--------+--------+--------+--------+--------+--------+--------+--------+--------+--------+ | cephmds | | | | | X | | | | | | +----------------+--------+--------+--------+--------+--------+--------+--------+--------+--------+--------+ | manila | | | | | X | | | | | | +----------------+--------+--------+--------+--------+--------+--------+--------+--------+--------+--------+ | collectd | | X | | | | | | | | | +----------------+--------+--------+--------+--------+--------+--------+--------+--------+--------+--------+ | fluentd | | X | | | | | | | | | +----------------+--------+--------+--------+--------+--------+--------+--------+--------+--------+--------+ | sensu-client | | X | | | | | | | | | +----------------+--------+--------+--------+--------+--------+--------+--------+--------+--------+--------+