Overcloud Parameters
Parameters for customizing the core template collection for a Red Hat OpenStack Platform overcloud
Abstract
Chapter 1. Core Overcloud Parameters
| Parameter | Description |
|---|---|
|
|
Set to true to append per network VIPs to |
|
|
The DNS domain used for the hosts. This must match the overcloud_domain_name configured on the undercloud. The default value is |
|
|
The DNS name of this cloud. The default value is |
|
|
The DNS name of this cloud’s control plane endpoint. The default value is |
|
|
The DNS name of this cloud’s internal API endpoint. The default value is |
|
|
The DNS name of this cloud’s storage endpoint. E.g. ci-overcloud.storage.tripleo.org. The default value is |
|
|
The DNS name of this cloud’s storage management endpoint. The default value is |
|
|
Defines a fixed VIP for the Control Plane. Value uses the following format: |
|
|
The name of the undercloud OpenStack Networking (neutron) control plane subnet. The default value is |
|
|
Setting this to a unique value will re-run any deployment tasks that perform configuration on a OpenStack Orchestration (heat) |
|
| List of server hostnames to blacklist from any triggered deployments. |
|
| Can be used to override the calcluated EndpointMap. |
|
| Additional hiera configuration to inject into the cluster. |
|
| List of extra hosts entries to be appended to /etc/hosts. |
|
|
An Open vSwitch bridge to create on each hypervisor. This defaults to |
|
|
What interface to add to the |
|
|
Control the IP allocation for the InternalApiVirtualInterface port. Value uses the following format: |
|
|
ID or name for Control Plane ctlplane network. The default value is |
|
|
The interface to attach to the external bridge. The default value is |
|
|
Maximum batch size for creating nodes. It is recommended to not exceed a batch size of 32 nodes. The default value is |
|
|
Control the IP allocation for the PublicVirtualInterface port. Value uses the following format: |
|
|
Salt for the RabbitMQ cookie. Change to force the randomly generated RabbitMQ cookie to change. The default value is |
|
|
Control the IP allocation for the virtual IP used by Redis. Value uses the following format: |
|
| Extra properties or metadata passed to OpenStack Compute (nova) for the created nodes in the overcloud. Accessible through the OpenStack Compute (nova) metadata API. |
|
|
Control the IP allocation for the StorageMgmgVirtualInterface port. Value uses the following format: |
|
|
Control the IP allocation for the StorageVirtualInterface port. Value uses the following format: |
|
|
Set to a previously unused value during |
Chapter 2. Role-Based Parameters
Substitute _ROLE_ with the name of the role. For example, for _ROLE_Count use ControllerCount.
| Parameter | Description |
|---|---|
|
|
The number of nodes to deploy in a role. The default value is |
|
| Role specific additional hiera configuration to inject into the cluster. |
|
|
Format for node hostnames. Note that |
|
| Optional Role Specific parameters to be provided to service. |
|
|
List of resources to be removed from the role’s |
|
|
How to handle change to RemovalPolicies for ROLE ResourceGroup when doing an update. Default mode append will append to the existing blacklist and update would replace the blacklist. The default value is |
|
| Optional scheduler hints to pass to OpenStack Compute (nova). |
|
|
A list of composable service resources (configured in the |
Chapter 3. Debug Parameters
These parameters allow you to set debug mode on a per-service basis. The Debug parameter acts as a global parameter for all services and the per-service parameters can override the effects of global parameter on individual services.
| Parameter | Description |
|---|---|
|
| Set to True to enable debugging OpenStack Telemetry Alarming (aodh) services. |
|
| Set to True to enable debugging OpenStack Key Manager (barbican) service. |
|
| Set to True to enable debugging OpenStack Telemetry (ceilometer) services. |
|
| Set to True to enable debugging on OpenStack Block Storage (cinder) services. |
|
|
Whether to run configuration management (e.g. Puppet) in debug mode. The default value is |
|
|
Set to True to enable debugging on all services. The default value is |
|
| Set to True to enable debugging OpenStack Image Storage (glance) service. |
|
| Set to True to enable debugging OpenStack Telemetry Metrics (gnocchi) services. |
|
| Set to True to enable debugging OpenStack Orchestration (heat) services. |
|
|
Set to True to enable debugging OpenStack Dashboard (horizon) service. The default value is |
|
| Set to True to enable debugging OpenStack Bare Metal (ironic) services. |
|
| Set to True to enable debugging OpenStack Identity (keystone) service. |
|
| Set to True to enable debugging OpenStack Shared File Systems (manila) services. |
|
| Set to True to enable debugging OpenStack Networking (neutron) services. |
|
| Set to True to enable debugging for OpenStack Networking (neutron) DHCP agent. |
|
| Set to True to enable debugging for OpenStack Networking (neutron) L3 agent. |
|
| Set to True to enable debugging for OpenStack Networking (neutron) Metadata agent. |
|
| Set to True to enable debugging OpenStack Compute (nova) services. |
|
| Set to True to enable debugging OpenStack Clustering (sahara) services. |
Chapter 4. Kernel parameters
| Parameter | Description |
|---|---|
|
|
Configures sysctl net.bridge.bridge-nf-call-arptables key. The default value is |
|
|
Configures sysctl net.bridge.bridge-nf-call-ip6tables key. The default value is |
|
|
Configures sysctl net.bridge.bridge-nf-call-iptables key. The default value is |
|
| Hash of extra kernel modules to load. |
|
| List of extra kernel related packages to install. |
|
| Hash of extra sysctl settings to apply. |
|
|
Configures sysctl fs.inotify.max_user_instances key. The default value is |
|
|
Configures sysctl net.ipv6.{default/all}.disable_ipv6 keys. The default value is |
|
|
Configures net.ipv4.ip_forward key. The default value is |
|
|
Configures net.ipv{4,6}.ip_nonlocal_bind key. The default value is |
|
|
Configures sysctl kernel.pid_max key. The default value is |
|
|
Configures sysctl net.ipv4.neigh.default.gc_thresh1 value. This is the minimum number of entries to keep in the ARP cache. The garbage collector will not run if there are fewer than this number of entries in the cache. The default value is |
|
|
Configures sysctl net.ipv4.neigh.default.gc_thresh2 value. This is the soft maximum number of entries to keep in the ARP cache. The garbage collector will allow the number of entries to exceed this for 5 seconds before collection will be performed. The default value is |
|
|
Configures sysctl net.ipv4.neigh.default.gc_thresh3 value. This is the hard maximum number of entries to keep in the ARP cache. The garbage collector will always run if there are more than this number of entries in the cache. The default value is |
Chapter 5. Ceph Storage Parameters
| Parameter | Description |
|---|---|
|
| The password for the keystone admin account, used for monitoring, querying OpenStack Networking (neutron) etc. |
|
|
The Ceph admin client key. Can be created with: |
|
|
Disks configuration settings for |
|
| Mapping of Ansible environment variables to override defaults. |
|
|
Extra vars for the |
|
|
List of paths to the |
|
|
Number of -v, -vv, etc. passed to ansible-playbook command (max 5). The default value is |
|
|
List of |
|
|
Path to the |
|
|
Name of the OpenStack Workflow (mistral) workflow to execute. The default value is |
|
|
The Ceph client key. Currently only used for external Ceph deployments to create the openstack user keyring. Can be created with: |
|
|
The username the client uses to interact with Ceph. The default value is |
|
| The Ceph cluster FSID. Must be a UUID. |
|
|
The Ceph cluster name. The default value is |
|
| Extra configuration settings to dump into ceph.conf. |
|
| List of externally managed Ceph Mon Host IPs. Only used for external Ceph deployments. |
|
|
Enables Ceph daemons to bind to IPv6 addresses. The default is: |
|
|
The Ceph client key. Can be created with: |
|
| The cephx key for the MDS service. Can be created with ceph-authtool --gen-print-key. |
|
|
The Ceph monitors key. Can be created with: |
|
|
Default placement group size to use for the RBD pools. The default value is |
|
|
Default minimum replication for RBD copies. The default value is |
|
|
Override settings for one of the predefined pools or to create additional ones. Example: |
|
|
Perform mirror configuration between local and remote pool. The default value is |
|
|
Copy the admin key to all nodes. The default value is |
|
| Name of the local pool to mirror to remote cluster. |
|
|
The name given to the remote Ceph cluster from the local cluster. Keys reside in the |
|
| The rbd-mirror daemon needs a user to authenticate with the remote cluster. By default, this key should be available under /etc/ceph/<remote_cluster>.client.<remote_user>.keyring. |
|
|
The client name for the RADOSGW service. The default value is |
|
| The cephx key for the RADOSGW client. Can be created with ceph-authtool --gen-print-key. |
|
|
Interval (in seconds) in between validation checks. The default value is |
|
|
Number of retry attempts for Ceph validation. The default value is |
|
|
Pool to use if Block Storage (cinder) Backup is enabled. The default is: |
|
| List of extra Ceph pools for use with RBD backends for OpenStack Block Storage (cinder). An extra OpenStack Block Storage (cinder) RBD backend driver is created for each pool in the list. This is in addition to the standard RBD backend driver associated with the CinderRbdPoolName. |
|
|
Pool to use for Block Storage (cinder) service. The default is: |
|
|
Pool to use for Image Storage (glance) service. The default is: |
|
|
Pool to use for Telemetry storage. The default is: |
|
|
The CephFS user ID for Shared Filesystem Service (manila). The default is: |
|
|
Pool to use for file share storage. The default is: |
|
|
Placement group count for the CephFS data pool for file share storage. The default value is |
|
|
Pool to use for file share metadata storage. The default is: |
|
|
Placement group count for the CephFS metadata pool for file share storage. The default value is |
|
|
Backend name of the CephFS share for file share storage. The default value is |
|
|
Pool to use for Compute storage. The default is: |
|
| Type of update, to differentiate between UPGRADE and UPDATE cases when StackAction is UPDATE (both are the same stack action). |
Chapter 6. Block Storage (cinder) Parameters
| Parameter | Description |
|---|---|
|
|
The Ceph cluster name. The default value is |
|
|
Cron to move deleted instances to another table - Age. The default value is |
|
|
Cron to move deleted instances to another table - Log destination. The default value is |
|
|
Cron to move deleted instances to another table - Hour. The default value is |
|
|
Cron to move deleted instances to another table - Max Delay. The default value is |
|
|
Cron to move deleted instances to another table - Minute. The default value is |
|
|
Cron to move deleted instances to another table - Month. The default value is |
|
|
Cron to move deleted instances to another table - Month Day. The default value is |
|
|
Cron to move deleted instances to another table - User. The default value is |
|
|
Cron to move deleted instances to another table - Week Day. The default value is |
|
|
The name of Cinder’s default volume type. The default value is |
|
|
Whether to create cron job for purging soft deleted rows in OpenStack Block Storage (cinder) database. The default value is |
|
|
Whether to enable or not the Iscsi backend for OpenStack Block Storage (cinder). The default value is |
|
|
Whether to enable or not the NFS backend for OpenStack Block Storage (cinder). The default value is |
|
|
Whether to enable or not the Rbd backend for OpenStack Block Storage (cinder). The default value is |
|
|
The iSCSI helper to use with cinder. The default value is |
|
|
Whether to use TCP (iscsi) or iSER RDMA (iser) for iSCSI. The default value is |
|
|
The size of the loopback file used by the cinder LVM driver. The default value is |
|
|
Controls whether security enhanced NFS file operations are enabled. Valid values are auto, true or false. Effective when CinderEnableNfsBackend is true. The default value is |
|
|
Controls whether security enhanced NFS file permissions are enabled. Valid values are auto, true or false. Effective when CinderEnableNfsBackend is true. The default value is |
|
| Mount options for NFS mounts used by OpenStack Block Storage (cinder) NFS backend. Effective when CinderEnableNfsBackend is true. |
|
| NFS servers used by OpenStack Block Storage (cinder) NFS backend. Effective when CinderEnableNfsBackend is true. |
|
|
Whether to enable support for snapshots in the NFS driver. Effective when CinderEnableNfsBackend is true. The default value is |
|
| The password for the cinder service and database account. |
|
| List of extra Ceph pools for use with RBD backends for OpenStack Block Storage (cinder). An extra OpenStack Block Storage (cinder) RBD backend driver is created for each pool in the list. This is in addition to the standard RBD backend driver associated with the CinderRbdPoolName. |
|
|
NO DESCRIPTION The default value is |
|
| List of optional environment variables. |
|
| List of optional volumes to be mounted. |
|
| Set the number of workers for the block storage service. Note that more workers creates a larger number of processes on systems, which results in excess memory consumption. The default value is equal to the number of vCPU cores on the physical node. |
|
|
Ulimit for OpenStack Block Storage (cinder) Volume Container. The default value is |
|
|
Driver or drivers to handle sending notifications. The default value is |
Chapter 7. Image Storage (glance) Parameters
| Parameter | Description |
|---|---|
|
|
The Ceph cluster name. The default value is |
|
| List of optional volumes to be mounted. |
|
|
The short name of the backend to use. Should be one of |
|
|
List of enabled Image Import Methods. Valid values in the list are glance-direct and web-download. The default value is |
|
|
Desired output format for image conversion plugin. The default value is |
|
|
List of enabled Image Import Plugins. Valid values in the list are image_conversion, inject_metadata, no_op. The default value is |
|
|
Maximum number of image members per image. Negative values evaluate to unlimited. The default value is |
|
| The filepath of the file to use for logging messages from OpenStack Image Storage (glance). |
|
|
When using |
|
|
When using |
|
|
NFS mount options for image storage when |
|
|
NFS share to mount for image storage when |
|
|
URI that specifies the staging location to use when importing images. The default value is |
|
|
Strategy to use for OpenStack Image Storage (glance) notification queue. The default value is |
|
| The password for the image storage service and database account. |
|
|
Whether to show multiple image locations e.g for copy-on-write support on RBD or Netapp backends. Potential security risk, see glance.conf for more information. The default value is |
|
|
NFS mount options for NFS image import staging. The default value is |
|
| NFS share to mount for image import staging. |
|
| Set the number of workers for the image storage service. Note that more workers creates a larger number of processes on systems, which results in excess memory consumption. |
|
| Netapp share to mount for image storage (when GlanceNetappNfsEnabled is true). |
|
|
Driver or drivers to handle sending notifications. The default value is |
Chapter 8. Orchestration (heat) Parameters
| Parameter | Description |
|---|---|
|
| List of optional environment variables. |
|
| List of optional volumes to be mounted. |
|
| Auth encryption key for heat-engine. |
|
|
Enables the heat engine with the convergence architecture. The default value is |
|
|
Cron to purge database entries marked as deleted and older than $age - Age. The default value is |
|
|
Cron to purge database entries marked as deleted and older than $age - Age type. The default value is |
|
|
Cron to purge database entries marked as deleted and older than $age - Log destination. The default value is |
|
|
Cron to purge database entries marked as deleted and older than $age - Ensure. The default value is |
|
|
Cron to purge database entries marked as deleted and older than $age - Hour. The default value is |
|
|
Cron to purge database entries marked as deleted and older than $age - Max Delay. The default value is |
|
|
Cron to purge database entries marked as deleted and older than $age - Minute. The default value is |
|
|
Cron to purge database entries marked as deleted and older than $age - Month. The default value is |
|
|
Cron to purge database entries marked as deleted and older than $age - Month Day. The default value is |
|
|
Cron to purge database entries marked as deleted and older than $age - User. The default value is |
|
|
Cron to purge database entries marked as deleted and older than $age - Week Day. The default value is |
|
|
Whether to create cron job for purging soft deleted rows in the OpenStack Orchestration (heat) database. The default value is |
|
| List of optional environment variables. |
|
| List of optional volumes to be mounted. |
|
| An array of directories to search for plug-ins. |
|
|
Maximum raw byte size of the OpenStack Orchestration (heat) API JSON request body. The default value is |
|
|
Maximum resources allowed per top-level stack. -1 stands for unlimited. The default value is |
|
| The password for the Orchestration service and database account. |
|
| The admin password for the OpenStack Orchestration (heat) domain in OpenStack Identity (keystone). |
|
|
Number of workers for OpenStack Orchestration (heat) service. Note that more workers creates a larger number of processes on systems, which results in excess memory consumption. The default value is |
|
|
Driver or drivers to handle sending notifications. The default value is |
Chapter 9. Dashboard (horizon) Parameters
| Parameter | Description |
|---|---|
|
|
A list of IP/Hostname for the server OpenStack Dashboard (horizon) is running on. Used for header checks. The default value is |
|
| OpenStack Dashboard (horizon) has a global overrides mechanism available to perform customizations. |
|
| Regex for password validation. |
|
| Help text for password validation. |
|
| Secret key for the webserver. |
|
|
Set CSRF_COOKIE_SECURE / SESSION_COOKIE_SECURE in OpenStack Dashboard (horizon). The default value is |
|
|
Extra parameters for OpenStack Dashboard (horizon) vhost configuration. The default value is |
|
|
Enable IPv6 features in Memcached. The default value is |
Chapter 10. Bare Metal (ironic) Parameters
| Parameter | Description |
|---|---|
|
|
Type of disk cleaning before and between deployments. |
|
|
Name or UUID of the overcloud network used for cleaning bare metal nodes. The default value of |
|
|
How to boot the bare metal instances. Set to |
|
|
Network interface implementation to use by default. Set to |
|
| Default resource class to use for new nodes. |
|
|
Backend to use to store ramdisk logs, either "local" or "swift". The default value is |
|
|
Whether to enable use of staging drivers. The default value is |
|
|
Enabled boot interface implementations. Each hardware type must have at least one valid implementation enabled. The default value is |
|
|
Enabled console interface implementations. Each hardware type must have at least one valid implementation enabled. The default value is |
|
|
Enabled deploy interface implementations. Each hardware type must have at least one valid implementation enabled. The default value is |
|
|
Enabled OpenStack Bare Metal (ironic) drivers. The default value is |
|
|
Enabled OpenStack Bare Metal (ironic) hardware types. The default value is |
|
|
Enabled inspect interface implementations. Each hardware type must have at least one valid implementation enabled. The default value is |
|
|
Enabled management interface implementations. Each hardware type must have at least one valid implementation enabled. The default value is |
|
|
Enabled network interface implementations. Each hardware type must have at least one valid implementation enabled. The default value is |
|
|
Enabled power interface implementations. Each hardware type must have at least one valid implementation enabled. The default value is |
|
|
Enabled RAID interface implementations. Each hardware type must have at least one valid implementation enabled. The default value is |
|
|
Enabled storage interface implementations. Each hardware type must have at least one valid implementation enabled. The default value is |
|
|
Enabled vendor interface implementations. Each hardware type must have at least one valid implementation enabled. The default value is |
|
|
Whether to use iPXE instead of PXE for deployment. The default value is |
|
|
Port to use for serving images when iPXE is used. The default value is |
|
|
Comma-separated list of IPA inspection collectors. The default value is |
|
|
The default driver to use for newly discovered nodes (requires IronicInspectorEnableNodeDiscovery set to True). This driver is automatically added to enabled_drivers. The default value is |
|
|
Makes ironic-inspector enroll any unknown node that PXE-boots introspection ramdisk in OpenStack Bare Metal (ironic). The default driver to use for new nodes is specified by the IronicInspectorDiscoveryDefaultDriver parameter. Introspection rules can also be used to specify it. The default value is |
|
|
Comma-separated list of processing hooks to append to the default list. The default value is |
|
|
Whether to use iPXE for inspection. The default value is |
|
|
Network interface on which inspection dnsmasq will listen. The default value is |
|
|
Temporary IP range that will be given to nodes during the inspection process. This should not overlap with any range that OpenStack Networking (neutron) DHCP allocates, but it has to be routeable back to |
|
|
Kernel args for the OpenStack Bare Metal (ironic) inspector. The default value is |
|
|
Whether to use Swift for storing introspection data. The default value is |
|
| The password for the Bare Metal service and database account. |
|
|
Name or UUID of the overcloud network used for provisioning of bare metal nodes if |
Chapter 11. Identity (keystone) Parameters
| Parameter | Description |
|---|---|
|
|
The email for the OpenStack Identity (keystone) admin account. The default value is |
|
| The password for the OpenStack Identity (keystone) admin account. |
|
| The OpenStack Identity (keystone) secret and database password. |
|
| Enabling this option requires users to change their password when the user is created, or upon administrative reset. |
|
| The first OpenStack Identity (keystone) credential key. Must be a valid key. |
|
| The second OpenStack Identity (keystone) credential key. Must be a valid key. |
|
|
Cron to purge expired tokens - Log destination. The default value is |
|
|
Cron to purge expired tokens - Ensure. The default value is |
|
|
Cron to purge expired tokens - Hour. The default value is |
|
|
Cron to purge expired tokens - Max Delay. The default value is |
|
|
Cron to purge expired tokens - Minute. The default value is |
|
|
Cron to purge expired tokens - Month. The default value is |
|
|
Cron to purge expired tokens - Month Day. The default value is |
|
|
Cron to purge expired tokens - User. The default value is |
|
|
Cron to purge expired tokens - Week Day. The default value is |
|
| The maximum number of days a user can go without authenticating before being considered "inactive" and automatically disabled (locked). |
|
|
Whether to create cron job for purging soft deleted rows in OpenStack Identity (keystone) database. The default value is |
|
| The first OpenStack Identity (keystone) fernet key. Must be a valid key. |
|
| The second OpenStack Identity (keystone) fernet key. Must be a valid key. |
|
| Mapping containing OpenStack Identity (keystone) fernet keys and their paths. |
|
|
The maximum active keys in the OpenStack Identity (keystone) fernet key repository. The default value is |
|
| Hash containing the configurations for the LDAP backends configured in keystone. |
|
|
Trigger to call ldap_backend puppet keystone define. The default value is |
|
| The number of seconds a user account will be locked when the maximum number of failed authentication attempts (as specified by KeystoneLockoutFailureAttempts) is exceeded. |
|
| The maximum number of times that a user can fail to authenticate before the user account is locked for the number of seconds specified by KeystoneLockoutDuration. |
|
| The number of days that a password must be used before the user can change it. This prevents users from changing their passwords immediately in order to wipe out their password history and reuse an old password. |
|
|
Comma-separated list of Oslo notification drivers used by OpenStack Identity (keystone). The default value is |
|
|
The OpenStack Identity (keystone) notification format. The default value is |
|
| OpenStack Identity (keystone) notification topics to enable. |
|
| The number of days for which a password will be considered valid before requiring it to be changed. |
|
| The regular expression used to validate password strength requirements. |
|
| Describe your password regular expression here in language for humans. |
|
| OpenStack Identity (keystone) certificate for verifying token validity. |
|
| OpenStack Identity (keystone) key for signing tokens. |
|
|
The OpenStack Identity (keystone) token format. The default value is |
|
| This controls the number of previous user password iterations to keep in history, in order to enforce that newly created passwords are unique. |
|
| Set the number of workers for the OpenStack Identity (keystone) service. Note that more workers creates a larger number of processes on systems, which results in excess memory consumption. The default value is equal to the number of vCPU cores on the physical node. |
|
|
Whether director should manage the OpenStack Identity (keystone) fernet keys or not. If set to True, the fernet keys will get the values from the saved keys repository in OpenStack Workflow (mistral) from the |
|
|
Driver or drivers to handle sending notifications. The default value is |
Chapter 12. Key Manager (barbican) Parameters
| Parameter | Description |
|---|---|
|
|
Whether this plugin is the global default plugin. The default value is |
|
| Hostname of the Dogtag server. |
|
| Password for the NSS DB. |
|
|
Path for the PEM file used to authenticate requests. The default value is |
|
|
Port for the Dogtag server. The default value is |
|
|
Whether this plugin is the global default plugin. The default value is |
|
| Host for KMIP device. |
|
| Password to connect to KMIP device. |
|
| Port for KMIP device. |
|
| Username to connect to KMIP device. |
|
| The password for the OpenStack Key Manager (barbican) service account. |
|
|
Whether this plugin is the global default plugin. The default value is |
|
| Label for the HMAC key. |
|
| Path to vendor PKCS11 library. |
|
| Password to login to PKCS11 session. |
|
| Label for Master KEK. |
|
| Length of Master KEK in bytes. |
|
| Slot Id for the HSM. |
|
|
Whether this plugin is the global default plugin. The default value is |
|
| KEK used to encrypt secrets. |
|
|
Set the number of workers for barbican::wsgi::apache. The default value is |
|
|
Driver or drivers to handle sending notifications. The default value is |
Chapter 14. Messaging Parameters
| Parameter | Description |
|---|---|
|
|
Additional parameters passed to the Erlang subsystem. The string needs to be enclosed in quotes twice. We default to +sbwt none in order to have the erlang vm be less busy on spinlocks, but we allow a simple way of overriding it. The default value is |
|
| Shared secret used for authentication between RabbitMQ nodes. |
|
|
Configures RabbitMQ FD limit. The default value is |
|
|
The number of HA queues to be configured in rabbit. The default is -1 which translates to "ha-mode all". The special value 0 will be automatically overridden to CEIL(N/2) where N is the number of nodes running rabbitmq. The default value is |
|
|
Enable IPv6 in RabbitMQ. The default value is |
|
|
The number of seconds to configure the value of the erlang net_ticktime kernel variable. The default value is |
|
| The password for RabbitMQ. |
|
|
The username for RabbitMQ. The default value is |
Chapter 15. Networking (neutron) Parameters
| Parameter | Description |
|---|---|
|
|
Enables DHCP agent notifications. The default value is |
|
|
Ulimit for OpenStack Networking (neutron) DHCP Agent Container. The default value is |
|
|
Ulimit for OpenStack Networking (neutron) L3 Agent Container. The default value is |
|
|
If True, then allow plugins that support it to create VLAN transparent networks. The default value is |
|
|
Connection can be initiated by the ovsdb server. The default value is |
|
|
Port number for L2 gateway agent, so that it can listen. The default value is |
|
|
The L2 gateway agent retries to connect to the OVSDB server. The default value is |
|
| L2 gateway agent OVSDB server list. |
|
|
The L2 gateway agent checks connection state with the OVSDB servers. The interval is number of seconds between attempts. The default value is |
|
|
Socket timeout. The default value is |
|
|
Default device name of the L2 gateway. The default value is |
|
|
Default interface name of the L2 gateway. The default value is |
|
|
The periodic interval at which the plugin. The default value is |
|
|
Backend to use as a service provider for L2 Gateway. The default value is |
|
|
Quota of the L2 gateway. The default value is |
|
|
Allow automatic l3-agent failover. The default value is |
|
| List of optional environment variables. |
|
| List of optional volumes to be mounted. |
|
|
The core plugin for networking. The value should be the entrypoint to be loaded from |
|
|
String of extra command line parameters to append to the |
|
| List of servers to use as dnsmasq forwarders. |
|
|
The number of DHCP agents to schedule per network. The default value is |
|
| Name of Open vSwitch bridge to use. |
|
|
Domain to use for building the hostnames. The default value is |
|
|
Enable Distributed Virtual Router. The default value is |
|
|
Generate a wrapper script so OpenStack Networking (neutron) launches the dibbler client in a separate container. The default value is |
|
|
Generate a dnsmasq wrapper script so that OpenStack Networking (neutron) launches dnsmasq in a separate container. The default value is |
|
|
If True, DHCP always provides metadata route to VM. The default value is |
|
|
Generate a wrapper script so OpenStack Networking (neutron) launches haproxy in a separate container. The default value is |
|
|
If True, DHCP allows metadata support on isolated networks. The default value is |
|
|
Generate a wrapper script so OpenStack Networking (neutron) launches keepalived processes in a separate container. The default value is |
|
|
Enable/disable the L2 population feature in the OpenStack Networking (neutron) agents. The default value is |
|
|
If True, DHCP provides metadata network. Requires either |
|
|
Generate a wrapper script so OpenStack Networking (neutron) launches radvd in a separate container. Note that is currently disabled by default pending availability of a fix to radvd (see https://bugzilla.redhat.com/show_bug.cgi?id=1564391). It will be enabled by default once the fix to radvd is generally available across target distributions. The default value is |
|
| Name of bridge used for external network traffic. Usually L2 agent handles port wiring into external bridge, and hence the parameter should be unset. |
|
|
Firewall driver for realizing OpenStack Networking (neutron) security group function. The default value is |
|
|
Sets the flat network name to configure in plugins. The default value is |
|
|
MTU of the underlying physical network. OpenStack Networking (neutron) uses this value to calculate MTU for all virtual network components. For flat and VLAN networks, OpenStack Networking uses this value without modification. For overlay networks such as VXLAN, OpenStack Networking automatically subtracts the overlay protocol overhead from this value. The default value is |
|
|
OpenStack Networking (neutron) DHCP Agent interface driver. The default value is |
|
|
Agent mode for L3 agent. Must be |
|
| Configure the classname of the firewall driver to use for implementing security groups. Possible values depend on system configuration. The default value of an empty string will result in a default supported configuration. |
|
|
A list of mappings of physical networks to MTU values. The format of the mapping is |
|
|
The mechanism drivers for the tenant network. The default value is |
|
| Shared secret to prevent spoofing. |
|
|
The tenant network type. The default value is |
|
|
The OpenStack Networking (neutron) ML2 and Open vSwitch VLAN mapping range to support. Defaults to permitting any VLAN on the |
|
|
IP version used for all overlay network endpoints. The default value is |
|
| Name of Open vSwitch bridge to use. |
|
| The password for the OpenStack Networking (neutron) service and database account. |
|
|
Comma-separated list of enabled extension plugins. The default value is |
|
|
Puppet resource tag names that are used to generate configuration files with puppet. The default value is |
|
|
Sets the number of RPC workers for the OpenStack Networking (neutron) service. If not specified, the value is set to the same as |
|
|
Comma-separated list of service plugin entrypoints. The default value is |
|
|
Comma-separated list of <tun_min>:<tun_max> tuples enumerating ranges of GRE tunnel IDs that are available for tenant network allocation. The default value is |
|
|
The tunnel types for the tenant network. The default value is |
|
|
Comma-separated list of network type driver entrypoints to be loaded. The default value is |
|
|
Comma-separated list of <vni_min>:<vni_max> tuples enumerating ranges of VXLAN VNI IDs that are available for tenant network allocation. The default value is |
|
| Sets the number of API and RPC workers for the OpenStack Networking service. Note that more workers creates a larger number of processes on systems, which results in excess memory consumption. |
|
|
Driver or drivers to handle sending notifications. The default value is |
|
| List of <physical_network>:<physical_interface> tuples mapping physical network names to agent’s node-specific physical network interfaces. Defaults to empty list. |
Chapter 16. Compute (nova) Parameters
| Parameter | Description |
|---|---|
|
|
Whether config-download method is used or not. The default value is |
|
|
Limit the specific CPUs or cores a container can use. The default value is |
|
|
Ulimit for OpenStack Compute (nova) Libvirt Container. The default value is |
|
|
Ulimit for OpenStack Compute (nova) Compute Container. The default value is |
|
|
Port that dockerized nova migration target sshd service binds to. The default value is |
|
|
Remove configuration that is not generated by the director. Used to avoid configuration remnants after upgrades. The default value is |
|
|
Whether to enable an Instance Ha configurarion or not. This setup requires the Compute role to have the PacemakerRemote service added to it. The default value is |
|
|
Template string to be used to generate instance names. The default value is |
|
|
Specifies the CA cert to use for NBD TLS. The default value is |
|
|
Specifies the CA cert to use for qemu. The default value is |
|
|
Specifies the CA cert to use for VNC TLS. The default value is |
|
| Kernel Args to apply to the host. |
|
| This specifies the CA certificate to use for TLS in libvirt. This file will be symlinked to the default CA path in libvirt, which is /etc/pki/CA/cacert.pem. Note that due to limitations GNU TLS, which is the TLS backend for libvirt, the file must be less than 65K (so we can’t use the system’s CA bundle). This parameter should be used if the default (which comes from the InternalTLSCAFile parameter) is not desired. The current default reflects TripleO’s default CA, which is FreeIPA. It will only be used if internal TLS is enabled. |
|
|
This is a performance event list which could be used as monitor. For example: |
|
|
Defines a filter to select a different logging level for a given category log outputs, as specified in https://libvirt.org/logging.html . The default value is |
|
| This specifies the CA certificate to use for NBD TLS. This file will be symlinked to the default CA path, which is /etc/pki/libvirt-nbd/ca-cert.pem. This parameter should be used if the default (which comes from the InternalTLSNbdCAFile parameter) is not desired. The current default reflects TripleO’s default CA, which is FreeIPA. It will only be used if internal TLS is enabled. |
|
| The password for the libvirt service when TLS is enabled. |
|
|
Override the compile time default TLS priority string. The default value is |
|
| This specifies the CA certificate to use for VNC TLS. This file will be symlinked to the default CA path, which is /etc/pki/libvirt-vnc/ca-cert.pem. This parameter should be used if the default (which comes from the InternalTLSVncCAFile parameter) is not desired. The current default reflects TripleO’s default CA, which is FreeIPA. It will only be used if internal TLS is enabled. |
|
|
SSH key for migration. Expects a dictionary with keys public_key and private_key. Values should be identical to SSH public/private key files. The default value is |
|
|
Target port for migration over ssh. The default value is |
|
| Shared secret to prevent spoofing. |
|
|
Map of phynet name as key and NUMA nodes as value. For example: |
|
| Used to configure NUMA affinity for all tunneled networks. |
|
|
Driver or drivers to handle sending notifications. The default value is |
|
|
A list or range of physical CPU cores will be used for best-effort guest vCPU resources (e.g. emulator threads in libvirt/QEMU). For example: |
|
|
Libvirt domain type. Defaults to kvm. The default value is |
|
| Libvirt VIF driver configuration for the network. |
|
| List of optional environment variables. |
|
| List of optional volumes to be mounted.. |
|
|
Archive deleted instances from all cells. The default value is |
|
|
Cron to archive deleted instances - Age This will define the retention policy when archiving the deleted instances entries in days. 0 means, purge data older than today in shadow tables. The default value is |
|
|
Cron to move deleted instances to another table - Log destination. The default value is |
|
|
Cron to move deleted instances to another table - Hour. The default value is |
|
|
Cron to move deleted instances to another table - Max Rows. The default value is |
|
|
Cron to move deleted instances to another table - Minute. The default value is |
|
|
Cron to move deleted instances to another table - Month. The default value is |
|
|
Cron to move deleted instances to another table - Month Day. The default value is |
|
|
Cron to move deleted instances to another table - Until complete. The default value is |
|
|
Cron to move deleted instances to another table - User. The default value is |
|
|
Cron to move deleted instances to another table - Week Day. The default value is |
|
|
Cron to move deleted instances to another table that doesn’t need backup - Hour. The default value is |
|
|
Cron to move deleted instances to another table - Max Delay. The default value is |
|
|
Cron to move deleted instances to another table that doesn’t need backup - Minute. The default value is |
|
|
Cron to move deleted instances to another table that doesn’t need backup - Month. The default value is |
|
|
Cron to move deleted instances to another table that doesn’t need backup - Month Day. The default value is |
|
|
Cron to move deleted instances to another table that doesn’t need backup - Week Day. The default value is |
|
|
Timeout for OpenStack Compute (nova) database synchronization in seconds. The default value is |
|
|
Default pool for floating IP addresses. The default value is |
|
|
Whether to create cron job for purging soft deleted rows in OpenStack Compute (nova) database. The default value is |
|
|
Whether to enable or not the live migration for NUMA topology instances. The default value is |
|
|
Enable IPv6 features for OpenStack Compute (nova). The default is: |
|
|
A number of seconds to memory usage statistics period, zero or negative value mean to disable memory usage statistics. The default value is |
|
|
Virtio-net RX queue size. Valid values are 256, 512, 1024. The default value is |
|
|
Virtio-net TX queue size. Valid values are 256, 512, 1024. The default value is |
|
|
Whether to enable or not the multipath connection of the volumes. The default value is |
|
|
Whether to enable or not the NFS backend for OpenStack Compute (nova). The default value is |
|
|
NFS mount options for nova storage (when NovaNfsEnabled is true). The default value is |
|
| NFS share to mount for nova storage (when NovaNfsEnabled is true). |
|
|
NFS version used for nova storage (when NovaNfsEnabled is true). Since NFSv3 does not support full locking a NFSv4 version need to be used. To not break current installations the default is the previous hard coded version 4. The default value is |
|
|
Name of integration bridge used by Open vSwitch. The default value is |
|
| YAML list of PCI passthrough whitelist parameters. |
|
| The password for the OpenStack Compute (nova) service and database account. |
|
|
Endpoint interface to be used for the placement API. The default value is |
|
|
Reserved RAM for host processes. The default value is |
|
| A list of valid key=value which reflect NUMA node ID, page size (Default unit is KiB) and number of pages to be reserved. Example - NovaReservedHugePages: ["node:0,size:2048,count:64","node:1,size:1GB,count:1"] will reserve on NUMA node 0 64 pages of 2MiB and on NUMA node 1 1 page of 1GiB. |
|
|
Number of seconds we’re willing to wait for a guest to shut down. If this is 0, then there is no time out (use with caution, as guests might not respond to a shutdown request). The default value is 300 seconds (5 minutes). The default value is |
|
|
Whether to start running instance on compute host reboot. The default value is |
|
| List of available filters for OpenStack Compute (nova) to use to filter nodes. |
|
| An array of filters OpenStack Compute (nova) uses to filter a node. OpenStack Compute applies these filters in the order they are listed. Place your most restrictive filters first to make the filtering process more efficient. |
|
|
This value controls how often (in seconds) the scheduler should attempt to discover new hosts that have been added to cells. The default value of -1 disables the periodic task completely. It is recommended to set this parameter for deployments using OpenStack Bare Metal (ironic). The default value is |
|
|
Maximum number of attempts the scheduler will make when deploying the instance. You should keep it greater or equal to the number of bare metal nodes you expect to deploy at once to work around potential race conditions when scheduling. The default value is |
|
|
Number of workers for OpenStack Compute (nova) Scheduler services. The default value is |
|
|
A list or range of physical CPU cores to reserve for virtual machine processes. For example, |
|
|
Number of workers for the Compute’s Conductor service. Note that more workers creates a larger number of processes on systems, which results in excess memory consumption. The default value is |
|
| Sets the amount of hugepage memory to assign per NUMA node. It is recommended to use the socket closest to the PCIe slot used for the desired DPDK NIC. The format should be in "<socket 0 mem>, <socket 1 mem>, <socket n mem>", where the value is specified in MB. For example: "1024,0". |
|
| This specifies the CA certificate to use for qemu. This file will be symlinked to the default CA path, which is /etc/pki/qemu/ca-cert.pem. This parameter should be used if the default (which comes from the InternalTLSQemuCAFile parameter) is not desired. The current default reflects TripleO’s default CA, which is FreeIPA. It will only be used if internal TLS is enabled. |
|
| Type of update, to differentiate between UPGRADE and UPDATE cases when StackAction is UPDATE (both are the same stack action). |
|
| OpenStack Compute upgrade level. |
|
|
If set to true and if EnableInternalTLS is enabled, it will enable TLS transport for libvirt NBD and configure the relevant keys for libvirt. The default value is |
|
|
If set to true and if EnableInternalTLS is enabled, it will enable TLS transport for libvirt VNC and configure the relevant keys for libvirt. The default value is |
|
|
Whether to verify image signatures. The default value is |
|
|
The vhost-user socket directory group name. Defaults to qemu. When vhostuser mode is dpdkvhostuserclient (which is the default mode), the vhost socket is created by qemu. The default value is |
Chapter 17. Clustering (sahara) Parameters
| Parameter | Description |
|---|---|
|
|
Driver or drivers to handle sending notifications. The default value is |
|
| The password for the clusting service and database account. |
|
|
Clustering enabled plugin list. The default value is |
|
|
Set the number of workers for the clustering service. Note that more workers creates a larger number of processes on systems, which results in excess memory consumption. The default value is |
Chapter 18. Object Storage (swift) Parameters
| Parameter | Description |
|---|---|
|
|
Number of workers for Swift account service. The default value is |
|
|
Comma-separated list of project names to ignore. The default value is |
|
|
Set to |
|
|
Number of workers for Swift account service. The default value is |
|
|
Set to True to enable data-at-rest encryption in Swift. The default value is |
|
| A random string to be used as a salt when hashing to determine mappings in the ring. |
|
|
The minimum time (in hours) before a partition in a ring can be moved following a rebalance. The default value is |
|
|
Check if the devices are mounted to prevent accidentally writing to the root device. The default value is |
|
|
Number of workers for Swift account service. The default value is |
|
|
Partition power to use when building object storage rings. The default value is |
|
| The password for the object storage service account. |
|
|
Timeout for requests going from |
|
|
Additional raw devices to use for the object storage backend. For example: |
|
|
Number of replicas to use in the object storage rings. The default value is |
|
|
Whether to manage object storage rings or not. The default value is |
|
| A temporary Swift URL to download rings from. |
|
| A temporary Swift URL to upload rings to. |
|
|
Use a local directory for object storage services when building rings. The default value is |
|
|
Number of workers for object storage service. Note that more workers creates a larger number of processes on systems, which results in excess memory consumption. The default value is |
Chapter 19. Telemetry Parameters
| Parameter | Description |
|---|---|
|
| Address prefix for Notification addresses. |
|
| Address prefix for RPC addresses. |
|
| The password for the OpenStack Telemetry Alarming (aodh) services. |
|
|
Check if panko need to be enabled or not. The default value is |
|
| Secret shared by the Telemetry services. |
|
| The password for the Telemetry service account. |
|
|
Configuration for notifier publisher for events. The default value is |
|
|
Configuration for notifier publisher for metrics. The default value is |
|
|
Whether to send events to MetricsQdr service. The default value is |
|
|
Whether to send telemetry data to MetricsQdr service. The default value is |
|
|
Number of workers for the Telemetry service. Note that more workers creates a larger number of processes on systems, which results in excess memory consumption. The default value is |
|
|
The Ceph cluster name. The default value is |
|
|
Enable panko expirer to periodically delete events from db. The default value is |
|
|
Archive policy to use with OpenStack Telemetry Metrics (gnocchi) backend. The default value is |
|
|
The short name of the OpenStack Telemetry Metrics (gnocchi) backend to use. Should be one of |
|
| Indicate whether this resource may be shared with the domain received in the request "origin" header. |
|
|
Project name of resources creator in OpenStack Telemetry Metrics (gnocchi). The default value is |
|
|
Path to use when file driver is used. This could be NFS or a flat file. The default value is |
|
|
Storage driver to use for incoming metric data. The default value is |
|
|
The short name of the OpenStack Telemetry Metrics (gnocchi) indexer backend to use. The default value is |
|
| Number of workers for OpenStack Telemetry Metrics (gnocchi). Note that more workers creates a larger number of processes on systems, which results in excess memory consumption. The default value is equal to the number of vCPU cores on the physical node. |
|
| The password for the OpenStack Telemetry Metrics (gnocchi) service and database account. |
|
| S3 storage access key Id. |
|
| S3 storage access key secret. |
|
| S3 storage bucket prefix. |
|
| The endpoint url for S3 storage. |
|
| S3 Region name. |
|
|
Set to modify which endpoint type is OpenStack Telemetry Metrics (gnocchi) accessing swift from. The default value is |
|
|
Whether to manage event_pipeline.yaml. The default value is |
|
|
Whether to manage pipeline.yaml. The default value is |
|
|
Whether to manage polling.yaml. The default value is |
|
|
Delay between processing metrics. The default value is |
|
|
Service name or port number on which the qdrouterd will accept connections. This argument must be string, even if the numeric form is used. The default value is |
|
|
Driver or drivers to handle sending notifications. The default value is |
|
|
Number of storage sacks to create. The default value is |
|
|
Number of seconds that events are kept in the database. The default value is |
|
|
Cron to delete events data from database - Hour. The default value is |
|
|
Cron to delete events data from database - Minute. The default value is |
|
|
Cron to delete events data from database - Month. The default value is |
|
|
Cron to delete events data from database - Month Day. The default value is |
|
|
Cron to delete events from database - Week Day. The default value is |
|
| The password for the panko services. |
|
| A list of publishers to put in pipeline.yaml. When the collector is used, override this with notifier:// publisher. Set ManagePipeline to true for override to take effect. |
|
|
The user name for SNMPd with readonly rights running on all Overcloud nodes. The default value is |
|
| The user password for SNMPd with readonly rights running on all Overcloud nodes. |
Chapter 20. Time Parameters
| Parameter | Description |
|---|---|
|
|
Set to true to enable package installation at deploy time. The default value is |
|
|
Specify maximum poll interval of upstream servers for NTP messages, in seconds to the power of two. Allowed values are 4 to 17. The default value is |
|
|
Specify minimum poll interval of upstream servers for NTP messages, in seconds to the power of two. The minimum poll interval defaults to 6 (64 s). Allowed values are 4 to 17. The default value is |
|
|
Specifies whether to enable the iburst option for every NTP peer. If iburst is enabled, when the NTP server is unreachable NTP will send a burst of eight packages instead of one. This is designed to speed up the initial syncrhonization. The default value is |
|
|
NTP servers list. The default value is |
|
|
The timezone to be set on the overcloud. The default value is |
