Gitiles
Code Review Sign In
review.vexxhost.dev / atmosphere / 979782f564ed5f0c26a8c9d6a955e96f017cad90 / . / charts / octavia / values.yaml
blob: 2caf8ca80a955fd65438297e983da27c244d8bc3 [file] [log] [blame]
Mohammed Naserf3f59a72023-01-15 21:02:04 -0500[diff] [blame]1# Copyright 2019 Samsung Electronics Co., Ltd.
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14
15# Default values for octavia.
16# This is a YAML-formatted file.
17# Declare name/value pairs to be passed into your templates.
18# name: value
19
20---
21release_group: null
22
23labels:
24 api:
25 node_selector_key: openstack-control-plane
26 node_selector_value: enabled
27 worker:
28 node_selector_key: openstack-control-plane
29 node_selector_value: enabled
30 housekeeping:
31 node_selector_key: openstack-control-plane
32 node_selector_value: enabled
33 health_manager:
34 node_selector_key: openstack-control-plane
35 node_selector_value: enabled
36 job:
37 node_selector_key: openstack-control-plane
38 node_selector_value: enabled
39
40images:
41 tags:
42 test: docker.io/xrally/xrally-openstack:2.0.0
43 bootstrap: docker.io/openstackhelm/heat:ocata
44 db_init: docker.io/openstackhelm/heat:ocata
45 octavia_db_sync: docker.io/loci/octavia:master-ubuntu
46 db_drop: docker.io/openstackhelm/heat:ocata
47 rabbit_init: docker.io/rabbitmq:3.7-management
48 ks_user: docker.io/openstackhelm/heat:ocata
49 ks_service: docker.io/openstackhelm/heat:ocata
50 ks_endpoints: docker.io/openstackhelm/heat:ocata
51 dep_check: quay.io/airshipit/kubernetes-entrypoint:v1.0.0
52 image_repo_sync: docker.io/docker:17.07.0
53 octavia_api: docker.io/loci/octavia:master-ubuntu
54 octavia_worker: docker.io/loci/octavia:master-ubuntu
55 octavia_housekeeping: docker.io/loci/octavia:master-ubuntu
56 octavia_health_manager: docker.io/loci/octavia:master-ubuntu
57 octavia_health_manager_init: docker.io/kolla/ubuntu-source-octavia-health-manager:rocky
58 openvswitch_vswitchd: docker.io/kolla/centos-source-openvswitch-vswitchd:rocky
59 pull_policy: "IfNotPresent"
60 local_registry:
61 active: false
62 exclude:
63 - dep_check
64 - image_repo_sync
65
66bootstrap:
67 enabled: true
68 ks_user: admin
69 script: |
70 openstack role create --or-show load-balancer_admin
71 openstack role create --or-show load-balancer_observer
72 openstack role create --or-show load-balancer_global_observer
73 openstack role create --or-show load-balancer_quota_admin
74 openstack role create --or-show load-balancer_member
75
76network:
77 api:
78 ingress:
79 public: true
80 classes:
81 namespace: "nginx"
82 cluster: "nginx-cluster"
83 annotations:
84 nginx.ingress.kubernetes.io/rewrite-target: /
85 external_policy_local: false
86 node_port:
87 enabled: false
88 port: 30826
89
90dependencies:
91 dynamic:
92 common:
93 local_image_registry:
94 jobs:
95 - heat-image-repo-sync
96 services:
97 - endpoint: node
98 service: local_image_registry
99 static:
100 api:
101 jobs:
102 - octavia-db-sync
103 - octavia-ks-user
104 - octavia-ks-endpoints
105 - octavia-rabbit-init
106 services:
107 - endpoint: internal
108 service: oslo_db
109 - endpoint: internal
110 service: identity
111 - endpoint: internal
112 service: oslo_messaging
113 - endpoint: internal
114 service: oslo_cache
115 - endpoint: internal
116 service: network
117 worker:
118 jobs:
119 - octavia-db-sync
120 - octavia-ks-user
121 - octavia-ks-endpoints
122 - octavia-rabbit-init
123 services:
124 - endpoint: internal
125 service: oslo_db
126 - endpoint: internal
127 service: identity
128 - endpoint: internal
129 service: oslo_messaging
130 - endpoint: internal
131 service: oslo_cache
132 - endpoint: internal
133 service: network
134 - endpoint: internal
135 service: load_balancer
136 housekeeping:
137 jobs:
138 - octavia-db-sync
139 - octavia-ks-user
140 - octavia-ks-endpoints
141 - octavia-rabbit-init
142 services:
143 - endpoint: internal
144 service: oslo_db
145 - endpoint: internal
146 service: identity
147 - endpoint: internal
148 service: oslo_messaging
149 - endpoint: internal
150 service: oslo_cache
151 - endpoint: internal
152 service: network
153 - endpoint: internal
154 service: load_balancer
155 health_manager:
156 jobs:
157 - octavia-db-sync
158 - octavia-ks-user
159 - octavia-ks-endpoints
160 - octavia-rabbit-init
161 services:
162 - endpoint: internal
163 service: oslo_db
164 - endpoint: internal
165 service: identity
166 - endpoint: internal
167 service: oslo_messaging
168 - endpoint: internal
169 service: oslo_cache
170 - endpoint: internal
171 service: network
172 - endpoint: internal
173 service: load_balancer
174 db_init:
175 services:
176 - endpoint: internal
177 service: oslo_db
178 db_sync:
179 jobs:
180 - octavia-db-init
181 services:
182 - endpoint: internal
183 service: oslo_db
184 ks_endpoints:
185 jobs:
186 - octavia-ks-service
187 services:
188 - endpoint: internal
189 service: identity
190 ks_service:
191 services:
192 - endpoint: internal
193 service: identity
194 ks_user:
195 services:
196 - endpoint: internal
197 service: identity
198 rabbit_init:
199 services:
200 - endpoint: internal
201 service: oslo_messaging
202 image_repo_sync:
203 services:
204 - endpoint: internal
205 service: local_image_registry
206
207conf:
208 octavia:
209 DEFAULT:
210 log_config_append: /etc/octavia/logging.conf
211 api_settings:
212 api_handler: queue_producer
213 bind_host: 0.0.0.0
214 database:
215 max_retries: -1
216 health_manager:
217 bind_port: 5555
218 bind_ip: 0.0.0.0
219 controller_ip_port_list: 0.0.0.0:5555
220 heartbeat_key: insecure
221 keystone_authtoken:
222 auth_type: password
223 auth_version: v3
224 memcache_security_strategy: ENCRYPT
225 certificates:
226 ca_private_key_passphrase: foobar
227 ca_private_key: /etc/octavia/certs/private/cakey.pem
228 ca_certificate: /etc/octavia/certs/ca_01.pem
229 haproxy_amphora:
230 server_ca: /etc/octavia/certs/ca_01.pem
231 client_cert: /etc/octavia/certs/client.pem
232 base_path: /var/lib/octavia
233 base_cert_dir: /var/lib/octavia/certs
234 connection_max_retries: 1500
235 connection_retry_interval: 1
236 rest_request_conn_timeout: 10
237 rest_request_read_timeout: 120
238 controller_worker:
239 amp_image_owner_id: null
240 amp_secgroup_list: null
241 amp_flavor_id: null
242 amp_boot_network_list: null
243 amp_ssh_key_name: octavia_ssh_key
244 amp_image_tag: amphora
245 network_driver: allowed_address_pairs_driver
246 compute_driver: compute_nova_driver
247 amphora_driver: amphora_haproxy_rest_driver
248 workers: 2
249 amp_active_retries: 100
250 amp_active_wait_sec: 2
251 loadbalancer_topology: SINGLE
252 oslo_messaging:
253 topic: octavia_prov
254 rpc_thread_pool_size: 2
255 oslo_messaging_notifications:
256 driver: messagingv2
257 house_keeping:
258 load_balancer_expiry_age: 3600
259 amphora_expiry_age: 3600
260 service_auth:
261 auth_type: password
262 cafile: ""
263 auth_version: v3
264 memcache_security_strategy: ENCRYPT
265 logging:
266 loggers:
267 keys:
268 - root
269 - octavia
270 handlers:
271 keys:
272 - stdout
273 - stderr
274 - "null"
275 formatters:
276 keys:
277 - context
278 - default
279 logger_root:
280 level: WARNING
281 handlers: 'null'
282 logger_octavia:
283 level: WARNING
284 handlers:
285 - stdout
286 qualname: octavia
287 logger_amqp:
288 level: WARNING
289 handlers: stderr
290 qualname: amqp
291 logger_amqplib:
292 level: WARNING
293 handlers: stderr
294 qualname: amqplib
295 logger_eventletwsgi:
296 level: WARNING
297 handlers: stderr
298 qualname: eventlet.wsgi.server
299 logger_sqlalchemy:
300 level: WARNING
301 handlers: stderr
302 qualname: sqlalchemy
303 logger_boto:
304 level: WARNING
305 handlers: stderr
306 qualname: boto
307 handler_null:
308 class: logging.NullHandler
309 formatter: default
310 args: ()
311 handler_stdout:
312 class: StreamHandler
313 args: (sys.stdout,)
314 formatter: context
315 handler_stderr:
316 class: StreamHandler
317 args: (sys.stderr,)
318 formatter: context
319 formatter_context:
320 class: oslo_log.formatters.ContextFormatter
321 formatter_default:
322 format: "%(message)s"
323 rabbitmq:
324 # NOTE(rk760n): adding rmq policy to mirror messages from notification queues and set expiration time for the ones
325 policies:
326 - vhost: "octavia"
327 name: "ha_ttl_octavia"
328 definition:
329 # mirror messges to other nodes in rmq cluster
330 ha-mode: "all"
331 ha-sync-mode: "automatic"
332 # 70s
333 message-ttl: 70000
334 priority: 0
335 apply-to: all
336 pattern: '(notifications)\.'
337
338secrets:
339 identity:
340 admin: octavia-keystone-admin
341 octavia: octavia-keystone-user
342 test: octavia-keystone-test
343 oslo_db:
344 admin: octavia-db-admin
345 octavia: octavia-db-user
346 oslo_messaging:
347 admin: octavia-rabbitmq-admin
348 octavia: octavia-rabbitmq-user
349 tls:
350 load_balancer:
351 api:
352 public: octavia-tls-public
Oleksandr Kozachenkoa10d7852023-02-02 22:01:16 +0100[diff] [blame]353 oci_image_registry:
354 octavia: octavia-oci-image-registry
Mohammed Naserf3f59a72023-01-15 21:02:04 -0500[diff] [blame]355
356endpoints:
357 cluster_domain_suffix: cluster.local
358 local_image_registry:
359 name: docker-registry
360 namespace: docker-registry
361 hosts:
362 default: localhost
363 internal: docker-registry
364 node: localhost
365 host_fqdn_override:
366 default: null
367 port:
368 registry:
369 node: 5000
Oleksandr Kozachenkoa10d7852023-02-02 22:01:16 +0100[diff] [blame]370 oci_image_registry:
371 name: oci-image-registry
372 namespace: oci-image-registry
373 auth:
374 enabled: false
375 octavia:
376 username: octavia
377 password: password
378 hosts:
379 default: localhost
380 host_fqdn_override:
381 default: null
382 port:
383 registry:
384 default: null
Mohammed Naserf3f59a72023-01-15 21:02:04 -0500[diff] [blame]385 identity:
386 name: keystone
387 auth:
388 admin:
389 region_name: RegionOne
390 username: admin
391 password: password
392 project_name: admin
393 user_domain_name: default
394 project_domain_name: default
395 octavia:
396 role: admin
397 region_name: RegionOne
398 username: octavia
399 password: password
400 project_name: service
401 user_domain_name: service
402 project_domain_name: service
403 test:
404 role: admin
405 region_name: RegionOne
406 username: test
407 password: password
408 project_name: test
409 user_domain_name: service
410 project_domain_name: service
411 hosts:
412 default: keystone
413 internal: keystone-api
414 host_fqdn_override:
415 default: null
416 path:
417 default: /v3
418 scheme:
419 default: 'http'
420 port:
421 api:
422 default: 80
423 internal: 5000
424 load_balancer:
425 name: octavia
426 hosts:
427 default: octavia-api
428 public: octavia
429 host_fqdn_override:
430 default: null
431 path:
432 default: null
433 scheme:
434 default: http
435 port:
436 api:
437 default: 9876
438 public: 80
439 oslo_db:
440 auth:
441 admin:
442 username: root
443 password: password
444 octavia:
445 username: octavia
446 password: password
447 hosts:
448 default: mariadb
449 host_fqdn_override:
450 default: null
451 path: /octavia
452 scheme: mysql+pymysql
453 port:
454 mysql:
455 default: 3306
456 oslo_cache:
457 auth:
458 # NOTE(portdirect): this is used to define the value for keystone
459 # authtoken cache encryption key, if not set it will be populated
460 # automatically with a random value, but to take advantage of
461 # this feature all services should be set to use the same key,
462 # and memcache service.
463 memcache_secret_key: null
464 hosts:
465 default: memcached
466 host_fqdn_override:
467 default: null
468 port:
469 memcache:
470 default: 11211
471 oslo_messaging:
472 auth:
473 admin:
474 username: rabbitmq
475 password: password
476 octavia:
477 username: octavia
478 password: password
479 statefulset:
480 replicas: 2
481 name: rabbitmq-rabbitmq
482 hosts:
483 default: rabbitmq
484 host_fqdn_override:
485 default: null
486 path: /octavia
487 scheme: rabbit
488 port:
489 amqp:
490 default: 5672
491 http:
492 default: 15672
493 network:
494 name: neutron
495 hosts:
496 default: neutron-server
497 public: neutron
498 host_fqdn_override:
499 default: null
500 path:
501 default: null
502 scheme:
503 default: 'http'
504 port:
505 api:
506 default: 9696
507 public: 80
508
509pod:
510 user:
511 octavia:
512 uid: 42424
513 affinity:
514 anti:
515 type:
516 default: preferredDuringSchedulingIgnoredDuringExecution
517 topologyKey:
518 default: kubernetes.io/hostname
519 mounts:
520 octavia_api:
521 init_container: null
522 octavia_api:
523 volumeMounts:
524 volumes:
525 octavia_worker:
526 init_container: null
527 octavia_worker:
528 volumeMounts:
529 volumes:
530 octavia_housekeeping:
531 init_container: null
532 octavia_housekeeping:
533 volumeMounts:
534 volumes:
535 octavia_health_manager:
536 init_container: null
537 octavia_health_manager:
538 volumeMounts:
539 volumes:
540 octavia_bootstrap:
541 init_container: null
542 octavia_bootstrap:
543 volumeMounts:
544 volumes:
545 replicas:
546 api: 1
547 worker: 1
548 housekeeping: 1
549 lifecycle:
550 upgrades:
551 deployments:
552 revision_history: 3
553 pod_replacement_strategy: RollingUpdate
554 rolling_update:
555 max_unavailable: 1
556 max_surge: 3
557 daemonsets:
558 pod_replacement_strategy: RollingUpdate
559 health_manager:
560 enabled: true
561 min_ready_seconds: 0
562 max_unavailable: 1
563 disruption_budget:
564 api:
565 min_available: 0
566 termination_grace_period:
567 api:
568 timeout: 30
569 resources:
570 enabled: false
571 api:
572 requests:
573 memory: "128Mi"
574 cpu: "100m"
575 limits:
576 memory: "1024Mi"
577 cpu: "2000m"
578 worker:
579 requests:
580 memory: "128Mi"
581 cpu: "100m"
582 limits:
583 memory: "1024Mi"
584 cpu: "2000m"
585 housekeeping:
586 requests:
587 memory: "128Mi"
588 cpu: "100m"
589 limits:
590 memory: "1024Mi"
591 cpu: "2000m"
592 health_manager:
593 requests:
594 memory: "128Mi"
595 cpu: "100m"
596 limits:
597 memory: "1024Mi"
598 cpu: "2000m"
599 jobs:
600 bootstrap:
601 requests:
602 memory: "128Mi"
603 cpu: "100m"
604 limits:
605 memory: "1024Mi"
606 cpu: "2000m"
607 rabbit_init:
608 requests:
609 memory: "128Mi"
610 cpu: "100m"
611 limits:
612 memory: "1024Mi"
613 cpu: "2000m"
614 db_init:
615 requests:
616 memory: "128Mi"
617 cpu: "100m"
618 limits:
619 memory: "1024Mi"
620 cpu: "2000m"
621 db_sync:
622 requests:
623 memory: "128Mi"
624 cpu: "100m"
625 limits:
626 memory: "1024Mi"
627 cpu: "2000m"
628 db_drop:
629 requests:
630 memory: "128Mi"
631 cpu: "100m"
632 limits:
633 memory: "1024Mi"
634 cpu: "2000m"
635 ks_endpoints:
636 requests:
637 memory: "128Mi"
638 cpu: "100m"
639 limits:
640 memory: "1024Mi"
641 cpu: "2000m"
642 ks_service:
643 requests:
644 memory: "128Mi"
645 cpu: "100m"
646 limits:
647 memory: "1024Mi"
648 cpu: "2000m"
649 ks_user:
650 requests:
651 memory: "128Mi"
652 cpu: "100m"
653 limits:
654 memory: "1024Mi"
655 cpu: "2000m"
656 tests:
657 requests:
658 memory: "128Mi"
659 cpu: "100m"
660 limits:
661 memory: "1024Mi"
662 cpu: "2000m"
663 image_repo_sync:
664 requests:
665 memory: "128Mi"
666 cpu: "100m"
667 limits:
668 memory: "1024Mi"
669 cpu: "2000m"
670
671network_policy:
672 octavia:
673 ingress:
674 - {}
675
676manifests:
677 configmap_bin: true
678 configmap_etc: true
679 daemonset_health_manager: true
680 deployment_api: true
681 deployment_worker: true
682 deployment_housekeeping: true
683 ingress_api: true
684 job_bootstrap: true
685 job_db_init: true
686 job_db_sync: true
687 job_db_drop: false
688 job_image_repo_sync: true
689 job_rabbit_init: true
690 job_ks_endpoints: true
691 job_ks_service: true
692 job_ks_user: true
693 pdb_api: true
694 pod_rally_test: false
695 network_policy: false
696 secret_credential_keys: true
697 secret_db: true
698 secret_ingress_tls: true
699 secret_keystone: true
700 secret_rabbitmq: true
Oleksandr Kozachenkoa10d7852023-02-02 22:01:16 +0100[diff] [blame]701 secret_registry: true
Mohammed Naserf3f59a72023-01-15 21:02:04 -0500[diff] [blame]702 service_ingress_api: true
703 service_api: true
704...