Gitiles
Code Review Sign In
review.vexxhost.dev / atmosphere / e8ad9a7565a33133f6205eaf3c34744edb5a7742 / . / charts / heat / values.yaml
blob: 555af53a338f23e34585ca94e82787c7817372d9 [file] [log] [blame]
Mohammed Naserf3f59a72023-01-15 21:02:04 -0500[diff] [blame]1# Licensed under the Apache License, Version 2.0 (the "License");
2# you may not use this file except in compliance with the License.
3# You may obtain a copy of the License at
4#
5# http://www.apache.org/licenses/LICENSE-2.0
6#
7# Unless required by applicable law or agreed to in writing, software
8# distributed under the License is distributed on an "AS IS" BASIS,
9# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
10# See the License for the specific language governing permissions and
11# limitations under the License.
12
13# Default values for heat.
14# This is a YAML-formatted file.
15# Declare name/value pairs to be passed into your templates.
16# name: value
17
18---
19release_group: null
20
21labels:
22 api:
23 node_selector_key: openstack-control-plane
24 node_selector_value: enabled
25 cfn:
26 node_selector_key: openstack-control-plane
27 node_selector_value: enabled
28 cloudwatch:
29 node_selector_key: openstack-control-plane
30 node_selector_value: enabled
31 engine:
32 node_selector_key: openstack-control-plane
33 node_selector_value: enabled
34 job:
35 node_selector_key: openstack-control-plane
36 node_selector_value: enabled
37 test:
38 node_selector_key: openstack-control-plane
39 node_selector_value: enabled
40
41images:
42 tags:
43 test: docker.io/xrally/xrally-openstack:2.0.0
44 bootstrap: docker.io/openstackhelm/heat:stein-ubuntu_bionic
45 db_init: docker.io/openstackhelm/heat:stein-ubuntu_bionic
46 heat_db_sync: docker.io/openstackhelm/heat:stein-ubuntu_bionic
47 db_drop: docker.io/openstackhelm/heat:stein-ubuntu_bionic
48 rabbit_init: docker.io/rabbitmq:3.7-management
49 ks_user: docker.io/openstackhelm/heat:stein-ubuntu_bionic
50 ks_service: docker.io/openstackhelm/heat:stein-ubuntu_bionic
51 ks_endpoints: docker.io/openstackhelm/heat:stein-ubuntu_bionic
52 heat_api: docker.io/openstackhelm/heat:stein-ubuntu_bionic
53 heat_cfn: docker.io/openstackhelm/heat:stein-ubuntu_bionic
54 heat_cloudwatch: docker.io/openstackhelm/heat:stein-ubuntu_bionic
55 heat_engine: docker.io/openstackhelm/heat:stein-ubuntu_bionic
56 heat_engine_cleaner: docker.io/openstackhelm/heat:stein-ubuntu_bionic
57 heat_purge_deleted: docker.io/openstackhelm/heat:stein-ubuntu_bionic
58 dep_check: quay.io/airshipit/kubernetes-entrypoint:v1.0.0
59 image_repo_sync: docker.io/docker:17.07.0
60 pull_policy: "IfNotPresent"
61 local_registry:
62 active: false
63 exclude:
64 - dep_check
65 - image_repo_sync
66
67jobs:
68 engine_cleaner:
69 cron: "*/5 * * * *"
70 starting_deadline: 600
71 history:
72 success: 3
73 failed: 1
74
75 purge_deleted:
76 cron: "20 */24 * * *"
77 purge_age: 60
78 history:
79 success: 3
80 failed: 1
81
82conf:
83 rally_tests:
84 run_tempest: false
85 tests:
86 HeatStacks.create_update_delete_stack:
87 - args:
88 template_path: /tmp/rally-jobs/random_strings.yaml
89 updated_template_path: /tmp/rally-jobs/updated_random_strings_replace.yaml
90 runner:
91 concurrency: 1
92 times: 1
93 type: constant
94 sla:
95 failure_rate:
96 max: 0
97 HeatStacks.create_check_delete_stack:
98 - args:
99 template_path: /tmp/rally-jobs/random_strings.yaml
100 runner:
101 concurrency: 1
102 times: 1
103 type: constant
104 sla:
105 failure_rate:
106 max: 0
107 HeatStacks.create_and_delete_stack:
108 - args:
109 template_path: /tmp/rally-jobs/resource_group_with_constraint.yaml
110 runner:
111 concurrency: 1
112 times: 1
113 type: constant
114 sla:
115 failure_rate:
116 max: 0
117 HeatStacks.create_and_list_stack:
118 - args:
119 template_path: /tmp/rally-jobs/default.yaml
120 runner:
121 concurrency: 1
122 times: 1
123 type: constant
124 sla:
125 failure_rate:
126 max: 0
127 HeatStacks.create_snapshot_restore_delete_stack:
128 - args:
129 template_path: /tmp/rally-jobs/random_strings.yaml
130 runner:
131 concurrency: 1
132 times: 1
133 type: constant
134 sla:
135 failure_rate:
136 max: 0
137 HeatStacks.create_stack_and_list_output:
138 - args:
139 template_path: /tmp/rally-jobs/resource_group_with_outputs.yaml
140 runner:
141 concurrency: 1
142 times: 1
143 type: constant
144 sla:
145 failure_rate:
146 max: 0
147 HeatStacks.create_stack_and_list_output_via_API:
148 - args:
149 template_path: /tmp/rally-jobs/resource_group_with_outputs.yaml
150 runner:
151 concurrency: 1
152 times: 1
153 type: constant
154 sla:
155 failure_rate:
156 max: 0
157 templates:
158 - name: /tmp/rally-jobs/default.yaml
159 template: |
160 heat_template_version: 2014-10-16
161 - name: /tmp/rally-jobs/random_strings.yaml
162 template: |
163 heat_template_version: 2014-10-16
164 description: Test template for rally create-update-delete scenario
165 resources:
166 test_string_one:
167 type: OS::Heat::RandomString
168 properties:
169 length: 20
170 test_string_two:
171 type: OS::Heat::RandomString
172 properties:
173 length: 20
174 - name: /tmp/rally-jobs/resource_group_with_constraint.yaml
175 template: |
176 heat_template_version: 2013-05-23
177 description: Template for testing caching.
178 parameters:
179 count:
180 type: number
181 default: 40
182 delay:
183 type: number
184 default: 0.1
185 resources:
186 rg:
187 type: OS::Heat::ResourceGroup
188 properties:
189 count:
190 get_param: count
191 resource_def:
192 type: OS::Heat::TestResource
193 properties:
194 constraint_prop_secs:
195 get_param: delay
196 - name: /tmp/rally-jobs/resource_group_with_outputs.yaml
197 template: |
198 heat_template_version: 2013-05-23
199 parameters:
200 attr_wait_secs:
201 type: number
202 default: 0.5
203 resources:
204 rg:
205 type: OS::Heat::ResourceGroup
206 properties:
207 count: 10
208 resource_def:
209 type: OS::Heat::TestResource
210 properties:
211 attr_wait_secs:
212 get_param: attr_wait_secs
213 outputs:
214 val1:
215 value:
216 get_attr:
217 - rg
218 - resource.0.output
219 val2:
220 value:
221 get_attr:
222 - rg
223 - resource.1.output
224 val3:
225 value:
226 get_attr:
227 - rg
228 - resource.2.output
229 val4:
230 value:
231 get_attr:
232 - rg
233 - resource.3.output
234 val5:
235 value:
236 get_attr:
237 - rg
238 - resource.4.output
239 val6:
240 value:
241 get_attr:
242 - rg
243 - resource.5.output
244 val7:
245 value:
246 get_attr:
247 - rg
248 - resource.6.output
249 val8:
250 value:
251 get_attr:
252 - rg
253 - resource.7.output
254 val9:
255 value:
256 get_attr:
257 - rg
258 - resource.8.output
259 val10:
260 value:
261 get_attr:
262 - rg
263 - resource.9.output
264 - name: /tmp/rally-jobs/updated_random_strings_replace.yaml
265 template: |
266 heat_template_version: 2014-10-16
267 description: |
268 Test template for create-update-delete-stack scenario in rally.
269 The template deletes one resource from the stack defined by
270 random-strings.yaml.template and re-creates it with the updated parameters
271 (so-called update-replace). That happens because some parameters cannot be
272 changed without resource re-creation. The template allows to measure performance
273 of update-replace operation.
274 resources:
275 test_string_one:
276 type: OS::Heat::RandomString
277 properties:
278 length: 20
279 test_string_two:
280 type: OS::Heat::RandomString
281 properties:
282 length: 40
283 paste:
284 pipeline:heat-api:
285 pipeline: cors request_id faultwrap http_proxy_to_wsgi versionnegotiation osprofiler authurl authtoken audit context apiv1app
286 pipeline:heat-api-standalone:
287 pipeline: cors request_id faultwrap http_proxy_to_wsgi versionnegotiation authurl authpassword context apiv1app
288 pipeline:heat-api-custombackend:
289 pipeline: cors request_id faultwrap versionnegotiation context custombackendauth apiv1app
290 pipeline:heat-api-cfn:
291 pipeline: cors http_proxy_to_wsgi cfnversionnegotiation osprofiler ec2authtoken authtoken audit context apicfnv1app
292 pipeline:heat-api-cfn-standalone:
293 pipeline: cors http_proxy_to_wsgi cfnversionnegotiation ec2authtoken context apicfnv1app
294 pipeline:heat-api-cloudwatch:
295 pipeline: cors versionnegotiation osprofiler ec2authtoken authtoken audit context apicwapp
296 pipeline:heat-api-cloudwatch-standalone:
297 pipeline: cors versionnegotiation ec2authtoken context apicwapp
298 app:apiv1app:
299 paste.app_factory: heat.common.wsgi:app_factory
300 heat.app_factory: heat.api.openstack.v1:API
301 app:apicfnv1app:
302 paste.app_factory: heat.common.wsgi:app_factory
303 heat.app_factory: heat.api.cfn.v1:API
304 app:apicwapp:
305 paste.app_factory: heat.common.wsgi:app_factory
306 heat.app_factory: heat.api.cloudwatch:API
307 filter:versionnegotiation:
308 paste.filter_factory: heat.common.wsgi:filter_factory
309 heat.filter_factory: heat.api.openstack:version_negotiation_filter
310 filter:cors:
311 paste.filter_factory: oslo_middleware.cors:filter_factory
312 oslo_config_project: heat
313 filter:faultwrap:
314 paste.filter_factory: heat.common.wsgi:filter_factory
315 heat.filter_factory: heat.api.openstack:faultwrap_filter
316 filter:cfnversionnegotiation:
317 paste.filter_factory: heat.common.wsgi:filter_factory
318 heat.filter_factory: heat.api.cfn:version_negotiation_filter
319 filter:cwversionnegotiation:
320 paste.filter_factory: heat.common.wsgi:filter_factory
321 heat.filter_factory: heat.api.cloudwatch:version_negotiation_filter
322 filter:context:
323 paste.filter_factory: heat.common.context:ContextMiddleware_filter_factory
324 filter:ec2authtoken:
325 paste.filter_factory: heat.api.aws.ec2token:EC2Token_filter_factory
326 filter:http_proxy_to_wsgi:
327 paste.filter_factory: oslo_middleware:HTTPProxyToWSGI.factory
328 filter:authurl:
329 paste.filter_factory: heat.common.auth_url:filter_factory
330 filter:authtoken:
331 paste.filter_factory: keystonemiddleware.auth_token:filter_factory
332 filter:authpassword:
333 paste.filter_factory: heat.common.auth_password:filter_factory
334 filter:custombackendauth:
335 paste.filter_factory: heat.common.custom_backend_auth:filter_factory
336 filter:audit:
337 paste.filter_factory: keystonemiddleware.audit:filter_factory
338 audit_map_file: /etc/heat/api_audit_map.conf
339 filter:request_id:
340 paste.filter_factory: oslo_middleware.request_id:RequestId.factory
341 filter:osprofiler:
342 paste.filter_factory: osprofiler.web:WsgiMiddleware.factory
Mohammed Naserbcdd25c2023-01-18 03:38:47 +0000[diff] [blame]343 policy: {}
Mohammed Naserf3f59a72023-01-15 21:02:04 -0500[diff] [blame]344 heat:
345 DEFAULT:
346 log_config_append: /etc/heat/logging.conf
347 num_engine_workers: 1
348 trusts_delegated_roles: ""
349 host: heat-engine
350 keystone_authtoken:
351 auth_type: password
352 auth_version: v3
353 memcache_security_strategy: ENCRYPT
354 database:
355 max_retries: -1
356 trustee:
357 auth_type: password
358 auth_version: v3
359 heat_api:
360 # NOTE(portdirect): the bind port should not be defined, and is manipulated
361 # via the endpoints section.
362 bind_port: null
363 workers: 1
364 heat_api_cloudwatch:
365 # NOTE(portdirect): the bind port should not be defined, and is manipulated
366 # via the endpoints section.
367 bind_port: null
368 workers: 1
369 heat_api_cfn:
370 # NOTE(portdirect): the bind port should not be defined, and is manipulated
371 # via the endpoints section.
372 bind_port: null
373 workers: 1
374 paste_deploy:
375 api_paste_config: /etc/heat/api-paste.ini
376 clients:
377 endpoint_type: internalURL
378 clients_heat:
379 endpoint_type: publicURL
380 clients_keystone:
381 endpoint_type: internalURL
382 oslo_messaging_notifications:
383 driver: messagingv2
384 oslo_middleware:
385 enable_proxy_headers_parsing: true
386 oslo_messaging_rabbit:
387 rabbit_ha_queues: True
388 oslo_policy:
389 policy_file: /etc/heat/policy.yaml
390 api_audit_map:
391 DEFAULT:
392 target_endpoint_type: None
393 path_keywords:
394 stacks: stack
395 resources: resource
396 preview: None
397 detail: None
398 abandon: None
399 snapshots: snapshot
400 restore: None
401 outputs: output
402 metadata: server
403 signal: None
404 events: event
405 template: None
406 template_versions: template_version
407 functions: None
408 validate: None
409 resource_types: resource_type
410 build_info: None
411 actions: None
412 software_configs: software_config
413 software_deployments: software_deployment
414 services: None
415 service_endpoints:
416 orchestration:service/orchestration
417 logging:
418 loggers:
419 keys:
420 - root
421 - heat
422 handlers:
423 keys:
424 - stdout
425 - stderr
426 - "null"
427 formatters:
428 keys:
429 - context
430 - default
431 logger_root:
432 level: WARNING
433 handlers: 'null'
434 logger_heat:
435 level: INFO
436 handlers:
437 - stdout
438 qualname: heat
439 logger_amqp:
440 level: WARNING
441 handlers: stderr
442 qualname: amqp
443 logger_amqplib:
444 level: WARNING
445 handlers: stderr
446 qualname: amqplib
447 logger_eventletwsgi:
448 level: WARNING
449 handlers: stderr
450 qualname: eventlet.wsgi.server
451 logger_sqlalchemy:
452 level: WARNING
453 handlers: stderr
454 qualname: sqlalchemy
455 logger_boto:
456 level: WARNING
457 handlers: stderr
458 qualname: boto
459 handler_null:
460 class: logging.NullHandler
461 formatter: default
462 args: ()
463 handler_stdout:
464 class: StreamHandler
465 args: (sys.stdout,)
466 formatter: context
467 handler_stderr:
468 class: StreamHandler
469 args: (sys.stderr,)
470 formatter: context
471 formatter_context:
472 class: oslo_log.formatters.ContextFormatter
473 datefmt: "%Y-%m-%d %H:%M:%S"
474 formatter_default:
475 format: "%(message)s"
476 datefmt: "%Y-%m-%d %H:%M:%S"
477
478 rabbitmq:
479 # NOTE(rk760n): adding rmq policy to mirror messages from notification queues and set expiration time for the ones
480 policies:
481 - vhost: "heat"
482 name: "ha_ttl_heat"
483 definition:
484 # mirror messges to other nodes in rmq cluster
485 ha-mode: "all"
486 ha-sync-mode: "automatic"
487 # 70s
488 message-ttl: 70000
489 priority: 0
490 apply-to: all
491 pattern: '^(?!(amq\.|reply_)).*'
492
493network:
494 api:
495 ingress:
496 public: true
497 classes:
498 namespace: "nginx"
499 cluster: "nginx-cluster"
500 annotations:
501 nginx.ingress.kubernetes.io/rewrite-target: /
502 external_policy_local: false
503 node_port:
504 enabled: false
505 port: 30004
506 cfn:
507 ingress:
508 public: true
509 classes:
510 namespace: "nginx"
511 cluster: "nginx-cluster"
512 annotations:
513 nginx.ingress.kubernetes.io/rewrite-target: /
514 node_port:
515 enabled: false
516 port: 30800
517 cloudwatch:
518 ingress:
519 public: true
520 classes:
521 namespace: "nginx"
522 cluster: "nginx-cluster"
523 annotations:
524 nginx.ingress.kubernetes.io/rewrite-target: /
525 node_port:
526 enabled: false
527 port: 30003
528
529bootstrap:
530 enabled: true
531 ks_user: admin
532 script: |
533 #NOTE(portdirect): The Orchestration service automatically assigns the
534 # 'heat_stack_user' role to users that it creates during stack deployment.
535 # By default, this role restricts API operations. To avoid conflicts, do
536 # not add this role to actual users.
537 openstack role create --or-show heat_stack_user
538
539dependencies:
540 dynamic:
541 common:
542 local_image_registry:
543 jobs:
544 - heat-image-repo-sync
545 services:
546 - endpoint: node
547 service: local_image_registry
548 static:
549 api:
550 jobs:
551 - heat-db-sync
552 - heat-rabbit-init
553 - heat-ks-user
554 - heat-trustee-ks-user
555 - heat-domain-ks-user
556 - heat-ks-endpoints
557 - heat-bootstrap
558 services:
559 - endpoint: internal
560 service: oslo_db
561 - endpoint: internal
562 service: oslo_messaging
563 - endpoint: internal
564 service: identity
565 cfn:
566 jobs:
567 - heat-db-sync
568 - heat-rabbit-init
569 - heat-ks-user
570 - heat-trustee-ks-user
571 - heat-domain-ks-user
572 - heat-ks-endpoints
573 - heat-bootstrap
574 services:
575 - endpoint: internal
576 service: oslo_db
577 - endpoint: internal
578 service: oslo_messaging
579 - endpoint: internal
580 service: identity
581 cloudwatch:
582 jobs:
583 - heat-db-sync
584 - heat-rabbit-init
585 - heat-ks-user
586 - heat-trustee-ks-user
587 - heat-domain-ks-user
588 - heat-ks-endpoints
589 - heat-bootstrap
590 services:
591 - endpoint: internal
592 service: oslo_db
593 - endpoint: internal
594 service: oslo_messaging
595 - endpoint: internal
596 service: identity
597 db_drop:
598 services:
599 - endpoint: internal
600 service: oslo_db
601 db_init:
602 services:
603 - endpoint: internal
604 service: oslo_db
605 db_sync:
606 jobs:
607 - heat-db-init
608 services:
609 - endpoint: internal
610 service: oslo_db
611 bootstrap:
612 services:
613 - endpoint: internal
614 service: identity
615 engine:
616 jobs:
617 - heat-db-sync
618 - heat-rabbit-init
619 - heat-ks-user
620 - heat-trustee-ks-user
621 - heat-domain-ks-user
622 - heat-ks-endpoints
623 - heat-bootstrap
624 services:
625 - endpoint: internal
626 service: oslo_db
627 - endpoint: internal
628 service: oslo_messaging
629 - endpoint: internal
630 service: identity
631 engine_cleaner:
632 jobs:
633 - heat-db-sync
634 - heat-ks-user
635 - heat-trustee-ks-user
636 - heat-domain-ks-user
637 - heat-ks-endpoints
638 services:
639 - endpoint: internal
640 service: oslo_db
641 - endpoint: internal
642 service: oslo_messaging
643 - endpoint: internal
644 service: identity
645 purge_deleted:
646 jobs:
647 - heat-db-sync
648 - heat-ks-user
649 - heat-trustee-ks-user
650 - heat-domain-ks-user
651 - heat-ks-endpoints
652 services:
653 - endpoint: internal
654 service: oslo_db
655 - endpoint: internal
656 service: oslo_messaging
657 - endpoint: internal
658 service: identity
659 ks_endpoints:
660 jobs:
661 - heat-ks-service
662 services:
663 - endpoint: internal
664 service: identity
665 ks_service:
666 services:
667 - endpoint: internal
668 service: identity
669 ks_user:
670 services:
671 - endpoint: internal
672 service: identity
673 rabbit_init:
674 services:
675 - endpoint: internal
676 service: oslo_messaging
677 trusts:
678 jobs:
679 - heat-ks-user
680 - heat-trustee-ks-user
681 - heat-domain-ks-user
682 services:
683 - endpoint: internal
684 service: identity
685 image_repo_sync:
686 services:
687 - endpoint: internal
688 service: local_image_registry
689 tests:
690 services:
691 - endpoint: internal
692 service: identity
693 - endpoint: internal
694 service: orchestration
695
696# Names of secrets used by bootstrap and environmental checks
697secrets:
698 identity:
699 admin: heat-keystone-admin
700 heat: heat-keystone-user
701 heat_trustee: heat-keystone-trustee
702 heat_stack_user: heat-keystone-stack-user
703 test: heat-keystone-test
704 oslo_db:
705 admin: heat-db-admin
706 heat: heat-db-user
707 oslo_messaging:
708 admin: heat-rabbitmq-admin
709 heat: heat-rabbitmq-user
710 tls:
711 orchestration:
712 api:
713 public: heat-tls-public
714 internal: heat-tls-api
715 cloudformation:
716 cfn:
717 public: cloudformation-tls-public
718 internal: heat-tls-cfn
Mohammed Naserbcdd25c2023-01-18 03:38:47 +0000[diff] [blame]719 oci_image_registry:
720 heat: heat-oci-image-registry
721
Mohammed Naserf3f59a72023-01-15 21:02:04 -0500[diff] [blame]722# typically overridden by environmental
723# values, but should include all endpoints
724# required by this chart
725endpoints:
726 cluster_domain_suffix: cluster.local
727 local_image_registry:
728 name: docker-registry
729 namespace: docker-registry
730 hosts:
731 default: localhost
732 internal: docker-registry
733 node: localhost
734 host_fqdn_override:
735 default: null
736 port:
737 registry:
738 node: 5000
Mohammed Naserbcdd25c2023-01-18 03:38:47 +0000[diff] [blame]739 oci_image_registry:
740 name: oci-image-registry
741 namespace: oci-image-registry
742 auth:
743 enabled: false
744 heat:
745 username: heat
746 password: password
747 hosts:
748 default: localhost
749 host_fqdn_override:
750 default: null
751 port:
752 registry:
753 default: null
Mohammed Naserf3f59a72023-01-15 21:02:04 -0500[diff] [blame]754 identity:
755 name: keystone
756 auth:
757 admin:
758 region_name: RegionOne
759 username: admin
760 password: password
761 project_name: admin
762 user_domain_name: default
763 project_domain_name: default
764 heat:
765 role: admin
766 region_name: RegionOne
767 username: heat
768 password: password
769 project_name: service
770 user_domain_name: service
771 project_domain_name: service
772 heat_trustee:
773 role: admin
774 region_name: RegionOne
775 username: heat-trust
776 password: password
777 project_name: service
778 user_domain_name: service
779 project_domain_name: service
780 heat_stack_user:
781 role: admin
782 region_name: RegionOne
783 username: heat-domain
784 password: password
785 domain_name: heat
786 test:
787 role: admin
788 region_name: RegionOne
789 username: heat-test
790 password: password
791 project_name: test
792 user_domain_name: service
793 project_domain_name: service
794 hosts:
795 default: keystone
796 internal: keystone-api
797 host_fqdn_override:
798 default: null
799 path:
800 default: /v3
801 scheme:
802 default: 'http'
803 port:
804 api:
805 default: 80
806 internal: 5000
807 orchestration:
808 name: heat
809 hosts:
810 default: heat-api
811 public: heat
812 host_fqdn_override:
813 default: null
814 # NOTE(portdirect): this chart supports TLS for fqdn over-ridden public
815 # endpoints using the following format:
816 # public:
817 # host: null
818 # tls:
819 # crt: null
820 # key: null
821 path:
822 default: '/v1/%(project_id)s'
823 scheme:
824 default: 'http'
Mohammed Naserbcdd25c2023-01-18 03:38:47 +0000[diff] [blame]825 service: 'http'
Mohammed Naserf3f59a72023-01-15 21:02:04 -0500[diff] [blame]826 port:
827 api:
828 default: 8004
829 public: 80
Mohammed Naserbcdd25c2023-01-18 03:38:47 +0000[diff] [blame]830 service: 8004
Mohammed Naserf3f59a72023-01-15 21:02:04 -0500[diff] [blame]831 cloudformation:
832 name: heat-cfn
833 hosts:
834 default: heat-cfn
835 public: cloudformation
836 host_fqdn_override:
837 default: null
838 # NOTE(portdirect): this chart supports TLS for fqdn over-ridden public
839 # endpoints using the following format:
840 # public:
841 # host: null
842 # tls:
843 # crt: null
844 # key: null
845 path:
846 default: /v1
847 scheme:
848 default: 'http'
Mohammed Naserbcdd25c2023-01-18 03:38:47 +0000[diff] [blame]849 service: 'http'
Mohammed Naserf3f59a72023-01-15 21:02:04 -0500[diff] [blame]850 port:
851 api:
852 default: 8000
853 public: 80
Mohammed Naserbcdd25c2023-01-18 03:38:47 +0000[diff] [blame]854 service: 8000
Mohammed Naserf3f59a72023-01-15 21:02:04 -0500[diff] [blame]855 # Cloudwatch does not get an entry in the keystone service catalog
856 cloudwatch:
857 name: heat-cloudwatch
858 hosts:
859 default: heat-cloudwatch
860 public: cloudwatch
861 host_fqdn_override:
862 default: null
863 path:
864 default: null
865 type: null
866 scheme:
867 default: 'http'
Mohammed Naserbcdd25c2023-01-18 03:38:47 +0000[diff] [blame]868 service: 'http'
Mohammed Naserf3f59a72023-01-15 21:02:04 -0500[diff] [blame]869 port:
870 api:
871 default: 8003
872 public: 80
Mohammed Naserbcdd25c2023-01-18 03:38:47 +0000[diff] [blame]873 service: 8003
Mohammed Naserf3f59a72023-01-15 21:02:04 -0500[diff] [blame]874 oslo_db:
875 auth:
876 admin:
877 username: root
878 password: password
879 secret:
880 tls:
881 internal: mariadb-tls-direct
882 heat:
883 username: heat
884 password: password
885 hosts:
886 default: mariadb
887 host_fqdn_override:
888 default: null
889 path: /heat
890 scheme: mysql+pymysql
891 port:
892 mysql:
893 default: 3306
894 oslo_cache:
895 auth:
896 # NOTE(portdirect): this is used to define the value for keystone
897 # authtoken cache encryption key, if not set it will be populated
898 # automatically with a random value, but to take advantage of
899 # this feature all services should be set to use the same key,
900 # and memcache service.
901 memcache_secret_key: null
902 hosts:
903 default: memcached
904 host_fqdn_override:
905 default: null
906 port:
907 memcache:
908 default: 11211
909 oslo_messaging:
910 auth:
911 admin:
912 username: rabbitmq
913 password: password
914 secret:
915 tls:
916 internal: rabbitmq-tls-direct
917 heat:
918 username: heat
919 password: password
920 statefulset:
921 replicas: 2
922 name: rabbitmq-rabbitmq
923 hosts:
924 default: rabbitmq
925 host_fqdn_override:
926 default: null
927 path: /heat
928 scheme: rabbit
929 port:
930 amqp:
931 default: 5672
932 http:
933 default: 15672
934 fluentd:
935 namespace: null
936 name: fluentd
937 hosts:
938 default: fluentd-logging
939 host_fqdn_override:
940 default: null
941 path:
942 default: null
943 scheme: 'http'
944 port:
945 service:
946 default: 24224
947 metrics:
948 default: 24220
949 # NOTE(tp6510): these endpoints allow for things like DNS lookups and ingress
950 # They are using to enable the Egress K8s network policy.
951 kube_dns:
952 namespace: kube-system
953 name: kubernetes-dns
954 hosts:
955 default: kube-dns
956 host_fqdn_override:
957 default: null
958 path:
959 default: null
960 scheme: http
961 port:
962 dns:
963 default: 53
964 protocol: UDP
965 ingress:
966 namespace: null
967 name: ingress
968 hosts:
969 default: ingress
970 port:
971 ingress:
972 default: 80
973
974pod:
975 security_context:
976 heat:
977 pod:
978 runAsUser: 42424
979 container:
980 heat_api:
981 readOnlyRootFilesystem: true
982 allowPrivilegeEscalation: false
983 heat_cfn:
984 readOnlyRootFilesystem: true
985 allowPrivilegeEscalation: false
986 heat_cloudwatch:
987 readOnlyRootFilesystem: true
988 allowPrivilegeEscalation: false
989 heat_engine:
990 readOnlyRootFilesystem: true
991 allowPrivilegeEscalation: false
992 trusts:
993 pod:
994 runAsUser: 42424
995 container:
996 heat_trusts:
997 readOnlyRootFilesystem: true
998 allowPrivilegeEscalation: false
999 ks_user:
1000 pod:
1001 runAsUser: 42424
1002 container:
1003 heat_ks_domain_user:
1004 readOnlyRootFilesystem: true
1005 allowPrivilegeEscalation: false
1006 engine_cleaner:
1007 pod:
1008 runAsUser: 42424
1009 container:
1010 heat_engine_cleaner:
1011 readOnlyRootFilesystem: true
1012 allowPrivilegeEscalation: false
1013 affinity:
1014 anti:
1015 type:
1016 default: preferredDuringSchedulingIgnoredDuringExecution
1017 topologyKey:
1018 default: kubernetes.io/hostname
1019 weight:
1020 default: 10
Mohammed Naserbcdd25c2023-01-18 03:38:47 +0000[diff] [blame]1021 tolerations:
1022 heat:
1023 enabled: false
1024 tolerations:
1025 - key: node-role.kubernetes.io/master
1026 operator: Exists
1027 effect: NoSchedule
Mohammed Naserf3f59a72023-01-15 21:02:04 -0500[diff] [blame]1028 mounts:
1029 heat_api:
1030 init_container: null
1031 heat_api:
1032 volumeMounts:
1033 volumes:
1034 heat_cfn:
1035 init_container: null
1036 heat_cfn:
1037 volumeMounts:
1038 volumes:
1039 heat_cloudwatch:
1040 init_container: null
1041 heat_cloudwatch:
1042 volumeMounts:
1043 volumes:
1044 heat_engine:
1045 init_container: null
1046 heat_engine:
1047 volumeMounts:
1048 volumes:
1049 heat_bootstrap:
1050 init_container: null
1051 heat_bootstrap:
1052 volumeMounts:
1053 volumes:
1054 heat_trusts:
1055 init_container: null
1056 heat_trusts:
1057 volumeMounts:
1058 volumes:
1059 heat_engine_cleaner:
1060 init_container: null
1061 heat_engine_cleaner:
1062 volumeMounts:
1063 volumes:
1064 heat_purge_deleted:
1065 init_container: null
1066 heat_purge_deleted:
1067 volumeMounts:
1068 volumes:
1069 heat_tests:
1070 init_container: null
1071 heat_tests:
1072 volumeMounts:
1073 volumes:
1074 heat_db_sync:
1075 heat_db_sync:
1076 volumeMounts:
1077 volumes:
1078 replicas:
1079 api: 1
1080 cfn: 1
1081 cloudwatch: 1
1082 engine: 1
1083 lifecycle:
1084 upgrades:
1085 deployments:
1086 revision_history: 3
1087 pod_replacement_strategy: RollingUpdate
1088 rolling_update:
1089 max_unavailable: 1
1090 max_surge: 3
1091 disruption_budget:
1092 api:
1093 min_available: 0
1094 cfn:
1095 min_available: 0
1096 cloudwatch:
1097 min_available: 0
1098 termination_grace_period:
1099 api:
1100 timeout: 30
1101 cfn:
1102 timeout: 30
1103 cloudwatch:
1104 timeout: 30
1105 engine:
1106 timeout: 30
1107 resources:
1108 enabled: false
1109 api:
1110 requests:
1111 memory: "128Mi"
1112 cpu: "100m"
1113 limits:
1114 memory: "1024Mi"
1115 cpu: "2000m"
1116 cfn:
1117 requests:
1118 memory: "128Mi"
1119 cpu: "100m"
1120 limits:
1121 memory: "1024Mi"
1122 cpu: "2000m"
1123 cloudwatch:
1124 requests:
1125 memory: "128Mi"
1126 cpu: "100m"
1127 limits:
1128 memory: "1024Mi"
1129 cpu: "2000m"
1130 engine:
1131 requests:
1132 memory: "128Mi"
1133 cpu: "100m"
1134 limits:
1135 memory: "1024Mi"
1136 cpu: "2000m"
1137 jobs:
1138 bootstrap:
1139 requests:
1140 memory: "128Mi"
1141 cpu: "100m"
1142 limits:
1143 memory: "1024Mi"
1144 cpu: "2000m"
1145 db_init:
1146 requests:
1147 memory: "128Mi"
1148 cpu: "100m"
1149 limits:
1150 memory: "1024Mi"
1151 cpu: "2000m"
1152 db_sync:
1153 requests:
1154 memory: "128Mi"
1155 cpu: "100m"
1156 limits:
1157 memory: "1024Mi"
1158 cpu: "2000m"
1159 db_drop:
1160 requests:
1161 memory: "128Mi"
1162 cpu: "100m"
1163 limits:
1164 memory: "1024Mi"
1165 cpu: "2000m"
1166 ks_endpoints:
1167 requests:
1168 memory: "128Mi"
1169 cpu: "100m"
1170 limits:
1171 memory: "1024Mi"
1172 cpu: "2000m"
1173 ks_service:
1174 requests:
1175 memory: "128Mi"
1176 cpu: "100m"
1177 limits:
1178 memory: "1024Mi"
1179 cpu: "2000m"
1180 ks_user:
1181 requests:
1182 memory: "128Mi"
1183 cpu: "100m"
1184 limits:
1185 memory: "1024Mi"
1186 cpu: "2000m"
1187 rabbit_init:
1188 requests:
1189 memory: "128Mi"
1190 cpu: "100m"
1191 limits:
1192 memory: "1024Mi"
1193 cpu: "2000m"
1194 tests:
1195 requests:
1196 memory: "128Mi"
1197 cpu: "100m"
1198 limits:
1199 memory: "1024Mi"
1200 cpu: "2000m"
1201 trusts:
1202 requests:
1203 memory: "128Mi"
1204 cpu: "100m"
1205 limits:
1206 memory: "1024Mi"
1207 cpu: "2000m"
1208 engine_cleaner:
1209 requests:
1210 memory: "128Mi"
1211 cpu: "100m"
1212 limits:
1213 memory: "1024Mi"
1214 cpu: "2000m"
1215 purge_deleted:
1216 requests:
1217 memory: "124Mi"
1218 cpu: "100m"
1219 limits:
1220 memory: "1024Mi"
1221 cpu: "2000m"
1222 image_repo_sync:
1223 requests:
1224 memory: "128Mi"
1225 cpu: "100m"
1226 limits:
1227 memory: "1024Mi"
1228 cpu: "2000m"
1229
1230network_policy:
1231 heat:
1232 ingress:
1233 - {}
1234 egress:
1235 - {}
1236
1237# NOTE(helm_hook): helm_hook might break for helm2 binary.
1238# set helm3_hook: false when using the helm2 binary.
1239helm3_hook: true
1240
Mohammed Naserbcdd25c2023-01-18 03:38:47 +0000[diff] [blame]1241tls:
1242 identity: false
1243 oslo_messaging: false
1244 oslo_db: false
1245
Mohammed Naserf3f59a72023-01-15 21:02:04 -0500[diff] [blame]1246manifests:
1247 certificates: false
1248 configmap_bin: true
1249 configmap_etc: true
1250 cron_job_engine_cleaner: true
1251 cron_job_purge_deleted: true
1252 deployment_api: true
1253 deployment_cfn: true
1254 deployment_cloudwatch: false
1255 deployment_engine: true
1256 ingress_api: true
1257 ingress_cfn: true
1258 ingress_cloudwatch: false
1259 job_bootstrap: true
1260 job_db_init: true
1261 job_db_sync: true
1262 job_db_drop: false
1263 job_image_repo_sync: true
1264 job_ks_endpoints: true
1265 job_ks_service: true
1266 job_ks_user_domain: true
1267 job_ks_user_trustee: true
1268 job_ks_user: true
1269 job_rabbit_init: true
1270 pdb_api: true
1271 pdb_cfn: true
1272 pdb_cloudwatch: false
1273 pod_rally_test: true
1274 network_policy: false
1275 secret_db: true
1276 secret_ingress_tls: true
1277 secret_keystone: true
1278 secret_rabbitmq: true
Mohammed Naserbcdd25c2023-01-18 03:38:47 +0000[diff] [blame]1279 secret_registry: true
Mohammed Naserf3f59a72023-01-15 21:02:04 -0500[diff] [blame]1280 service_api: true
1281 service_cfn: true
1282 service_cloudwatch: false
1283 service_ingress_api: true
1284 service_ingress_cfn: true
1285 service_ingress_cloudwatch: false
1286 statefulset_engine: false
1287...