Gitiles
Code Review Sign In
review.vexxhost.dev / atmosphere / refs/heads/stable/2023.1 / . / charts / ironic / values.yaml
blob: a94bc3f23cd6a1d752af7176ce64a9b7d9a6e744 [file] [log] [blame]
Yaguang Tang9c139d72024-07-31 21:52:52 +0800[diff] [blame]1# Licensed under the Apache License, Version 2.0 (the "License");
2# you may not use this file except in compliance with the License.
3# You may obtain a copy of the License at
4#
5# http://www.apache.org/licenses/LICENSE-2.0
6#
7# Unless required by applicable law or agreed to in writing, software
8# distributed under the License is distributed on an "AS IS" BASIS,
9# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
10# See the License for the specific language governing permissions and
11# limitations under the License.
12
13# Default values for ironic.
14# This is a YAML-formatted file.
15# Declare name/value pairs to be passed into your templates.
16# name: value
17
18---
19release_group: null
20
21helm3_hook: true
22
23labels:
24 api:
25 node_selector_key: openstack-control-plane
26 node_selector_value: enabled
27 conductor:
28 node_selector_key: openstack-control-plane
29 node_selector_value: enabled
30 job:
31 node_selector_key: openstack-control-plane
32 node_selector_value: enabled
33
34images:
35 tags:
36 ironic_manage_cleaning_network: docker.io/openstackhelm/heat:2024.1-ubuntu_jammy
37 ironic_retrive_cleaning_network: docker.io/openstackhelm/heat:2024.1-ubuntu_jammy
38 ironic_retrive_swift_config: docker.io/openstackhelm/heat:2024.1-ubuntu_jammy
39 # Bootstrap image requires curl
40 bootstrap: docker.io/openstackhelm/heat:2024.1-ubuntu_jammy
41 db_drop: docker.io/openstackhelm/heat:2024.1-ubuntu_jammy
42 db_init: docker.io/openstackhelm/heat:2024.1-ubuntu_jammy
43 ironic_db_sync: docker.io/openstackhelm/ironic:2024.1-ubuntu_jammy
44 ks_user: docker.io/openstackhelm/heat:2024.1-ubuntu_jammy
45 ks_service: docker.io/openstackhelm/heat:2024.1-ubuntu_jammy
46 ks_endpoints: docker.io/openstackhelm/heat:2024.1-ubuntu_jammy
47 rabbit_init: docker.io/rabbitmq:3.13-management
48 ironic_api: docker.io/openstackhelm/ironic:2024.1-ubuntu_jammy
49 ironic_conductor: docker.io/openstackhelm/ironic:2024.1-ubuntu_jammy
50 ironic_pxe: docker.io/openstackhelm/ironic:2024.1-ubuntu_jammy
51 ironic_pxe_init: docker.io/openstackhelm/ironic:2024.1-ubuntu_jammy
52 ironic_pxe_http: docker.io/nginx:1.13.3
Oleksandr K.17d9d8d2024-08-10 08:17:05 +0200[diff] [blame]53 dep_check: quay.io/airshipit/kubernetes-entrypoint:latest-ubuntu_focal
Yaguang Tang9c139d72024-07-31 21:52:52 +0800[diff] [blame]54 image_repo_sync: docker.io/docker:17.07.0
55 pull_policy: "IfNotPresent"
56 local_registry:
57 active: false
58 exclude:
59 - dep_check
60 - image_repo_sync
61
62conf:
63 paste:
64 override:
65 append:
66 policy: {}
67 tftp_map_file: |
68 re ^(/tftpboot/) /tftpboot/\2
69 re ^/tftpboot/ /tftpboot/
70 re ^(^/) /tftpboot/\1
71 re ^([^/]) /tftpboot/\1
72 nginx: |
73 user nginx;
74 worker_processes 1;
75 error_log /var/log/nginx/error.log warn;
76 pid /var/run/nginx.pid;
77 events {
78 worker_connections 1024;
79 }
80 http {
81 include /etc/nginx/mime.types;
82 default_type application/octet-stream;
83 log_format main '$remote_addr - $remote_user [$time_local] "$request" '
84 '$status $body_bytes_sent "$http_referer" '
85 '"$http_user_agent" "$http_x_forwarded_for"';
86 access_log /var/log/nginx/access.log main;
87 sendfile on;
88 #tcp_nopush on;
89 keepalive_timeout 65;
90 #gzip on;
91 server {
92 listen OSH_PXE_IP:{{ tuple "baremetal" "internal" "pxe_http" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }};
93 server_name localhost;
94 #charset koi8-r;
95 #access_log /var/log/nginx/host.access.log main;
96 location / {
97 root /var/lib/openstack-helm/httpboot;
98 }
99 }
100 }
101 ironic:
102 DEFAULT:
103 log_config_append: /etc/ironic/logging.conf
104 api:
105 port: null
106 conductor:
107 api_url: null
108 database:
109 connection: null
110 deploy:
111 http_root: /var/lib/openstack-helm/httpboot
112 glance:
113 auth_type: password
114 swift_temp_url_duration: 86400
115 temp_url_endpoint_type: swift
116 swift_container: glance
117 swift_api_version: v1
118 auth_section: glance
119 inspector:
120 auth_type: password
121 keystone_authtoken:
Oleksandr K.17d9d8d2024-08-10 08:17:05 +0200[diff] [blame]122 service_token_roles: service
123 service_token_roles_required: true
Yaguang Tang9c139d72024-07-31 21:52:52 +0800[diff] [blame]124 auth_type: password
125 auth_version: v3
126 neutron:
127 auth_type: password
128 pxe:
129 pxe_append_params: "nofb nomodeset vga=normal ipa-debug=1"
130 images_path: /var/lib/openstack-helm/ironic/images
131 instance_master_path: /var/lib/openstack-helm/ironic/master_images
132 pxe_config_template: $pybasedir/drivers/modules/ipxe_config.template
133 uefi_pxe_config_template: $pybasedir/drivers/modules/ipxe_config.template
134 tftp_root: /var/lib/openstack-helm/tftpboot
135 tftp_master_path: /var/lib/openstack-helm/tftpboot/master_images
136 pxe_bootfile_name: undionly.kpxe
137 uefi_pxe_bootfile_name: ipxe.efi
138 ipxe_enabled: true
139 service_catalog:
140 auth_type: password
Oleksandr K.17d9d8d2024-08-10 08:17:05 +0200[diff] [blame]141 service_user:
142 auth_type: password
143 send_service_user_token: true
Yaguang Tang9c139d72024-07-31 21:52:52 +0800[diff] [blame]144 swift:
145 auth_url: null
146 oslo_policy:
147 policy_file: /etc/ironic/policy.yaml
148 logging:
149 loggers:
150 keys:
151 - root
152 - ironic
153 handlers:
154 keys:
155 - stdout
156 - stderr
157 - "null"
158 formatters:
159 keys:
160 - context
161 - default
162 logger_root:
163 level: WARNING
164 handlers: 'null'
165 logger_ironic:
166 level: INFO
167 handlers:
168 - stdout
169 qualname: ironic
170 logger_amqp:
171 level: WARNING
172 handlers: stderr
173 qualname: amqp
174 logger_amqplib:
175 level: WARNING
176 handlers: stderr
177 qualname: amqplib
178 logger_eventletwsgi:
179 level: WARNING
180 handlers: stderr
181 qualname: eventlet.wsgi.server
182 logger_sqlalchemy:
183 level: WARNING
184 handlers: stderr
185 qualname: sqlalchemy
186 logger_boto:
187 level: WARNING
188 handlers: stderr
189 qualname: boto
190 handler_null:
191 class: logging.NullHandler
192 formatter: default
193 args: ()
194 handler_stdout:
195 class: StreamHandler
196 args: (sys.stdout,)
197 formatter: context
198 handler_stderr:
199 class: StreamHandler
200 args: (sys.stderr,)
201 formatter: context
202 formatter_context:
203 class: oslo_log.formatters.ContextFormatter
204 datefmt: "%Y-%m-%d %H:%M:%S"
205 formatter_default:
206 format: "%(message)s"
207 datefmt: "%Y-%m-%d %H:%M:%S"
208
Oleksandr K.17d9d8d2024-08-10 08:17:05 +0200[diff] [blame]209conductor:
210 http:
211 enabled: true
212 init_script: |
213 #!/bin/bash
214 set -ex
215 if [ "x" == "x${PROVISIONER_INTERFACE}" ]; then
216 echo "Provisioner interface is not set"
217 exit 1
218 fi
219
220 function net_pxe_addr {
221 ip addr | awk "/inet / && /${PROVISIONER_INTERFACE}/{print \$2; exit }"
222 }
223 function net_pxe_ip {
224 echo $(net_pxe_addr) | awk -F '/' '{ print $1; exit }'
225 }
226 PXE_IP=$(net_pxe_ip)
227
228 if [ "x" == "x${PXE_IP}" ]; then
229 echo "Could not find IP for pxe to bind to"
230 exit 1
231 fi
232
233 sed "s|OSH_PXE_IP|${PXE_IP}|g" /etc/nginx/nginx.conf > /tmp/pod-shared/nginx.conf
234 script: |
235 #!/bin/bash
236 set -ex
237 mkdir -p /var/lib/openstack-helm/httpboot
238 cp -v /tmp/pod-shared/nginx.conf /etc/nginx/nginx.conf
239 exec nginx -g 'daemon off;'
240 pxe:
241 enabled: true
242 init_script: |
243 #!/bin/bash
244 set -ex
245 # default to Ubuntu path
246 FILEPATH=${FILEPATH:-/usr/lib/ipxe}
247
248 mkdir -p /var/lib/openstack-helm/tftpboot
249 mkdir -p /var/lib/openstack-helm/tftpboot/master_images
250
251 for FILE in undionly.kpxe ipxe.efi pxelinux.0 snponly.efi; do
252 # copy in default file
253 if [ -f $FILEPATH/$FILE ]; then
254 cp -v $FILEPATH/$FILE /var/lib/openstack-helm/tftpboot
255 fi
256
257 done
258 script: |
259 #!/bin/bash
260 set -ex
261 function net_pxe_addr {
262 ip addr | awk "/inet / && /${PROVISIONER_INTERFACE}/{print \$2; exit }"
263 }
264 function net_pxe_ip {
265 echo $(net_pxe_addr) | awk -F '/' '{ print $1; exit }'
266 }
267 PXE_IP=$(net_pxe_ip)
268
269 if [ "x" == "x${PXE_IP}" ]; then
270 echo "Could not find IP for pxe to bind to"
271 exit 1
272 fi
273
274 ln -s /var/lib/openstack-helm/tftpboot /tftpboot
275 exec /usr/sbin/in.tftpd \
276 --verbose \
277 --foreground \
278 --user root \
279 --address ${PXE_IP}:69 \
280 --map-file /tftp-map-file /tftpboot
281
Yaguang Tang9c139d72024-07-31 21:52:52 +0800[diff] [blame]282network:
283 pxe:
284 device: ironic-pxe
285 neutron_network_name: baremetal
286 neutron_subnet_name: baremetal
287 neutron_provider_network: ironic
288 neutron_subnet_gateway: 172.24.6.1/24
289 neutron_subnet_cidr: 172.24.6.0/24
290 neutron_subnet_alloc_start: 172.24.6.100
291 neutron_subnet_alloc_end: 172.24.6.200
292 neutron_subnet_dns_nameserver: 10.96.0.10
293 api:
294 ingress:
295 public: true
296 classes:
297 namespace: "nginx"
298 cluster: "nginx-cluster"
299 annotations:
300 nginx.ingress.kubernetes.io/rewrite-target: /
301 node_port:
302 enabled: false
303 port: 30511
304
305bootstrap:
306 image:
307 enabled: true
308 openstack:
309 enabled: true
310 ks_user: ironic
311 # NOTE: if source_base is null the source will be used as is
312 source_base: http://tarballs.openstack.org/ironic-python-agent/tinyipa/files
313 structured:
314 ironic-agent.initramfs:
315 source: tinyipa-stable-wallaby.gz
316 disk_format: ari
317 container_format: ari
318 ironic-agent.kernel:
319 source: tinyipa-stable-wallaby.vmlinuz
320 disk_format: aki
321 container_format: aki
322 network:
323 enabled: true
324 openstack:
325 enabled: true
326 object_store:
327 enabled: true
328 openstack:
329 enabled: true
330
331dependencies:
332 dynamic:
333 common:
334 local_image_registry:
335 jobs:
336 - ironic-image-repo-sync
337 services:
338 - endpoint: node
339 service: local_image_registry
340 static:
341 api:
342 jobs:
343 - ironic-db-sync
344 - ironic-ks-user
345 - ironic-ks-endpoints
346 - ironic-manage-cleaning-network
347 - ironic-rabbit-init
348 services:
349 - endpoint: internal
350 service: oslo_db
351 - endpoint: internal
352 service: identity
353 - endpoint: internal
354 service: oslo_messaging
355 bootstrap:
356 jobs: null
357 services:
358 - endpoint: internal
359 service: identity
360 - endpoint: internal
361 service: image
362 - endpoint: internal
363 service: baremetal
364 conductor:
365 jobs:
366 - ironic-db-sync
367 - ironic-ks-user
368 - ironic-ks-endpoints
369 - ironic-manage-cleaning-network
370 - ironic-rabbit-init
371 services:
372 - endpoint: internal
373 service: oslo_db
374 - endpoint: internal
375 service: identity
376 - endpoint: internal
377 service: baremetal
378 - endpoint: internal
379 service: oslo_messaging
380 db_drop:
381 services:
382 - endpoint: internal
383 service: oslo_db
384 db_init:
385 services:
386 - endpoint: internal
387 service: oslo_db
388 db_sync:
389 jobs:
390 - ironic-db-init
391 services:
392 - endpoint: internal
393 service: oslo_db
394 ks_endpoints:
395 jobs:
396 - ironic-ks-service
397 services:
398 - endpoint: internal
399 service: identity
400 ks_service:
401 services:
402 - endpoint: internal
403 service: identity
404 ks_user:
405 services:
406 - endpoint: internal
407 service: identity
408 rabbit_init:
409 services:
410 - endpoint: internal
411 service: oslo_messaging
412 manage_cleaning_network:
413 services:
414 - endpoint: internal
415 service: network
416 image_repo_sync:
417 services:
418 - endpoint: internal
419 service: local_image_registry
420
421# Names of secrets used by bootstrap and environmental checks
422secrets:
423 identity:
424 admin: ironic-keystone-admin
425 ironic: ironic-keystone-user
426 glance: ironic-glance-keystone-user
427 oslo_db:
428 admin: ironic-db-admin
429 ironic: ironic-db-user
430 oslo_messaging:
431 admin: ironic-rabbitmq-admin
432 ironic: ironic-rabbitmq-user
433 oci_image_registry:
434 ironic: ironic-oci-image-registry
435
436# typically overridden by environmental
437# values, but should include all endpoints
438# required by this chart
439endpoints:
440 cluster_domain_suffix: cluster.local
441 local_image_registry:
442 name: docker-registry
443 namespace: docker-registry
444 hosts:
445 default: localhost
446 internal: docker-registry
447 node: localhost
448 host_fqdn_override:
449 default: null
450 port:
451 registry:
452 node: 5000
453 oci_image_registry:
454 name: oci-image-registry
455 namespace: oci-image-registry
456 auth:
457 enabled: false
458 ironic:
459 username: ironic
460 password: password
461 hosts:
462 default: localhost
463 host_fqdn_override:
464 default: null
465 port:
466 registry:
467 default: null
468 identity:
469 name: keystone
470 auth:
471 admin:
472 region_name: RegionOne
473 username: admin
474 password: password
475 project_name: admin
476 user_domain_name: default
477 project_domain_name: default
478 glance:
Oleksandr K.17d9d8d2024-08-10 08:17:05 +0200[diff] [blame]479 role: admin,service
Yaguang Tang9c139d72024-07-31 21:52:52 +0800[diff] [blame]480 region_name: RegionOne
481 username: glance
482 password: password
483 project_name: service
484 user_domain_name: service
485 project_domain_name: service
486 ironic:
487 role: admin,service
488 region_name: RegionOne
489 username: ironic
490 password: password
491 project_name: service
492 user_domain_name: service
493 project_domain_name: service
494 hosts:
495 default: keystone
496 internal: keystone-api
497 host_fqdn_override:
498 default: null
499 path:
500 default: /v3
501 scheme:
502 default: http
503 port:
504 api:
505 default: 80
506 internal: 5000
507 baremetal:
508 name: ironic
509 hosts:
510 default: ironic-api
511 public: ironic
512 host_fqdn_override:
513 default: null
514 path:
515 default: null
516 scheme:
517 default: http
518 port:
519 api:
520 default: 6385
521 public: 80
522 pxe_http:
523 default: 8080
524 image:
525 name: glance
526 hosts:
527 default: glance-api
528 public: glance
529 host_fqdn_override:
530 default: null
531 path:
532 default: null
533 scheme:
534 default: http
535 port:
536 api:
537 default: 9292
538 public: 80
539 oslo_db:
540 auth:
541 admin:
542 username: root
543 password: password
544 ironic:
545 username: ironic
546 password: password
547 hosts:
548 default: mariadb
549 host_fqdn_override:
550 default: null
551 path: /ironic
552 scheme: mysql+pymysql
553 port:
554 mysql:
555 default: 3306
556 oslo_cache:
557 auth:
558 # NOTE(portdirect): this is used to define the value for keystone
559 # authtoken cache encryption key, if not set it will be populated
560 # automatically with a random value, but to take advantage of
561 # this feature all services should be set to use the same key,
562 # and memcache service.
563 memcache_secret_key: null
564 hosts:
565 default: memcached
566 host_fqdn_override:
567 default: null
568 port:
569 memcache:
570 default: 11211
571 oslo_messaging:
572 auth:
573 admin:
574 username: rabbitmq
575 password: password
576 ironic:
577 username: ironic
578 password: password
579 statefulset:
580 replicas: 2
581 name: rabbitmq-rabbitmq
582 hosts:
583 default: rabbitmq
584 host_fqdn_override:
585 default: null
586 path: /ironic
587 scheme: rabbit
588 port:
589 amqp:
590 default: 5672
591 http:
592 default: 15672
593 network:
594 name: neutron
595 hosts:
596 default: neutron-server
597 public: neutron
598 host_fqdn_override:
599 default: null
600 path:
601 default: null
602 scheme:
603 default: 'http'
604 port:
605 api:
606 default: 9696
607 public: 80
608 object_store:
609 name: swift
610 namespace: ceph
611 auth:
612 glance:
613 tmpurlkey: supersecret
614 hosts:
615 default: ceph-rgw
616 host_fqdn_override:
617 default: null
618 path:
619 default: /swift/v1/KEY_$(tenant_id)s
620 scheme:
621 default: http
622 port:
623 api:
624 default: 8088
625 fluentd:
626 namespace: null
627 name: fluentd
628 hosts:
629 default: fluentd-logging
630 host_fqdn_override:
631 default: null
632 path:
633 default: null
634 scheme: 'http'
635 port:
636 service:
637 default: 24224
638 metrics:
639 default: 24220
640
641pod:
642 affinity:
643 anti:
644 type:
645 default: preferredDuringSchedulingIgnoredDuringExecution
646 topologyKey:
647 default: kubernetes.io/hostname
648 weight:
649 default: 10
650 tolerations:
651 ironic:
652 enabled: false
653 tolerations:
654 - key: node-role.kubernetes.io/master
655 operator: Exists
656 effect: NoSchedule
657 - key: node-role.kubernetes.io/control-plane
658 operator: Exists
659 effect: NoSchedule
660 mounts:
661 ironic_api:
662 init_container: null
663 ironic_api:
664 volumeMounts:
665 volumes:
666 ironic_conductor:
667 init_container: null
668 ironic_conductor:
669 volumeMounts:
670 volumes:
671 ironic_bootstrap:
672 init_container: null
673 ironic_bootstrap:
674 volumeMounts:
675 volumes:
676 ironic_db_sync:
677 ironic_db_sync:
678 volumeMounts:
679 volumes:
680 replicas:
681 api: 1
682 conductor: 1
683 lifecycle:
684 upgrades:
685 deployments:
686 revision_history: 3
687 pod_replacement_strategy: RollingUpdate
688 rolling_update:
689 max_unavailable: 1
690 max_surge: 3
691 disruption_budget:
692 api:
693 min_available: 0
694 termination_grace_period:
695 api:
696 timeout: 30
697 resources:
698 enabled: false
699 api:
700 requests:
701 memory: "128Mi"
702 cpu: "100m"
703 limits:
704 memory: "1024Mi"
705 cpu: "2000m"
706 conductor:
707 requests:
708 memory: "128Mi"
709 cpu: "100m"
710 limits:
711 memory: "1024Mi"
712 cpu: "2000m"
713 jobs:
714 bootstrap:
715 requests:
716 memory: "128Mi"
717 cpu: "100m"
718 limits:
719 memory: "1024Mi"
720 cpu: "2000m"
721 db_drop:
722 requests:
723 memory: "128Mi"
724 cpu: "100m"
725 limits:
726 memory: "1024Mi"
727 cpu: "2000m"
728 db_init:
729 requests:
730 memory: "128Mi"
731 cpu: "100m"
732 limits:
733 memory: "1024Mi"
734 cpu: "2000m"
735 db_sync:
736 requests:
737 memory: "128Mi"
738 cpu: "100m"
739 limits:
740 memory: "1024Mi"
741 cpu: "2000m"
742 ks_endpoints:
743 requests:
744 memory: "128Mi"
745 cpu: "100m"
746 limits:
747 memory: "1024Mi"
748 cpu: "2000m"
749 ks_service:
750 requests:
751 memory: "128Mi"
752 cpu: "100m"
753 limits:
754 memory: "1024Mi"
755 cpu: "2000m"
756 ks_user:
757 requests:
758 memory: "128Mi"
759 cpu: "100m"
760 limits:
761 memory: "1024Mi"
762 cpu: "2000m"
763 rabbit_init:
764 requests:
765 memory: "128Mi"
766 cpu: "100m"
767 limits:
768 memory: "1024Mi"
769 cpu: "2000m"
770 tests:
771 requests:
772 memory: "128Mi"
773 cpu: "100m"
774 limits:
775 memory: "1024Mi"
776 cpu: "2000m"
777 image_repo_sync:
778 requests:
779 memory: "128Mi"
780 cpu: "100m"
781 limits:
782 memory: "1024Mi"
783 cpu: "2000m"
Oleksandr K.17d9d8d2024-08-10 08:17:05 +0200[diff] [blame]784 useHostNetwork:
785 conductor: true
786 useHostIPC:
787 conductor: true
Yaguang Tang9c139d72024-07-31 21:52:52 +0800[diff] [blame]788
789network_policy:
790 ironic:
791 ingress:
792 - {}
793 egress:
794 - {}
795
796manifests:
797 configmap_bin: true
798 configmap_etc: true
799 deployment_api: true
800 ingress_api: true
801 job_bootstrap: true
802 job_db_drop: false
803 job_db_init: true
804 job_db_sync: true
805 job_image_repo_sync: true
806 job_ks_endpoints: true
807 job_ks_service: true
808 job_ks_user: true
809 job_manage_cleaning_network: true
810 job_rabbit_init: true
811 pdb_api: true
812 network_policy: false
813 secret_db: true
814 secret_keystone: true
815 secret_rabbitmq: true
816 secret_registry: true
817 service_api: true
818 service_ingress_api: true
819 statefulset_conductor: true
820...