blob: 88b4203e8f8bbbe5bfc8c584135de3a2ebadee26 [file] [log] [blame]
Mohammed Naserf3f59a72023-01-15 21:02:04 -05001# Licensed under the Apache License, Version 2.0 (the "License");
2# you may not use this file except in compliance with the License.
3# You may obtain a copy of the License at
4#
5# http://www.apache.org/licenses/LICENSE-2.0
6#
7# Unless required by applicable law or agreed to in writing, software
8# distributed under the License is distributed on an "AS IS" BASIS,
9# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
10# See the License for the specific language governing permissions and
11# limitations under the License.
12
13# Default values for magnum.
14# This is a YAML-formatted file.
15# Declare name/value pairs to be passed into your templates.
16# name: value
17
18---
19release_group: null
20
21labels:
22 api:
23 node_selector_key: openstack-control-plane
24 node_selector_value: enabled
25 conductor:
26 node_selector_key: openstack-control-plane
27 node_selector_value: enabled
28 job:
29 node_selector_key: openstack-control-plane
30 node_selector_value: enabled
31
32images:
33 tags:
34 bootstrap: docker.io/openstackhelm/heat:wallaby-ubuntu_focal
35 db_init: docker.io/openstackhelm/heat:wallaby-ubuntu_focal
36 magnum_db_sync: docker.io/openstackhelm/magnum:wallaby-ubuntu_focal
37 db_drop: docker.io/openstackhelm/heat:wallaby-ubuntu_focal
38 rabbit_init: docker.io/rabbitmq:3.7-management
39 ks_user: docker.io/openstackhelm/heat:wallaby-ubuntu_focal
40 ks_service: docker.io/openstackhelm/heat:wallaby-ubuntu_focal
41 ks_endpoints: docker.io/openstackhelm/heat:wallaby-ubuntu_focal
42 magnum_api: docker.io/openstackhelm/magnum:wallaby-ubuntu_focal
43 magnum_conductor: docker.io/openstackhelm/magnum:wallaby-ubuntu_focal
44 dep_check: quay.io/airshipit/kubernetes-entrypoint:v1.0.0
45 image_repo_sync: docker.io/docker:17.07.0
46 pull_policy: "IfNotPresent"
47 local_registry:
48 active: false
49 exclude:
50 - dep_check
51 - image_repo_sync
52
53conf:
okozachenko12035aa48492023-09-05 19:47:07 +100054 paste:
55 pipeline:main:
56 pipeline: cors healthcheck request_id authtoken api_v1
57 app:api_v1:
58 paste.app_factory: magnum.api.app:app_factory
59 filter:authtoken:
60 acl_public_routes: /, /v1
61 paste.filter_factory: magnum.api.middleware.auth_token:AuthTokenMiddleware.factory
62 filter:request_id:
63 paste.filter_factory: oslo_middleware:RequestId.factory
64 filter:cors:
65 paste.filter_factory: oslo_middleware.cors:filter_factory
66 oslo_config_project: magnum
67 filter:healthcheck:
68 paste.filter_factory: oslo_middleware:Healthcheck.factory
69 backends: disable_by_file
70 disable_by_file_path: /etc/magnum/healthcheck_disable
Mohammed Naserf3f59a72023-01-15 21:02:04 -050071 policy: {}
72 magnum:
73 DEFAULT:
74 log_config_append: /etc/magnum/logging.conf
75 transport_url: null
76 cluster:
77 temp_cache_dir: /var/lib/magnum/certificate-cache
78 oslo_messaging_notifications:
79 driver: messaging
80 oslo_concurrency:
81 lock_path: /var/lib/magnum/tmp
82 oslo_policy:
83 policy_file: /etc/magnum/policy.yaml
84 certificates:
85 cert_manager_type: barbican
86 database:
87 max_retries: -1
88 trust:
89 trustee_domain_name: null
90 keystone_authtoken:
91 auth_type: password
92 auth_version: v3
93 memcache_security_strategy: ENCRYPT
Oleksandr Kozachenkoc0022be2023-05-23 20:36:21 +020094 service_type: container-infra
Mohammed Naserf3f59a72023-01-15 21:02:04 -050095 api:
96 # NOTE(portdirect): the bind port should not be defined, and is manipulated
97 # via the endpoints section.
98 port: null
99 host: 0.0.0.0
100 logging:
101 loggers:
102 keys:
103 - root
104 - magnum
105 handlers:
106 keys:
107 - stdout
108 - stderr
109 - "null"
110 formatters:
111 keys:
112 - context
113 - default
114 logger_root:
115 level: WARNING
116 handlers: 'null'
117 logger_magnum:
118 level: INFO
119 handlers:
120 - stdout
121 qualname: magnum
122 logger_amqp:
123 level: WARNING
124 handlers: stderr
125 qualname: amqp
126 logger_amqplib:
127 level: WARNING
128 handlers: stderr
129 qualname: amqplib
130 logger_eventletwsgi:
131 level: WARNING
132 handlers: stderr
133 qualname: eventlet.wsgi.server
134 logger_sqlalchemy:
135 level: WARNING
136 handlers: stderr
137 qualname: sqlalchemy
138 logger_boto:
139 level: WARNING
140 handlers: stderr
141 qualname: boto
142 handler_null:
143 class: logging.NullHandler
144 formatter: default
145 args: ()
146 handler_stdout:
147 class: StreamHandler
148 args: (sys.stdout,)
149 formatter: context
150 handler_stderr:
151 class: StreamHandler
152 args: (sys.stderr,)
153 formatter: context
154 formatter_context:
155 class: oslo_log.formatters.ContextFormatter
156 datefmt: "%Y-%m-%d %H:%M:%S"
157 formatter_default:
158 format: "%(message)s"
159 datefmt: "%Y-%m-%d %H:%M:%S"
Oleksandr Kozachenko878891e2023-10-04 17:36:30 +0200160 magnum_api_uwsgi:
161 uwsgi:
162 add-header: "Connection: close"
163 buffer-size: 65535
Mohammed Nasercb5d9c32024-04-03 16:19:01 -0400164 chunked-input-limit: "4096000"
Oleksandr Kozachenko878891e2023-10-04 17:36:30 +0200165 die-on-term: true
166 enable-threads: true
167 exit-on-reload: false
168 hook-master-start: unix_signal:15 gracefully_kill_them_all
Mohammed Nasercb5d9c32024-04-03 16:19:01 -0400169 http-auto-chunked: true
170 http-raw-body: true
Oleksandr Kozachenko878891e2023-10-04 17:36:30 +0200171 lazy-apps: true
172 log-x-forwarded-for: true
173 master: true
Mohammed Nasercb5d9c32024-04-03 16:19:01 -0400174 need-app: true
Oleksandr Kozachenko878891e2023-10-04 17:36:30 +0200175 procname-prefix-spaced: "magnum-api:"
176 route-user-agent: '^kube-probe.* donotlog:'
Mohammed Nasercb5d9c32024-04-03 16:19:01 -0400177 socket-timeout: 10
Oleksandr Kozachenko878891e2023-10-04 17:36:30 +0200178 thunder-lock: true
179 worker-reload-mercy: 80
180 wsgi-file: /var/lib/openstack/bin/magnum-api-wsgi
Mohammed Naserf3f59a72023-01-15 21:02:04 -0500181
182network:
183 api:
184 ingress:
185 public: true
186 classes:
187 namespace: "nginx"
188 cluster: "nginx-cluster"
189 annotations:
190 nginx.ingress.kubernetes.io/rewrite-target: /
191 external_policy_local: false
192 node_port:
193 enabled: false
194 port: 30511
195
196bootstrap:
197 enabled: false
198 ks_user: magnum
199 script: |
200 openstack token issue
201
202dependencies:
203 dynamic:
204 common:
205 local_image_registry:
206 jobs:
207 - magnum-image-repo-sync
208 services:
209 - endpoint: node
210 service: local_image_registry
211 static:
212 api:
213 jobs:
214 - magnum-db-sync
215 - magnum-ks-user
216 - magnum-domain-ks-user
217 - magnum-ks-endpoints
218 - magnum-rabbit-init
219 services:
220 - endpoint: internal
221 service: oslo_db
222 - endpoint: internal
223 service: identity
224 - endpoint: internal
225 service: oslo_messaging
226 - endpoint: internal
227 service: key_manager
228 - endpoint: internal
229 service: orchestration
230 conductor:
231 jobs:
232 - magnum-db-sync
233 - magnum-ks-user
234 - magnum-domain-ks-user
235 - magnum-ks-endpoints
236 - magnum-rabbit-init
237 services:
238 - endpoint: internal
239 service: oslo_db
240 - endpoint: internal
241 service: identity
242 - endpoint: internal
243 service: oslo_messaging
244 - endpoint: internal
245 service: key_manager
246 - endpoint: internal
247 service: orchestration
248 db_drop:
249 services:
250 - endpoint: internal
251 service: oslo_db
252 db_init:
253 services:
254 - endpoint: internal
255 service: oslo_db
256 db_sync:
257 jobs:
258 - magnum-db-init
259 services:
260 - endpoint: internal
261 service: oslo_db
262 ks_endpoints:
263 jobs:
264 - magnum-ks-service
265 services:
266 - endpoint: internal
267 service: identity
268 ks_service:
269 services:
270 - endpoint: internal
271 service: identity
272 ks_user:
273 services:
274 - endpoint: internal
275 service: identity
276 rabbit_init:
277 services:
278 - endpoint: internal
279 service: oslo_messaging
280 image_repo_sync:
281 services:
282 - endpoint: internal
283 service: local_image_registry
284
285# Names of secrets used by bootstrap and environmental checks
286secrets:
287 identity:
288 admin: magnum-keystone-admin
289 magnum: magnum-keystone-user
290 magnum_stack_user: magnum-keystone-stack-user
291 oslo_db:
292 admin: magnum-db-admin
293 magnum: magnum-db-user
294 oslo_messaging:
295 admin: magnum-rabbitmq-admin
296 magnum: magnum-rabbitmq-user
297 oci_image_registry:
298 magnum: magnum-oci-image-registry
299
300# typically overridden by environmental
301# values, but should include all endpoints
302# required by this chart
303endpoints:
304 cluster_domain_suffix: cluster.local
305 local_image_registry:
306 name: docker-registry
307 namespace: docker-registry
308 hosts:
309 default: localhost
310 internal: docker-registry
311 node: localhost
312 host_fqdn_override:
313 default: null
314 port:
315 registry:
316 node: 5000
317 oci_image_registry:
318 name: oci-image-registry
319 namespace: oci-image-registry
320 auth:
321 enabled: false
322 magnum:
323 username: magnum
324 password: password
325 hosts:
326 default: localhost
327 host_fqdn_override:
328 default: null
329 port:
330 registry:
331 default: null
332 identity:
333 name: keystone
334 auth:
335 admin:
336 region_name: RegionOne
337 username: admin
338 password: password
339 project_name: admin
340 user_domain_name: default
341 project_domain_name: default
342 magnum:
343 role: admin
344 region_name: RegionOne
345 username: magnum
346 password: password
347 project_name: service
348 user_domain_name: service
349 project_domain_name: service
350 magnum_stack_user:
351 role: admin
352 region_name: RegionOne
353 username: magnum-domain
354 password: password
355 domain_name: magnum
356 hosts:
357 default: keystone
358 internal: keystone-api
359 host_fqdn_override:
360 default: null
361 path:
362 default: /v3
363 scheme:
364 default: http
365 port:
366 api:
367 default: 80
368 internal: 5000
369 container_infra:
370 name: magnum
371 hosts:
372 default: magnum-api
373 public: magnum
374 host_fqdn_override:
375 default: null
376 path:
377 default: /v1
378 scheme:
379 default: http
380 port:
381 api:
382 default: 9511
383 public: 80
384 key_manager:
385 name: barbican
386 hosts:
387 default: barbican-api
388 public: barbican
389 host_fqdn_override:
390 default: null
391 path:
392 default: /v1
393 scheme:
394 default: http
395 port:
396 api:
397 default: 9311
398 public: 80
399 orchestration:
400 name: heat
401 hosts:
402 default: heat-api
403 public: heat
404 host_fqdn_override:
405 default: null
406 path:
407 default: '/v1/%(project_id)s'
408 scheme:
409 default: 'http'
410 port:
411 api:
412 default: 8004
413 public: 80
414 oslo_db:
415 auth:
416 admin:
417 username: root
418 password: password
419 magnum:
420 username: magnum
421 password: password
422 hosts:
423 default: mariadb
424 host_fqdn_override:
425 default: null
426 path: /magnum
427 scheme: mysql+pymysql
428 port:
429 mysql:
430 default: 3306
431 oslo_cache:
432 auth:
433 # NOTE(portdirect): this is used to define the value for keystone
434 # authtoken cache encryption key, if not set it will be populated
435 # automatically with a random value, but to take advantage of
436 # this feature all services should be set to use the same key,
437 # and memcache service.
438 memcache_secret_key: null
439 hosts:
440 default: memcached
441 host_fqdn_override:
442 default: null
443 port:
444 memcache:
445 default: 11211
446 oslo_messaging:
447 auth:
448 admin:
449 username: rabbitmq
450 password: password
451 magnum:
452 username: magnum
453 password: password
454 statefulset:
455 replicas: 2
456 name: rabbitmq-rabbitmq
457 hosts:
458 default: rabbitmq
459 host_fqdn_override:
460 default: null
461 path: /magnum
462 scheme: rabbit
463 port:
464 amqp:
465 default: 5672
466 http:
467 default: 15672
468 fluentd:
469 namespace: null
470 name: fluentd
471 hosts:
472 default: fluentd-logging
473 host_fqdn_override:
474 default: null
475 path:
476 default: null
477 scheme: 'http'
478 port:
479 service:
480 default: 24224
481 metrics:
482 default: 24220
483
484pod:
485 user:
486 magnum:
487 uid: 42424
488 affinity:
489 anti:
490 type:
491 default: preferredDuringSchedulingIgnoredDuringExecution
492 topologyKey:
493 default: kubernetes.io/hostname
494 weight:
495 default: 10
496 mounts:
497 magnum_api:
498 init_container: null
499 magnum_api:
500 volumeMounts:
501 volumes:
502 magnum_conductor:
503 init_container: null
504 magnum_conductor:
505 volumeMounts:
506 volumes:
507 magnum_bootstrap:
508 init_container: null
509 magnum_bootstrap:
510 volumeMounts:
511 volumes:
512 magnum_db_sync:
513 magnum_db_sync:
514 volumeMounts:
515 volumes:
516 replicas:
517 api: 1
518 conductor: 1
519 lifecycle:
520 upgrades:
521 deployments:
522 revision_history: 3
523 pod_replacement_strategy: RollingUpdate
524 rolling_update:
525 max_unavailable: 1
526 max_surge: 3
527 disruption_budget:
528 api:
529 min_available: 0
530 termination_grace_period:
531 api:
532 timeout: 30
533 resources:
534 enabled: false
535 api:
536 requests:
537 memory: "128Mi"
538 cpu: "100m"
539 limits:
540 memory: "1024Mi"
541 cpu: "2000m"
542 conductor:
543 requests:
544 memory: "128Mi"
545 cpu: "100m"
546 limits:
547 memory: "1024Mi"
548 cpu: "2000m"
549 jobs:
550 bootstrap:
551 requests:
552 memory: "128Mi"
553 cpu: "100m"
554 limits:
555 memory: "1024Mi"
556 cpu: "2000m"
557 db_init:
558 requests:
559 memory: "128Mi"
560 cpu: "100m"
561 limits:
562 memory: "1024Mi"
563 cpu: "2000m"
564 db_sync:
565 requests:
566 memory: "128Mi"
567 cpu: "100m"
568 limits:
569 memory: "1024Mi"
570 cpu: "2000m"
571 db_drop:
572 requests:
573 memory: "128Mi"
574 cpu: "100m"
575 limits:
576 memory: "1024Mi"
577 cpu: "2000m"
578 ks_endpoints:
579 requests:
580 memory: "128Mi"
581 cpu: "100m"
582 limits:
583 memory: "1024Mi"
584 cpu: "2000m"
585 ks_service:
586 requests:
587 memory: "128Mi"
588 cpu: "100m"
589 limits:
590 memory: "1024Mi"
591 cpu: "2000m"
592 ks_user:
593 requests:
594 memory: "128Mi"
595 cpu: "100m"
596 limits:
597 memory: "1024Mi"
598 cpu: "2000m"
599 rabbit_init:
600 requests:
601 memory: "128Mi"
602 cpu: "100m"
603 limits:
604 memory: "1024Mi"
605 cpu: "2000m"
606 tests:
607 requests:
608 memory: "128Mi"
609 cpu: "100m"
610 limits:
611 memory: "1024Mi"
612 cpu: "2000m"
613 image_repo_sync:
614 requests:
615 memory: "128Mi"
616 cpu: "100m"
617 limits:
618 memory: "1024Mi"
619 cpu: "2000m"
620
621
622network_policy:
623 magnum:
624 ingress:
625 - {}
626 egress:
627 - {}
628
629manifests:
630 configmap_bin: true
631 configmap_etc: true
632 deployment_api: true
633 ingress_api: true
634 job_bootstrap: true
635 job_db_init: true
636 job_db_sync: true
637 job_db_drop: false
638 job_image_repo_sync: true
639 job_ks_endpoints: true
640 job_ks_service: true
641 job_ks_user_domain: true
642 job_ks_user: true
643 job_rabbit_init: true
644 pdb_api: true
645 network_policy: false
646 secret_db: true
647 secret_keystone: true
648 secret_rabbitmq: true
649 secret_registry: true
650 service_api: true
651 service_ingress_api: true
652 statefulset_conductor: true
653...